> Since cheat authors will not be able to get their drivers signed by Microsoft
Why not? Presumably Microsoft will decline if you say outright "this is for cheating", but if you make a kernal driver that happens to have a feature for executing commands from user space for a benign reason, i don't think they would decline to sign it. There are a few million windows drivers, there are plenty of situations where a weirdly specific driver has a valid use case.
OneDeuxTriSeiGo · 2m ago
Windows is beginning to enforce quite strong kernel mode address space isolation and security. They've also started cracking down on drivers to the point of effectively banning all printer drivers (unless you disable a bunch of security settings with big warnings on them), instead pushing those printer companies to shift entirely to Microsoft's native IPP everywhere driver.
dist-epoch · 8m ago
If you succeed, some anti-cheat company will eventually detect it and Microsoft will ban the driver. And not sign further ones.
OneDeuxTriSeiGo · 1m ago
And of course Windows 10 on include a retroactive driver blacklist and it's nontrivial to disable it.
strstr · 1h ago
Cheating will slowly look more and more like trying to hack your own machine.
Secure Boot+TPM combined with decent firmware will make cheating a lot harder. If the firmware ensures random devices don’t get BME set before the IOMMU is properly, attestably, configured, you are basically now stuck looking for bugs in the TPM and UEFI if you want to shove yourself beneath the OS unnoticed. These are full of bugs, so that will work for a while, until it doesn’t.
Popping windows will probably work for some time, but HVCI will make this a pain once ubiquitously required.
And you have to do all of this while also not being detected for aberrant behavior. Eventually, the analog hole might end up being easier, lol.
themafia · 46m ago
> will make cheating a lot harder.
It can never make it impossible.
> These are full of bugs, so that will work for a while, until it doesn’t.
You're forgetting that vendors have to implement this into a pretty complicated system already and that configuration space is constantly changing due to new CPUs and other hardware coming into existence. There will always be holes due to emergent configuration and implementation issues.
> but HVCI will make this a pain once ubiquitously required.
Then there will be new pressure to get at the underlying keys that protect the system. When you consider the size of the keys vs. the size of the reward for liberating them it's obvious how this is going to play out.
> And you have to do all of this while also not being detected for aberrant behavior
For tournaments I don't understand the problem. Every other modern non computer based sport has this issue. They understand they can't be perfect, and any attempts to do so would ruin the nature of the competition itself, so you're better off recording as much data, video and audio from the player as you possibly can. That way if there are any accusations later you have the data to consider them.
This is a race to a corporate controlled future for no particularly good reason.
dist-epoch · 2m ago
> When you consider the size of the keys vs. the size of the reward for liberating them it's obvious how this is going to play out.
It's not. The keys for XBox were kept safe for more than a decade now. And not for lack of trying.
mjg59 · 1h ago
Which OSes are actually imposing DMA restrictions on internal cards? That feels like something that would impose noticeable overhead, but I guess I can imagine a special mode that enforces this for competitive gaming...
kbolino · 1h ago
It's not a global on-off switch. With a proper IOMMU, the hypervisor/operating system can lock out specific devices from DMA access, or confine them to specific address ranges.
strstr · 41m ago
Allegedly some of the anticheats are configuring the IOMMU through Windows APIs (vanguard, faceit, and a smattering of chinese anticheats). It’s hard to find good public information though. They do some mix of blocking access and deliberately leaving some pages as bait (and monitoring iommu d-bits/faults)
hbosch · 1h ago
I am not sure Secure Boot, TPM, or kernel-level anti-cheat still manage to accurately detect hardware with direct memory access. DMA hardware can still circumvent all of these things, and they only cost a few hundred bucks. The question in my mind remains: why would you pay ~$300 for DMA hardware and then ~$10-100+/month for an active private cheat? Is it worth it to look cool online to random strangers before you eventually get algorithmically detected or mass-reported and manually banned, just to create a new account and start all over? Even for those cheaters who buy high level accounts, what is the endgame of spending all that money and recycling the process?
chc4 · 1h ago
If you have a secure and attested boot chain, then anti-cheats can also start depending on things like DMA protection[1] to be enabled or other CPU features to protect against rogue hardware doing DMA attacks. At the professional level tournaments are already whitelisting what hardware is allowed for competitor machines - I doubt that they'll start doing that for the average joe gamer lobbies anytime soon, but they do have the option to start blocking people who have anomalous PCIe DMA mappings etc. and steadily raise the bar.
Isn't DMA defeated by IOMMU? I assume Windows 11 has IOMMU on.
