Microsoft IS NOT Killing Kernel Anti Cheat!!

I didnt think that much of it as of yet. Because it was relatively fresh and I dont really want to get hyped for a "promise". I welcomed the idea tho, as I rather have Microsoft figure something out that devs can use, rather than having random programs get kernel level access on my machine. This always worries me somewhat. Cant wait to get rid of that and if it benefits the Linux guys too then the more the better!

is it possible to fix this issue with Loadable kernel modules? I am not saying that is the fix I am really asking

In their last developer talk Riot said they were going to make their anticheat less intrusive in a future Microsoft update, so I still have faith in that

.

Microsoft won’t ever kill such a feature since i is the only feature which makes them relevant for private users due to game publishers intentionally deciding to not support Linux.

ITS SO JOVER!
why did you have to ruin this for me Brodie???

People is quick to jump into conclusions without questioning what they are reading. That's what's happening. Of course Microsoft is not going to ruin kernel level anti cheats for game developers, those companies are placing those measures because they are cheaper than hiring human moderators or implementing other measures. If anything they would have added their own so that game developers could have used it without having to resort to third party solutions.Which is still bad, but at least it's within the same ecosystem. Until something really bad happens and some attacker manages to attack all computers with that thing installed, at the same time, in mass scale, causing real damage, nothing is going to be done against those anti-cheats. Because at the end of the day, something really bad must happen for the people who is making money to take action. And crowdstrike, not being an anti-cheat but a security solution used by business, is still not a good enough example for 99% of Windows users. People will have what they deserve, just you wait.

Believe it or not it wasn't Microsoft or Crowdstrike's fault for the outage, When code passed internal testing , the testers didnt know that the file had been nuled

Fuck kernal level anti cheat. It doesnt work. there is not reason for it to be there.

Linux hopium is so funny

Yeah if Microsoft made an update that made games on Linux easier they would shoot themselves in the foot and Microsoft would loose money who cares about security anyway when you have profits just take a look back 2 months ago with the AI flashback or whatever your computer watching everything you do 24/7 isn't a security risk it's just Microsoft squeezing you for every dime you have to sell to advertisers

my issue with battle eye is I had mynetwork setup so secure that battle eye refuses to work properly as it seems try and send data to a random server as for me when I unblocked everything on my network when running battle eye its starts pushing far more data over my network, I was able to test the new GTA V PC update and even in single player my computer starts sending ouyt more trafic at times than when I use the launch command to stop battle eye, to me that skaetch as all hell and 100% will be avoiding GTA V as I do with other battle eye games.

Now I read the article and I understand it was way out there because I did go to the source (Microsoft). But I was just really hoping that if Microsoft is working with security vendors that they might rethink allowing Kernel Level Anticheats full stop. I really don't think Kernel Level Anticheats are worth it and I really don't understand why Microsoft hasn't stopped this because games can function without them and banning a Kernel Level Anticheat wouldn't impact business customers at all. I understand why some enterprise grade EDR's need it but I really don't understand why games need it, people are going to cheat regardless and it is far more dangerous if an anticheat is compromised

They probably see it as a competitive advantage since most of these anti cheats keep other OSs out.

Basic reading comprehension (or at all) is a problem among those who claim to be journalists. How sad.

But if there's a single bit of kernel code in Windows that all the anticheats reuse, that can be emulated, so still would be a win for Linux gaming

Even if this happened I wouldn't be shocked if they started kicking you off games because you use Linux because "more hackers use Linux" or something dumb like that.

It’s funny that Paladins and Fortnite don’t even use kernel level anti cheat in the first place. Easy Anti Cheat isn’t kernel level and does have Linux support

Yet most anti cheats are from japan/china en guess what america wants xD

Hypothetically, I imagine it could help WINE/Linux, but it all depends on how it's implemented, and er don't know that yet. Maybe it will be some API in user space that's easy to reproduce. Or maybe they'll be doing something shitty that depends on Microsoft's servers and makes it harder.

I mean we dont know yet what ms’s path is to prevent problematic kernel access

I think highly of Liam's outlet, but think pretty poorly of Liam himself. He's fragile, iintolerant, and pro-censorship.

People can make great things though, even if they aren't so great themselves. And Liam's news outlet is a gem. And I believed his take. I also knew that kernel level anticheat wasn't the real blocker.

I remember Valve introducing a Linux kernel change that would allow system calls to be redirected back into user space. This was specifically to allow them to implement direct Windows kernel calls in Wine/Proton. I think it was even accepted.

As an aside, I would really love it if Proton and Steam worked to implement game sandboxing.. I'm worried about games from certain adversarial nations being trojans.

