Store Page
DOOM Eternal
All Discussions Screenshots Artwork Broadcasts Videos News Guides Reviews

DOOM Eternal

Store Page
View Stats:
Global Achievements
DOOM Eternal > General Discussions > Topic Details
Cleave May 18, 2020 @ 11:37am
Is it possible to make a good AntiCheat without Ring 0 Kernel access?
The way I understand it, most programs work through Ring 3 which is one of the lowest privilege access levels. Why would you use the highest access level and potentially open it up to the kind of damage that level could bring when exploits are found?
Last edited by Cleave; May 18, 2020 @ 11:39am
< >
Showing 1-15 of 133 comments
Sad Pug May 18, 2020 @ 11:40am 
Ring 3, Ring 0, you can even make Ring -1 but when it DOESN'T work, what's the point?
They are checking how far they can go - I won't be surprised if next step will be tying both AC and AT together and it working independently (like AC is now - it installs as its own app) on the game with denuvo updating it by themselves.
Like Carmac said, it should be server side and not throw garbage on the user.
#1
❀❀ V ❀❀ May 18, 2020 @ 11:40am 
https://secret.club/2020/04/17/kernel-anticheats.html
#2
tyl0413 May 18, 2020 @ 11:44am 
VAC
#3
❀❀ V ❀❀ May 18, 2020 @ 11:45am 
Originally posted by tyl0413:
VAC
VAC uses a Rootkit, you know, the other "Bad" thing
Last edited by ❀❀ V ❀❀; May 18, 2020 @ 11:45am
#4
❀❀ V ❀❀ May 18, 2020 @ 11:46am 
Originally posted by Sad Pug:
Ring 3, Ring 0, you can even make Ring -1 but when it DOESN'T work, what's the point?
They are checking how far they can go - I won't be surprised if next step will be tying both AC and AT together and it working independently (like AC is now - it installs as its own app) on the game with denuvo updating it by themselves.
Like Carmac said, it should be server side and not throw garbage on the user.
Server side doesnt work because theres nothing stopping the client from spoofing the data. Kernel level stops this because it sees something has been modified before hand. Theres a reason literally 0 Anti Cheat Solutions use solely Serverside detection
Last edited by ❀❀ V ❀❀; May 18, 2020 @ 11:47am
#5
Mikoto May 18, 2020 @ 11:47am 
Originally posted by var:
Originally posted by tyl0413:
VAC
VAC uses a Rootkit, you know, the other "Bad" thing
Citation needed kiddo.
#6
Close One! May 18, 2020 @ 11:48am 
Yea, serverside anti cheat implementations are absolutely the way to go, nothing to worry about client side, no annoying your fans.

Probably costs a bit to develop both in $$$ and time.

Games are deterministic, meaning you can set parameters on values coming in and out, and make sure nothing is being spoofed, this is done all the time on internet forms for example. Probably a terrible example as there's way more data flowing through a game server but you get the idea, you can make sure the character hasn't jumped 50ft across the map etc.
Last edited by Close One!; May 18, 2020 @ 11:50am
#7
❀❀ V ❀❀ May 18, 2020 @ 11:48am 
Originally posted by Argenteus:
Originally posted by var:
VAC uses a Rootkit, you know, the other "Bad" thing
Citation needed kiddo.
Please explain how VAC is going to go through critical libraries and executables while they are in use without the use of elevated permissions Professor
#8
❀❀ V ❀❀ May 18, 2020 @ 11:49am 
you know that UAC pop up when you try to install stuff through steam?
#9
Mikoto May 18, 2020 @ 11:52am 
Originally posted by var:
Originally posted by Argenteus:
Citation needed kiddo.
Please explain how VAC is going to go through critical libraries and executables while they are in use without the use of elevated permissions Professor
So you have no source for your ♥♥♥♥♥♥♥♥. Got it.
#10
Sad Pug May 18, 2020 @ 11:52am 
Originally posted by var:
Kernel level stops this because it sees something has been modified before hand.
Uhuh, uhuh...
Works great in Fortnite and there are no cheat.... oh, wait.
So again question stands, what's the point of it when it doesn't work?
#11
Close One! May 18, 2020 @ 11:52am 
Originally posted by var:
you know that UAC pop up when you try to install stuff through steam?

What are you talking about? That pops up all the time just to install the crumbiest things, or change a secure setting, it has no bearing on what level of access the thing has, you have to check that yourself.
#12
❀❀ V ❀❀ May 18, 2020 @ 11:53am 
Originally posted by Argenteus:
Originally posted by var:
Please explain how VAC is going to go through critical libraries and executables while they are in use without the use of elevated permissions Professor
So you have no source for your ♥♥♥♥♥♥♥♥. Got it.
You are literally scared of your own shadow haha
#13
❀❀ V ❀❀ May 18, 2020 @ 11:53am 
Originally posted by Sad Pug:
Originally posted by var:
Kernel level stops this because it sees something has been modified before hand.
Uhuh, uhuh...
Works great in Fortnite and there are no cheat.... oh, wait.
So again question stands, what's the point of it when it doesn't work?
Do you turn your virus scanners off too?
#14
Cleave May 18, 2020 @ 11:54am 
Originally posted by var:
https://secret.club/2020/04/17/kernel-anticheats.html
Good link.

Still I wonder if there's a way to give it the ability to detect game exploits at Ring 0 and stop the game application and flag the serverside system instead of having full control over Ring 0 in its entirety. If not, then this would be a good idea to create something capable of not being abused.

I'm certainly not that knowledgeable on this subject but going from 0 to 100 in terms of how much access an anti cheat is given just sounds like a recipe for disaster in the future.
#15
< >
Showing 1-15 of 133 comments
Per page: 1530 50

DOOM Eternal > General Discussions > Topic Details
Date Posted: May 18, 2020 @ 11:37am
Posts: 133

Discussions Rules and Guidelines