Microsoft is under a legal obligation to have back-doors into the OS for all the major (US) government TLAs (three letter agencies: FBI, NSA, CIA).

My neighbour once pooped his pants.

Originally posted by Nebiros:

My neighbour once pooped his pants.

im your neighbour. mb

Originally posted by The dog:

Netease games have a shady history, like Once human's registry editing and spyware.

anything Chinese the government has access to by Chinese law.
same if your outside the country your account and so forth is allowed to be used and checked by the Chinese gov.
saying that tho, lots of countries have signed up for the tech laws that allow all govs to check accounts so forth- look at the alpha bay documentary on YouTube.

no youll explode from an AC-130 bombardment the moment you launch the spyware you chinese spy

I noticed nothing sus but i'm no expert, if there any experts please help

Originally posted by Rhila:

I noticed nothing sus but i'm no expert, if there any experts please help

No offence, but if "a concentrated stare into blank screen" was a solution to these issues, we wouldn't have a need for any infosec.

As it stands, this game is absolutely not safe to play on Windows OS. That's because they use a 3rd party "anti-cheat" that requires installation as a system driver meaning in runs at ring-0. In plain English: that thing loads when you boot your PC together with your OS and has absolute control over your machine.

The only thing preventing it from doing anything malicious is .. NetEase's promise in the EULA. But that's the same as giving keys to your house to a random stranger down in Brooklyn subway with the only guarantee that they won't abuse it as "trust me, bro". So this is the point where everyone decide for themselves on the risk level and how to manage that.

There seems to be a way to run this game on Proton - with some workarounds, meaning that you (sort of?) bypass the kernel-level execution since you'll run that system separately from your host Linux. But that's something not even 0.01% of people will be bothered (or qualified) to do.

I'm also deliberately not involving the "Chinese" card here - as it makes no difference who is the vendor behind such schemes. I'd rather not have anyone poking around my machine - Chinese or not - even though I know Chinese are overwhelmingly more likely to do shady deals with their government and break my privacy. But in the end, it doesn't matter who it is.

Probably some chinese spyware masked as an anti-cheat.

can yall just play the games they know everything they already need to know if they wanted to lol just enjoy the ♥♥♥♥ while we can still breath semi clean air

Originally posted by id795078477:

Originally posted by Rhila:

I noticed nothing sus but i'm no expert, if there any experts please help

No offence, but if "a concentrated stare into blank screen" was a solution to these issues, we wouldn't have a need for any infosec.

As it stands, this game is absolutely not safe to play on Windows OS. That's because they use a 3rd party "anti-cheat" that requires installation as a system driver meaning in runs at ring-0. In plain English: that thing loads when you boot your PC together with your OS and has absolute control over your machine.

The only thing preventing it from doing anything malicious is .. NetEase's promise in the EULA. But that's the same as giving keys to your house to a random stranger down in Brooklyn subway with the only guarantee that they won't abuse it as "trust me, bro". So this is the point where everyone decide for themselves on the risk level and how to manage that.

There seems to be a way to run this game on Proton - with some workarounds, meaning that you (sort of?) bypass the kernel-level execution since you'll run that system separately from your host Linux. But that's something not even 0.01% of people will be bothered (or qualified) to do.

I'm also deliberately not involving the "Chinese" card here - as it makes no difference who is the vendor behind such schemes. I'd rather not have anyone poking around my machine - Chinese or not - even though I know Chinese are overwhelmingly more likely to do shady deals with their government and break my privacy. But in the end, it doesn't matter who it is.

Thanks for the explanation, I scanned my PC using Windows security app, and that's what I did to check this game.

You seem to be the expert we need, can you tell us where the anti cheat app is located?
if someone wants to check or delete this anti cheat app after uninstalling the game, where can we find it? Thank you again.

Originally posted by Rhila:

Thanks for the explanation, I scanned my PC using Windows security app, and that's what I did to check this game.

You seem to be the expert we need, can you tell us where the anti cheat app is located?
if someone wants to check or delete this anti cheat app after uninstalling the game, where can we find it? Thank you again.

You scan your Windows OS with the privileges of your user. It by definition will not detect any rootkits if those rootkits have decided to prevent that. There may be advanced tech to detect that, but there's no need to bother = we know it does it anyways.

And any scan will anyways only work with the known fingerprints for viruses - while obviously, no vendor will blatantly install those things. Why would they do that when the user gives them a mandate to do whatever - any surveillance, any data manipulation or transfer at the OS level. The only way it can be detected is if a real expert sits down, tracks the communication, reverse-engineers the protocol and checks what's happening. Such an audit will likely cost hundreds of thousands of dollars on a professional team (or some really dedicated experts). Which brings me to:

Originally posted by Rhila:

You seem to be the expert we need, can you tell us where the anti cheat app is located?
if someone wants to check or delete this anti cheat app after uninstalling the game, where can we find it? Thank you again.

