573
submitted 6 months ago by vladmech@lemmy.world to c/helldivers2@lemmy.ca
you are viewing a single comment's thread
view the rest of the comments
[-] tiberius@lemmy.ca 41 points 6 months ago* (last edited 6 months ago)

Great job PC Helldivers. Can the community do something about the Kernel-level rootkit?

[-] MajinBlayze@lemmy.world 42 points 6 months ago

It runs in userspace on Linux

[-] pivot_root@lemmy.world 10 points 6 months ago* (last edited 6 months ago)

Eee. But, big scary terminals and penguins! /s

[-] RustyShackleford@programming.dev 4 points 6 months ago* (last edited 6 months ago)

Noob question: has anyone confirmed that it's really running in userspace on linux or win gaming tech forums yet? Doesn't effective anti-cheat require root privileges?

This is a pretty important thing to validate, in my opinion.

[-] Sonotsugipaa@lemmy.dbzer0.com 11 points 6 months ago* (last edited 6 months ago)

Unless it actually behaves like malware and attempts multiple workarounds to obtain root privileges that I should know about, it does run in userspace for me.

Perhaps later today I'll spin up the game and check lsmod, but if I'm wrong that's a massive black flag that has absolutely no chance of being legal no matter how many eula roofies they spiked my drinks with.


Done, no weird kernel module was loaded: unless nProtect is pulling a sneaky, it's running in user mode.

[-] RustyShackleford@programming.dev 5 points 6 months ago* (last edited 6 months ago)

This is a subject I've been meaning to start researching and poking around with a bit. Due to work/time requirements, I haven't been able to run a profiler on anti-cheat services on either of my Windows or my Kubuntu boxes. Any information that you're willing to share is much appreciated. Thank you, in advance!

[-] Sonotsugipaa@lemmy.dbzer0.com 4 points 6 months ago

I'm not using a VM, I don't think it would work with Windows + the kernel level anticheat; I also haven't tried poking around with the AC, I guess it does prevent simple memory manipulation with things like scanmem but I'm not willing to risk 40€ just for science.

I'll try doing the lsmod thing and edit the comment you replied to, in a bit

[-] brbposting@sh.itjust.works 5 points 6 months ago

Thank you for your service

Without people like you we’d all be relying on hearsay… I mean like even moreso than relying on a stranger’s comment :)

[-] AProfessional@lemmy.world 8 points 6 months ago* (last edited 6 months ago)

It is impossible to run in kernel without being explicitly given that permission.

Client anitcheat is never perfect, it is slightly better in kernel but that just caused more issues for legitimate customers.

None of this even makes sense as HD2 isn’t a PvP game.

[-] RustyShackleford@programming.dev 3 points 6 months ago* (last edited 6 months ago)

I suppose that a legitimate argument for anti-cheat could be griefing, but then the host could just boot the player based on a basic voting system. In general I was curious to see "what's under the hood" of a kernel-level and a userspace-level anti-cheat service and what are the implicit security risks for an average user.

[-] AProfessional@lemmy.world 4 points 6 months ago* (last edited 6 months ago)

In general I was curious to see “what’s under the hood” of a kernel-level service and a userspace-level anti-cheat and what are the implicit security risks for an average user.

This answer isn't very satisfying, but the risk is complete and total. A kernel module can do anything and can hide what its doing.

A userspace anti-cheat has a wider range of risk. For example on Linux you can sandbox it so its quite safe in that case.

On Windows the most common issues user report are things like kernel crashes, corruption, etc. Things that should never happen in kernel space and potentially break an installation. These are honestly amateur projects that don't belong there.

[-] Jakeroxs@sh.itjust.works 3 points 6 months ago

I think the most compelling for me was something like in MW2 back in the day hacked lobbies fucking up a your stats. Something similar in hd2 could ruin it for some.

[-] AceCephalon@pawb.social 2 points 6 months ago

In Helldivers 2's case, say a cheater forces everyone in that mission to max out samples/medals/super credits, it entirely kills the progression and takes away a reason to keep playing unless it's reverted safely, which then means that mission was pointless because someone else used cheats.

[-] Tlaloc_Temporal@lemmy.ca 4 points 6 months ago

The solution to that is to rework how rewards are calculated, maybe do some sanity checks with the server, not seize super admin control of personal hardware.

[-] MajinBlayze@lemmy.world 5 points 6 months ago

For me, since I use the flatpak version of steam, at no point have I ever provided the admin password in order to install steam or any game. It, like all of my desktop software, runs in it's own little sandbox that has limited access to the rest of the computer. It would take a somewhat sophisticated attack for an anticheat to actually run in kernalspace on the host os.

But that's also why companies like riot have their anticheat block Linux from running the game at all.

If Linux becomes a populate enough platform, I'm sure cheaters will start using it to get around anticheat and something else will have to be done. Until then, I'm happy knowing this is a problem that I can mostly avoid.

load more comments (11 replies)
this post was submitted on 06 May 2024
573 points (96.6% liked)

Helldivers 2

1846 readers
40 users here now

Welcome to the Helldivers 2 Community on the Fediverse.

Links

Galactic War Status

Rules

founded 8 months ago
MODERATORS