The latest proof of concept of hardware cheat no longer uses PCIe slot, but rather doing MiTM between the motherboard and the RAM stick.

There you go control by the devil himself because can't keep up anymore like Ms used too but to late to try but they will lose seems like MS need money right now instead trying pull down something like Linux come on that's going to a lot money 💰🤑💰 to try to take them to court

get to the point

cheap fucks need to just do server side validation; none of this kernel level anticheat that people bypass anyways

Microsoft can't completely block kernel-level access because it infringes some EU competition laws. In the past, Microsoft has faced legal action from the EU for anti-competitive practices, including restricting access to certain APIs and kernel-level functions that could hinder interoperability with third-party software.

Microsoft has lucrative deals with companies who pay for kernel access. Silly Billies. That's not going away.

First of all it wouldnt affect older versions of windows so unless the games require the latest version of windows it wouldnt matter.

Second of all linux cultists are delusional. How is games becoming cheater infested a boon for linux?

To be honest i got high on copium train and didnt think about this being fake news :<.

At the end of the day the idea that I have to give a 3rd party software company full access to my kernel just to play a video game is absurd. They are very clearly using it as a crutch to solve problems that are better handled at the server level. They would rather take your metaphorical guns away than spend the extra money on a metal detector. There are so many anti cheat principles that have been abandoned because kernel level access allows you to dictate a valid system state in place of detecting malicious ones. They literally remove consumer choice by locking you down into a pseudo monopoly where operating systems like Linux aren't allowed. Especially now that we have AI systems that can analyze player behavior, there really isn't much of a reason to continue using kernel level anti cheats. It would be trivial to setup an AI trained on both cheating players, and normal players to detect the difference. What may be subtle to us is very obvious to these systems. It may even pickup on differences in inputs that are all but imperceptible to us and ban people actively. There would be no way to adapt to the anti cheat because it literally learns from confirmed cheaters. Due to this you wouldn't even have to bother with ban waves, you could just ban players the moment cheating is detected. It doesn't detect changes in memory so there would be no way for cheaters to obfuscate their cheats. AI cheat detection and some carefully designed heuristics is all you need. False positives will happen from time to time but the people who actually cheat tend not to bother submitting a ticket to get unbanned and you can even put their account into a type of probation period after unbanning them to see if they offend again.

I've been fooled, and I am now angry

I don't care if we have to lie as long as Linux marketshare grows.

:( major disappointment

the part no one talked about, well someone did i forget what video i watched but this could actually make it worse for gaming on linux

I bet the 'journalist' used chatgpt to summarize the blog post and the ai got it wrong / hallucinated.

why are we blaming Microsoft??
blame the cheaters and hackers ruining games.

so what you are saying is that redit red-it incorrectly

I don't care about playing multiplayer slop like Fortnite or Call of duty. These games are full of mtx and loot boxes. With single player games I can play at my own pace and not have to worry about the toxicity of many online games and I don't have to do with tryhard players that pressure people to get good. Even when I gamed on consoles and on windows I was always primarily a single player gamer.

You would also have to be very naive to think that it would make a difference in Linux support, even if they did lock it down.
Obviously it's just about moving some features out of the kernel, to limit the amount of code that goes inside kernel space to begin with. All things considered, this is the best way you could possibly avoid disasters like CrowdStrike.
I personally think that eBPF in Linux is also quite clever in limiting the complexity of code that goes into the kernel at runtime.

A milennia has passed since you posted this (in Internet terms), so... Brodie, my dude, the problem with what happened with Crowdstrike is that the change passed all their testing, not that it wasn't tested. Keep up the excellent content, I look forward to being able to daily drive Linux in preference to Windows, rather than having to side-by-side as I currently do.

Kernel functions move to user space -> no problem running them on linux, except pure egotism or lazyness

sad

Oh, no... this is horrible news. Kernel-level anti-cheat needs to go - YESTERDAY! Can't believe this all turned out to be hot air. I literally shouted with joy when I first heard about this too. What a shame. Gonna need some XL dabs in the piece to night to cope with this for sure 😮‍💨

Call me crazy, but I prefer using a second SSD with WIn10 LTSC and CTT's debloat tool to play Valorant and League, even with the problems it has caused me twice the last 4 years.

I play less because I would have to restart my computer AND I don't have to experience cheaters. :P

We’ve been hoodwinked, bamboozled, lead astray, run amok and flat out deceived

I REALLY wanted this to be true so bad.

no games or no anti-cheats should ever have any access to kernel mode or any of the rest of your PC files or information. They should have a game platform completely run in VM only. No access to any of your information at all.

Someone tell Low Level Learning...