So yeah, I want to discuss or point out why I think Valve needs to fix Anti-Cheat issues.
They have VAC but apparently its doing jackshit, be it Counter Strike 2 (any previous iterations) or something like Hunt: Showdown the prevalence of cheating players is non deniable.
For me personally it has come to a point that I am not enjoying playing those games anymore, although they are great games by itself. But the amount of occurrences being killed or playing against cheaters is at a height, where I don't see the point anymore.
- Why I think Valve is the only company able to something against cheaters?
Because they have the tools with VAC already aiming to prevent cheaters. Valve has got the resources to actually invest into something more profound which could be used for any game where anti-cheat protection needs to be implemented. And lastly Valve is the company which is interested in furthering the ability to gaming on Linux, the anti-cheat solution needs to work on both operating systems. Only Valve has the motivation and means to achieve that with their knowledge and resources.
What do you guys think about the topic? Is the fight against cheaters hopeless? Do you think some other entity should provide anti-cheat protection, why? I skimmed over "anti cheat in linux kernel" posts in the net, but I have very little knowledge about the topic, what is your stance on it?
Edited:
Mixed EAC with VAC. EAC seems to be part of Epic Company. Both of these tools seem unable to prevent cheating like mentioned above.
Screw client side anti-cheat, fix your goddamn server code.
I'm reminded of a case in Apex Legends where cheaters started dual wielding pistols, despite dual wielding not actually being a game mechanic. That should be something you can easily detect on your server and block.
Client side anticheat is just smoke and mirrors and lets developers think they can get away with not doing their job of writing secure code.
I'm honestly surprised that with all this concern about privacy against Google, Microsoft, Epic, and so on, gamers are willing to just let these games have unrestricted and unchecked access to all your internet, microphone and camera data.
Likewise, despite how much gamers call games "broken glitchy messes", they are perfectly willing to give them enough hardware access to literally destroy your computer.
How do you propose to hinder aimbots and the like from working with server-side changes?
I described a plan here: https://pawb.social/comment/4536772
Not perfect, but neither are rootkits.
Why do you call anti-cheat software rootkits? Rootkits are malicious.
It's software I don't want running on my system and the kernel mode stuff has full hardware access.
Yes. It's a matter of knowing what you trust on your pc and understanding your threat model. Programs running in user mode can also be malicious.
Inexhaustive of things that kernel mode code can do that unprivileged (without "root") user mode cannot:
And so on. The question you should be asking isn't "are they going to do this?" but instead "why are they even asking for this permission in the first place?".
A game where you run around pretending to be a space marine doesn't need low level access to your hardware.
I'd argue that any software that is adversarial towards the user/computer owner, and takes actions specifically to hinder an action by them, on their own machine, is malicious.
We'd be absolutely apoplectic if the government demanded we install a surveillance tool on our laptops in order to e.g. access the DMV website or file our taxes, but when someone tells us to in order to play a game, it's okay? Nah.