This reads like privacy-invasion propaganda directly from the Chinese state. "Look how great we are at having full control over your PC. You know, to battle cheaters!".
Kernel-level anticheat is ridiculous. Especially when your data becomes a gaping would ready for the chinese state to stick their fingers into and twist around. It's like the police installing mandatory cameras in everyones house to catch thieves (if society here is games with kernel-level cheats).
I want to go back to the days of Windows 7. When there was minimal corporate bloat in the ecosystem, no ads in the startmenu, and when game studios actually knew what they were talking about and had some balls to stand up for their values.
Riot Games is a morally bankrupt and extremely profit-driven company. If they're not abusing Vanguard to provide MSS actors access to user's machines (free VPN to cover your tracks!), then they're mining data from your computer - perhaps for market research or to sell to adtech.
As a player of some of their games - they not only don't care about their players, but have a deeply abusive relationship with us.
Crazy you think Riot Games is extremely profit driven. I have played League of Legends for 13 years and not once have they required or requested a single penny from me. I have given them 0$.
An extremely profit driven company wouldn't allow that.
Yes. Riot doesn't really care about cheating - else they would use identity verification to permanently ban cheaters - this is about something else. They either want that kernel-level access to harvest data, or else it's about modders making mods for custom skins that cut into their revenue.
Lol, this wasn't Windows 7 days. This was 98/XP. The real fall of multiplayer gaming is from player support of F2P and a lack of legislation against the absolute predatory gambling tactics these games use.
By the way, kernel level anti heat has been around for a LONG time. Battle Eye was introduced with Battlefield Vietnam in 2004.
Riot doesn't use a kernel anticheat on mac os because Apple provides sufficient security from their OS. Once Microsoft eventually catches up Riot will not need a kernel level anticheat for Windows. The ridiculous thing is how Microsoft has failed to secure Windows from cheaters despite it being a problem for such a long time.
> The ridiculous thing is how Microsoft has failed to secure Windows from cheaters despite it being a problem for such a long time.
The problem is, it's gotten hard to do drivers for custom hardware on macOS as a result for everything that can't be done with libusb as a result - and it's also gotten harder to patch over deficiencies of macOS.
You can't have an OS that you can tinker around with and an OS that is secure from cheaters, software pirates and malware at the same time. Android is the best example - either you run an OS that passes Play Integrity/SafetyNet and is blessed by Google and thus can use games, Netflix, banking or a whole lot of other apps that require non-rooted phones these days, but you lose e.g. the ability to do an actual full-device backup, or you run a phone that's rooted or runs a custom OS (say, aftermarket once the manufacturer ceases providing even security updates) but you lose out on about 2/3rds of apps because they just refuse to run.
Id go for a "RealID" anticheat service that takes my passport info or some other photo ID along with a video of me saying some junk to prove I am that person.
Realistically what is the alternative? That is pretty much the only way to ensure the cheats don't run at kernel level. If the cheat runs at kernel level it is very hard (or impossible) to detect it from user land outside of behavior (which mostly happens on the server side).
Only thing I can think of is Microsoft locking down Windows so hard that nothing outside of code written (well signed) by Microsoft can run with kernel level privileges but I think that is an even worse option.
If you don't like it you can always just go and play any of the titles without kernel level anti-cheat and get a cheater in ~1/5th of your games (my experience in counter strike).
Chess essentially has ID verification at a high level because the best players can go to real-life tournaments and get titles for the prestige, which grants them free premium accounts on major platforms. It's easier to analyze the subset of top-tier players that aren't verified.
I'd rather just give Riot Games my driver's licence than full access to my computer. They already know my name and where I live from metadata.
There should be a KYC solution for gaming where a company like Epic, Riot, or Valve verifies your identity and developers can gate competitive video games behind that. If you cheat, you're out for 5-10 years (so dumb teenagers aren't locked out forever). The big issue imo isn't banning cheaters, it's preventing them from creating a new account and cheating again.
