Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
Quasar

Kernel-mode anticheat is a huge nope

Recommended Posts

Just because only a few people complain, doesn't mean that there isn't a problem. It's been literal decades since the primary writers of malware were just jokers and wreckers doing it for a laugh, these days it's overwhelmingly employed by criminal gangs and government agents. So that means that it's intended to be way more subtle. A machine that has been compromised without the operator noticing is a good candidate for a botnet.

Denuvo's DRM is a heap of garbage, so it's hardly a stretch to look at their anti-cheat products with suspicion as well. Extending the benefit of the doubt to amoral profit-seeking entities that see ethics as a stumbling block rather than a guide, is at best naive and at worst will get you into some kind of trouble.

Share this post


Link to post
2 minutes ago, NoXion said:

Denuvo's DRM is a heap of garbage

 

Not at all? Take a look at how Denuvo-DRM is doing nowadays. No performance impact and games are uncracked for months. If this anti-cheat is just as competent, then I take it. I hope it does prevent cheating fully. We'll see if that is really the case but if it does, then I would even like to have this in any multiplayer game. 

Share this post


Link to post
23 minutes ago, Lampenpam said:

 

Not at all? Take a look at how Denuvo-DRM is doing nowadays. No performance impact and games are uncracked for months. If this anti-cheat is just as competent, then I take it. I hope it does prevent cheating fully. We'll see if that is really the case but if it does, then I would even like to have this in any multiplayer game. 


I mentioned nothing about the performance of the games or how soon they get cracked. Of course people are going to complain if their game's performance is shoddy, so that kind of thing is the squeaky wheel that gets the grease. But if people aren't complaining about security issues because they're not aware of them, then how will Denuvo know to fix them?

My concerns are based entirely around the security of user's machines. It's absolutely terrible security practice to allow a third party that level of access. Especially for something as trivial as a video game.

Share this post


Link to post
1 hour ago, Lampenpam said:

And 2016 did have hackers, it wasn't fine.

 

Kind of pointless to mention this though - what MP game doesn't have cheaters...

 

Welp, I guess it's a good thing I can't run the game then, no way this DAC garbage is touching my machine, no thanks.

Share this post


Link to post

Given this news I'm very concerned about running Doom Eternal again. Is it possible to run it without this crap?

Share this post


Link to post

Personally I don't have a very good PC so I can't install Doom Eternal anyways (I mean I can, but its probably gonna run at like 5 fps) but that's still fucking nuts.wad that there is such an anti-cheat that literally slows the game down. Bethesda/Id could have just scripted an anti-cheat themselves and only make it run during multiplayer. Of course it wouldn't have been perfect, but at the same time it's almost impossible to have no players cheating, because where there is competition, there is cheating. I guess they were just too lazy to make their own anti-cheat that would not have fucked up the frame rate like Denuvo's.

Share this post


Link to post
2 minutes ago, Roebloz said:

but that's still fucking nuts.wad

 

Someone nominate this man for the best new(?) Doom expression of 2020 (even though nuts.wad is from 2001, but whatever....).

Share this post


Link to post
1 hour ago, Graf Zahl said:

I've also stopped using third party AV because these companies give me zero reason to trust them.

 

...you're running 8.1 without any AV software boss?

 

Please don't tell me you fell for the "you don't NEED an AV" crap. For those that unironically believe this, I'd refer them to this video (Leo works for Emsisoft, so it's not a random guy rambling).

Share this post


Link to post

Well, there are still people who like to do the software equivalent of poz pigging or "ridin' the Net bareback", who are we to judge them?

Share this post


Link to post
13 minutes ago, seed said:

...you're running 8.1 without any AV software boss?

Afaik he uses Windows Defender.

Share this post


Link to post

Thanks for the heads-up, it never hurts to have less bloatware in you PC. It still allowed me to run Battlemode tutorial even though I uninstalled Denuvo, maybe it would block me when I tried to play with actual people?

 

Anyway, there are some good news, too: the annoying underwater/slime passages are easier now and they amped the Microwave plasma mod (though honestly it's still mostly useless):

 

https://slayersclub.bethesda.net/en/article/2zHgbzsIV8gTzFUZ75ADGx/update-1

 

The Dash Hold option didn't work for me at first, I had to switch it off and on.

Share this post


Link to post
Just now, Caleb13 said:

Thanks for the heads-up, it never hurts to have less bloatware in you PC. It still allowed me to run Battlemode tutorial even though I uninstalled Denuvo, maybe it would block me when I tried to play with actual people?

If you ran the game, the anti-cheat reinstalled itself. Check your program list in control panel or whatever Microsoft calls it these days.

