Kernel Anti-Cheat Is an Overreach
6 hours ago
- #Security Risks
- #Privacy Concerns
- #Anti-Cheat Software
- Kernel anti-cheat software requires installing closed-source, ring-0 drivers with root access to the operating system, giving them full system control.
- Owners of these systems include Tencent (China, on U.S. defense list), Saudi Arabia's Public Investment Fund, and others, raising privacy and security concerns due to potential state compulsion laws.
- Independent analysis reveals these drivers collect extensive system-wide data, exhibit rootkit-like behavior, and create security vulnerabilities, while cheating persists via external hardware like DMA cards.
- Requirements such as TPM 2.0, Secure Boot, and firmware updates lock out Linux, older machines, and cause issues like false bans and boot problems, impacting legitimate players.
- The article argues this overreach functions more like consumer monitoring than cheat detection, suggesting isolation measures like dual-booting for privacy.