Kernel-mode anticheat is a huge nope

[LexiMax]

5 minutes ago, Cacodemon345 said:

This contradicts with what you said about that Rainbow Six Siege video. 

 

Can you please point out the contradiction?  I assure you that I'm not trying to jerk you around, and I know better than to try and "win" an internet argument, so I don't have any personal stake in being deceptive or anything.

[scalliano]

The argument used to be, "don't preorder games". Now the argument is, "don't buy games on PC until at least six months to a year after release and then make damn sure you do your homework before you do". I am sick, sore and tired of this relentless bait-and-switch tactic employed by publishers and will be rethinking how I purchase games in the future. Live service games have become a cancer on the industry, to the point that even single-player campaigns are no longer immune.

 

@AlexMax: The surreptitious post-release addition of software that can potentially become a security exploit for the end-user is NOT pro-consumer. I don't play multiplayer. Having a rootkit on my PC that could open the door to hackers is a net negative. Valorant is already rife with cheaters, despite Vanguard being kernel-level, meaning that such intrusive software is nothing more than a liability with no real benefit. No one is complaining about the existence of anti-cheat in and of itself. The issue comes from having an invasive, OS-level program that nobody asked for creating a possible backdoor for malicious actors, or even just causing havoc on a local level as happened to me.

 

I thought Bet On Soldier was a decent shooter. What I didn't realise until it was too late was that it was slowly killing my PC, resulting in ever-increasing BSoDs and hard locks, crippled optical drives (even replacement drives wouldn't work), ultimately arriving at the point where even a full reinstall of Windows couldn't fix anything because the hardware damage had been done. That was six months of my life and I'm damned if I'm going through that again.

[Foebane72]

17 minutes ago, Oplexitie said:

I'd argue that this instance of anti-cheat was anti-consumer. Like a couple of people have said (including me), Bethesda waited two months before adding this to Doom Eternal, most people that don't like this type of anti-cheat won't be able to get a refund anymore, and are forced to download the anti-cheat for the game to run, effectively locking them out from the game they bought.

 

That is certainly exactly why they waited, I'm absolutely sure of it. FUCK Bethesda, this is the last game I ever buy from those money-grabbing bastards.

 

[LexiMax]

13 minutes ago, scalliano said:

The surreptitious post-release addition of software that can potentially become a security exploit for the end-user is NOT pro-consumer

 

You are right, of course.  I too think that adding anti-cheat without warning that is active even in the single-player is a flawed implementation that should be rectified, and you are well within your rights to ask for your money back if it bothers you.

 

15 minutes ago, scalliano said:

Valorant is already rife with cheaters, despite Vanguard being kernel-level, meaning that such intrusive software is nothing more than a liability with no real benefit

 

In my book, Valorant's anti-cheat is bad because it starts on boot and runs all the time until you turn it off from the tray, not because it's merely kernel-level.

 

An assertion that it is a liability with no real benefit, however, defies common sense.  Without it, it would almost certainly be an order of magnitude worse.  I admit it was a bit amusing to see their how thoroughly they underestimated cheat-makers.

[Kristian Nebula]

I've also uninstalled the game until further notice, and along with it the DAC too. Won't reinstall the game until they've fixed this issue. I bought the CE so I put in quite a bit more buck than most, and being the crazy fan of Doom Eternal that I am, the CE was late for FIVE days due to delivery issues because of the beer cold pandemic so because of that I also purchased the game on Steam to be able to start playing on March 20th. I've spent a good 190 hours on it before this debacle, quarantine time well spent indeed. 

I won't have anything that will put the integrity of my music making / sound design computer at risk installed on it ever. If I get some answer from F-Secure about the .SYS file I sent them to be investigated I will tell their comments here too.

[Edward850]

1 hour ago, scalliano said:

despite Vanguard being kernel-level, meaning that such intrusive software is nothing more than a liability with no real benefit.

If Vanguard has a liability, you can report it and receive mad stacks. https://hackerone.com/riot/

 

I wonder if anyone has actually found anything yet, though. 