LocalH · 1h ago
Competitive gaming can be serious business. For example, in Fortnite, the top player in each major region can receive between $27k and $180k from the FNCS tournament, depending on the region.
dist-epoch · 6m ago
It is possible to prevent DMA attacks with encrypted memory/confidential computing. Just like you can run secure VMs that the host can't mess with.
People pay more than $300 for cheats, some are sold in the $1k+ range
sdairs · 1h ago
Sadly, for the people who cheat, it is, indeed, worth it. :/
trod1234 · 1h ago
There will be people that cheat regardless of what any game company can do. Racing to the edge is not the way to stop this.
If you haven't noticed, these solutions create the platform to both test, and control your digital life without your knowledge following a classic surrogate/hegelian pattern. How much do you trust the credibility of entities behind these game companies. Would you trust them with your life?
This should be carefully considered food for thought for anyone that values their future.
polotics · 1h ago
could you enlighten us by explaining what you mean by: a classic surrogate/hegelian pattern.
ps. on such nonstandard posts I check out previous posts by the same author. your writing style is quite something, are you misunderstood often?
devmor · 1h ago
It’s not a profit/loss evaluation. The people doing this have money to waste. It’s the same as spending money to go out drinking to them.
gausswho · 1h ago
Can't help but feel like this is Microsoft leaning on devs to make the general PC multiplayer gaming experience so onerous that they'll choose to get an XBox instead.
seanhunter · 19m ago
Microsoft’s corporate strategy is almost the exact opposite of this though. It’s that “everything is an Xbox” ie they are massively shifting away from the special-purpose hardware to anything being an xbox if it runs windows. I would be somewhat surprised if microsoft-made consoles even exist in a generation or two’s time.
thewebguyd · 1h ago
Been wondering that myself. The kernel level anti-cheat has gone so far, it's all an attempt to turn an untrusted platform (someone's computer) into a trusted execution platform (a console).
I don't like it, the idea of software mandating a very specific computing environment or else it refuses to run. It takes agency away, and will bleed into other types of software beyond just games (which we already see on mobile).
I like gaming on PC, but I will continue to refuse to install/play any game that requires this level of anti-cheat. There has to be a better way than forcing users to install what is effectively a rootkit to play.
jakebasile · 1h ago
I'm convinced it is as well. It also stops these very popular games from running on Linux which is finally mounting a concerted push into PC gaming thanks to Valve.
firesteelrain · 1h ago
What prevents crackers from bypassing the TPM check?
bpye · 1h ago
For online/multiplayer features the server could require a valid TPM quote - this is mentioned in the article.
firesteelrain · 1h ago
Ok I didn’t understand
bigyabai · 1h ago
It doesn't matter. The new Battlefield was hacked within 24 hours of the beta using the same DMA GPU-spoofing hardware you could buy from China for the past decade. It's not a palatable notion, but you cannot really have PC gaming without some level of cheating taking place.
TGower · 2m ago
It's less about upfront prevention and more about removing cheaters from the playerbase over time. TPM hardware ban means you'll have to buy a new CPU in addition to a new copy of the game in order to play again after getting caught cheating.
jakebasile · 1h ago
The solution existed starting in the late 90s through the early 2010s. You have a server browser with community run servers who are administered by people who play on the server. Admins notice cheating, the cheater gets banned. You find a server that you like and it turns into an ad hoc community.
Of course that doesn't maximize shareholder value the way skill based matchmaking or revenue based matchmaking does. So the incentives are again misaligned between devs and players, so nothing will get solved.
kbolino · 24m ago
> The solution existed starting in the late 90s through the early 2010s [...] the cheater gets banned.
This attitude also reflects the naivete of the 1990s. You can't ban a person. You can ban an IP, you can ban "all known Tor exit nodes" or "all known VPNs" or "all known public cloud IPs", you can ban whole countries by IPgeo, you can ban anything somebody has to provide to log in (an email address, a phone number, a credit card number, etc.), but these can all be evaded. The only truly effective banning tools are private, invite-only servers or reputation/incentive systems where the cheater loses something really valuable that a ban evasion can't recover.
mjevans · 7m ago
It depends on how the community's web of trust is setup.
Need to go in person to a meetup to get your account on the allow list? Better have real good fake ID to avoid a person ban.
Yasuraka · 5m ago
Why ban IPs or emails if you've got a perfectly valid user ID tied to a >60 bucks license.
stoltzmann · 10m ago
>but these can all be evaded
And then they'll be banned again and again.
