DefiantEmbassy's recent activity
-
Comment on A Minecraft Movie | Official trailer in ~movies
-
Comment on Valorant is winning the war against PC gaming cheaters in ~games
DefiantEmbassy Link ParentI did think a little bit more about this point, and it's a fair criticism. I don't actually think most people are segmenting their systems in this way, but if they chose to do so, it is a shame...API another process can access the memory of a different process of the same privilege level AND the same user
I did think a little bit more about this point, and it's a fair criticism. I don't actually think most people are segmenting their systems in this way, but if they chose to do so, it is a shame that kernel-level software provides a loophole for vendors to inspect all accounts.
(Of course, you could take this segmenting a million miles further: seperate Windows installs, both BitLockered? Hell, if you're using multiple installs, you can use Linux if you want, with FDE to stop data sniffing there. Or just Qubes, lol, although no competent anti-cheat will let you play video games using Qubes).
Maybe the question why game companies want to use kernel level access in the first place is a good question to ask. They want to be able to scan the memory and monitor the behaviour of arbitrary applications. Why would they need kernel level access in the first place if this were possible in an unrestricted manmer for userspace applications?
Because as we've discussed, user-mode can't read kernel-level memory (or even any sort of privileged memory), so cheat vendors will go there. Cheaters obviously don't worry about installing arbitrary kernel-level software.
My point is: for me, as a user of a single user machine, on a non-isolated operating system, all of my software runs in user mode. The scope for data stealing is outrageously high already, and so the kernel-level aspect doesn't particularly change my security posture.
I guess what I'm saying is don't give kernel level access to software if not absolutely necesaary, but don't make the operating system vendor enforce that policy - just make the admin jump through reasonably many hurdles before arriving there.
This is where it becomes tricky.
On the one hand, completely agree with you. I do worry about a future where users lack control over their computing technology. I totally agree with this user that adding kernel-level technology to co-op, or singleplayer titles, is a gross overstep of responsibility (as well as titles like GTA:Online, where they haven't even attempted to solve the inherent problem of trusting peer-to-peer networking being impossible - making it a server-based title should've been the first move). I basicially agree with everything he said, to be honest.
On the other hand, if you want a future where kernel-level anti-cheats aren't required, the game has to be able to attest that the environment is secure, which obviously takes way those user freedoms.
-
Comment on Valorant is winning the war against PC gaming cheaters in ~games
DefiantEmbassy Link ParentI'm actually referring to a later blog post by Riot here (you are referring to the first blog post),I'm actually referring to a later blog post by Riot here (you are referring to the first blog post),
As we were getting at in the “botting” section, some cheaters have begun to pivot to macOS VMs, in an effort to free themselves from the Vanguard requirement. This move was about as unexpected as syrup on pancakes, so we’re pleased to announce that Vanguard’s companion product, Embedded Vanguard (mVG) is coming soon to a Mac build near you. The unique security of the macOS environment allows us to be a little less stringent on defending its kernel, so as the name implies, this won’t require any extra installs—the security is “embedded” right into the game client. Further still, we’re actually already using mVG to great effect on VALORANT console and on Wild Rift.
Once it ships at the end of this year, we hope it will be the final blow to bots and to the two public scripting suite developers that are now grappling with the realization they wasted three months on porting cheats to OSX. Don’t worry too much though, Swift looks great on a resume.
-
Comment on Valtteri Bottas and Zhou Guanyu to leave Kick Sauber as team confirm decision to part ways in ~sports.motorsports
DefiantEmbassy LinkSad Bottas never got a great send off in terms of racing (24 in a 20 man series can’t be fun), but hopefully he can hold his head up high, especially when glancing at the fates of some other...Sad Bottas never got a great send off in terms of racing (24 in a 20 man series can’t be fun), but hopefully he can hold his head up high, especially when glancing at the fates of some other drivers who’ve tried battling greats. He could at least be 2nd best, consistently.
Glad to see a rookie explosion, though!
