Jessie James

@Neineon77

I've been told I'm "pocketable"

she/her
en.pronouns.page/@neineon77

I make my own patches, sometimes draw and I like old/cute video games. I work on computers and retro handhelds/consoles

Jessie James @Neineon773/18/2024, 12:15 PM

fwankie @fwankie

abbieoverflight @threeoh60003/18/2024, 6:53 AM

This page's posts are visible only to users who are logged in.

sirocyl @sirocyl3/18/2024, 8:57 AM

"third party anti-cheat kernel driver" should strike the same kind of fear in you as "debug port left exposed" or "default root telnet password"

there should be no business sense for MS to sign these; they should not be signed, signing them should result in fines and sanctions, and the OS already doesn't load unsigned kernel drivers.

this shit should, honestly, be illegal through and through.

fwankie @fwankie3/18/2024, 9:31 AM

I can only imagine how much restraint it took to wait for this tournament while knowing you have this and it could possibly get patched at some point, either you end up with nothing or you get the funniest possible way to show off a hack

edit: you're wasting your time asking for security advice for software I don't use, I can't help you

fwankie @fwankie3/18/2024, 9:51 AM

like they could have easily just installed crypto miners on a bunch of random people's PCs instead of doing this so I'm glad it was this

You must log in to comment.

in reply to @threeoh6000's post:

Froey @froey3/18/2024, 8:13 AM

Jesus Christ. :eggbug-nervous:

Ecter B.@ecter3/18/2024, 8:19 AM

WOW WHO WOULD HAVE THOUGHT INSTALLING LITERAL ROOTKITS FOR DRM/ANTICHEAT IS A BAD IDEA

B.I.E. Unit: Explorer-B @GoopySpaceShark3/18/2024, 8:26 AM

they don't even help, because players have physical access to their computers lmfao

from a security standpoint, it's already joever

Ecter B.@ecter3/18/2024, 8:34 AM

I mean, anti-cheat is like safes - they're never impossible to unlock by someone unauthorised, it's a matter of making it as hard as possible to do so.
But then, having a titanium safe does not install a backdoor in your damn house. There are no promises that anti-cheat makers could give to make it feel secure (that is, not having a damn hole in kernel level software) - if anyone ever was able to make 100% unexploitable software, anti-cheat wouldn't have to exist.

B.I.E. Unit: Explorer-B @GoopySpaceShark3/18/2024, 8:39 AM

I feel the best way of handling it is server-side sanity checking and bringing back vote kicking

having everyone physically be in the same room would also help. people don't tend to cheat when they're within punching distance

sirocyl @sirocyl3/18/2024, 12:40 PM

this tbh. there's all these dingus dongles for thunderbolt, PCIe and even firewire, to poke arbitrary memory over DMA in a way that's almost completely undetectable. a veritable hacker's dozen of 'em

Obsidian @OpalSys3/19/2024, 5:46 AM

EAC is also used in VRChat, gonna figure that's a problem too

in reply to @sirocyl's post:

jade-ish @jade-ish3/18/2024, 10:49 AM

i remember the whole vrchat eac fiasco like it was just last week. now i understand what that warning was for. the day has finally come to switch to chilloutvr (/hj)

Vikxin @vikxin3/18/2024, 12:04 PM

Every time I remember how many different vendors have signed InpOut32.sys and InpOutx64.sys I die a little

sirocyl @sirocyl3/18/2024, 12:33 PM

crikey is that what I think it is
edit: whatever I thought it was, it's worse than that.
tl;dr: x86 I/O port level access to any unprivileged program. yes that includes superio, vesa, and BIOS, PCI, ISAPNP config space, and so on.

Vikxin @vikxin3/18/2024, 10:17 PM

And if you have a Windows computer you may just find you have it installed unexpectedly! Lots of stuff bundles it because they're too lazy to write a proper driver for the narrow case they want.

Rosebuns @robinthebun3/18/2024, 2:30 PM

I understand none of those things I should be afraid of :eggbug-tuesday:
Plz help

that idiot who has bad opinions on things @daemonspudguy3/18/2024, 5:02 PM

Oh my God, another person actually agrees with me that anti-cheat solutions that burrow themselves into the kernel are a major security risk. Finally!

Vikxin @vikxin3/18/2024, 10:16 PM

Where have you been looking that people haven't agreed with you?

sirocyl @sirocyl3/18/2024, 10:23 PM

sadly Gamers™ seem to have this philosophy of "security at any cost" where "security" means "cops, computer cops, in your computer"

Kat A. Beckett @KaterinaBucket3/19/2024, 12:25 AM

Huh? "Keep intrusive bullshit off my computer" is like, the one thing gamer-ass-gamers are typically on the right side of. Sure they'll still play the games anyway, but when it comes to steam reviews and reddit posts gamer spaces are generally hostile to this stuff almost to a fault

cassie @porglezomp3/19/2024, 11:59 PM

Only the people playing the games that already have it, people playing other games see any sign of cheating and start begging for more invasive anticheat thinking it will actually fix things (it doesn’t, though).

in reply to @fwankie's post:

Mayday @stupidtransgirl3/18/2024, 11:18 AM

is this something to be concerned about if the game was played on linux through proton?

fwankie @fwankie3/18/2024, 11:22 AM

no idea, don't know how proton works

deadryn.@deadryn3/18/2024, 2:41 PM

Most likely not. Since each instance of a Proton drive is effectively sandboxed, unless you interact with that drive in a VM or something it most likely can't escape into your primary system. Linux doesn't have a central registry the same way Windows does, so unless the rootkit is configured in such a way that it can navigate a Linux system as well you're probably good.

Still, I recommend deleting any games using EAC, since this is less about Linux being more immune to these sorts of attacks and more about defense through obscurity. I also recommend backing up your data and maybe doing a complete uninstall and reinstall of Steam, just to be safe.

It's a shame too since EAC was one of few anticheats that played nice with Linux :/