Embark Studios announced work on a new anti-cheat system for THE FINALS, and thankfully they've also now said it will continue working on Linux / SteamOS.
There is a way to kinda make this work, this would be hardware based security. You could use a TPM to make reasonably sure the kernel is e.g. mainline / hardened / anything else acceptable. Hardware vendors (i.e. Intel, AMD etc.) would have to provide a service where they hash the kernel alongside their keys for the game devs to check against (probably not for free). You would absolutely have to use Secure Boot tho, and eventually keys may be leaked. Another possibility would be devs connecting directly to your TPM to make sure (afaik this is possible in principle, but not mean to be used that way).
I think there are easier ways to prevent cheating tho, for example simply detecting suspicious activity on the server side, i.e. stats go way up, looking at data coming from clients other than yours.
It’s impossible for anything but the kernel (the user chooses) to know what software is running. Tpm and kernel features can be emulated and spoofed.
Tpm already has known exploits, which leads to it not being reccommended for disk encryption. A lot of not so old pc’s don’t even have a tmp 2.0 chip.
Secure Boot is useless for this because the user can just enroll their own keys. You can’t prevent this, because you can just mod the bios. Replacing the stock secure boot keys is trivial using uefi-tool. Pretty much every motherboard only checks the bios signature when flashing, my prvious motherboard (<7 Years old) didn’t even do that.
Also currently the only way for secure boot on linux is either using shim which the user can enroll thier own keys into or enrolling their own keys directly into the bios.
Many phone manufacturers tried forcing secure boot, and failed. I bypassed such attempts on 3 devices, the manufacturer of one of them tried to fix the exploits twice and still failed to do so.
Also how should the server know that the game itself wasn’t modified to just emulate everything.
It’s the same problem that electronic voting machines have, how does an external person/server know that the correct software is running on the computer? It’s impossible.
Also aren’t we using Linux because we want the freedom to run what ever we want on our computers?
Server side only anti-cheats are the only solution.
Fully agree with this. I’m far from an expert either, but I saw a YouTube video once, which was depressing, showing how people can cheat nowadays. It just involves custom hardware that “pretends” to be the mouse/monitor/… It doesn’t even cost you a fortune.
Congratulations: your kernel anti cheat does fuck all as the cheat is running on the external hardware before forwarding the info to the pc.
Server-Side anti-cheat is imo the only solution. I have no idea how else to fix this issue. It all seems like a patch to try and make your client trustworthy. Something it inherently isn’t. I realize this is a lot easier said than done.
There is a way to kinda make this work, this would be hardware based security. You could use a TPM to make reasonably sure the kernel is e.g. mainline / hardened / anything else acceptable. Hardware vendors (i.e. Intel, AMD etc.) would have to provide a service where they hash the kernel alongside their keys for the game devs to check against (probably not for free). You would absolutely have to use Secure Boot tho, and eventually keys may be leaked. Another possibility would be devs connecting directly to your TPM to make sure (afaik this is possible in principle, but not mean to be used that way).
I think there are easier ways to prevent cheating tho, for example simply detecting suspicious activity on the server side, i.e. stats go way up, looking at data coming from clients other than yours.
Okay, but the root of the issue is still that anti-cheat is just the lazy way to keep people from cheating.
It’s impossible for anything but the kernel (the user chooses) to know what software is running. Tpm and kernel features can be emulated and spoofed.
Tpm already has known exploits, which leads to it not being reccommended for disk encryption. A lot of not so old pc’s don’t even have a tmp 2.0 chip.
Secure Boot is useless for this because the user can just enroll their own keys. You can’t prevent this, because you can just mod the bios. Replacing the stock secure boot keys is trivial using uefi-tool. Pretty much every motherboard only checks the bios signature when flashing, my prvious motherboard (<7 Years old) didn’t even do that.
Also currently the only way for secure boot on linux is either using shim which the user can enroll thier own keys into or enrolling their own keys directly into the bios.
Many phone manufacturers tried forcing secure boot, and failed. I bypassed such attempts on 3 devices, the manufacturer of one of them tried to fix the exploits twice and still failed to do so.
Also how should the server know that the game itself wasn’t modified to just emulate everything.
Even Intels attempt at preventing this with “secure computing” with sgx didn’t work. See this: https://media.ccc.de/v/670321a9-75f4-4194-867d-a249aa01af0b
It’s the same problem that electronic voting machines have, how does an external person/server know that the correct software is running on the computer? It’s impossible.
Also aren’t we using Linux because we want the freedom to run what ever we want on our computers?
Server side only anti-cheats are the only solution.
Fully agree with this. I’m far from an expert either, but I saw a YouTube video once, which was depressing, showing how people can cheat nowadays. It just involves custom hardware that “pretends” to be the mouse/monitor/… It doesn’t even cost you a fortune.
Congratulations: your kernel anti cheat does fuck all as the cheat is running on the external hardware before forwarding the info to the pc.
Server-Side anti-cheat is imo the only solution. I have no idea how else to fix this issue. It all seems like a patch to try and make your client trustworthy. Something it inherently isn’t. I realize this is a lot easier said than done.
Hell, a determined person could even run two kernels at once.
@UnfortunateShort @archonet
That would essentially be a closed source fork of the kernel.
The GPL requires the end user be allowed and not prevented from making whatever change they wish to the kernel.
The people who want a closed source kernel can use the NT kernel.