DefiantEmbassy's recent activity

  1. Comment on Kendrick Lamar - squabble up (2024) in ~music

    DefiantEmbassy
    Link Parent
    Had to end work early This is like the third time he's done that to me this year

    Had to end work early

    This is like the third time he's done that to me this year

    4 votes
  2. Comment on A Minecraft Movie | Official trailer in ~movies

    DefiantEmbassy
    Link Parent
    Mojang has effectively decided to stop using C418 as a composer for Minecraft. A video on the manner, but tl;dw: the suspected reason is that C418 is unwilling to change the terms of licensing his...

    Mojang has effectively decided to stop using C418 as a composer for Minecraft.

    A video on the manner, but tl;dw: the suspected reason is that C418 is unwilling to change the terms of licensing his music to Mojang.

    4 votes
  3. Comment on Valorant is winning the war against PC gaming cheaters in ~games

    DefiantEmbassy
    Link Parent
    I did think a little bit more about this point, and it's a fair criticism. I don't actually think most people are segmenting their systems in this way, but if they chose to do so, it is a shame...

    API another process can access the memory of a different process of the same privilege level AND the same user

    I did think a little bit more about this point, and it's a fair criticism. I don't actually think most people are segmenting their systems in this way, but if they chose to do so, it is a shame that kernel-level software provides a loophole for vendors to inspect all accounts.

    (Of course, you could take this segmenting a million miles further: seperate Windows installs, both BitLockered? Hell, if you're using multiple installs, you can use Linux if you want, with FDE to stop data sniffing there. Or just Qubes, lol, although no competent anti-cheat will let you play video games using Qubes).

    Maybe the question why game companies want to use kernel level access in the first place is a good question to ask. They want to be able to scan the memory and monitor the behaviour of arbitrary applications. Why would they need kernel level access in the first place if this were possible in an unrestricted manmer for userspace applications?

    Because as we've discussed, user-mode can't read kernel-level memory (or even any sort of privileged memory), so cheat vendors will go there. Cheaters obviously don't worry about installing arbitrary kernel-level software.

    My point is: for me, as a user of a single user machine, on a non-isolated operating system, all of my software runs in user mode. The scope for data stealing is outrageously high already, and so the kernel-level aspect doesn't particularly change my security posture.

    I guess what I'm saying is don't give kernel level access to software if not absolutely necesaary, but don't make the operating system vendor enforce that policy - just make the admin jump through reasonably many hurdles before arriving there.

    This is where it becomes tricky.

    On the one hand, completely agree with you. I do worry about a future where users lack control over their computing technology. I totally agree with this user that adding kernel-level technology to co-op, or singleplayer titles, is a gross overstep of responsibility (as well as titles like GTA:Online, where they haven't even attempted to solve the inherent problem of trusting peer-to-peer networking being impossible - making it a server-based title should've been the first move). I basicially agree with everything he said, to be honest.

    On the other hand, if you want a future where kernel-level anti-cheats aren't required, the game has to be able to attest that the environment is secure, which obviously takes way those user freedoms.

    2 votes
  4. Comment on Valorant is winning the war against PC gaming cheaters in ~games

    DefiantEmbassy
    Link Parent
    I'm actually referring to a later blog post by Riot here (you are referring to the first blog post),

    I'm actually referring to a later blog post by Riot here (you are referring to the first blog post),

    As we were getting at in the “botting” section, some cheaters have begun to pivot to macOS VMs, in an effort to free themselves from the Vanguard requirement. This move was about as unexpected as syrup on pancakes, so we’re pleased to announce that Vanguard’s companion product, Embedded Vanguard (mVG) is coming soon to a Mac build near you. The unique security of the macOS environment allows us to be a little less stringent on defending its kernel, so as the name implies, this won’t require any extra installs—the security is “embedded” right into the game client. Further still, we’re actually already using mVG to great effect on VALORANT console and on Wild Rift.

    Once it ships at the end of this year, we hope it will be the final blow to bots and to the two public scripting suite developers that are now grappling with the realization they wasted three months on porting cheats to OSX. Don’t worry too much though, Swift looks great on a resume.