Such a system would be free money & low maintenance for whatever company develops it first.
What even makes you think it's a solvable problem? Even with a totally cryptographically controlled end-to-end hardware chain that treats the player like an adversary/inmate (like in the consoles, maybe even more strict) there's always a possibility of ML-based cheats with a low-latency camera. Barely anyone does that now because there are easier methods, but trust me, it will get used if required, just like DMA is used now. People already throw crazy money into cheating.
It's a race to the bottom where everybody eventually loses except the corporations. Players never get rid of the cheaters completely, unrelated people who don't play games get their hardware+software locked down because of a bunch of whiny gamers, and corpos obtain the ultimate vendor lock.
It seriously isn't. Effectively you can not ban cheating. A cheater can just use virtual or modified hardware keyboards, displays and mice to cheat. How is a kernel extension going to prevent that? That is the logical next step, which is already being done by some (currently less than alpha). Once we reach this state as a default, nothing can prevent cheating, besides a real tournament with checked hardware. All the effort riot is currently putting into this will be for nothing. I do not understand, how they are missing that.
Is there any actual data on how prevalent cheating really is? In my experience, it's not remotely as big of an issue as some people make it out to be...
The alternative is that the online games they're protecting become infested with cheaters, players depart, and the game closes down because it's no longer a viable business.
It's not nice, I don't like running a kernel mode anti-cheat any more than you do, but I can see why it's necessary for preserving the competitive integrity of free-to-play shooter games like Valorant.
Secure boot is a problem for users with secondary alternative OS’s (eg Haiku). I even have a DOS tool which needs high precision timing which no general purpose multitasking OS can provide. These alternative systems are hampered by secure boot.
And speaking of up to date video drivers, these checks are a plague of usability. If I have stable driver rev 235, why would I install latest buggy version 246? Eg. AMD has 2 flavours of drivers, Adrenalin which has “optimisations”, but crashes, and the Pro drivers which are older but more stable, and have 10 bit support, more colour spaces etc. I’m done dealing with experimental drivers, give me stability 100% time. Games which insist that I run experimental drivers and secure boot can get stuffed.
I stopped playing counter strike like 2 months ago after playing for 6 months, because I was getting paranoid about closet cheaters. My trust in the game eroded, even though cheaters are not there all the time.
Closet cheaters are cheating in subtle ways, which make it impossible to know if they're really cheating.
It's a constant analysis of "is he cheating or am I bad?", and most of the time, I could not really know. It's a psychologically toxic experience as I cannot focus on the game itself. I was enjoying the game, but that paranoia made things just unbearable.
I suspect china/russia are actively paying people to make effective cheating software, as it's also a lucrative business.
Even a few pro players are cheating. Those online FPS are rotten to the core.
Apparently valve doesn't seem to care that much, because they probably know that there is a big overlap between cheaters and people who trade skins, who are a big source of income.
This attitude is a bit alien to me. At the level I play games (which is in the range of like 90% of gamers), my opponents are basically anonymous, and someone obviously cheating and someone smurfing has about the same effect of ruining the fun. The points mean nothing except maybe to measure my own improvement at the game. If someone's cheating and I can't tell them from the other players, I don't care.
If you can't fully connect your results in the game to your skill (because you can't trust if the others cheated), then you can't trust you are improving (or how to adapt to maybe improve).
On an evolutionary level, the purpose of play is to improve your skill in something in a tight, enjoyable feedback loop. Cheating messes with that.
Though your approach is preferable, I do think cheating (or more broadly, not trusting that you can learn how to improve with further play) kneecaps the whole point of playing.
(I'm badly presenting an idea I learned from Jonathan Blow re: how some game design ideas, such as opaque adaptive difficulty like rubberbanding found in racing games, destroys the purpose of playing)
I sincerely doubt a single person you thought had subtle hacks was hacking.
People constantly cry that the other team is hacking and reviewing the demo shows that they almost never are.