Share this post


Link to post
10 minutes ago, Maes said:

Well, there are still people who like to do the software equivalent of poz pigging or "ridin' the Net bareback", who are we to judge them?

 

God, did we really need that comparison? Especially when he's probably pretty selective about what he puts on his machine, given the 'modern games' post.

Share this post


Link to post
Just now, Cacodemon345 said:

Afaik he uses Windows Defender.

 

Indeed. And it's a lot less problematic than any of the commercial solutions.

In any case, the value of AV software is grossly overrated if you exercise a little bit of caution. Over the last 5 or so years I only got one alert and it was for a file where I expected nothing else - some self extracting archive that came from a warez site.

 

On the other hand the last 3 commercial AV solutions I tried all issued countless false positives and preemptively quarantined harmless files, breaking some software in the process.

 

Share this post


Link to post
5 minutes ago, Cacodemon345 said:

Afaik he uses Windows Defender.

 

Ah right, I forgot 8.1 did have Defender.

 

BUT, and that's a big "but", Defender on 8.1 =/= 10. It has zero of the enhancements it received on 10 where it's now finally a proper AV, but on 8.1 it's still the pathetic garbage that Security Essentials was. As good as running an OS without any protection. Both the detection ratio and its reactive protection are a total joke.

 

@Graf Zahl "In any case, the value of AV software is grossly overrated if you exercise a little bit of caution." - Yes, no AV will keep you safe if you exercise absolutely no common sense at all, but you still need one, especially on an OS like 8.1. You have disappointed me boss.

Share this post


Link to post

Still better than installing a rootkit from a questionable source. All AV solutions I tried are unreliable and unstable bloatware that only exist to coerce people into buying the "real deal" which doesn't offer any more real protection.

 

If you ask me, AV ist one of the biggest pieces of snake oil ever devised.

 

Share this post


Link to post
51 minutes ago, Graf Zahl said:

I haven't looked deeper into it, but installing invasive software without explicit consent is a felony in some jurisdictions, no idea if this falls under it,

Well, this all depends on whether you get the Windows confirmation box that you really want to install the driver. That's the consenting stage. 

Share this post


Link to post

Whether that box's information is sufficient to inform about the risks is very debatable.

Share this post


Link to post
1 hour ago, NoXion said:

Given this news I'm very concerned about running Doom Eternal again. Is it possible to run it without this crap?

 

If you haven't let the files update yet, you could probably move the installation folder out of your Steam or Bethesda library folders, that way they couldn't auto update. Should probably work for the Steam version at least.

 

**Doesn't seem to work for Bethesda version- see Caleb13's post below.

Edited by Smouths

Share this post


Link to post
4 minutes ago, Graf Zahl said:

Still better than installing a rootkit from a questionable source. All AV solutions I tried are unreliable and unstable bloatware that only exist to coerce people into buying the "real deal" which doesn't offer any more real protection.

 

If you ask me, AV ist one of the biggest pieces of snake oil ever devised.

 

Yeah, can't argue with the first sentence.

 

I can see where you're coming from, I myself have switched like 3 AVs over the years - BTW avoid Avast/AVG solutions at all costs, they are not to be trusted -, mostly because they just... broke eventually and started more processed than necessary, then leaked memory. They're also known to cause issues with upgrades sometimes, although I have been lucky there.

 

But with all the ransomware and security concerns today, staying online without any protection is kind of an extreme sport. No amount of common sense is nearly enough to protect you from a random attack or malware downloaded from trusted sources as a result of an attack, and when it happens, accidentally or otherwise, it will fucking suck... Besides, premium solutions can add an extra layer of protection - most come with a Firewall for instance -, but free versions are quite comprehensive nowadays too, so it might be an extra benefit, but not an absolute must.

 

I would advise against cultivating this sort of dangerous mindset, but whatever floats your boat I guess...

 

21 minutes ago, Quasar said:

If you ran the game, the anti-cheat reinstalled itself. Check your program list in control panel or whatever Microsoft calls it these days.

 

Control Panel & Settings app on 10, there's 2 CPs now :D .

 

And the traditional CP likely can't be retired - cost of compatibility with old/certain software me thinks. It's hilarious, I know, but W10 has always been a comedy in some respects - wait til you see how Start looks with tiles nowadays on 1909/2004! MS is slowly rolling out new icons for the apps which no longer change their background color depending on your settings as part of their plan on eventually removing tiles, the last legacy of Win 8/8.1, but we first need to deal with this colorful nonsense since they never roll anything at once, and completely. My Start tiles are now a rainbow - old apps with purple background from my settings, new ones with blue, some of which have a gray one such as OneDrive, every single Office app has its own color, and more :D :D . Although an update that is yet to roll out more widely changes all Office apps to a gray background.

