Riot Requires Kernel Level Anti-Cheat Software
tuta.com
League of Legends and Valorant Players Being Forced to Run Closed Source Low-Level Software.

Vanguard, the controversial anti-cheat software initially attached to Valorant, is now also coming to League of Legends.

Summary:

The article discusses Riot Games’ requirement for players to install their Vanguard anti-cheat software, which runs at the kernel level, in order to play their games such as League of Legends and Valorant. The software aims to combat cheating by scanning for known vulnerabilities and blocking them, as well as monitoring for suspicious activity while the game is being played. However, the use of kernel-level software raises concerns about privacy and security, as it grants the company complete access to users’ devices.

The article highlights that Riot Games is owned by Tencent, a Chinese tech giant that has been involved in censorship and surveillance activities in China. This raises concerns that Vanguard could potentially be used for similar purposes, such as monitoring players’ activity and restricting free speech in-game.

Ultimately, the decision to install Vanguard rests with players, but the article urges caution and encourages players to consider the potential risks and implications before doing so.

  • Darkassassin07@lemmy.caEnglish
    38·
    1 year ago

    Nope. Take your rootkit and go fuck yourself with it.

    There’s absolutely 0 reason a game should ever have kernel access. Ie unrestricted access to every piece of data on the system.

  • shadow@lemmy.sdf.orgEnglish
    32·
    1 year ago

    If you uninstall is there any guarantee that the kernel level anticheat gets removed, too, or are they in there forever?

    • chemical_cutthroat@lemmy.worldEnglish
      30·
      1 year ago

      And today we read from the Book of Sony, Chapter 2005, verses 10-11: Sony BMG quickly released software to remove the rootkit component of XCP from affected Microsoft Windows computers, but after Russinovich analyzed the utility, he reported in his blog that it only exacerbated the security problems and raised further concerns about privacy. Russinovich noted that the removal program merely unmasked the hidden files installed by the rootkit but did not actually remove the rootkit. He also reported that it installed additional software that could not be uninstalled. In order to download the uninstaller, he found that it was necessary to provide an e-mail address (which the Sony BMG Privacy Policy implied was added to various bulk e-mail lists) and to install an ActiveX control containing backdoor methods (marked as “safe for scripting” and thus prone to exploits). Microsoft later issued a killbit for the ActiveX control.

      On November 18, 2005, Sony BMG provided a “new and improved” removal tool to remove the rootkit component of XCP from affected Microsoft Windows computers.

      courtesy wikipedia: https://en.wikipedia.org/wiki/Sony_BMG_copy_protection_rootkit_scandal#XCP_rootkit

    • nova_ad_vitum@lemmy.caEnglish
      71·
      1 year ago

      I don’t know but if you get a law degree then spend 3 months reading their extremely long and intentionally complicated user agreement I’m sure you’ll find out that they have the right to keep it installed whether they currently choose to or not.

  • Gormadt@lemmy.blahaj.zoneEnglish
    30·
    1 year ago

    Kernal level anti-cheat means I ain’t gonna play it

    I don’t care where the company is based no game should be requiring kernal level access, that’s just opening the door for security concerns

  • Alph4d0g@discuss.tchncs.deEnglish
    30·
    1 year ago

    I guess the shame and expense Sony learned the hard way in 2005 has faded and now kernel invasion has become acceptable.

  • ChefKalash@lemmy.dbzer0.comEnglish
    20·
    1 year ago

    After studying operative systems this semester, it’s crazy that developers are really out there giving level 0 privileges to an application program.

    Get that shit far, far away from my machines

    • saintshenanigans@programming.devEnglish
      4·
      1 year ago

      I just mentioned the other day how scary that is if a third party can crack it and just got blasted about how Microsoft wouldn’t put an OS out with vulnerabilities like that lmao

      • havokdj@lemmy.worldEnglish
        2·
        1 year ago

        Microsoft literally took government bux to put in NSA backdoors into windows that are still there to this day.

  • trackcharlie@lemmynsfw.comEnglish
    13·
    1 year ago

    Guess nows as good a time as any to uninstall this trash.

    Their garbage anti cheat has done barely anything to improve valorant and now they want more control of my computer for league?

    Die in a fire, trash.

  • Dizzy Devil Ducky@lemm.eeEnglish
    12·
    1 year ago

    If you ask me, it’s best to treat any program requiring kernel level access that isn’t part of your base operating system or something you created and have full control over as malware. All it takes is one exploit or something of similar nature and some bad actors taking advantage of it before it can be patched for your computer to become fucked.

    • r00ty@kbin.life
      7·
      1 year ago

      Well base operating system or hardware driver. There are exceptions, the pps driver for timekeeping makes sense to be kernel level too.

      But games developers? No, they have no right to ring 0. I understand they want to protect from cheats, but they’re just moving the battleground to a part of the system that results in blue screens/panics when it fails. And cheat developers will follow them there and even move to the hypervisor if needed, trust me on that.