The reality is they were just better. That seems to be hard for a large portion of the player base to handle.
Low ranks and low trust factor are full of obvious hacks because they make an account, get banned and repeat. You don't see the decent hacks until the upper ranks because you need to be good enough at the game to hide it and would just rank up fast through the middle rankd
I can’t speak for the lower ranks, but I was mid-ish on premium this season (played from 17k to 23k then stopped iirc) but a lot of the cheaters were subtle enough that not everyone realized that they were cheating, even though they pretty blatant from my perspective. (For reference, I play lvl 10 faceit and have a decent understanding of the game.)
Point being that a ”subtle hacker” might be subtle to some and obvious to others. So OP, being a newbie with only 6 mo of experience, might suspect someone being subtle about their hacking but they might be very blatant to a more experienced player.
CS has a concept of "trust factor" which groups people more likely to be cheating in the same game. If you ever queue with a friend with a low trust factor (which happens a lot if they're on a smurf account), there are cheaters in pretty much every game... seeing that many blatant cheaters has really made me think there must be a lot of smarter cheaters flying under the radar in regular games. It's basically impossible to tell whether someone is wallhacking or if they have really good game sense.
I've played for many years including CS1.6, CS:S, GO, and 2. I regularly snoop profiles and overwhelmingly there are accounts with 1 game, all F2P games, short account lives, low hours (CS2, GO + account), low or no commendations, low match count, blocked stat tracking... Slews of markers that these are less-than-legit, either smurfing (IMO a form of cheating) or outright hacking. Then they coincidentally overperform for their respective rank. That's without mentioning coming across numerous individuals with [sometimes multiple] bans recorded on their accounts.
My account is 20 years old. And has several games with hundreds of hours including a couple of perfect games, not to mention a hundred or more games. Also phone verified. I don't expect everyone to have similar accounts, but it's seldom I'm matched against anything even remotely similar, say 5 year old accounts with similar playtimes in non-F2P games, though many profiles are private, which itself is - I think - also suspicious since virtually everyone leverages aliases on Steam so I can't really imagine a case for this other than obscuration, though I'm certain some people do it for privacy reasons I expect that rationale is rare.
Beyond that I would say there are a lot of suspicious individuals I've been matched against in both premier and comp . Regardless of whether or not they're smurfs it makes MM obnoxious if only because you end up matched against people who rage and ruin 45m-1h of your time by competing illicitly.
The MM algo is also just shit without these considerations lumped on top of it. I regularly play with my friends who rank lower and that draws my rank down so we get matched in low ranks, resulting in violent pubstomping. Of course I play on my only account, so I'm sure I get hackusated a lot, which would ostensibly get my trust factor drug through the mud. I suppose that's a solid incentive for smurfing on its own, especially since the system is opaque.
It's all pretty bad, frankly. Faceit is hardly better, a lot of the community is pretty toxic and obnoxious salty tryhard metabangers that aren't fun to play with.
One thing to note is that Microsoft is planning some kind of kernel anti tampering system in future that hopefully will give us user level anti cheats that actually work. Though some will very likely see this as some kind of "we don't control our computers anymore" move.
> "As was foretold, a future will eventually arrive where we can rely on the security features of Windows to protect its own kernel, instead of protecting it from boot with a driver. This will allow us the opportunity to start our anti-cheat services when the game client runs, provided the end-user has opted into all of these features. We’ll have more communication on this topic early next year, but if you’re on Windows 11 and on relatively recent hardware, we wanted to let you know that you won’t have to tolerate the taskbar icon forever (even though we worked very hard on Vanguard’s logo)."
> "To help our customers and partners increase resilience, we are developing new Windows capabilities that will allow security product developers to build their products outside of kernel mode. This means security products, like anti-virus solutions, can run in user mode just as apps do. This change will help security developers provide a high level of security, easier recovery, and there will be less impact to Windows in the event of a crash or mistake. A private preview will be made available for our security product ecosystem in July 2025."