    4 votes
  5. Comment on Valtteri Bottas and Zhou Guanyu to leave Kick Sauber as team confirm decision to part ways in ~sports.motorsports

    DefiantEmbassy
    Link
    Sad Bottas never got a great send off in terms of racing (24 in a 20 man series can’t be fun), but hopefully he can hold his head up high, especially when glancing at the fates of some other...

    Sad Bottas never got a great send off in terms of racing (24 in a 20 man series can’t be fun), but hopefully he can hold his head up high, especially when glancing at the fates of some other drivers who’ve tried battling greats. He could at least be 2nd best, consistently.

    Glad to see a rookie explosion, though!

    2 votes
  6. Comment on Valorant is winning the war against PC gaming cheaters in ~games

    DefiantEmbassy
    Link Parent
    This gets to the crux of what I’d prefer. Actual proper isolation and sandboxing. Macs have made a similar great effort here, and it’s why Riot are fine having a significantly less intrusive...

    As for keyloggers - yes, there are better solutions than how windows handles it. Wayland is for example much better at isolating keystrokes so that only the current window can access them.

    This gets to the crux of what I’d prefer. Actual proper isolation and sandboxing. Macs have made a similar great effort here, and it’s why Riot are fine having a significantly less intrusive solution on that platform.

    It would be highly questionable if one userspace application could read/write from a different userspace application's address space without some kind of exploit

    My friend, I just downloaded System Informer (portable), opened it with no admin access, and told it to dumps the strings from my Firefox process. I can clear as day see the browsing history of various pages I had open.

    Like, I can only speak for myself. But the concerns you speak of, they’re not sufficiently worse than the existing sorry state of user mode.

    But your comment about Wayland is the future I’d desire. Better isolation, no kernel-level access for anyone.

    7 votes
  7. Comment on Valorant is winning the war against PC gaming cheaters in ~games

    DefiantEmbassy
    Link Parent
    (I’d like to preface this by saying that I really wish I could reply without bumping this thread relentlessly.) I dispute that. I say the action of installing the software is already the camera,...

    (I’d like to preface this by saying that I really wish I could reply without bumping this thread relentlessly.)

    I can surveil you without entering your home, so you should just let me put cameras up inside it anyway.

    I dispute that. I say the action of installing the software is already the camera, and all the kernel-level driver is doing is bolting it down and installing an infrared sensor. Sure, the infrared sensor can see more, and bolting it down makes it harder to remove, but the problem is the fucking camera.

    To be clear, my hypothetical perfect future is one where applications are properly sandboxed. Where kernel-level access is impossible, and you use modern techniques like eBPF for monitoring purposes. Ideally with some user agency built in, but you’re never going to be perfect here. Cheats to a large extent become far less useful here. Do it properly like PS5/Xbox, and you’re even removing the ability for hardware peeking.

    That, or we give up on the idea of running competitive multiplayer titles on PCs, and consoles properly support mouse and keyboard. The input device is my problem, not the hardware. Screw Linux? Screw Windows too.

    In my ideal world you don’t need to install the fucking camera. But right now? I don’t give a damn how powerful the camera is.

    2 votes
  8. Comment on Valorant is winning the war against PC gaming cheaters in ~games

    DefiantEmbassy
    (edited )
    Link Parent
    Oh, I'm not suggesting that we shouldn't improve the security posture of modern operating systems. Hell, half of doing so would help resolve many cheating issues by itself! It's why Vanguard on...

    Oh, I'm not suggesting that we shouldn't improve the security posture of modern operating systems. Hell, half of doing so would help resolve many cheating issues by itself! It's why Vanguard on macOS is significantly less intrusive than on Windows.

    But why does it take kernel-level anti-cheat to have that discussion? It seems a needless distinction to the reality that modern operating systems are leaky faucets.

    5 votes
  9. Comment on Valorant is winning the war against PC gaming cheaters in ~games

    DefiantEmbassy
    (edited )
    Link Parent
    You vastly overestimate the security posture of user mode software on machines. As mentioned elsewhere, it is true that password managers decrypt into encrypted memory. It is also true that all...

