Embark Studios announced work on a new anti-cheat system for THE FINALS, and thankfully they've also now said it will continue working on Linux / SteamOS.
It’s impossible for anything but the kernel (the user chooses) to know what software is running. Tpm and kernel features can be emulated and spoofed.
Tpm already has known exploits, which leads to it not being reccommended for disk encryption. A lot of not so old pc’s don’t even have a tmp 2.0 chip.
Secure Boot is useless for this because the user can just enroll their own keys. You can’t prevent this, because you can just mod the bios. Replacing the stock secure boot keys is trivial using uefi-tool. Pretty much every motherboard only checks the bios signature when flashing, my prvious motherboard (<7 Years old) didn’t even do that.
Also currently the only way for secure boot on linux is either using shim which the user can enroll thier own keys into or enrolling their own keys directly into the bios.
Many phone manufacturers tried forcing secure boot, and failed. I bypassed such attempts on 3 devices, the manufacturer of one of them tried to fix the exploits twice and still failed to do so.
Also how should the server know that the game itself wasn’t modified to just emulate everything.
It’s the same problem that electronic voting machines have, how does an external person/server know that the correct software is running on the computer? It’s impossible.
Also aren’t we using Linux because we want the freedom to run what ever we want on our computers?
Server side only anti-cheats are the only solution.
Fully agree with this. I’m far from an expert either, but I saw a YouTube video once, which was depressing, showing how people can cheat nowadays. It just involves custom hardware that “pretends” to be the mouse/monitor/… It doesn’t even cost you a fortune.
Congratulations: your kernel anti cheat does fuck all as the cheat is running on the external hardware before forwarding the info to the pc.
Server-Side anti-cheat is imo the only solution. I have no idea how else to fix this issue. It all seems like a patch to try and make your client trustworthy. Something it inherently isn’t. I realize this is a lot easier said than done.
It’s impossible for anything but the kernel (the user chooses) to know what software is running. Tpm and kernel features can be emulated and spoofed.
Tpm already has known exploits, which leads to it not being reccommended for disk encryption. A lot of not so old pc’s don’t even have a tmp 2.0 chip.
Secure Boot is useless for this because the user can just enroll their own keys. You can’t prevent this, because you can just mod the bios. Replacing the stock secure boot keys is trivial using uefi-tool. Pretty much every motherboard only checks the bios signature when flashing, my prvious motherboard (<7 Years old) didn’t even do that.
Also currently the only way for secure boot on linux is either using shim which the user can enroll thier own keys into or enrolling their own keys directly into the bios.
Many phone manufacturers tried forcing secure boot, and failed. I bypassed such attempts on 3 devices, the manufacturer of one of them tried to fix the exploits twice and still failed to do so.
Also how should the server know that the game itself wasn’t modified to just emulate everything.
Even Intels attempt at preventing this with “secure computing” with sgx didn’t work. See this: https://media.ccc.de/v/670321a9-75f4-4194-867d-a249aa01af0b
It’s the same problem that electronic voting machines have, how does an external person/server know that the correct software is running on the computer? It’s impossible.
Also aren’t we using Linux because we want the freedom to run what ever we want on our computers?
Server side only anti-cheats are the only solution.
Fully agree with this. I’m far from an expert either, but I saw a YouTube video once, which was depressing, showing how people can cheat nowadays. It just involves custom hardware that “pretends” to be the mouse/monitor/… It doesn’t even cost you a fortune.
Congratulations: your kernel anti cheat does fuck all as the cheat is running on the external hardware before forwarding the info to the pc.
Server-Side anti-cheat is imo the only solution. I have no idea how else to fix this issue. It all seems like a patch to try and make your client trustworthy. Something it inherently isn’t. I realize this is a lot easier said than done.
Hell, a determined person could even run two kernels at once.