There have been multiple accounts created with the sole purpose of posting advertisement posts or replies containing unsolicited advertising.

Accounts which solely post advertisements, or persistently post them may be terminated.

loo ,
@loo@lemmy.world avatar

I’m dual booting windows and linux and I’m only using Windows for applications I can’t get to run on Linux. If I’m installing Vanguard on Windows, could that be a safety concern for my Linux partition? Since I have no personal data on Windows, I wouldn’t mind installing it there, as long as it’s not an issue for my linux partition

yum13241 ,

Riot is owned by Tencent. Coincidence?

KillingTimeItself ,

“linux does not allow us a good enough ability to confirm boot state”

Skill issue, L for riot games.

Realistically, if this is true, it’s because of security. Shocker on that one really. Also, there are probably only 800 players on linux because the anti cheat doesnt fucking work. But that doesnt count apparently

melpomenesclevage ,

Yeah I didn’t know I could play it.

KillingTimeItself ,

i was convinced that LOL didn’t boot under linux, im still trying to figure out how they’re getting these numbers.

melpomenesclevage ,

Right?

sugar_in_your_tea ,

Skill issue, L for riot games.

I’m no expert here, but couldn’t they rely on SEV/SME or similar? My understanding is those features encrypt RAM, which would make it a lot more difficult for an attacker to do memory-based attacks when the game is running within a VM. I expect “physical attacks” would include attacking a VM’s memory, but again, I’m not an expert.

I also wonder if this could work in a containerized environment instead of a VM, so players could just run a lightweight container and preserve direct access to resources like the GPU. I don’t know if GPU access can be required to be encrypted as well, but surely this is a massive step forward.

KillingTimeItself ,

i have no clue myself frankly. Realistically, doing literally anything is probably going to be better than what riot claims is possible. I think a fundamental part of the problem is stuff outside the control of the game, the OS already has segmented ram for instance, it’s all supposed to be virtually privatized, that way you don’t get these kinds of problems On the fly encryption would probably help, though they would probably just use shitty encryption anyway. Regardless, if you get something to hook into the game code itself, rather than just abusing memory values, it wouldn’t matter. Because at that point it’s going to be running inside the game.

pineapplelover ,

I hear Dota is better anyways and I think it runs natively.

StupydHors ,

It runs but the Vulcan implementation is shit so you will have worse performance.

mryessir ,

I just read from that: Other OSes are inferior and they won’t tell their userbase. Cheapshots I guess.

WereCat ,

I don’t believe that only 800 people played on Linux. It makes no sense to me in the grand scheme of things. I have a personal YT channel with only 108 subs and my random low effort video on how to get League running on Steam Deck has almost 70k views which is nuts and there are many other much better videos than mine with many more views. If only 0.1% of those people are active players that would still make a lot more than “800” figure. I know this is just a random speculation but 800 is just waaaay too low.

gamermanh ,
@gamermanh@lemmy.dbzer0.com avatar

Those 70k views are probably people like me:

Want to try it and bounce violently off of the toxic ass community

So that 800 might actually be a believable number given you go through some hurdles just to get, well, LOL players

abeltramo ,
@abeltramo@lemmy.world avatar

The devil is in the details: 800 on a single day.

Willdrick ,

Good riddance, spent several years hooked to League. That being said, the fragmentation argument is bullshit, they could ship a read-only container in a flatpak and it’d run everywhere.

Kernel level is a huge risk and it doesn’t guarantee anything, especially in the age of Ai cheats and network mitm cheats

Aux ,

You can’t do shit with flatpak as a kernel level anti cheat.

Willdrick ,

That’s the point. A read only container to keep low hanging fruit at bay, and flatpak to distribute without having to repackage to every distro under the sun.

I don’t fuck with the game, the game doesn’t fuck with my system.

Aux ,

That doesn’t protect the game in any way, that’s the issue. If you don’t fuck with it, it doesn’t mean that everyone else doesn’t as well.

ampersandrew ,
@ampersandrew@lemmy.world avatar

Their anti cheat rootkit doesn’t protect the game either.