[chemo]

I don't necessarily think that the decision to implement anti-cheat post-launch was of ill-intent. There are various reasons why this could've happened beyond Bethesda being "afraid" of launch-day backlash and subsequent lost sales. It's possible that Id couldn't get the implementation ready for the game's launch, or that the anti-cheat itself wasn't finished yet. Not to mention, with similar solutions such as BattlEye and Easy Anti-Cheat being used in nearly every popular modern multiplayer game without significant backlash or exposed security vulnerabilities as far as I can tell, Denuvo Anti-Cheat operating at kernel-level probably wasn't of much concern.

 

That being said, these cheating measures should be rolled back ASAP so Id can assess the situation. My suggestion would be to add an anti-cheat-free executable that lacks multiplayer functionality, though if possible taking measures beyond that would be appreciated.

Edited May 16, 2020 by chemo

[SulfurOccult]

Its unfortunate that they went this route. I've never noticed any cheating in Battlemode anyway so I don't see the need.

Not like I'm going to quit playing Eternal or uninstall it though.

[Dark Pulse]

17 minutes ago, chemo said:

I don't necessarily think that the decision to implement anti-cheat post-launch was of ill-intent. There are various reasons why this could've happened beyond Bethesda being "afraid" of launch-day backlash and subsequent lost sales. It's possible that Id couldn't get the implementation ready for the game's launch, or that the anti-cheat itself wasn't finished yet. Not to mention, with similar solutions such as BattlEye and Easy Anti-Cheat being used in nearly every popular modern multiplayer game without significant backlash or exposed security vulnerabilities as far as I can tell, Denuvo Anti-Cheat operating at kernel-level probably wasn't of much concern.

 

That being said, these cheating measures should be rolled back ASAP so Id can assess the situation. My suggestion would be to add an anti-cheat-free executable that lacks multiplayer functionality, though if possible taking measures beyond that would be appreciated.

We can all generally tell that this wasn't done with ill intent, but basically, to solve one problem they allowed for the potential of a much, much bigger problem as soon as their security is breached.

 

To paraphrase a wise old musician, a kernel-mode anticheat is the equivalent of treating dandruff by decapitation.

[Edward850]

9 minutes ago, SulfurOccult said:

I've never noticed any cheating in Battlemode anyway so I don't see the need.

Well here it is, be blind no longer:

 

[Gokuma]

I've said with Doom 2016's small pool of multiplayers the cheaters are basically peeing in their own bowl of soup.   I'll say it again for this.

[BluePineapple72]

4 minutes ago, Edward850 said:

Well here it is, be blind no longer:

 

Typical hacker. Despite cheating, he's showing a horrible lack of ability here. Most hackers won't stand a chance at even the best of players in their respective games. Great players (of any game) know the game well enough that they can fuck over almost any hacker (except for godmode/crazy aimbot hackers); the fact that Mr.Slayer loses two rounds to non-hackers shows this. There are plenty of old tf2 videos out there of great players rubbing their balls on the faces of hackers. Hacking can't make up for poor strategy.

[chemo]

44 minutes ago, Dark Pulse said:

We can all generally tell that this wasn't done with ill intent, but basically, to solve one problem they allowed for the potential of a much, much bigger problem as soon as their security is breached.

 

To paraphrase a wise old musician, a kernel-mode anticheat is the equivalent of treating dandruff by decapitation.

I didn't say that these methods were justified, that people's concerns hold no importance, or Bethesda doesn't deserve repercussions; I've already said in my previous post that they need to reverse these changes. I just think some people here and elsewhere are too quick to come to the conclusion that this was done to deliberately deceive paying customers.

[Dark Pulse]

11 minutes ago, chemo said:

I didn't say that these methods were justified, that people's concerns hold no importance, or Bethesda doesn't deserve repercussions; I've already said in my previous post that they need to reverse these changes. I just think some people here and elsewhere are too quick to come to the conclusion that this was done to deliberately deceive paying customers.

I don't think they deliberately intended to deceive either, although some people will certainly make that argument.

 

That still doesn't take away that this is an absolutely boneheaded decision, and that a system's actual security should not be the thing you put at risk just to make cheating in an online game a little bit harder.

 

Whether they intended to deceive or not, it's an absolutely braindead move.

[LexiMax]

55 minutes ago, Gokuma said:

I've said with Doom 2016's small pool of multiplayers the cheaters are basically peeing in their own bowl of soup.   I'll say it again for this.

