[lomase]

Vanguard runs on Ring 0. -> Ring 3 software can also read your hdd so is not a problem.

Why load on boot? -> Because we need to, don't worry.

Why is scanning my serial port -> Is a bug, don't worry is not a problem.

What if Riot is hacked? -> If Microsoft gets hacked is even worse, so is not a problem.

[AshamedCaptain]

The same style of argument used by ChatControl proponents. I mean, what's another backdoor going to do in the swiss cheese that is Whatsapp/$INSERT_IM_PLATFORM_HERE security ?

[Hikikomori]

Point is that it doesn't need ring 0 access to to bad stuff.

[lomase]

Ring 3 and Ring 0 can try to do the same bad stuff.

But the point is that in one the OS security layers or antivirus will catch it.

[gruez]

>But the point is that in one the OS security layers or antivirus will catch it.

Doesn't antivirus have detections for ring0 as well? Otherwise virus makers can just code their viruses to be in drivers and evade all the antiviruses.

[lomase]

No, antivirus can't know if a virus is running on Ring 0, it can try, but the virus can just stop the antivirus and the OS won't stop it.

At ring 0 the virus can do whatever it wants with your computer.

[acdha]

This wasn’t really true in decades past - there was a cat and mouse game where often it could be detected because the virus wasn’t perfect at hiding its activity and resource usage – and it’s become far less so in the era where even consumer hardware has virtualization features which allow even kernel code to be restricted. Even Windows is starting to use that to prevent malware from accessing secrets (e.g. Credential Guard) so I wouldn’t treat this as the ring0=game over situation it was in the 90s.

A more accurate phrasing is that antivirus software can positively confirm the presence of malware but it cannot on its own definitely prove the absence of ring0 malware. For that, you need an Apple-level secure boot process to give confidence that the code is running on an unmodified, unvirtualized kernel.

[alekratz]

> Why load on boot? -> Because we need to, don't worry.

I believe the reason stated was "because we know it will not be tampered with after boot". Not saying it's a good or bad reason, but this is dishonest paraphrasing.

[lomase]

I said it because I think other kernel level anticheat don't do it.

If I remember correctly I can just enable/disable the easy anticheat service, sane with the EA thing, I don't need to reboot the machine like with Vanguard.

But thanks for pointing it out.

[musjleman]

> I said it because I think other kernel level anticheat don't do it.

It is done by FACEIT and ESEA.

> If I remember correctly I can just enable/disable the easy anticheat service, sane with the EA thing, I don't need to reboot the machine like with Vanguard.

You can disable Vanguard as well, you'll only need to re-enable it and restart if you want to play the games.

[Hikikomori]

>Vanguard runs on Ring 0. -> Ring 3 software can also read your hdd so is not a problem.

Can also read process memory of the same user.

[ndriscoll]

Can't read files or access memory of other users though, which is kind of the point. It's trivially easy to run games as a different user than the one you use for e.g. banking, and operating systems have had fast user switching for decades.

[gruez]

Most games require admin privileges to install, so if the game maker wants to be evil you're already screwed even if you have separate users. Moreover, most software isn't really designed for multi-user system security (because it's basically never used), so there's often sloppy coding practices that lead to trivial EoP between users (eg. cache directories accessible by all users).

[ndriscoll]

Maybe this is a difference with Windows vs. Linux and admittedly I basically never have time for games anymore, but I don't remember any game ever asking me for my root password to install or run. I'm also not sure what software you have in mind that doesn't work in a multi-user environment. I see plenty of usage of `~/.cache`, and `~` has 700 for permissions. Other services on my computer run as their own user.

In any case, something being programmed poorly isn't a good excuse to make things even worse. It is, however, a great reason to... run things under isolated users/environments, or in a VM (which these drivers also want to prevent).

[gruez]

>but I don't remember any game ever asking me for my root password to install or run.

Are you sure there isn't some sort of setuid executable that's doing all the root stuff for you? At least in theory for something like steam, you'd want either all installs to require root, or restrict all installs to per-user basis.

>In any case, something being programmed poorly isn't a good excuse to make things even worse.

The point is that if multi-user security is broke in practice, you shouldn't invest effort into using it, and use something better like virtualization and/or dual booting with full disk encryption.

[ndriscoll]

By default steam puts everything in ~/.local/share so I don't see why it would need root.

These drivers generally try to prevent you from using virtualization for the same reason they want root. The point is that fundamentally they want to live one level above wherever the user is, which means they compromise user ability to secure against them. The game industry isn't exactly known for slow, careful development, so they're kind of the worst group to give root.

Even without a VM, multi-user security does work, and Linux has other tools to isolate programs. Steam already runs in a sandbox[0] on NixOS to give it a normal FHS layout and work at all, so it wouldn't be unreasonable to add more isolation.

[0] apparently using https://github.com/containers/bubblewrap which can also do things like PID and network isolation.

[Hikikomori]

If we only have user space anticheat we might as well have no anticheat at all. Its not like anticheat uses kernel because its fun, cheats moved there to be undetected before anticheat had to.