Aux ,

How do you know?

ampersandrew ,
@ampersandrew@lemmy.world avatar

Because cheaters still exist, and we’re well aware of the methods they use that would never come close to interacting with your operating system.

loo ,
@loo@lemmy.world avatar

My main issue with this blog post is that rather than properly addressing concerns, they make fun of them.

It’s not a rootkit, journalists just spread misinformation for clicks

Why is it not a rootkit, then??

Aux ,

Because journalists.

yggstyle ,

A blog toxic as it’s community? Gasp.

A long while back riot used to be a fun sorta disruptive thing that was pretty healthy overall. It was awkward and fun. That was before it was purchased though. Now riot exists to make money for big china. It isn’t that company anymore. It’s a facade.

You can’t fix it, nor can the employees.

Riot is a skinpuppet that has no autonomy. Unlike the employees though, we have the choice to leave that failing franchise and move on. Rootkits aren’t acceptable and that needs to be the standard. It wasn’t okay when Sony tried it in the name of anti-piracy and it’s still not okay now. No person should be okay with installing a black box with greater admin rights than they have on their own machine. That is not okay. It is security heresy. That blog uses hand waving and bullshit to sell the concept to people that don’t know any better. And honestly? That’s almost just as bad as the rootkit itself.

A rough translation is:

Be a good drone and put the slave collar on. It’s good for you. Don’t ask questions, you don’t need to know why. Just do it. You are the product and you have no rights.

slumberlust ,

I disagree that they went downhill post-purchase. They were shit from the very start when pendragon decided to burn one community to promote his own in the name of capitalism.

yggstyle ,

They had their issues, sure. But most studios will have burned bridges in their wake. Not a hard and fast rule of course.

When I refer to downhill I’m looking directly at the slippery slope that is changing from profit as a target to profit above all else. When you sell a company regardless of who you retain - there will be a value shift as the head drives the body. The existing cracks got worse and new ones formed. People that care the most generally give up, leave, or both and the whole thing falls in on the void left by those support’s absences.

You may be right that a shift in ideal started then. I’m not terribly familiar with the story so I’ll defer to you on that.

KillingTimeItself ,

because on windows it’s not considered a rootkit, it’s consider user obscured feature sets.

jkrtn ,

I guess the difference is in whether or not the victim was complicit with installing spyware in the kernel.

laurelraven ,

If that’s the distinction they’re going with, they don’t actually know what a rootkit is and have no business declaring something is or isn’t one

Telorand , (edited )

Makes business sense. Why bother developing for 800 users when you have hundreds of thousands, if not millions, to worry about? The software company I work for has to make this kind of decision all the time.

But it was nice of them to include a viable strategy for cheaters via VMs.

Edit: I should clarify that “business sense” is almost always a poor excuse, and considering the potential growth in the Linux market thanks to handhelds, Proton, and NVK, seems dumb to thumb your nose at that potential.

yggstyle ,

800 feels like a number they cherry picked considering the overall community size.

Speaking personally: their vm detection is hot garbage and they know it. Detecting a VM is easy enough for anyone- detecting cheating via it is far more difficult. They flag a VM as such and wait for a report to roll in then blindly ban it… only to reverse it when pressured. This isn’t the behavior of an org with concrete evidence. It’s a smokescreen.

KillingTimeItself ,

probably because those 800 users can’t fucking open the game. It’s almost like if you manufacture a car that doesn’t kill you the instant you fuck up even the slightest bit, that people will want to buy and own it.

weirdcarrotmonster ,

Honestly, i don’t get why people are bitching about it so much. A company, that makes a game with intention to make money off it, that never supported linux neither promised to support linux some time in the future, clarifies that it sees no purpose in supporting linux because of monetary reasons.

Okay, that may be your favorite game, you might have spend tons of money on in - but idea that it may never be supported on your favorite platform has never crossed your mind? It’s like whining that PS exclusive game is not getting ported to Xbox.

So basically, “it’s too hard, and our engineers are not good at their jobs.”

Imagine this: you have a cheater problem. Your team of developers have only ever worked on gameplay-related stuff - graphics, game engine, etc. You can:

  1. Make them pull solution out of their butts, somehow gain expertise in topic they have never worked on
  2. Pour ALOT of money in HR and hire specialists that have experience in anticheat software
  3. Pay 3rd party for solution that you can use RIGHT NOW and that works (at least somehow)

When money is involved, you make decision by counting them. You give somebody (tech lead, probably) task to evaluate your options - and give you approximate numbers. And i’m not surprised they chose 3rd option.