I'm in no way an expert to run such an analysis. All I can say is that the third-party entity it installs has a ring-0 level of access. I have no clue what it does under the hood = if I did, I'd already be making some video on that or something. And I'm in no way equipped with knowledge to reverse-engineer its protocols.

---

So just to be clear = I am not claiming it does something sinister. But I'm raising an alarm that it has absolutely all the means to do so. And the only thing preventing it from doing that is their promise in the fine print. Which is as good as a fig leaf.

Originally posted by Master Sparkles:

The reason Netease won't do anything malicious with your info is the entire company would be blacklisted if they did. They would not be allowed to put games on Steam, Xbox, Playstation etc as that would go against the EULA for all of them. The company would lose billions unlike the random stranger with your key so his example makes no sense at all. Not to mention they would be sued by all said companies again for breaking the EULA.

The game is 100% safe to play on Windows OS. The reason he used NO example of any other chinese game having this happen is because it has never happened before. These dudes use 0 evidence because there IS 0 evidence of this being a issue. Hence why its not a mainstream topic even though the game is going viral.

ABSOLUTELY wrong. There is no shortage of examples on how corporations screwed over their customers related to the infosec. If the case is lucky, those are non-deliberate issues, like Fallout 76's customers data leaks due to terrible data management malpractices. If the case is unlucky, then it's deliberate Nexon-level shenanigans. Sure = it gets them bad rep, but at this point - they don't really care. The industry is already in the state where it is sort of .. expected.

So - if "well, their reputation is your guarantee" is your argument for why it's safe to install - you're .. welcome to install it (not that you need my approval by the looks of the mouse icon). But others may have higher standards on what they consider to be "safe".

P.S. Speaking of reputation, I think that ship has sailed long ago for NetEase. Quick search, first link:
-- they're already nearing the bottom. Hitting that bottom wouldn't hurt them in the slightest.

Originally posted by id795078477:

Originally posted by Master Sparkles:

The reason Netease won't do anything malicious with your info is the entire company would be blacklisted if they did. They would not be allowed to put games on Steam, Xbox, Playstation etc as that would go against the EULA for all of them. The company would lose billions unlike the random stranger with your key so his example makes no sense at all. Not to mention they would be sued by all said companies again for breaking the EULA.

The game is 100% safe to play on Windows OS. The reason he used NO example of any other chinese game having this happen is because it has never happened before. These dudes use 0 evidence because there IS 0 evidence of this being a issue. Hence why its not a mainstream topic even though the game is going viral.

ABSOLUTELY wrong. There is no shortage of examples on how corporations screwed over their customers related to the infosec. If the case is lucky, those are non-deliberate issues, like Fallout 76's customers data leaks due to terrible data management malpractices. If the case is unlucky, then it's Nexon-level shenanigans. Sure = it gets them bad rep, but at this point - they don't really care. The industry is already in the state where it is sort of .. expected.

So - if "well, their reputation is your guarantee" is your argument for why it's safe to install - you're .. welcome to install it (not that you need my approval by the looks of the mouse icon). But others may have higher standards on what they consider to be "safe".

Well...in what you said, then from the bs leaks of Microsoft and Linux (in the past) I also can't trust these...so unless I do my own OS my own AV and a local server accessed only locally then nothing is safe to download/install/run......we should all live in a cabin in the woods

Also, ppl have 2 or 3 different computers/laptops no? One PC/laptop for work and one for gaming or 1 laptop work, one pc gaming and one old laptop for browsing internet

Originally posted by Master Sparkles:

See perfect example. Thank you for making this easy. Fallout 76 does not even use kernel anti cheat. So your argument is companies bad instead of kernel anti cheat scary.

His proof options were so low he had to say something irrelevant on the topic of kernel anti cheat. If he was a trust worthy source he could have easily stayed on topic. And yet.....

What he just said is don't play games at all because they have your info. He is not wrong. If you are that scared of having basic info leaked then that is accurate. Although not at ALL relevant to the topic.

I don't get how you twisted it into me arguing about only "kernel level" issue. That is a separate thing from any company reputation. My points are:

1. Kernel-level anything is a terrible idea
2. Reputation is not an argument to defend anything in gaming (especially if that reputation is already ruined)

Those are separate things. You can't waive off the first one just because I gave an example where reputation didn't prevent another type of malpractice. It's not how logic works.

Look. You think about it otherwise. Go at it. Just don't substitute facts with your opinion. As I mentioned in my first post = everyone would need to realize the risk and decide how to manage it. If "eh, who cares, they won't do anything bad" is your level of alertness = fair, it works for you. I'm simply raising the issue for those who have a higher bar for what they consider secure. Whether anyone would heed my advice = let them decide after reading.

Oh noooo not all of China. What will you do when they know things?

Pro top, stop having sensitive info on a gaming pc if you are worried about leaks.