-
Comment on Valorant is winning the war against PC gaming cheaters in ~games
DefiantEmbassy Link ParentThis gets to the crux of what I’d prefer. Actual proper isolation and sandboxing. Macs have made a similar great effort here, and it’s why Riot are fine having a significantly less intrusive...As for keyloggers - yes, there are better solutions than how windows handles it. Wayland is for example much better at isolating keystrokes so that only the current window can access them.
This gets to the crux of what I’d prefer. Actual proper isolation and sandboxing. Macs have made a similar great effort here, and it’s why Riot are fine having a significantly less intrusive solution on that platform.
It would be highly questionable if one userspace application could read/write from a different userspace application's address space without some kind of exploit
My friend, I just downloaded System Informer (portable), opened it with no admin access, and told it to dumps the strings from my Firefox process. I can clear as day see the browsing history of various pages I had open.
Like, I can only speak for myself. But the concerns you speak of, they’re not sufficiently worse than the existing sorry state of user mode.
But your comment about Wayland is the future I’d desire. Better isolation, no kernel-level access for anyone.
-
Comment on Valorant is winning the war against PC gaming cheaters in ~games
DefiantEmbassy Link Parent(I’d like to preface this by saying that I really wish I could reply without bumping this thread relentlessly.) I dispute that. I say the action of installing the software is already the camera,...(I’d like to preface this by saying that I really wish I could reply without bumping this thread relentlessly.)
I can surveil you without entering your home, so you should just let me put cameras up inside it anyway.
I dispute that. I say the action of installing the software is already the camera, and all the kernel-level driver is doing is bolting it down and installing an infrared sensor. Sure, the infrared sensor can see more, and bolting it down makes it harder to remove, but the problem is the fucking camera.
To be clear, my hypothetical perfect future is one where applications are properly sandboxed. Where kernel-level access is impossible, and you use modern techniques like eBPF for monitoring purposes. Ideally with some user agency built in, but you’re never going to be perfect here. Cheats to a large extent become far less useful here. Do it properly like PS5/Xbox, and you’re even removing the ability for hardware peeking.
That, or we give up on the idea of running competitive multiplayer titles on PCs, and consoles properly support mouse and keyboard. The input device is my problem, not the hardware. Screw Linux? Screw Windows too.
In my ideal world you don’t need to install the fucking camera. But right now? I don’t give a damn how powerful the camera is.
-
Comment on Valorant is winning the war against PC gaming cheaters in ~games
DefiantEmbassy (edited )Link ParentOh, I'm not suggesting that we shouldn't improve the security posture of modern operating systems. Hell, half of doing so would help resolve many cheating issues by itself! It's why Vanguard on...Oh, I'm not suggesting that we shouldn't improve the security posture of modern operating systems. Hell, half of doing so would help resolve many cheating issues by itself! It's why Vanguard on macOS is significantly less intrusive than on Windows.
But why does it take kernel-level anti-cheat to have that discussion? It seems a needless distinction to the reality that modern operating systems are leaky faucets.
-
Comment on Valorant is winning the war against PC gaming cheaters in ~games
DefiantEmbassy (edited )Link ParentYou vastly overestimate the security posture of user mode software on machines. As mentioned elsewhere, it is true that password managers decrypt into encrypted memory. It is also true that all...You vastly overestimate the security posture of user mode software on machines.
As mentioned elsewhere, it is true that password managers decrypt into encrypted memory. It is also true that all password managers (except KeePass, if you configure an option) take the keyboard input in user mode. Hey presto, keylogged.
Cookies are stored in AppData on Windows. Why do you think Steam and Discord account stealers do not require administration access to hijack accounts?
I don't believe Chrome decrypts everything into protected memory, so I'd be very surprised if you needed kernel-level elevation to steal memory from it.
So, no, I don't think your examples are particularly meaningful to me.
