alt Hacker News"kernel anti-cheat" is actually a re-branding of "anti-(non steamdeck)-linux" software, probably to please msft (since sole beneficiary). We all know they are inefficient and weaponized by hackers.
You know on linux there is a feature for a process to snoop into another process, that for the same user (non root), can be use for anti-tampering: with a proper "security" team, as all live-service games should have, you can give hell to hackers without a kernel module...
Replies
Man, even "Area 51 has aliens" is a better and more backed up conspiracy theory than this. Kernel AC isn't to please MS, nor is it to shit on Linux/Steam Deck. They don't matter. They're inexistent. They're a blip of very vocal users that keep believing that Proton is going to save them from EA making shit games.
KACs exist because they want to have higher privileges to not be injected into, closed or otherwise touched by any other process. That's also why a bunch of them have started to ask for Secure Boot, so that they can guarantee at least some chain of trust that ensures you've probably not tampered with your machine.
Your Linux example 1/ turns anti cheats into not only something that analyzes what runs on your machine, but actively tries to attack it, which is the textbook definition of malware, but also a gigantic liability should you happen to say, write into word.exe because you fucked up and thought it was a cheat. 2/ turns it into an infinite game of chasing each others with you injecting into cheats, cheats injecting into you, back and forth. In addition, you're running on an actively hostile machine with a hostile user that _wants_ to fuck over your anti cheat.
Please do some proper research on the subject.
Kernel anti cheat in the client are the strongest form of protection by far, your comment makes no sense, anything userspace is easily spoofed. You can create a driver ( module ) that intercept calls and that is completely invisible to userspace processes.
The default security measures on Linux are pretty bad compared to windows, it's not even close. People like to bash windows but they have a way better security model.
> We all know they are inefficient and weaponized by hackers.
Name an exploit in EAC/BattlEye/Vanguard/FaceIT/whatever other big name anticheat middleware (though Vanguard and FaceIT don’t sell their services I think) that has actually been used for anything.
Genshin Impact’s driver got used as a vulnerable driver that one time, yeah. EAC had an exploit to inject your own code into processes, but that quickly got patched (https://blog.back.engineering/10/08/2021/).