Some of their stuff is but afaik xbox one and series x/s security model have not been broken. Obviously with those they have control of both the hardware and software making achieving it much easier.
Also with xbox one and series x/s they have the dev mode thingie lowering the interest in trying to hack the retail mode.
This Koskinas character seems a little frayed. Hyperfocused on punishing people, to the point where he's helping exploit writers to get an in, and then fervorously banning all their customers on release.
Back when anyone could run their own game server, logging was way more prevalent. Many games let you replay an entire match and it was comically trivial to playback and spot superhuman recoil control, aim snapping, wall hacks, etc etc etc. We had kickvote and Overwatch to farm this out to players in near-real time.
But instead of improving this (esp with "AI"), or just adding some financial loss to being banned, these free-to-play monsters need the lowest level system introspection. Seems a bit suss to me. "You can play my game for nothing but I need root?" No thank you.
Charge a one-off £5 for an account. 95% of your cheaters evaporate if they can't freely cycle accounts.
Meanwhile, a ~year since Riot required Vanguard, League/Valorant playerbase isn't really any smaller. If anything, it's continued to grow.
The players do not seem to mind. At all. Basically a non-issue for 99%.
I'm not terribly surprised so many here find kernel anti-cheat "unacceptable" or "ridiculous" or whatever, but there's just no there there. Microsoft has kernel access: are they selling my stuff, too ? I don't pay for Firefox: are they auctioning off my passwords? I guess it's fun to speculate; I can make unfalsifiable claims all day
It's a bit different when it's the core functionality that you selected the vendor for.
I'd never use a closed source password manager.
I don't use Microsoft for my OS, although it happens that I do generally trust them on account of their size and reputation. They have a very strong vested interest in not getting caught doing something like that.
Spying isn't the only concern. I don't generally want to grant anything unnecessary ring 0 because of the security implications. I certainly don't trust the security practices of most game studios to any great degree.
Readit News
Kernel-level anticheat is ridiculous. Especially when your data becomes a gaping would ready for the chinese state to stick their fingers into and twist around. It's like the police installing mandatory cameras in everyones house to catch thieves (if society here is games with kernel-level cheats).
I want to go back to the days of Windows 7. When there was minimal corporate bloat in the ecosystem, no ads in the startmenu, and when game studios actually knew what they were talking about and had some balls to stand up for their values.
As a player of some of their games - they not only don't care about their players, but have a deeply abusive relationship with us.
https://www.resetera.com/threads/riot-games-sends-cringey-ed...
https://dotesports.com/league-of-legends/news/riot-games-and...
An extremely profit driven company wouldn't allow that.
Given how intrusive these anti-cheats are, identity verification and login would be less intrusive.
At least with verification, when you ban a cheater, they stay banned. At that point, you can put humans in the loop.
This isn’t about that at all. They want their cake and to eat it too.
By the way, kernel level anti heat has been around for a LONG time. Battle Eye was introduced with Battlefield Vietnam in 2004.
The problem is, it's gotten hard to do drivers for custom hardware on macOS as a result for everything that can't be done with libusb as a result - and it's also gotten harder to patch over deficiencies of macOS.
You can't have an OS that you can tinker around with and an OS that is secure from cheaters, software pirates and malware at the same time. Android is the best example - either you run an OS that passes Play Integrity/SafetyNet and is blessed by Google and thus can use games, Netflix, banking or a whole lot of other apps that require non-rooted phones these days, but you lose e.g. the ability to do an actual full-device backup, or you run a phone that's rooted or runs a custom OS (say, aftermarket once the manufacturer ceases providing even security updates) but you lose out on about 2/3rds of apps because they just refuse to run.
Only thing I can think of is Microsoft locking down Windows so hard that nothing outside of code written (well signed) by Microsoft can run with kernel level privileges but I think that is an even worse option.
