I mean it installs a rootkit on your computer that gives them full control over everything including what you type, hear, and see as well as the ability to record what you’ve previously typed and said. It could at any moment also fully disable your computer (as well as millions of other computers) rendering them useless.
Just because they haven’t used it that way, don’t assume they can’t or won’t.
They can do whatever they want. Operating systems are effectively divided into two partitions, privileged kernel space and user space.
When you run a kernel level anticheat what you’re really doing is running a custom program in the kernel space. It effectively becomes part of Windows.
This means that anything that an operating system can instruct hardware to do, that program can do. It can read your files, check your email, print letter you wrote to your crush in Word but “deleted” because it was embarrassing, log every key you type, turn on your webcam, listen to the microphone, download explicit or illegal imagery, upload your hard drive to the NSA, disable your computer fans, etc
You really only want to run this stuff if it’s from a trustworthy vendor and even then it’s completely defensible to object to running one of these programs.
Currently these things have yet to be caught doing any of these things, but that’s because they haven’t been instructed to, not because they can’t.
Microsoft are going to significantly limit what can run in the kernel (including anti cheat) after the Crowdstrike issue. A side-effect of that should (hopefully) be better Linux compatibility.
It’s going to take a while since all the software that uses kernel-level code has to adapt. Windows has very good backwards compatibility, but this would be a non-backwards-compatible change, so it’d require a lot of planning.
Don’t get me wrong, Vanguard is BS, and I quit playing riot games because of it. However, simply having low level access isn’t sufficient to classify it as spyware, otherwise drivers would be spyware. I still haven’t seen any evidence that it currently does anything nefarious with that access, which means it’s quite unlikely it’s being used for mass surveillance.
To me, there are 2 problems: 1) It could be used for targeted attacks, and the likelihood anyone would find out is much lower than in a widespread surveillance scenario. 2) It could be used to deploy a massive bot-net.
I think the US reclassification here is precautionary in nature.
Exactly. I avoid kernel-level anti-cheat not because of any known spying they do (and honestly, anything w/ user-level privileges can read all your personal data), but that they add yet another attack vector for a bad actor. I highly doubt Vanguard gets as much security scrutiny as drivers, for example.
Except drivers are designed to interact with hardware and to make it usable, kernel-level anticheats are designed to specifically scan/block/etc software. They are pretty different with their intended purposes, even though they offer the same/similar invasiveness.
Does this mean league of legends is a weapon
I mean it installs a rootkit on your computer that gives them full control over everything including what you type, hear, and see as well as the ability to record what you’ve previously typed and said. It could at any moment also fully disable your computer (as well as millions of other computers) rendering them useless.
Just because they haven’t used it that way, don’t assume they can’t or won’t.
Do they send this data over the network? Or is the data only used by the software installed on the machine?
They can do whatever they want. Operating systems are effectively divided into two partitions, privileged kernel space and user space.
When you run a kernel level anticheat what you’re really doing is running a custom program in the kernel space. It effectively becomes part of Windows.
This means that anything that an operating system can instruct hardware to do, that program can do. It can read your files, check your email, print letter you wrote to your crush in Word but “deleted” because it was embarrassing, log every key you type, turn on your webcam, listen to the microphone, download explicit or illegal imagery, upload your hard drive to the NSA, disable your computer fans, etc
You really only want to run this stuff if it’s from a trustworthy vendor and even then it’s completely defensible to object to running one of these programs.
Currently these things have yet to be caught doing any of these things, but that’s because they haven’t been instructed to, not because they can’t.
Microsoft are going to significantly limit what can run in the kernel (including anti cheat) after the Crowdstrike issue. A side-effect of that should (hopefully) be better Linux compatibility.
I remember reading that and I very much hope it is truly what they end up doing. As of now though, that has yet to materialize.
It’s going to take a while since all the software that uses kernel-level code has to adapt. Windows has very good backwards compatibility, but this would be a non-backwards-compatible change, so it’d require a lot of planning.
Weapon of Mass Distraction.
Psychological Warfare for sure
I mean, there’s always been speculation that Vanguard is spyware. There’s absolutely no need or justification for always-on cheat detection.
What speculation? It’s literally spyware. You are giving it full low level access to your processor.
Don’t get me wrong, Vanguard is BS, and I quit playing riot games because of it. However, simply having low level access isn’t sufficient to classify it as spyware, otherwise drivers would be spyware. I still haven’t seen any evidence that it currently does anything nefarious with that access, which means it’s quite unlikely it’s being used for mass surveillance.
To me, there are 2 problems: 1) It could be used for targeted attacks, and the likelihood anyone would find out is much lower than in a widespread surveillance scenario. 2) It could be used to deploy a massive bot-net.
I think the US reclassification here is precautionary in nature.
Exactly. I avoid kernel-level anti-cheat not because of any known spying they do (and honestly, anything w/ user-level privileges can read all your personal data), but that they add yet another attack vector for a bad actor. I highly doubt Vanguard gets as much security scrutiny as drivers, for example.
Except drivers are designed to interact with hardware and to make it usable, kernel-level anticheats are designed to specifically scan/block/etc software. They are pretty different with their intended purposes, even though they offer the same/similar invasiveness.