 

They don't care.  The moment that playerbase dries up for that game, they will happily move on to another game to ruin.

 

51 minutes ago, BluePineapple72 said:

Great players (of any game) know the game well enough that they can fuck over almost any hacker (except for godmode/crazy aimbot hackers);

 

This is a frankly bizarre point to me.  I thought for several minutes about what an appropriate response would be, but honestly, just watch a bunch of CS:Go Overwatch videos on YouTube.  Watching those really opened my eye to how pervasive cheating can be in a game, and the variety of types of cheaters.

 

Some of them are brain-dead and struggle even with the cheats, like you said.  Some of them just instantly start spinbotting and killing everybody in sight just to make other players angry.  And still others actually know how to play the game at some level, and having cheats turns them into pretty much unassailable gods unless they get incredibly unlucky.  But one thing is for damn sure, the supply of Overwatch cases is bottomless.

 

Game developers are not fighting script kiddies.  They're fighting companies that have made a cottage industry out of selling cheating software to bored teenagers and psychopaths who buy these cheats.  These are a serious adversary and are not to be trifled with or underestimated.

[chemo]

39 minutes ago, Dark Pulse said:

I don't think they deliberately intended to deceive either, although some people will certainly make that argument.

 

That still doesn't take away that this is an absolutely boneheaded decision, and that a system's actual security should not be the thing you put at risk just to make cheating in an online game a little bit harder.

 

Whether they intended to deceive or not, it's an absolutely braindead move.

Well thank you for ignoring the purpose of my post

[Dark Pulse]

18 minutes ago, chemo said:

Well thank you for ignoring the purpose of my post

Even though it was literally the first thing I mentioned, and whether they intended to deceive or not isn't the big deal, since if this were a more normal anti-cheat nobody would really be complaining.

[Lampenpam]

I hope we can start agreeing now that kernel-0 anti-cheats aren't a problem. We had them for years in numerous games but in the whole shitstorm people only blame Eternal for it because they read something about "Bethesda" and "Denuvo" being involved.  

 

But I'm happy that even at r/Doom people seem to get a grip now and try to reduce the complaints to the ones that actually make any sense: https://old.reddit.com/r/Doom/comments/gkuekg/please_be_precise_when_criticizing_denuvo/

[Dark Pulse]

4 minutes ago, Lampenpam said:

I hope we can start agreeing now that kernel-0 anti-cheats aren't a problem. We had them for years in numerous games but in the whole shitstorm people only blame Eternal for it because they read something about "Bethesda" and "Denuvo" being involved.  

No, I'm pretty sure that I will never agree that having an anti-cheat that will let malicious code do absolutely anything it wants to my PC because it's on the lowest privilege level possible if it gets successfully hacked isn't a problem, sorry.

 

Again, the problem isn't that it's anti-cheat, or even that it's "malware" (it's not, anyone with half a brain knows that). The problem is the tremendous security risk that exists if it gets successfully hacked - and the enticing target it now presents because of the fact it's known to be Ring-0 privilege level. It's only as secure and safe to use as long as it's not hacked - once it is, and it starts getting exploited in the wild, literally every single person who runs Doom Eternal has their entire system at risk to anyone actively exploiting the hack. It might be fine now, but hackers work around anti-cheats all the time, and that means sooner or later, some bugs and cracks are going to be found in the anti-cheat.

 

And since it's Ring 0... well, if you gain control of the anti-cheat process, just what other damage can you do as the ultimate griefing?

 

THAT'S the problem. And that just ain't going to go away without the anti-cheat being higher up in privilege levels - stuff that will reduce the effectiveness of the anti-cheat, by definition.

 

Or, of course, never running the game will also guarantee you're safe, since also by definition, this hole is only exploitable as long as the anti-cheat exists in current form, and if you don't have it installed in the first place, you've got no gateway to be exploited by.

