cross-posted from: https://programming.dev/post/35893414
Comments
Anti-cheat engines are now requiring users to have Secure Boot and a fTPM enabled in order to play online multiplayer games. Will this decrease the amount of cheating, or is it a futile attempt at curbing an ever-growing problem?
You must log in or register to comment.
Interesting so they’re using secure boot to hardware ban but I could see used hardware being an issue now :/
I’ve basically told my friends I wont play games that require secure boot and kernel anti cheat. I don’t use windows anymore, and I dont want to support these studios anyways.
Interesting article on how secure boot functions. Thanks!
Agreed, a good article and I learned a lot from it. One thing I learned is that while secure boot and tpm are neat, I’m more confident than ever that they are just overkill and unnecessary for an average user.
Whether intentional or not - they DO get in the way of using other OSs or bootable flash drives like ventoy. Either by by malicious intent, accidental non signing or delayed signing, or just general complexity of coordinating signing everything with all the manufacturers.
It’s just a lot of hoopla for…. What?
Anti cheating? There’s been cheaters in online gaming forever and that will never change. Give me the option to make friends and play private games with them and I don’t care who cheats.
Security? I mean I guess…. but “don’t boot shady crap and make sure you’re downloading the right stuff” goes pretty far.
I dunno - secure boot and tpm are the first things I turn off and I’m not interested in using software that insists I turn them on. The juice ain’t worth the squeeze.
It does seem a bit overkill especially for home desktop use. I think with laptops an argument could be made that there may be some benefit even for home users.
But for gaming anti-cheat specifically, it’s definitely overkill.
This just came up for me yesterday. League would not start without ftpm enabled.
Question. What is wrong with ip ban? Is it because a vpn can get around it? Isn’t a vpn slow to game on?
I never got interested how anti cheat software works but article claims kernel level anti cheat relies on hardware fingerprint. They say people can buy new game and cheat again, I think it’s cheaper now for people to buy new hard drive and change fingerprint and don’t even bother with this shit. This is stupid.
Great article.
Probably a dumb question, but my mobo has an option in the setup utility to “enroll hash” and it seems to let me pick an .efi executable.
Can I just use that to sign any bootloader (or efi executable for that matter) I want, e.g. HackBGRT, GRUB2, and if so, would that allow me to play Battlefield 6, or would the other features like TPM attestated logs indicate the chain loading and flag me for a ban (or simply not let me launch the game) ?
if that function is for signing custom efi binaries, you can still only sign it using your own keys. that would work to attest that you trust it and approved running that thing with secure boot enabled, but anticheats are looking specifically for the approval of microsoft, for which microsoft would need to sign it with their own key.
you probably wouldn’t get banned, the game just won’t launch. but be sure that you are not runnig the “process hacker” task manager along with the game, neither similar tools inname because formerly garbage anticheat was triggered to the “hacker” name in the process name. I don’t know if that would trigger a ban though, or they just wouldn’t allow connecting, but since this is niche software and they won’t have any recourse for false positives maybe I wouldn’t try my chances unless I wanted help in stopping playing that game forever.