    You vastly overestimate the security posture of user mode software on machines.

    As mentioned elsewhere, it is true that password managers decrypt into encrypted memory. It is also true that all password managers (except KeePass, if you configure an option) take the keyboard input in user mode. Hey presto, keylogged.

    Cookies are stored in AppData on Windows. Why do you think Steam and Discord account stealers do not require administration access to hijack accounts?

    I don't believe Chrome decrypts everything into protected memory, so I'd be very surprised if you needed kernel-level elevation to steal memory from it.

    So, no, I don't think your examples are particularly meaningful to me.

    9 votes
  10. Comment on Valorant is winning the war against PC gaming cheaters in ~games

    DefiantEmbassy
    (edited )
    Link Parent
    We have different values. I do not believe that the kernel-level access significantly changes the level of risk presented to my personal data. The risk is already significant by installing their...

    blown away by the commenters

    We have different values.

    They are incredibly invasive

    I do not believe that the kernel-level access significantly changes the level of risk presented to my personal data. The risk is already significant by installing their user-mode game client.

    they push this is that server-side cheat detection requires that their servers do the work instead of the client PCs

    Valve continues to attempt this way of solving the problem, and continue to be behind their competitors.

    Hardware based cheats are becoming more prominent

    Hence why Riot is relying more on hardware level features to make the game client more impentrable.

    This is a loss of agency on computers, absolutely. Would I prefer that game consoles had better M+K support built in, so that I could just game on that, and not be concerned about installing additional software on my computer, yes. But that isn't happening, so c'est la vie. I'd prefer to enjoy my games.

    29 votes
  11. Comment on Valorant is winning the war against PC gaming cheaters in ~games

    DefiantEmbassy
    (edited )
    Link Parent
    But vulnerabilities are also present in user-mode, and are frankly, just as scary. At an Apex Legends event, professional players were forced to play with cheats, live on air (and no, this had...

    But vulnerabilities are also present in user-mode, and are frankly, just as scary.

    At an Apex Legends event, professional players were forced to play with cheats, live on air (and no, this had nothing to do with their anti-cheat solution). A worm began propogating itself through MW2, despite Activision knowing about the bug for years.

    Frankly, kernel-level anti-cheats are the least of my worries when talking about highly networked multiplayer games, where the teams just do not understand the severity of what is possible.

    10 votes
  12. Comment on Valorant is winning the war against PC gaming cheaters in ~games

    DefiantEmbassy
    (edited )
    Link Parent
    True. Technically true, but in all practical purposes, not really relevant. 1Password, KeePassXC, and KeePass (by default) all launch in user mode, and ask for your password in user mode. Boom,...

    Rootkits can avoid normal detection

    True.

    access to things like PW's out of a password manager

    Technically true, but in all practical purposes, not really relevant.

    1Password, KeePassXC, and KeePass (by default) all launch in user mode, and ask for your password in user mode. Boom, password keylogged. It doesn't matter if they decrypt to secure memory if the password for the keyfile has already been lost.

    The list of caveats about where your password can be leaked in memory when using KeePass is scary. KeePassXC appears to be better for in-memory protection... but again, keyloggers. Like, I just validated it right now by creating my own keylogger using Python (pip install keylogger...), and running it in user mode.

    No one cared how crowdstrike worked until it blew up

    I mean, that was a stability problem, not a security problem. Vanguard's stability posturing is quite decent from what I understand (it should, in theory, not be vulnerable to the Crowdstrike problem).

    but at the same time something at the kernel level has FAR more access.

    But again, what does that really mean for people?

    5 votes
  13. Comment on Valorant is winning the war against PC gaming cheaters in ~games

    DefiantEmbassy
    Link Parent
    Yes. That’s the case for any program you run on your computer (Windows/Linux, Mac has quite decent restrictions). if you don’t trust the maker of the software, don’t run it.

    Yes. That’s the case for any program you run on your computer (Windows/Linux, Mac has quite decent restrictions). if you don’t trust the maker of the software, don’t run it.