There's only a limited amount of IPs available to cheaters, it won't be long before they burn through all of them.
dark-star · 54m ago
Can you not simply enroll your own keys in your TPM and still boot with custom-signed drivers that circumvent all this? I mean, yeah, it's a lot more work but it would still work I guess?
gizmo686 · 36m ago
This is where measured boot and remote attestation come in. You can run whatever software you like; but will only be able to attest to running what you're at actually running (baring an attack on the TPM or some other trusted component earlier in the chain).
The remote game server would then need to decide if it wants to let you connect given your inability to attest to running a trusted configuration.
I've seen this setup work in very controlled conditions. But given how diverse the ecosystem is, someone is going to put out a buggy system, and too many legitimate users will buy it for most games to be willing to blacklist it.
strstr · 40m ago
That’s not intended to be possible for any reasonable TPM with a trustworthy ekcert.
neilv · 2h ago
This is another way for cheaters to screw over everyone.
Why not? Presumably Microsoft will decline if you say outright "this is for cheating", but if you make a kernal driver that happens to have a feature for executing commands from user space for a benign reason, i don't think they would decline to sign it. There are a few million windows drivers, there are plenty of situations where a weirdly specific driver has a valid use case.
Secure Boot+TPM combined with decent firmware will make cheating a lot harder. If the firmware ensures random devices don’t get BME set before the IOMMU is properly, attestably, configured, you are basically now stuck looking for bugs in the TPM and UEFI if you want to shove yourself beneath the OS unnoticed. These are full of bugs, so that will work for a while, until it doesn’t.
Popping windows will probably work for some time, but HVCI will make this a pain once ubiquitously required.
And you have to do all of this while also not being detected for aberrant behavior. Eventually, the analog hole might end up being easier, lol.
It can never make it impossible.
> These are full of bugs, so that will work for a while, until it doesn’t.
You're forgetting that vendors have to implement this into a pretty complicated system already and that configuration space is constantly changing due to new CPUs and other hardware coming into existence. There will always be holes due to emergent configuration and implementation issues.
> but HVCI will make this a pain once ubiquitously required.
Then there will be new pressure to get at the underlying keys that protect the system. When you consider the size of the keys vs. the size of the reward for liberating them it's obvious how this is going to play out.
> And you have to do all of this while also not being detected for aberrant behavior
For tournaments I don't understand the problem. Every other modern non computer based sport has this issue. They understand they can't be perfect, and any attempts to do so would ruin the nature of the competition itself, so you're better off recording as much data, video and audio from the player as you possibly can. That way if there are any accusations later you have the data to consider them.
This is a race to a corporate controlled future for no particularly good reason.
It's not. The keys for XBox were kept safe for more than a decade now. And not for lack of trying.
1: https://learn.microsoft.com/en-us/windows/security/hardware-...
People pay more than $300 for cheats, some are sold in the $1k+ range
If you haven't noticed, these solutions create the platform to both test, and control your digital life without your knowledge following a classic surrogate/hegelian pattern. How much do you trust the credibility of entities behind these game companies. Would you trust them with your life?
This should be carefully considered food for thought for anyone that values their future.
ps. on such nonstandard posts I check out previous posts by the same author. your writing style is quite something, are you misunderstood often?
I don't like it, the idea of software mandating a very specific computing environment or else it refuses to run. It takes agency away, and will bleed into other types of software beyond just games (which we already see on mobile).
I like gaming on PC, but I will continue to refuse to install/play any game that requires this level of anti-cheat. There has to be a better way than forcing users to install what is effectively a rootkit to play.
Of course that doesn't maximize shareholder value the way skill based matchmaking or revenue based matchmaking does. So the incentives are again misaligned between devs and players, so nothing will get solved.
This attitude also reflects the naivete of the 1990s. You can't ban a person. You can ban an IP, you can ban "all known Tor exit nodes" or "all known VPNs" or "all known public cloud IPs", you can ban whole countries by IPgeo, you can ban anything somebody has to provide to log in (an email address, a phone number, a credit card number, etc.), but these can all be evaded. The only truly effective banning tools are private, invite-only servers or reputation/incentive systems where the cheater loses something really valuable that a ban evasion can't recover.
Need to go in person to a meetup to get your account on the allow list? Better have real good fake ID to avoid a person ban.
And then they'll be banned again and again. There's only a limited amount of IPs available to cheaters, it won't be long before they burn through all of them.
The remote game server would then need to decide if it wants to let you connect given your inability to attest to running a trusted configuration.
I've seen this setup work in very controlled conditions. But given how diverse the ecosystem is, someone is going to put out a buggy system, and too many legitimate users will buy it for most games to be willing to blacklist it.