• Fushuan [he/him]@lemm.ee
    link
    fedilink
    English
    arrow-up
    17
    arrow-down
    1
    ·
    4 months ago

    I don’t think YOU understand how code works. Having a program that you can’t verify being run as the highest priority level in your system is a stupid idea. You don’t know how secure it is or if it has vulnerabilities because again, it’s not open source. They are not even security experts, they are a game development company (which will hire security experts, sure, but the main focus not being security is important) and riot is not know for having a super robust game.

    Do you really trust them to release a program that can’t be hacked into, which then would give the hacker a way to elevate privileges into the highest security level? Even if you trust them not to harvest and sell private data, you have to also trust them to make an unhackable program.

    • Serinus@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      14
      ·
      4 months ago

      Yeah, I trust Riot and Valve more than I trust Sony or the developers of Lethal Company or Among Us. Even with higher privs than those other companies get.

      Because if PubG is compromised, I’m just as vulnerable as I am if Riot is compromised.

      I get the technical difference, but when you combine it with practicality, it doesn’t make much difference on one hand. On the other, it does remove cheaters from my games.

      If I cared that much I’d have ALL my games on a separate OS anyway. Maybe I will at some point.

      • Nibodhika@lemmy.world
        link
        fedilink
        English
        arrow-up
        8
        ·
        4 months ago

        What are you talking about!? It makes all of the difference. I know a game can’t break my system, I know a game can’t erase files I keep under root user, I know a game can’t write outside of a very limited set of folders my user has write permissions, the moment you allow games to run on root all of these go out the window.

        On the other, it does remove cheaters from my games.

        Sure, because games that do this have no cheaters… What bubble do you live under? Do you think that games like Dota or CS have more cheaters than Ghost of Tsushima? Literally games that have a competitive scene which is so big that’s televised in sports channels don’t need root access, but a co-op map on a game does!?

        And that’s without getting into the fact that client side anti-cheat is a losing battle, you could even have full control of the hardware and software and still wouldn’t be 100% secure.

        • Serinus@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          7
          ·
          4 months ago

          a very limited set of folders my user has write permissions

          On Windows?

          files I keep under root user

          On Windows? That’s not common practice.

          a game can’t break my system

          Is this like how you can’t get viruses without granting root?

          • Fushuan [he/him]@lemm.ee
            link
            fedilink
            English
            arrow-up
            6
            ·
            edit-2
            4 months ago

            Without root/admin access, on windows programs can’t write in several important folders. By root user they meant program files, system 32 and all those “system files”, which, surprise, are root files.

            A hacked kernel level program can modify system files and set up a keylogger that doesn’t even register on the program monitor, and it can send your information and you wouldn’t even notice it without monitoring your outbound packets, so you won’t.

            Any other program would ask you admin/root access and if that’s weird behaviour you can deny it and investigate, kernel level programs have it by default so if they have an exploitable vulnerability, you are fucked by default. It’s a huge difference and the fact that you are not acknowledging it makes me feel like you really don’t understand how code works.

            Also, don’t put riot and valve in the same bag. PLEASE.

            • Serinus@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              8
              ·
              4 months ago

              I guess you’re right as long as you don’t mind sharing your entire My Documents folder to the world.

          • Nibodhika@lemmy.world
            link
            fedilink
            English
            arrow-up
            3
            arrow-down
            1
            ·
            4 months ago

            No, on Linux, like the Steam Deck that OP mentioned. Windows was never mentioned here until you brought it up, and even there you’re wrong, kernel level anti-cheat doesn’t have the same level of access than any random game, even on Windows. Even Windows, with it’s janky security measures, has some level of containment around users, even on Windows regular users can’t edit system files or other users files, even on Windows a virus without root has a lot less access than a virus you give root access, and by having an interface that allows games to gain root access you’ve given viruses a new path to privesc. I recommend you read some more on cyber security and programming before saying something like “userspace == kernel level”, because that’s the same as someone attempting to discuss astrophysics with people who have masters on it while claiming the earth is flat. There’s a whole field of study into how security can be compromised to go from userspace to kernel level, handwaving it away because you think your user’s documents are the important part of a system is reductive at best and malicious at worst.

              • Nibodhika@lemmy.world
                link
                fedilink
                English
                arrow-up
                2
                ·
                4 months ago

                Yes, an example of which is someone pointing at a game not working on Linux and someone else ignoring the Linux part and attacking the argument as if it were on Windows. And doing a poor attempt at that, because even on Windows kernel level anti-cheat is invasive and leaves to privesc possibilities.