Stop stealing our CPU cycles for high risk rootkits and start mitigating and detecting cheating on the server. It’s that easy.

I’m currently working on bot detection for web resources - and trust me, it’s extremely hard to distinguish them from people without some client-side analysis. Sure, you can use behavioral analysis, but you need lots of data and, again, expertise in that. Okay, they have the data - thousands of games played daily. Have you ever seen job listing for “game patterns analyst for LoL”? Again, you have to find someone capable - highly payed experts, who will spend some time testing their theories, with no guaranteed success.

“How do you separate good players from cheaters? This low ranked player who just got his second pentakill - is he cheating or smurfing? This weird behaviour - is it because of missing fog of war or are they just communicating over voice chat?”

It’s just… really NOT that easy.

The “distributions” argument always smells like bullshit. Developers actually interested on supporting Linux usually stick to one or two distros of their choice. (Typically Ubuntu.)

There’s your answer - they are not interested. And there is nothing wrong with that! It’s just business! Remember the “a times b times c” scene from fight club? They’ve calculated their x - and it’s not worth pursuing (for them).

Rootkits are bad, m’kay. Wanna avoid them? Don’t install them. Just don’t be surprised when company adds them - it’s their product, they do whatever the fuck they want.

yggstyle ,

While yes the company can certainly do what they want - that isn’t to say that everything they want to do is correct.

In an isolated bubble their decision looks… fine… ish. The reasons they provide are mostly excuses- but for arguments sake let’s say it is actually making a meaningful difference. (It isn’t and won’t: TPM is flawed and has already seen demonstrations of exploits.) So we now have a platform that has locked out users based on OS version, hardware support (TPM), in addition to os. They are actively culling users that otherwise were viable customers. Smart.

Let’s expand on this outside the bubble: what os is growing rapidly in usage with gaming? Linux. Riot is actively making a shortsighted decision (historically this tracks) which will cause them grief in the long run. Remember: their games worked on these platforms prior to this decision. The support was all free labor done by the community. Let’s say they want to release a game that takes advantage of the handheld platforms that are rising in popularity- they now need two separate anti cheat systems. Oops. They now need to try to claw back the early adopters and free community support they burned. Good luck.. Factoring in the cost of limiting future flexibility and growth… I can only imagine the game experience must have improved 2-3x by the addition of this anti cheat … except it hasn’t. By their own admission: cheat developers move faster. Objectively? It was a terrible decision.

caustictrap ,

Linux is at 2 percent in the steam hardware survey, also 50 percent linux gamers in steam are steam deck users. That is not a big enough market and riot has more data than us and they are probably right.

yggstyle ,

Based on the increase since steamos became a thing - I would argue it is gaining momentum in a significant way. Based on hardware manufacturers interest in the steamdeck and similar products - I would suggest my views are not off base.

caustictrap ,

Handheld gamers doesnt contribute much to league of legends, which is a highly competitive mouse and keyboard focused game. And riot have data about the linux gamers who plays lol before anticheat update. So they are right to offer zero support. Also linux never had much support for popular liver service games like EFT, warzone, siege, fortnite.

yggstyle ,

The point I was making is riot isn’t just a league of legends company. They are a game company that is applying this anti cheat on their entire software suite. This decision cuts off future growth- which from a business standpoint is awful. That of course completely ignores the primary issue, which remains, the rootkit.

Highly competitive is… no more competitive than any other game… but on that subject their matchmaking was so poor they had to hide the ELO mechanic completely to mask the issues with it. The issues still exist of course… but just like this smokescreen masking the shortcomings in their anticheat… they are just less obvious.

edit: some words

weirdcarrotmonster , (edited )

let’s say it is actually making a meaningful difference. (It isn’t and won’t: TPM is flawed and has already seen demonstrations of exploits.)

I dare to say their solution is “good enough” to stop ordinary user from cheating - not to solve cheating problem entirely - it may be impossible - but to raise bar of cheating without getting banned

They are actively culling users that otherwise were viable customers. Smart.