 

Who said W10 isn't fun?

Share this post


Link to post

So the unusual lag and poor frame rate I experienced yesterday are from this anti-cheat? not acceptable at all

Share this post


Link to post
6 minutes ago, Smouths said:

 

If you haven't let the files update yet, you could probably move the installation folder out of your Steam or Bethesda library folders, that way they couldn't auto update. Should probably work for the Steam version at least.

I tried this in Bethesda, but "not letting the files to update" is not enough. Once the Bethesda Launcher knows about the new update, it will force it (you won't be able to run the game without it). And it will know about it as soon as you run it. Theoretically, it would work if you had the prescience to disable the auto-updates for the game before the update went live, but of course it's too late for that now. Maybe you could "hack" the BL config files to disable the auto-update without running it and make it "forget" about the update, though.

Share this post


Link to post
16 minutes ago, seed said:

But with all the ransomware and security concerns today, staying online without any protection is kind of an extreme sport. No amount of common sense is nearly enough to protect you from a random attack or malware downloaded from trusted sources as a result of an attack, and when it happens, accidentally or otherwise, it will fucking suck... Besides, premium solutions can add an extra layer of protection - most come with a Firewall for instance -, but free versions are quite comprehensive nowadays too, so it might be an extra benefit, but not an absolute must.

 

I do not download unknown stuff outside a sandbox, I certainly do not install such software, but for me the best protection against drive-by infections from the web is still using NoScript and other web blockers.

 

 

16 minutes ago, seed said:

I would advise against cultivating this sort of dangerous mindset, but whatever floats your boat I guess... 

 

Just read this. I came to the same conclusion a long time ago:

https://www.theregister.co.uk/2016/11/17/google_hacker_pleads_try_whitelists_not_just_bunk_antivirus_ids/

 

 

 

 

 

Share this post


Link to post
2 minutes ago, Graf Zahl said:

I do not download unknown stuff outside a sandbox, I certainly do not install such software, but for me the best protection against drive-by infections from the web is still using NoScript and other web blockers.

 

True, it's saddening how... bloated the websites are these days, and how poorly written are some of them... I see this every day when I switch to phone, everything is ad-infested garbage now... Certainly wouldn't browse without one of those either...

 

I'll read that later.

Share this post


Link to post

I'm not happy about this. It would be ok for me if it only starts on MP, but by now it looks like its always there.

 

Has Bethesda ever considered people use their PCs for their work, banking and other critical tasks? I hope someone sues them to hell for installing ring-0 / kernel drivers. Are you expecting me to do all my other stuff in sandbox environments because you think it's a good idea to install kernel drivers for everybody, even those who don't play the multiplayer game?

 

And when Bethesda reads this: I bought the deluxe edition on cdkeys (it was $40 cheaper than in other stores). And I'm proud of it, because this patch proves that you don't deserve my money or my trust.

 

I will never by a full price game from Bethesda again. Trust is hard to earn but easy to lose.

Share this post


Link to post
1 hour ago, seed said:

 

...you're running 8.1 without any AV software boss?

 

Please don't tell me you fell for the "you don't NEED an AV" crap. For those that unironically believe this, I'd refer them to this video (Leo works for Emsisoft, so it's not a random guy rambling).

You really don't.  I've been building pcs for two decades and not a single pc I've built has been affected by malware or viruses, unless I did something stupid.  If the user isn't an idiot or just uneducated they won't get viruses.  In every case I've attempted to use any AV it will completely degrade my windows install over time and cause really weird issues that are hard to track down.

Share this post


Link to post

But speaking of Bethesda, do we actually know for sure they were the ones to shove it down people's throats?

 

This initiative still surprises me since it goes completely against what happened with 2016, which, after the last update it received, had all the DRM removed.

 

2 minutes ago, Flesh699 said:

You really don't.

 

And with that, I rest my case.

Share this post


Link to post
23 minutes ago, seed said:

This initiative still surprises me since it goes completely against what happened with 2016, which, after the last update it received, had all the DRM removed.

 

Supposedly Zenimax had a massive increase in investors/investment money around 2017 or so, which possibly explains a lot of their more recent behavior. There are a few half-decent video essays on youtube about it- though I haven't researched it myself.

 

Unfortunately, I'm increasingly doubtful that new-id is nearly as autonomous from them as a lot of us initially hoped.

Edited by Smouths

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×