Anticheats like BattleEye started as private servers add-ons like this too, not official support, but admins choose to install them. I even remember Brood War's private ICCUP servers had their anti-hack as they called it.
Of course the well known gaming company that releases a distro is Valve. But, rootkits don’t seem like they fit their particular ethos (they are well known for their less annoying DRM scheme, right?). TBH, it seems like a rare opportunity to break the hold they have on the “game store” concept.
Fortnite uses EAC which does work on Linux, only they decide to block it.
> The openness of the Linux operating systems makes it an attractive one for cheaters and cheat developers. Linux cheats are indeed harder to detect and the data shows that they are growing at a rate that requires an outsized level of focus and attention from the team for a relatively small platform. There are also cases in which cheats for the Windows OS get emulated as if it’s on Linux in order to increase the difficulty of detection and prevention. We had to weigh the decision on the number of players who were legitimately playing on Linux/the Steam Deck versus the greater health of the population of players for Apex. While the population of Linux users is small, their impact infected a fair amount of players’ games. This ultimately brought us to our decision today.
Linux's inability to run specific anti-cheat solutions is a vendor support issue on the anti-cheat maker's part, because they don't care about your security, and they've managed to convince game developers that this practice is acceptable. It's not. Vote with your wallet.
If a user agrees to a kernel level anti-cheat, it's not a rootkit.
Who reads the EULA? Nobody knows what they're agreeing to, ever. Even for computer-savvy individuals, do they know all of what the kernel-level anti-cheat does? Of course not. Even their consent isn't informed. For normal users, they don't know anything about anything.
I'm not holding my breath for this to happen though.
https://support.apple.com/guide/security/securely-extending-...
But with Linux being open, they certainly would produce a loadable module if there was enough install base to justify it.
True, but the main point of a kernel mode anticheat is the ability to verify that the OS and game isn't being tampered with. If the OS has that capability already built in, then the needed for a kernel mode anticheat diminishes.
>they certainly would produce a loadable module if there was enough install base to justify it
It's not realistic for there to be such an install base to support such complexity compared to having them implement a simple API into their game and server.
It's not actually the message from the kernel that provides the value, it's the work needed to fake such a message.
The issue is that Windows is designed to be able to protect the will of proprietary software publishers against the will of users that want to assert control over the software running on their computer. It's very similar to the story with DRM.
Linux desktop OSes will never put in place the measures to make a Vanguard-like system work, because it's just unethical for a bunch of reasons, the most basic of which being that it's a violation of freedoms 0 and 1.
This isn't true. And supply chain wise just look at the xz backdoor. A random person was able to compromise the supply chain of many Linux distros. Security also is not just supply chain integrity.
>Windows is designed to be able to protect the will of proprietary software publishers against the will of users
I'm not sure what you mean by this. Just because Micrsoft cares about developers, it doesn't mean they don't care about users.
>that it's a violation of freedoms 0 and 1
It's not. Freedom 0 and 1 does not give you the freedom to cheat against other players without being banned. You can be free to modify the game client, but you aren't entitled to play with others using it.
For a multiplayer game, I'd argue that playing with others (even if you're restricted to private servers, not that most games support that anymore..) is running the software. Being able to use a piece of software for its intended purpose is more relevant than a literal reading "you are allowed to exec the binary and nothing more"
It's very obviously true. Linux culture is installing software from trusted repositories. Windows culture is downloading random .exe or .msi from websites and then immediately running them with full permissions.
That's why Windows has a lot of malware and Linux doesn't. It's trivial really to smuggle malware into closed-source applications that are distributed like the wild west.. If I google a popular Windows program right now, I'm going to get a lot of download websites that supply me a sketchy exe.
Some of the malware differences is because of popularity, sure. But ultimately it's 10x easier for me to add a virus to photoshop and upload that exe to download.com as opposed to smuggling malware in an open-source software in the Debian repository.
> I'm not sure what you mean by this.
It means that when companies want capabilities X Y Z which limit user actions on their own computers, Microsoft will cave. They do it all the time. Microsoft cares about making companies happy and they don't care too much about keeping power users happy.
> It's not.
