What is the use of anti-cheat software in online games?

In the past A decade of big competitive online games, especially first-person shooters like Activision Blizzard call of Duty and Bungie’s Destiny 2, had to massively scale up their business to combat the booming business of fraudulent sellers. But a growing number of gamers are concerned that software designed to detect and ban cheaters has become too broad and invasive, posing a considerable threat to their privacy and system integrity.

At issue are the kernel-level drivers, a relatively recent upgrade aimed at cheaters. The kernel itself — sometimes called “ring 0” — is an isolated part of the computer in which the core functions of the machine run. Software in this area includes the operating system, drivers that communicate with hardware (such as keyboards, mice, and video cards), and software that requires advanced permissions, such as antivirus suites. While buggy code executed in user mode (“ring 3”, i.e. web browsers, word processors, and other software we use) can cause specific software to crash, bugs in the kernel can cause an entire system to crash, usually in Blue screen of death everywhere. Because of this isolation, user-mode software has very limited visibility into what’s going on in the kernel.

So it’s no surprise that some people have reservations. But the reality is that security engineers, especially those working to establish fairness in the competitive FPS genre, don’t have many options. Anti-cheat systems are going to the kernel, in part because of where the cheaters are.

“Back in the 2008 era, no one actually used kernel drivers, like maybe 5% of sophisticated cheat developers,” said Paul Chamberlain, a security engineer who has developed anti-cheat systems for similar games Valuation, Fortniteand League of Legends. Chamberlain recalls seeing his first kernel-based game exploit – the infamous World of Warcraft Glider – in Defcon Security Conference 2007. “But by 2015 or so, almost all established, organized cheat-selling organizations were using kernel drivers.” With the tools available, not much anti-cheat software can deal with targeting bots and wall mounts that reside in the kernel. Around the same time, on Steam Developer ConferenceEasy Anti-Cheat engineer Aarni Rautava, who was eventually acquired by Epic Games, claims that the overall cheating market has grown to more than $100 million.

Nonetheless, Game Research has been and often is cautious when implementing its own driver solutions. Working in the kernel is difficult – it’s more specialized and requires a lot of QA testing, since the potential impact of bad code is much greater – which leads to increased expense. “Even at Riot, nobody wanted us to do drivers. Internally, they were like, ‘Look, this is too risky,'” said Clint Sereday, another safety engineer who works at Vanguard. ValuationA kernel-level anti-cheat system. “At the end of the day, they don’t want drivers to protect their game if they don’t have to.” But in the competitive FPS world, especially tactical shooters, where a single headshot can mean instant death, cheating can have a huge impact , will quickly erode the player’s trust. In the end, Riot seems to have calculated that any bounce from the kernel solution (and there are many) is still preferable to being blocked while battling cheaters on flat ground.

But for many players, Who It doesn’t really matter that the kernel is pushed first. They worry that anti-cheat kernel drivers might secretly spy on them or create exploitable vulnerabilities in their PCs.as a editor Said: “I’ll live with a liar. My privacy is more important than the game.”

The kernel driver will definitely introduce some kind of vulnerability. But the chances of a hacker attacking it are slim, at least for the vast majority of people. Adriel Desautels, founder of the penetration testing firm, said: “If you were to execute a vulnerability like this remotely, you could easily be talking about hundreds of thousands of dollars, maybe millions.” Network Gard“Attackers would rather spend their time and money on something where they can hit one thing and get a lot of loot,” just like any other criminal hacking or malware attack, where a lot of valuable data is stolen or held for ransom.