-
Comment on Valorant is winning the war against PC gaming cheaters in ~games
DefiantEmbassy (edited )Link ParentWe have different values. I do not believe that the kernel-level access significantly changes the level of risk presented to my personal data. The risk is already significant by installing their...blown away by the commenters
We have different values.
They are incredibly invasive
I do not believe that the kernel-level access significantly changes the level of risk presented to my personal data. The risk is already significant by installing their user-mode game client.
they push this is that server-side cheat detection requires that their servers do the work instead of the client PCs
Valve continues to attempt this way of solving the problem, and continue to be behind their competitors.
Hardware based cheats are becoming more prominent
Hence why Riot is relying more on hardware level features to make the game client more impentrable.
This is a loss of agency on computers, absolutely. Would I prefer that game consoles had better M+K support built in, so that I could just game on that, and not be concerned about installing additional software on my computer, yes. But that isn't happening, so c'est la vie. I'd prefer to enjoy my games.
-
Comment on Valorant is winning the war against PC gaming cheaters in ~games
DefiantEmbassy (edited )Link ParentBut vulnerabilities are also present in user-mode, and are frankly, just as scary. At an Apex Legends event, professional players were forced to play with cheats, live on air (and no, this had...But vulnerabilities are also present in user-mode, and are frankly, just as scary.
At an Apex Legends event, professional players were forced to play with cheats, live on air (and no, this had nothing to do with their anti-cheat solution). A worm began propogating itself through MW2, despite Activision knowing about the bug for years.
Frankly, kernel-level anti-cheats are the least of my worries when talking about highly networked multiplayer games, where the teams just do not understand the severity of what is possible.
-
Comment on Valorant is winning the war against PC gaming cheaters in ~games
DefiantEmbassy (edited )Link ParentTrue. Technically true, but in all practical purposes, not really relevant. 1Password, KeePassXC, and KeePass (by default) all launch in user mode, and ask for your password in user mode. Boom,...Rootkits can avoid normal detection
True.
access to things like PW's out of a password manager
Technically true, but in all practical purposes, not really relevant.
1Password, KeePassXC, and KeePass (by default) all launch in user mode, and ask for your password in user mode. Boom, password keylogged. It doesn't matter if they decrypt to secure memory if the password for the keyfile has already been lost.
The list of caveats about where your password can be leaked in memory when using KeePass is scary. KeePassXC appears to be better for in-memory protection... but again, keyloggers. Like, I just validated it right now by creating my own keylogger using Python (
pip install keylogger...), and running it in user mode.No one cared how crowdstrike worked until it blew up
I mean, that was a stability problem, not a security problem. Vanguard's stability posturing is quite decent from what I understand (it should, in theory, not be vulnerable to the Crowdstrike problem).
but at the same time something at the kernel level has FAR more access.
But again, what does that really mean for people?
-
Comment on Valorant is winning the war against PC gaming cheaters in ~games
DefiantEmbassy Link ParentYes. That’s the case for any program you run on your computer (Windows/Linux, Mac has quite decent restrictions). if you don’t trust the maker of the software, don’t run it.Yes. That’s the case for any program you run on your computer (Windows/Linux, Mac has quite decent restrictions). if you don’t trust the maker of the software, don’t run it.
-
Comment on Valorant is winning the war against PC gaming cheaters in ~games
DefiantEmbassy Link ParentBut which part of this hypothetical anything actually scares you? For instance, is it the idea that they could keylog you? Steal your documents? Ransomware you? Steal your passwords? The...Since it has kernel access, it can pretty much do anything right?
But which part of this hypothetical anything actually scares you?
For instance, is it the idea that they could keylog you? Steal your documents? Ransomware you? Steal your passwords?
The hypotheticals that most people worry about are possible without kernel-level access, or even admin-level access. Everything I listed, and far more, is possible without ever going to the kernel-level.
From Riot,
However, if your beef is only about data privacy at Riot, running the game client or running Vanguard makes not one bit of difference. Data can still be retrieved from user-mode, and we're all engineers for the same studio with the same goals, none of which are collecting your personal information. If Riot hasn't earned your trust, do not run our software.
