None clickbait title:
Riot Games will rollout their vanguard anti-cheat to league of legends.<p>for those not in the loop, Vanguard is the anti-cheat Riot Games created for Valorant, their competitive first person shooter. The issue with Vanguard is that it's quite an aggressive anti-cheat, it runs on Ring 0 as a windows kernel driver. Hence, why some people call it a "rootkit".
The core issue is software freedom. Software, when it’s commercial, is something you basically give control of your hardware to and you have to trust that it won’t abuse that power. Or, you dont even use your own hardware, and you just send your data in an even more opaque way to the cloud. Will it be misused?<p>Typically, yes, egregiously. We need either computing platforms that sandbox things fully, or else full control over our software. And an end to these Eula’s Eula’s that, let’s be honest, could ask for anything and we couldn’t say no. Even governments get stuck here and can’t refuse
Super clickbait title here.<p>They’re doing what seems to be literally the <i>standard</i> for windows anti cheat. That they’re Chinese owned is moot as worrying about evil Chinese government hackers is to me a secondary concern to the long and illustrious history of terrible security vulnerabilities in all kernel mode “anti-cheat” drivers.<p>It seems much more likely that this anti cheat driver is just as buggy as every other anti cheat driver, and will end up being exploited by the same groups that every prior driver has been.<p>My view is that the correct fix for anti cheating is simply pitting all suspected cheaters against each other rather than trying to ban/block them.
I never really got the outrage. Or rather, I don't understand why it's directed at the principle of a ring-0 anticheat.<p>I feel that security minded folks are apt to avoid installing software from notably untrusted vendors on important machines. If Riot ends up malicious then I'm not sure that kernel level access is capable of _that_ much more damage than what's required for a 'regular' anticheat to function. My bank account is unsafe either way. Obviously less access is better, but it feels like discussion around Vanguard always distills into an argument that would also suggest Riot's software to be untrustworthy even <i>without</i> a ring-0 anticheat.
I've been thinking about this as I recently reset Windows but didn't format my hard drive and create a new version of Windows. How do rootkits work? Can I look this up somehow?