[Spectre01]

The strangest thing about all this is Doom Eternal isn't some wannabe eSports title like Valorant. Did they really think adding strict anti-cheat measures will propel the game's MP to some 100k viewers on Twitch status? There are currently 1.3k people watching Eternal and all the top streams are single-player. So as things stand, interest in Battlemode is negligible at best. Not to mention the lack of proper region/ping-based matchmaking making the entire thing a laggy mess. It's not like Eternal is running proper 64/128-tick servers required for a serious MP FPS experience. The Dark Souls games had a larger PvP scene, despite the crappy p2p connections making it nigh-impossible to take seriously.  

[Lampenpam]

@Dark Pulse you really should read the Reddit post. ring-0 is hardly an issue. Look at all the games that have ring-0 since years: 

 

https://www.easy.ac/en-us/partners/

 

https://www.battleye.com/

 

This wasn't an issue to us at all and STILL isn't because I don't still see anyone complain about these games in their communities. If you say "their entire system at risk to anyone actively exploiting the hack", then why do I not see this dramatic around the other games?   

And if you are worried that a program you install could harm your PC, you shouldn't install *anything* on your PC. 

[Dark Pulse]

Just now, Lampenpam said:

@Dark Pulse you really should read the Reddit post. ring-0 is hardly an issue. Look at all the games that have ring-0 since years: 

 

https://www.easy.ac/en-us/partners/

 

https://www.battleye.com/

 

This wasn't an issue to us at all and STILL isn't because I don't still see anyone complain about these games in their communities. If you say "their entire system at risk to anyone actively exploiting the hack", then why do I not see this dramatic around the other games?   

And if you are worried that a program you install could harm your PC, you shouldn't install *anything* on your PC. 

Most programs do not request Ring 0 access. Most DRIVERS don't request Ring 0 access. And the ones that do, yes, are a risk if someone ever does successfully beat them.

 

The only reason these are even remotely feasible is because they've got tons of money pumped into them and they are constantly updating, monitoring, and evolving.

 

That still doesn't make them not a risk if they get broken. It just means they're less likely to be because they've got devs on top of things.

 

And it still doesn't take away that having the exact same privileges as the OS is a huge, huge risk.

 

People didn't raise a fuss because most people were blissfully unaware. Now they know - and are paying attention. All it takes is one or two high-profile games for information to start disseminating and for people to decide if their system is worth the risk.

[Lampenpam]

1 minute ago, Dark Pulse said:

People didn't raise a fuss because most people were blissfully unaware. Now they know - and are paying attention.

 

 

Nope. Not at all. Obviously they don't. People just bark after "Denuvo bad" or "Bethesda bad", I already said the complains against ring-0 are restrained exclusively to Doom Eternal. But tell me why is nobody making a fuss AT ALL in other gaming communities? Rainbow 6 Siege? Everything quiet. Apex Legends? They sleep. Tarkov? Fortnite? PUBG? Gears 5? Hunt Showdown? Arma? ARK? Dead by Daylight? No complaints there.   

The outcry is a hypocritical mess.   

[LexiMax]

I don't have anything more to add to the current conversation, but as an extension to my earlier post, one thing I thought about while working on other things was that I remembered this talk exists.  It's a talk from Valve that goes over their anti-cheat strategy, but also has a bunch of useful information about cheating in general.

 

 

Rewatching the beginnings of it revealed something interesting - cheating was the single-biggest problem that CS:GO players were talking about in 2016.  Players care about cheating.

[Dark Pulse]

4 minutes ago, Lampenpam said:

Nope. Not at all. Obviously they don't. People just bark after "Denuvo bad" or "Bethesda bad", I already said the complains against ring-0 are restrained exclusively to Doom Eternal. But tell me why is nobody making a fuss AT ALL in other gaming communities? Rainbow 6 Siege? Everything quiet. Apex Legends? They sleep. Tarkov? Fortnite? PUBG? Gears 5? Hunt Showdown? Arma? ARK? Dead by Daylight? No complaints there.   

The outcry is a hypocritical mess.   

Maybe because they have no idea that Ring 0 basically opens your whole system to a hacker if the anti-cheat is cracked?

 

Not everyone who plays those games is even AWARE that there's such a thing as multiple tiers of privilege.

 

And frankly, saying "Well nobody's complaining so this is all overblown" is missing the forest for the trees.

