[mdean]

I think this post is addressing some of the weaker security arguments against putting anti-cheat software in the kernel. The issue isn't that such software provides no value (obviously it does if developers continue writing anti-cheat kernel drivers despite the backlash). The issue is that software running in the kernel can unintentionally enable vulnerabilities that would be impossible if the software was running in usermode. It doesn't require compromising any supply chains.

[jsheard]

> The issue is that software running in the kernel can unintentionally enable vulnerabilities

You're not wrong, but there is some strong irony there regarding Vanguard. When it first launched its driver would block certain other drivers from loading, because those other drivers had known vulnerabilities that cheats (or anything else) could use to escalate from usermode to kernelmode without touching any of the standard entrypoints that are monitored by anticheats.

Would you be surprised to learn that the main response was for gamers to get angry at Vanguard for breaking their RGB keyboard driver, rather than get angry at the manufacturer of their RGB keyboard for shipping a buggy driver with critical security vulnerabilities? And Microsoft ended up adding a very similar driver blacklist to Windows itself later, because it's a good idea.

[valval]

Who would you say should have more control over your computer: 1. The operating system provider 2. A video game company

[mjard]

3. Me, and only me.

[tapoxi]

This is the main issue I have with these. Microsoft should be providing this at the platform level, give developers "Xbox Anti-Cheat" and ship it with Windows.

[Hikikomori]

How much of Xbox anti cheat is "can only run signed code"? Might not be compatible with regular PC use but maybe if we had a gaming mode we could boot into.

[tapoxi]

Not talking about Xbox the console, but Microsoft has been treating Xbox as a general gaming brand (Xbox Game Pass for PC).

Basically just an anti-cheat service that ships with Windows.

[gruez]

No good deed goes unpunished. In the current regulatory environment, that seems like a good way to attract attention from regulators for anti-trust violations.