If you don't like it you can always just go and play any of the titles without kernel level anti-cheat and get a cheater in ~1/5th of your games (my experience in counter strike).
I'd rather just give Riot Games my driver's licence than full access to my computer. They already know my name and where I live from metadata.
There should be a KYC solution for gaming where a company like Epic, Riot, or Valve verifies your identity and developers can gate competitive video games behind that. If you cheat, you're out for 5-10 years (so dumb teenagers aren't locked out forever). The big issue imo isn't banning cheaters, it's preventing them from creating a new account and cheating again.
Such a system would be free money & low maintenance for whatever company develops it first.
What even makes you think it's a solvable problem? Even with a totally cryptographically controlled end-to-end hardware chain that treats the player like an adversary/inmate (like in the consoles, maybe even more strict) there's always a possibility of ML-based cheats with a low-latency camera. Barely anyone does that now because there are easier methods, but trust me, it will get used if required, just like DMA is used now. People already throw crazy money into cheating.
It's a race to the bottom where everybody eventually loses except the corporations. Players never get rid of the cheaters completely, unrelated people who don't play games get their hardware+software locked down because of a bunch of whiny gamers, and corpos obtain the ultimate vendor lock.
The optimal amount of bad behavior is not zero.
It's not nice, I don't like running a kernel mode anti-cheat any more than you do, but I can see why it's necessary for preserving the competitive integrity of free-to-play shooter games like Valorant.
Makes me glad I prefer mostly single player content and never tolerate this stuff on my PC. If I gotta be locked down I'll just pick up a console.
I am not expert, but I think it's not necessarily the case?
Cheating is really a plague right now, and the only way to mitigate it is using kernel anti cheat.
If your solution is bad, it doesn't deserve to work. Find something else.
And speaking of up to date video drivers, these checks are a plague of usability. If I have stable driver rev 235, why would I install latest buggy version 246? Eg. AMD has 2 flavours of drivers, Adrenalin which has “optimisations”, but crashes, and the Pro drivers which are older but more stable, and have 10 bit support, more colour spaces etc. I’m done dealing with experimental drivers, give me stability 100% time. Games which insist that I run experimental drivers and secure boot can get stuffed.
Closet cheaters are cheating in subtle ways, which make it impossible to know if they're really cheating.
It's a constant analysis of "is he cheating or am I bad?", and most of the time, I could not really know. It's a psychologically toxic experience as I cannot focus on the game itself. I was enjoying the game, but that paranoia made things just unbearable.
I suspect china/russia are actively paying people to make effective cheating software, as it's also a lucrative business.
Even a few pro players are cheating. Those online FPS are rotten to the core.
Apparently valve doesn't seem to care that much, because they probably know that there is a big overlap between cheaters and people who trade skins, who are a big source of income.
Too bad!
On an evolutionary level, the purpose of play is to improve your skill in something in a tight, enjoyable feedback loop. Cheating messes with that.
Though your approach is preferable, I do think cheating (or more broadly, not trusting that you can learn how to improve with further play) kneecaps the whole point of playing.
(I'm badly presenting an idea I learned from Jonathan Blow re: how some game design ideas, such as opaque adaptive difficulty like rubberbanding found in racing games, destroys the purpose of playing)
People constantly cry that the other team is hacking and reviewing the demo shows that they almost never are. The reality is they were just better. That seems to be hard for a large portion of the player base to handle. Low ranks and low trust factor are full of obvious hacks because they make an account, get banned and repeat. You don't see the decent hacks until the upper ranks because you need to be good enough at the game to hide it and would just rank up fast through the middle rankd
Point being that a ”subtle hacker” might be subtle to some and obvious to others. So OP, being a newbie with only 6 mo of experience, might suspect someone being subtle about their hacking but they might be very blatant to a more experienced player.
