[hsbauauvhabzb]

If a surgeon does not have the expertise to perform a surgery, they probably shouldn’t cut into you.

If the company lacks the competency to write secure driers, they should outsource the work or have it validated externally.

These things could be solved by spending money. Stop excusing dangerous actions performed in the name of greed.

[charcircuit]

Exactly, which is why Microsoft should be writing the one writing the kernel code needed for ensuring integrity of games. Microsoft needs to develop ways to allow games to run in an isolated VM that is hardware protected from the main operating system and ensures strong hardware security so cheaters can not simply attach malicious devices to the PCI bus to DMA sensitive data.

[15155]

> attach malicious devices to the PCI bus to DMA sensitive data

How do you do this in modern system with TPMs and IOMMU enabled?

[charcircuit]

Sadly not all Windows machines are able to use kernel DMA protection, so for those machines nothing will stop you.

[15155]

The obvious next step is to disallow those elderly machines once a critical mass of users have modern-enough equipment. We're almost there.

[direwolf20]

You pretend to be a device with a driver not compatible with IOMMU

[15155]

This is a good move, but why isn't the anti-cheat software just refusing to operate on systems with these devices attached?

[direwolf20]

Because banning players from playing your game leads to refunds and bad publicity

[uhuhuhuhuhuh]

Flash custom firmware emulating some benign "donor card".

[direwolf20]

As an indie game developer, how do I get my game into this system and how do I debug it?

[charcircuit]

For this theoretical feature Windows would do it automatically for apps that would opt in.

For debugging you would either not have this feature or enabled, or you would build a custom build that included a debugger in the secure environment. If you needed to connect to production servers you could whitelist your account to be ignored by the anticheat since your server would know you are not playing with an official build.

[direwolf20]

If it's a simple flag in the executable file header, what stops a cheat program setting the same flag and getting into the sandbox?

Or a cheat program combining itself with the game executable, and setting the flag so other processes can't interrogate whether it contains a cheat.

[Orphis]

You don't "get into the sandbox", if a cheat program opted in, they would be launched into a separate instance that's distinct from the game.

And you would sign your files, which get verified by the integrity platform and allow you to authenticate with the servers securely.

[direwolf20]

Sounds very similar to total platform lockdown

[supersing]

It is not realistic to expect every game developer to invest a lot of money into security. It's like asking every apartment building to run its own fire department.

The responsibility of securing a platform should not fall on application developers anyway.

[ronsor]

The problem is that general purpose computing platforms are not supposed to be secured against the user. That's a WONTFIX.

[direwolf20]

User ownership of their devices has been fixed on every platform except PCs.

[hsbauauvhabzb]

And most other device types have a specific purpose, with the exception of mobile phones which were built from the ground up with device control in mind, mobile devices only really support one operating system barring edge case exceptions.

[direwolf20]

Because only one was written, but there's more than one because there's LineageOS — if you can bypass Secure Boot.

[hsbauauvhabzb]

That an edge case. Linage works on a subset of devices. Find me an amd64 computer that doesn’t support Linux.

I think you’d agree that it would be far easier to technically and socially lock mobile devices to signed deployments only, with jailbreaks becoming rarer and more valuable over time, than to do the same with desktop and laptop computers, due to their requirement to support many different functional requirements (PcIe, thunderbolt peripherals, distributed compute, etc).

I’m not saying I like this, but I think phones will become a single viable OS and locked down ecosystem in the next 5 years. Desktops will follow, but not at the same rate.

[pjmlp]

Yes it is, and liability across the industry is already late.

By the way, in some countries apartment buildings need several licenses, including one from fire department, before been allowed to have people living on them.

[hsbauauvhabzb]

It’s not the nurses job to perform surgery either, that’s why they don’t.

[RobotToaster]

Microsoft could easily secure windows by blocking all rootkits/"kernel anti cheat". At this point that's probably the best option.

Games should never have kernel level access.

[hsbauauvhabzb]

Games are a multi billion dollar industry that Microsoft has a stake in. A better option would be a ‘games mode’ and a ‘secure mode’.