this post was submitted on 13 Dec 2023
662 points (97.8% liked)
Linux Gaming
15834 readers
20 users here now
Gaming on the GNU/Linux operating system.
Recommended news sources:
Related chat:
Related Communities:
Please be nice to other members. Anyone not being nice will be banned. Keep it fun, respectful and just be awesome to each other.
founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Because that checkbox undermines the security of EAC. Essentially it allows the service to run in the user space mode instead of kernel mode. This opens up a lot of hacking to games. It's absolutely not a solution epic wants to take with their largest game.
There is also a very good reason that vac is looked at as the worse anti cheat solution in the industry. So much so that CSGO has to have third party anti cheat in their leagues.
It is literally impossible for a game having kernel access not to be malware.
That's true on Windows too, people just accept it there more often since they don't know better
Ha, k, if you believe so.
I hate that the solution for them is to try to lock down users' own machines rather than trying to secure their own servers with server side anticheat
Goes against the whole philosophy of never trusting the clientside
That's simply not a great solution. You can't make a fast paced fps feel good without trusting the client. Even quake has some factor of client trust. The issue is that even if the client sends just inputs across the network, you still end up with cheats that seems the exact inputs to click on a person's head. You are trusting the inputs are sane. So that's the raw metric of not trusting the client, it's just sending the user data and the user data can be manipulated in order to cheat.
So you still failed to secure the game simply by trusting the client. It's not possible and it's an argument that comes from not understanding the technical challenge at play here.
No amount of clientside anticheat software can stop that either though, anything running on the clientside can be faked/manipulated with enough effort
Also you could argue someone could simply plug in another device that takes a video input and can simulate a keyboard and mouse
On the server side, you could check for abnormalities in a person's stats, for example if they get >90% headshots, if they're getting a lot of kills outside a weapon's normal range, amount of time aiming at enemies through walls that they shouldn't be able to see etc etc
Then, once someone is suspicious enough, flag it up to a human moderator who can watch them and verify
Not saying there shouldn't be any clientside anticheat at all but at the point of the anticheat putting itsself in kernel space it's gone too far
That's called heuristics and EAC does that as well. Why not do both?
Why? this isn't the opinion of a lot of the players out there.
Hackers will always find a way. Bad players always try to appear better than they are. Welcome to humanity.