Deleted Comment
My account is 20 years old. And has several games with hundreds of hours including a couple of perfect games, not to mention a hundred or more games. Also phone verified. I don't expect everyone to have similar accounts, but it's seldom I'm matched against anything even remotely similar, say 5 year old accounts with similar playtimes in non-F2P games, though many profiles are private, which itself is - I think - also suspicious since virtually everyone leverages aliases on Steam so I can't really imagine a case for this other than obscuration, though I'm certain some people do it for privacy reasons I expect that rationale is rare.
Beyond that I would say there are a lot of suspicious individuals I've been matched against in both premier and comp . Regardless of whether or not they're smurfs it makes MM obnoxious if only because you end up matched against people who rage and ruin 45m-1h of your time by competing illicitly.
The MM algo is also just shit without these considerations lumped on top of it. I regularly play with my friends who rank lower and that draws my rank down so we get matched in low ranks, resulting in violent pubstomping. Of course I play on my only account, so I'm sure I get hackusated a lot, which would ostensibly get my trust factor drug through the mud. I suppose that's a solid incentive for smurfing on its own, especially since the system is opaque.
It's all pretty bad, frankly. Faceit is hardly better, a lot of the community is pretty toxic and obnoxious salty tryhard metabangers that aren't fun to play with.
https://www.leagueoflegends.com/en-us/news/dev/dev-vanguard-...
> “On Demand” Vanguard
> "As was foretold, a future will eventually arrive where we can rely on the security features of Windows to protect its own kernel, instead of protecting it from boot with a driver. This will allow us the opportunity to start our anti-cheat services when the game client runs, provided the end-user has opted into all of these features. We’ll have more communication on this topic early next year, but if you’re on Windows 11 and on relatively recent hardware, we wanted to let you know that you won’t have to tolerate the taskbar icon forever (even though we worked very hard on Vanguard’s logo)."
https://blogs.windows.com/windowsexperience/2024/11/19/windo...
> "To help our customers and partners increase resilience, we are developing new Windows capabilities that will allow security product developers to build their products outside of kernel mode. This means security products, like anti-virus solutions, can run in user mode just as apps do. This change will help security developers provide a high level of security, easier recovery, and there will be less impact to Windows in the event of a crash or mistake. A private preview will be made available for our security product ecosystem in July 2025."
This is actually great because Microsoft "security" systems are notoriously easy to pwn. Workarounds will appear almost instantly.
Also with xbox one and series x/s they have the dev mode thingie lowering the interest in trying to hack the retail mode.
Reason: Vanguard was crashing another Unity based game I play nonstop. It also seemed to decrease system stability in general.
I will never play another Riot Game so long as this software is a part of it.
Obviously they have so many users, they might need to fix it.
I can imagine that Microsoft might try to help them doing things right.
Back when anyone could run their own game server, logging was way more prevalent. Many games let you replay an entire match and it was comically trivial to playback and spot superhuman recoil control, aim snapping, wall hacks, etc etc etc. We had kickvote and Overwatch to farm this out to players in near-real time.
But instead of improving this (esp with "AI"), or just adding some financial loss to being banned, these free-to-play monsters need the lowest level system introspection. Seems a bit suss to me. "You can play my game for nothing but I need root?" No thank you.
Charge a one-off £5 for an account. 95% of your cheaters evaporate if they can't freely cycle accounts.
The players do not seem to mind. At all. Basically a non-issue for 99%.
I'm not terribly surprised so many here find kernel anti-cheat "unacceptable" or "ridiculous" or whatever, but there's just no there there. Microsoft has kernel access: are they selling my stuff, too ? I don't pay for Firefox: are they auctioning off my passwords? I guess it's fun to speculate; I can make unfalsifiable claims all day
I'd never use a closed source password manager.
I don't use Microsoft for my OS, although it happens that I do generally trust them on account of their size and reputation. They have a very strong vested interest in not getting caught doing something like that.
Spying isn't the only concern. I don't generally want to grant anything unnecessary ring 0 because of the security implications. I certainly don't trust the security practices of most game studios to any great degree.