this post was submitted on 14 Nov 2025
632 points (99.2% liked)
Linux
10136 readers
1737 users here now
A community for everything relating to the GNU/Linux operating system (except the memes!)
Also, check out:
Original icon base courtesy of lewing@isc.tamu.edu and The GIMP
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
You can keep your kernel-level shit off my CPU.
Spend money on servers. Verify your players. I don't care how you do it, but you don't get kernel-level access to my machine because some asshole script kiddies are aimbotting. You can never trust the client. This is basic shit that game devs will make up a whole host of bullshit to try to justify. (FWIW: I spent a solid decade as a professional game dev and I was as disappointed in this horseshit then as I am now. At least players are starting to figure it out now, too.)
Kernel level anticheat still can't detect all possible cheats, like Neuromuscular Aim Assist.
I love how the other players say they don’t consider it cheating.
That was hilarious watching his reactions to getting shocked XD
People say "kernel level" anticheat as if that would be necessary for some reason, but I don't really see it catching on in the linux world. Steam doesn't even have root normally. Even if it did, not everyone runs exactly the same linux kernel and the only practical way to distribute a module that's going to work for most people is through dkms, which means you build it from source, which means proprietary super-obfuscated shit is not going have its intended effect (assuming it ever does.)
There's nothing stopping them from doing all the same bullshit in userspace instead.
Microsoft even sees it as a big mistake. They're creating APIs that won't require anti-cheat to be in the kernel like that. There shouldn't be any reason it needs to be in the Linux kernel.
That said, "don't trust the client" is a nice thing to say, but it's basically impossible to make games work like that. There are certain protocol design considerations that are needed for fps games to work in multiplayer with somewhat laggy connections, and they're not completely compatible with "don't trust the client". If we all had the fiber optic connections and IPv6 that we were promised in the 90s, things would be different. The wack-a-mole game against cheaters is the best that can be done otherwise.
What on earth would ipv6 have to do with it?
It can be routed more efficiently and has generally lower latency. Though how much it matters in practice is debatable, and real world data has fluctuated.
One thing it definitely enables is easier setup of home servers for games without NAT nonsense.
"Never trust the client" renders entire genres of games inaccessible for a big corporation. But those genres have billions of dollars of potential profit in them. So they will go as far as they can to make the client almost trustable. The average player of a first-person shooter doesn't really think about the implications of kernel-level anticheat at all so it's not a hard choice for them. 95% of them are on windows after all and that already gives kenel access to their PC to some entity they really have no good reason to trust.
No it doesn't. It makes certain engine implementations inaccessible. You can make a game in any genre that doesn't require trusting the client.
Ultimately you either have basically google stadia (with all its technical problems) or you are trusting the client to render the game.
Even if the client only has exactly the absolute minimum amount of information needed to draw all the things that are visible, that still allows a cheat to see the player coordinates and the coordinates of visible entities, which usually makes eg. an aimbot trivial to make.
Rendering is not what you are doing server side.
Servers would just be checking to make sure a player can actually do something and if they can't don't let the client do it. Then any changes made client side would only affect the player making the changes.
It boggles my mind Riot would rather use a hacky method like kernel level anti-cheat instead of just having the servers mirror the game logic and confirm everything. Its all about saving money at our expense.
No shit sherlock. Rendering requires information about the game, and that information is enough to allow cheating. Aimbots don't need to perform "invalid actions" in order to wreck a game. They just need to be faster and more accurate than most human players. Trying to heuristically detect aimbots is also commonly used alongside other anticheat methods, it just doesn't work (unless you have people manually reviewing individual reported cheaters, but companies try to avoid that because it's expensive and risks false positives).
Right. Nice to find someone here who actually understands some of the problems that make kernel level anticheat important. In modern FPS, server authoiritative everything is just not feasible. No gamer is going to accept the latency that would cause. Or when you look and suddenly you momentarily desynced and now your camera jerks back because the sever decided you tried to look around too quickly? People are so willfully ignorant about this topic.
maybe we could get away from needing it as badly if valve would provide a strong attestation that the kernel running is unmodified with a secure tpm solution, but they haven't, so here we are.