-
Comment on Valorant is winning the war against PC gaming cheaters in ~games
DefiantEmbassy Link ParentCan I ask what specifically, you believe Vanguard has the capability do, that worries you, beyond just the word "rootkit"?Can I ask what specifically, you believe Vanguard has the capability do, that worries you, beyond just the word "rootkit"?
-
Comment on Formula 1 Sao Paulo Grand Prix 2024 - Results in ~sports.motorsports
DefiantEmbassy Linka) Meltdown for McLaren. Lando couldn't start/restart to save his life, and McLaren botched the one pitstop they had. b) This is the Max I like to see, the "incredibly fast, picking his way...a) Meltdown for McLaren. Lando couldn't start/restart to save his life, and McLaren botched the one pitstop they had.
b) This is the Max I like to see, the "incredibly fast, picking his way through the field" Max, as opposed to the "run people off the road Max". Found his behaviour in the last race appalling, but sublime today.
c) Well done to Alpine!
d) Checo, almost forgot he was in the race until I read your OP. Lawson handled him like a boss. -
Comment on Vox Media, on the hunt for new revenue streams, is exploring putting up a pay wall on The Verge in ~tech
DefiantEmbassy Link Parenta) https://knowyourmeme.com/memes/im-tired-of-pretending-its-not b) In the spaces I hang out, like Tildes, the overwhelming opinion is that the redesign is bad. I wanted to express the...a) https://knowyourmeme.com/memes/im-tired-of-pretending-its-not
b) In the spaces I hang out, like Tildes, the overwhelming opinion is that the redesign is bad. I wanted to express the counter-opinion with some humour. I’ve never actually pretended 🙂
-
Comment on Vox Media, on the hunt for new revenue streams, is exploring putting up a pay wall on The Verge in ~tech
DefiantEmbassy Link ParentI think it’s beautiful and I’m tired of pretending it’s notI think it’s beautiful and I’m tired of pretending it’s not
-
Comment on Tildes Video Thread in ~misc
DefiantEmbassy LinkDrew Gooden - Everybody wants to waste your time. I thought this video would be semi-ironic, given the runtime, but was surprisingly captivated. I'm not sure he covers any new ground here, but the...Drew Gooden - Everybody wants to waste your time.
I thought this video would be semi-ironic, given the runtime, but was surprisingly captivated. I'm not sure he covers any new ground here, but the passion and clarity behind what is effectively a 30 minute rant was lovely to see.
-
Comment on Formula 1 Azerbaijan Grand Prix 2024 - Results in ~sports.motorsports
DefiantEmbassy LinkScintillating race, F1 is so back. Piastri had the nightmare of a driver driving perfectly behind him, if he made one mistake he was screwed. The absolute mettle of the man to keep it together. He...Scintillating race, F1 is so back. Piastri had the nightmare of a driver driving perfectly behind him, if he made one mistake he was screwed. The absolute mettle of the man to keep it together. He proved he is WDC material today.
Also, yeah, looks like a racing incident but the right angle can swing me either way.
-
Comment on ‘Ted Lasso’ heads toward Season 4 greenlight with options pickup for three core cast members in ~tv
DefiantEmbassy (edited )LinkI thought from the early outset that this was going to be one of the rare American shows that learns from its British counter-parts to end early, and end high (for example, The Good Place - an...I thought from the early outset that this was going to be one of the rare American shows that learns from its British counter-parts to end early, and end high (for example, The Good Place - an absolutely masterfully executed show).
They failed the latter (this is a silly sports TV show,
), and now they look like they're doing nether. *Urgh*.Click to view the hidden text
give us the ending where Richmond wins something, and Roy and Keeley end happy
Mojang has effectively decided to stop using C418 as a composer for Minecraft.
A video on the manner, but tl;dw: the suspected reason is that C418 is unwilling to change the terms of licensing his music to Mojang.