[invokestatic]

Before I “switched sides” to anti-cheat, I used to write and sell cheat software for CS:GO. I had a registered company and purchased an EV code signing certificate just as your post suggests, even getting my cheat drivers signed by Microsoft. I am very familiar with the process given than I’ve seen both sides now.

While other anti-cheats maintain white lists or blacklists of vulnerable drivers, I’ve chosen a different route that doesn’t have the same pitfalls you suggest. Our anti-cheat also doesn’t run 24/7, only when the game is running.

[dylz]

I'm guessing this is a mix of attestation and inspecting what they actually do instead of just blindly checking the certificate and that the signature is verified? I'm curious how well executed that works when it comes to less well behaved anticheats (like Riot's Vanguard generally stays hands off, but GameGuard will immediately heartbeat a "ban me" and intentionally cause a bluescreen to cause you to "lose any data collected by your debugger" when it notices it's being looked at).

This type of BS is super common in Asian countries/published MMOs and a bit less acceptable in the west (you still have EAC and battleye, but at least they make an attempt to use TLS?)

Another insane example: xigncode has long since advertised a feature that the game developers can remote control into your PC like VNC. I don't know whether any developer has chosen to actually enable it, but the fact that they push it as a feature is some serious clown-egg-face.

[invokestatic]

I’m not going to comment on the specifics of what we do besides what I’ve already said. I will say that I’m really pushing to change the perception that all anti-cheats are bad and are user-hostile. I’m trying to build a product that shows that anti-cheats can actually respect user privacy and provide a positive player experience. And I’m trying to do it by better engineering.

Vanguard I believe would intentionally bluescreen you if it detected you’ve disabled PatchGuard. They had very good reasoning to do so, but I wouldn’t do something like that since I believe it’s user-hostile. Battleye I believe actually doesn’t use TLS last time I checked, using some sort of home brewed XOR cipher which is a bit scary. And of course remoting into computers is unacceptable under any circumstance.

[dylz]

I appreciate that you are trying to do this with respect and hope you succeed.

I've done both sides (largely MMO-stuff as a kid), and for me, I'm done dealing with all this invasive garbage, and just spin up a fresh EC2 GPU instance when I want to play something, and simply don't play the games that choose to disrespect and abuse players to the point of not even allowing GPU passthrough (I can somewhat understand banning emulated GPUs; have dealt with people farming referral accounts a hundred at a time each queuing for games at <5 FPS).

[hnick]

Without details, could you easily bypass your own anti-cheat with your past experience?