They may lose some users who won’t play anymore because they won’t install rootkit, but keep those who would leave because of cheaters. Maybe their situation is dire enough so they would apply such drastic measures?

Let’s expand on this outside the bubble: what os is growing rapidly in usage with gaming? Linux. Riot is actively making a shortsighted decision (historically this tracks) which will cause them grief in the long run.

I mean, i’m all in for that, but year of linux desktop 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 2024 2025?

Linux is my favorite OS (i use arch btw) and i use it since… 2007, i think? But i sorta gave up on that belief - it’s a niche OS, and if gaming is ever coming to linux - it’s not coming to linux, it’s coming to ChromeOS or SteamOS.

To sum things up - i’m not saying rootkit anticheat is a good thing. It’s a solution to some problem, which people chose by comparing it to alternatives. Contrary to popular belief, CEOs don’t just sit around and think how to make players more miserable - those decisions are not made in one day. I’d drop a game if it forces me to install rootkit - i value my privacy more and i’d advice anyone to do the same. I’m just really annoyed by all the whining and comments “boohooo my favorite game developers suck and don’t value me enough”.

yggstyle ,

I dare to say their solution is “good enough” to stop ordinary user from cheating - not to solve cheating problem entirely - it may be impossible - but to raise bar of cheating without getting banned

The problem is that it isn’t raising the bar. Sure some low hanging collateral might be caught but in reality a department could easily fudge numbers (banrates) to justify a move to a new solution… and do. frequently. Speaking generally - this isn’t the days of download an exe and become 1337 like the old days. Hackers want to get paid. You sub to services which are monetarily motivated to stay ahead of a business which gains little from fighting on this front more than ‘good enough.’

They may lose some users who won’t play anymore because they won’t install rootkit, but keep those who would leave because of cheaters. Maybe their situation is dire enough so they would apply such drastic measures?

This wasn’t a dire situation. As long as league (or any online game) has existed there have been anti cheat mechanisms in place. And the best mechanism that has always existed was server side tracking with audits. Full stop. Clientside anything is a bandaid and this is no exception. If I were to speculate on the choice? This was the cheapest option available. Dress it up how you like… companies rarely go for correct options… they go for cheap ones.

I mean, i’m all in for that, but year of linux desktop … Linux is my favorite OS (i use arch btw) and i use it since… 2007, i think? But i sorta gave up on that belief - it’s a nieche OS, and if gaming is ever coming to linux - it’s not coming to linux, it’s coming to ChromeOS or SteamOS.

Lots has happened with Linux sure, but recently it is becoming considerably more mainstream and is gaining a critical mass on a relevant front: gaming. Linux is (generally speaking) free vs licensed oses like windows. Want a cheap gaming system? Steam is blazing a helluva path. Devs want bigger audiences - and more eyeballs. It would be foolish to disregard the growth in this sector.

Contrary to popular belief, CEOs don’t just sit around and think how to make players more miserable…

CSuites / Parent companies make money for themselves - because capitalism. Look no further than VMWare torching their userbase and salting the earth. Short term gains over long term longevity. Riot is not special here- they are being shortsighted.

weirdcarrotmonster ,

Look no further than VMWare torching their userbase and salting the earth. Short term gains over long term longevity. Riot is not special here- they are being shortsighted.

Hmm, good point. I’d argue that VMWare’s user base was more solvent (is that a right adjective? English is not my native language), but i don’t think this argument would be in my favor.

You sub to services which are monetarily motivated to stay ahead of a business which gains little from fighting on this front more than ‘good enough.’

And subscription costs too raise the bar to start cheating. Not everyone would pay to have upper hand in F2P game. Those who are willing to do it can be hand-picked by reports and manual review. We don’t know their “definition of done” in fighting cheaters - maybe decreasing number of cheaters by 80% is an acceptable result? Maybe those 20% of remaining cheaters can be accounted for as “really good players” - those exist too. That would solve the problem.

This wasn’t a dire situation. As long as league (or any online game) has existed there have been anti cheat mechanisms in place.

We both don’t know that, if we are being honest. If it wasn’t problem at all they probable wouldn’t have done anything at all - or they’d do something far cheaper. This is a speculation - i can be wrong about state of things.