      • xthexder@l.sw0.comEnglish
        4·
        1 year ago

        Not to mention MSI releasing a monitor with built-in AI to highlight enemies for you that almost definitely counts as cheating, yet there’s nothing they can do except ban the hardware all together.

  • levmyskin@feddit.itEnglish
    131·
    1 year ago

    I think the main issue here (I haven’t seen it mentioned in the top comments) is that LoL doesn’t even have a cheating problem honestly. I’ve been playing since 2014, off and on, and I think I might have met maybe one scripter (I’m not really sure). Lol has definitely a toxicity problem, but I honestly don’t think it has ever had a scripters/cheaters problem, so I really don’t understand this. Is it because of bot accounts? Whose games are these bots ruining (never seen them between gold-diamond)? Does it justify a kernel level anti cheat? Honestly, the real problem with this is not the kernel level anti cheat (because I guess that might be useful for games like valorant), it’s the fact that this was never really even close to be necessary

    Edit: interestingly enough, riot games itself was reporting in 2020 that cheaters and scripters were ruining a very minor fraction of the games. Ref: https://www.leagueoflegends.com/en-us/news/dev/dev-anti-cheat-in-lol-more/

      • derpgon@programming.devEnglish
        71·
        1 year ago

        Auto dodging, perfect skills hots, staying at max range at all times, instant item usages to maximize potential.

        Yeah, nothing illegal officer.

        I so wish you had a game with enemy Zeri using scripts. You’d change your mind very quickly.

  • henfredemars@infosec.pubEnglish
    12·
    1 year ago

    We totally won’t harvest your data.

    Ignore the fact that we have political, state, and financial interest to do so, and that you would have no way of verifying or detecting if we did harvest your data, but you can trust us.

    Just trust us.

    • Contend6248@feddit.deEnglish
      6·
      1 year ago

      It’s not only interests of the chinese government, they HAVE to oblige legally if they are asked to. So even if the company has the best intentions, the government overrules.

      And don’t make that a chinese bad guy argument, as if western companies aren’t doing the same, they just don’t do that officially, which one is shadier is yours to decide.

      All you can do as a company or anyone is to stop harvesting data and don’t plant blackboxes/backdoors in customers systems

      • Chev@lemmy.worldEnglish
        1·
        1 year ago

        Edward Snowden showed that the US is spying on their citicens but nobody seems to care. But when China is doing it, everybody seems to lose their mind.

        • yamanii@lemmy.worldEnglish
          1·
          1 year ago

          I don’t get why they are so afraid of spyware from a country they don’t even live in, it’s the US that can prosecute you for anything they don’t like on your computer.

  • Cosmic Cleric@lemmy.worldEnglish
    122·
    1 year ago

    As a geopolitical side note to all this, there is a small but real chance that we may be going to war with (Edit: China) someday in the future, over Taiwan.

    Do you really want an adversary that can potentionally disable a large portion of your populations computers in one fell swoop?

    Edit: Because of Tencent’s ownership of Riot, which is a Chinese company.

    • Ahoy@lemmy.worldEnglish
      2·
      1 year ago

      Idk if id be more worried about a Chinese anti cheat that doesnt run on critical infrastructure or about Windows, Android, iOS + keep in mind Riot is an american company owned by a chinese one so idk if they would actually side with china

      • Cosmic Cleric@lemmy.worldEnglish
        32·
        1 year ago

        keep in mind Riot is an american company owned by a chinese one so idk if they would actually side with china

        One can only hope. Back doors do exist, and seeing how parts of American politics these days seems to favor certain foreign countries, I’m not so sure. Greed seems to override oaths.

    • Buttons@programming.devEnglish
      21·
      1 year ago

      If a security researcher finds and reports a vulnerability without permission, you would hope the company with the vulnerability would get in trouble, but instead the researcher gets in trouble and is and hassled by the government and the courts. Our government has already decided to sacrifice national security for the convenience of companies when it comes to security.

    • saintshenanigans@programming.devEnglish
      1·
      1 year ago

      Do you really want an adversary that can potentionally disable a large portion of your populations computers in one fell swoop?

      Just saw a Netflix movie about this a month or so back. Obviously the writing was a little embellished, but it was fucking terrifying to imagine something like that happening on a real scale.

  • Defaced@lemmy.worldEnglish
    10·
    1 year ago

    No thanks, I’ll stick to dota 2 and cs2. Everyone else should do the same, this kernel level anti cheat doesn’t even work. Well, no anti cheat is perfect, but vanguard isn’t any better than any other anti cheat. All it’s doing is collecting data about your computer and running at an insanely invasive level.

  • KuroeNekoDemon@sh.itjust.worksEnglish
    81·
    1 year ago

    Wait so the not being able to completely get rid of the Riot client and all their games and it still popped up on my desktop wasn’t me going crazy? It might be Chinese malware in the end? This is just a whole new meaning to that now