 

Again: Ring 0. Full system access. Direct hardware access. Obviously if the anti-cheat makers are smart they will have reduced the code that it can access as little as possible, but a broken anti-cheat that has full system privileges is just a few injections away from doing whatever that coder wants it to do, and the OS won't even know it.

 

It's a risk, and then it's been made very sloppily by Bethesda by having it run anytime the game is running, whether you're playing online or not. Why do I need a Ring 0 anti-cheat running if I'm just playing the singleplayer campaign? Why does it need to reinstall itself anytime I simply run the game?

 

The anti-cheat should only be run when it's absolutely necessary for it to run - that is, when I'm playing online. It should run under no other circumstances. And it should damn well not be running Ring 0 without damn good cause.

 

At least Ring 1, Christ! Something where they don't just have full access if it's busted!

[Gokuma]

Aside from the #1 reason being the invasiveness with security concerns as well as being slipped in two months later with a patch.

 

These reasons make it unacceptable:

1.  Framerate drop rendering it unplayable for people who were just playing the game fine.   And even with a brand new computer people are probably noticing occasional hiccups.

2.  Bricking every linux install.

3.  Forcing it on people playing single player.

 

They really crossed a line.   Hence the reaction.

 

Doom Eternal is the only one of those games listed I was playing.  The others sure aren't touching my computer.

 

I'm not going to say whether people should try to get a whole refund or just uninstall Doom Eternal.

 

But at the very least everyone should stop playing the game and uninstall Denuvo to force them to fix this.   And stop being complacent with such an egregious violation of our cyber sovereignty or some shit like that.

Edited May 17, 2020 by Gokuma

[icecoldduke]

I've uninstalled the game because of this. I'm not going to allow any game to have ring 0 access to my PC, and that's mostly because I'm concerned about stability. 

[NoXion]

14 minutes ago, Lampenpam said:

 

 

Nope. Not at all. Obviously they don't. People just bark after "Denuvo bad" or "Bethesda bad", I already said the complains against ring-0 are restrained exclusively to Doom Eternal. But tell me why is nobody making a fuss AT ALL in other gaming communities? Rainbow 6 Siege? Everything quiet. Apex Legends? They sleep. Tarkov? Fortnite? PUBG? Gears 5? Hunt Showdown? Arma? ARK? Dead by Daylight? No complaints there.   

The outcry is a hypocritical mess.   

Well I can't speak for anyone else, but I've never installed any of those games on any of my machines. Had I installed any of those games only to then discover what kind of access they had, then I would have scrubbed them just as I scrubbed Doom Eternal this morning, a game I greatly looked forward to and enjoyed playing once it came out. It was fucking disappointing to have to do that.

I really had no idea that something intended to prevent cheating in a video game would demand the ultimate master key to my hardware in order to do its job. I do not agree that stopping cheaters is so important, that installing a potential backdoor to everything on my machine is justified. I don't think I am unique in that respect.

[Cynical]

7 hours ago, NoXion said:

Here's a post arguing the opposite case:

Why You SHOULDN'T Remove DOOM Eternal (Denuvo Anti-Cheat) from your PC Immediately

I don't find their points convincing, but then I'm not an expert with any training, I'm just a long-time PC user. I do note with some suspicion that the author's profile is only a day old and all they've posted about is defending Denuvo. He gets a bit tetchy if this is pointed out, and I've yet to see any account like this that wasn't some fucking troll or other piece of shit who keeps getting banned, from Reddit of all places.

The guy who wrote this is either a ZeniMAX employee shilling or is unbelievably clueless and has spent his 8 or 9 professional years as a developer doing nothing but the most basic of web-programming bitchwork. 

 

EDIT: People in the Reddit thread noted that it's a brand new account, created today to make only that one post.  ZeniMAX employee confirmed.

[Oplexitie]

I completely agree with @NoXion.

But unlike him I had one game with ring-0 access, Apex Legends, never knew it had that kind of access to my machine. I uninstalled the game.

Also, pointing out that other games have ring-0 access and saying "people don't get mad at those games" is very dismissive of peoples concerns. Most people where not aware that these games had ring-0 anti-cheat systems, people only started knowing about these types of anti-cheats when Valorant came out. At least that's when I first learned about them, I'm maybe projecting :/.

Anyways I think I've pretty much said everything I had to say.