It is. You're constructing a strawman. You're saying that freedoms 0 and 1 don't allow you to cheat freely. Okay, you're correct - nobody has ever said that.
What we're saying is that building kernel-level APIs to hook in anti-cheat or other anti-user software is antithetical to freedoms 0 and 1. Which it is.
I was talking more about the supply chain of the operating system itself, but lets not forget Linux has a culture of people running random commands off the internet which is also an easy vector to get people to install malware. Also I think you are overconfident in how much vetting repositories like npm do. I'm sure Linux people download random stuff off of github too like appimages.
>it's 10x easier for me to add a virus to photoshop and upload that exe to download.com
You can do the same thing but with a Linux binary of "photoshop."
>That's why Windows has a lot of malware and Linux doesn't.
This is due to more consumers using Windows than Linux.
>You're constructing a strawman.
I'm trying to assume what you mean due to this being asynchronous communication since the claim of attestation being related to freedom 0 and 1 is not true. One is about proving information to another party and the other is about having freedom of what you are running on your computer.
>What we're saying is that building kernel-level APIs to hook in anti-cheat or other anti-user software is antithetical to freedoms 0 and 1.
In this case being able to prove with relatively high confidence that no one in a game is cheating is a pro-user feature.
Being able to attest to the system state does not limit freedom 0. Anyone is still free to run any system they want, they just can't attest to their system being trusted if they are not running something trusted. Attestation doesn't make software any harder to modify than before, freedom 1, it only prevents you from attesting that you are using unmodified software when you aren't. Linux distros are not arms of the free software foundation so I don't think trying to argue about what they think is free or not is necessarily relevant to something like this being created.
The xz backdoor was successfully caught before it landed in mainstream release branches, because it's free software.
But broadening the scope a bit, the norms of using package managers as opposed to the norm on Windows of "download this .exe" is a much stronger security posture overall.
I am aware the Windows Store exists, it's not widely used enough to make exes a marginal distribution pathway. I am aware curl | bash exists, it's more common than it should be, but even in those cases the source is visible and auditable, and that's very uncommon for non-technical users to ever do (unlike downloading random exes).
> Freedom 0 and 1 does not give you the freedom to cheat against other players without being banned.
That's a strawman, I never claimed you should have the right to cheat against other players.
> You can be free to modify the game client, but you aren't entitled to play with others using it.
And that's the issue, Windows has functionality to impede your ability to run the software as you see fit and modify it to your needs. Perhaps you want to run your own server, with different moderation policies.
What? It literally got included with several distros. It wasn't caught before it shipped to end users. Just because it got caught before slower to update distros got it, that doesn't mean it is okay. It reveals how low the barrier is for an anonymous person to get code into the OS.
>I never claimed you should have the right to cheat against other players.
Attestation doesn't take away your ability to modify and run software which means that you still have freedom 0 and 1. It just means that you can not prove to a remote server that you bare running unmodified software. To me you were implying that the server being able to kick people who modified the client to cheat was violating their freedom.
>Perhaps you want to run your own server, with different moderation policies.
Nothing would stop you from running your own server like that.
What do you exactly mean by this as right now no users can use Linux and play the game. Allowing more Linux operating systems to be able to play the game is providing users more choice than before.
>Client-side anticheat is inherently security through obscurity
There is nothing fundamentally wrong with security through obscurity. It's just that for some problems the return on investment (security gained for the resources needed) is not worth it. For anticheat the obscurity can slow down cheat developers and raise the barrier to entry for developing cheats. Cheaters just have to make one mistake to get caught.
Realistically most Linux users are using a stock kernel and not something custom compiled. You can have both customization and a way to offer a secure environment for apps that need it. Even if you want to allow for custom kernels and drivers, the game could be setup to run in a secure virtual machine.
>The only way for this kind of anticheat to work is by introducing some part of the kernel that users can't touch.
To be clear, attestation is not anticheat. But yes, there would be components that end users would be unable to modify without removing their ability to attest to there being a secure environment for the game. Either these customizations need to be turned into policy for a trusted component to handle, or the customization needs to itself become trusted.
>but Linux isn't about obscuring the system from its owner.
Nothing about attestation requires obfuscation.