    5 votes
  14. Comment on Valorant is winning the war against PC gaming cheaters in ~games

    DefiantEmbassy
    Link Parent
    But which part of this hypothetical anything actually scares you? For instance, is it the idea that they could keylog you? Steal your documents? Ransomware you? Steal your passwords? The...

    Since it has kernel access, it can pretty much do anything right?

    But which part of this hypothetical anything actually scares you?

    For instance, is it the idea that they could keylog you? Steal your documents? Ransomware you? Steal your passwords?

    The hypotheticals that most people worry about are possible without kernel-level access, or even admin-level access. Everything I listed, and far more, is possible without ever going to the kernel-level.

    From Riot,

    However, if your beef is only about data privacy at Riot, running the game client or running Vanguard makes not one bit of difference. Data can still be retrieved from user-mode, and we're all engineers for the same studio with the same goals, none of which are collecting your personal information. If Riot hasn't earned your trust, do not run our software.

    9 votes
  15. Comment on Valorant is winning the war against PC gaming cheaters in ~games

    DefiantEmbassy
    Link Parent
    Can I ask what specifically, you believe Vanguard has the capability do, that worries you, beyond just the word "rootkit"?

    Can I ask what specifically, you believe Vanguard has the capability do, that worries you, beyond just the word "rootkit"?

    6 votes
  16. Comment on Formula 1 Sao Paulo Grand Prix 2024 - Results in ~sports.motorsports

    DefiantEmbassy
    Link
    a) Meltdown for McLaren. Lando couldn't start/restart to save his life, and McLaren botched the one pitstop they had. b) This is the Max I like to see, the "incredibly fast, picking his way...

    a) Meltdown for McLaren. Lando couldn't start/restart to save his life, and McLaren botched the one pitstop they had.
    b) This is the Max I like to see, the "incredibly fast, picking his way through the field" Max, as opposed to the "run people off the road Max". Found his behaviour in the last race appalling, but sublime today.
    c) Well done to Alpine!
    d) Checo, almost forgot he was in the race until I read your OP. Lawson handled him like a boss.

    7 votes
  17. Comment on Vox Media, on the hunt for new revenue streams, is exploring putting up a pay wall on The Verge in ~tech

    DefiantEmbassy
    Link Parent
    a) https://knowyourmeme.com/memes/im-tired-of-pretending-its-not b) In the spaces I hang out, like Tildes, the overwhelming opinion is that the redesign is bad. I wanted to express the...

    a) https://knowyourmeme.com/memes/im-tired-of-pretending-its-not

    b) In the spaces I hang out, like Tildes, the overwhelming opinion is that the redesign is bad. I wanted to express the counter-opinion with some humour. I’ve never actually pretended 🙂

    3 votes
  18. Comment on Vox Media, on the hunt for new revenue streams, is exploring putting up a pay wall on The Verge in ~tech

    DefiantEmbassy
    Link Parent
    I think it’s beautiful and I’m tired of pretending it’s not

    I think it’s beautiful and I’m tired of pretending it’s not

    3 votes
  19. Comment on Tildes Video Thread in ~misc

    DefiantEmbassy
    Link
    Drew Gooden - Everybody wants to waste your time. I thought this video would be semi-ironic, given the runtime, but was surprisingly captivated. I'm not sure he covers any new ground here, but the...

    Drew Gooden - Everybody wants to waste your time.

    I thought this video would be semi-ironic, given the runtime, but was surprisingly captivated. I'm not sure he covers any new ground here, but the passion and clarity behind what is effectively a 30 minute rant was lovely to see.

    1 vote
  20. Comment on Formula 1 Azerbaijan Grand Prix 2024 - Results in ~sports.motorsports

    DefiantEmbassy
    Link
    Scintillating race, F1 is so back. Piastri had the nightmare of a driver driving perfectly behind him, if he made one mistake he was screwed. The absolute mettle of the man to keep it together. He...

    Scintillating race, F1 is so back. Piastri had the nightmare of a driver driving perfectly behind him, if he made one mistake he was screwed. The absolute mettle of the man to keep it together. He proved he is WDC material today.

    Also, yeah, looks like a racing incident but the right angle can swing me either way.

    11 votes