Also,

Short term gains over long term longevity.

I think there is a shitty pattern — if everyone is making same bad decision (good short term, bad long term), it makes this decision not as bad as it would be otherwise. If you are the only one who is forcing players to install possibly-malicious software, you look really bad. But if every (or majority) of competitive multiplayer games requires it, this idea just doesn’t sound that bad. If you already have malware on your PC - what changes if you install another one?

KillingTimeItself ,

I’m currently working on bot detection for web resources - and trust me, it’s extremely hard to distinguish them from people without some client-side analysis. Sure, you can use behavioral analysis, but you need lots of data and, again, expertise in that. Okay, they have the data - thousands of games played daily. Have you ever seen job listing for “game patterns analyst for LoL”? Again, you have to find someone capable - highly payed experts, who will spend some time testing their theories, with no guaranteed success.

“How do you separate good players from cheaters? This low ranked player who just got his second pentakill - is he cheating or smurfing? This weird behaviour - is it because of missing fog of war or are they just communicating over voice chat?”

90% of cheating that is incredibly annoying, that most people tend to be fed up with, is inherently obvious. You get rid of that shit and if someone is within the 99% percentile, then honestly, who gives a fuck, let them try hard.

onlinepersona ,

Solution is easy: don’t play LoL 🤷

Anti Commercial-AI license

merthyr1831 ,

Kernel anticheat is just like gaming piracy, where developers are constantly fighting ghosts rather than tackling the social issues that encourage the behaviours they want to avoid.

SitD ,

there are no social issues you can ever fix to be found here. give a 11 year old an auto-win button for counter strike that he can press whenever he loses a single round and feels his pride hurt - he’ll press it.

i think that anti cheats display a disrespect to the customer, because in an ideal world he should then run two computers instead of one. one for online banking, the other one for every company’s favorite rootkit with questionable maintenance.

the only way out, in my view, is going to server side ai cheat detection.

merthyr1831 ,

But my point is: What makes that player want to push the “auto win” button? There are lots of games with cheating, but also many more that dont suffer nearly as much from cheating, if at all.

Competitive games, especially ones that lean towards eSports and “real prizes” are going to have some incentive to cheat, but even in this genre there’s games known for cheats and others that have better reputations. The question is what game design decisions can improve the urge of players to seek cheats in the first place.

LiveLM ,

and the difficulty in securing it is only compounded by all the frustrating differences between distributions.

You DO NOT get to bitch about dIfFeReNcEs while you’re writing rootkits. Fuck off.

Rustmilian ,
@Rustmilian@lemmy.world avatar

yesterday, there were just over 800 Linux users on League.

And how many of them were cheating? ರ⁠_⁠ರ

DaTingGoBrrr ,

And Vanguard is already being bypassed by using external tools. IIRC I saw a video about it where the cheater had the hack running on a completely separate computer.

pandacoder ,

The number would be higher too, I doubt I was the only one who stopped playing months ago when Vanguard was supposedly going to be implemented imminently.

yggstyle ,

You and me both.

Fun fact: you could get an account locked in under an hour if you used a command line to close the league client. Not powershell - just good ol cmd. No reports needed. Reproduced it 4 times in 2 days… Lots of fun emails with initially the support teams and then the devs. Apparently “taskkill” is the most nefarious cheat known to the gaming industry.

A grade schooler with a “learn programming in 24 hours” book could probably produce better cheat detection.

Rustmilian ,
@Rustmilian@lemmy.world avatar

WINE
Is
Not
(an)
Emulator

okamiueru , (edited )

What makes you think they are referring to Wine in that particular case, and not the emulation of the kernel level anticheat on userland? It’s also arguably not an entirely correct use of the word there either, but it’s fine.

Rustmilian , (edited )
@Rustmilian@lemmy.world avatar

What makes you think they are referring to Wine in that particular case.

Them talking about Lutris and Wine in that same paragraph and using the phrasing “even allowing” implying it’s what they’re currently doing. But looking again, you’re right. They were referring to VMs.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • [email protected]
  • random
  • lifeLocal
  • goranko
  • All magazines
    •