Linux

Short answer: no

Long answer: only the most important things should even have such low-level access to the system. A fucking game is not in that category. Nooooooo

Every IT-literate person fights kernel-lvl malware disguising as games with everything they got.

Since Linux has a high percentage of those, I hope those "solutions" will never spread

It's relatively trivial, you just need to write a kernel module. You'd just need/want to make it gpl so everything it does is fully audited and transparent. That's not a problem, is it? Right?

From a technical standpoint, you could argue that someone could create a fork of the kernel that spoofs the interface that the anticheat uses to make it ignore things. You can, of course, also do something similar in Windows, but security theatre never let practicality get in the way.

I can't wait until I am able to give random programs kernel access on my system! That doesn't sound problematic in the least! After all, I have the fullest confidence that for companies developing anticheat, my security is their highest concern! /s

I surely hope they never will, no user program should ever be allowed to run at kernel level, that's what malware does.

I personally avoid those kind of games, but those who won't can dual-boot.

From technical point of view it is possible. eBPF already has almost everything needed for doing that. And I think it can be done with a simple LKM but if they want it included in the main tree I'm sure they'll get some colorful email from Linus.

kernel level anti cheat is malware

abandon ranked, return to private lobbies

It's the other way around. Windows will stop supporting kernel level anti-cheat because of Crowdstrike

I sure hope not. Play on someone else's pc if you want them to have control.

AFAIK Microsoft have plans to block kernel level anti-cheat on Windows. After the CrowdSec issues last year, they're rethinking which types of programs should even be allowed to run in kernel space.

Edit: I was wrong. They actually want to increase what can be done in user mode, to reduce reliance on kernel mode code.

Sure hope not. If I wanted to run rookits I'd just use Windows. Why bother with Linux?

This is why I don't want more Linux adoption and don't understand people cheering every new user. We're in a sweet spot where a lot of games enable userland anticheat while we don't get kernel level ports (however they may be shipped doesn't matter). The only thing that'll come out of more adoption is kernel level anticheat ports that'll probably work with a few corporate backed distros only and we'll actually lose the games we have today. Because those will switch over the kernel level alternatives too.

The only way I'd like Linux to be a generic multiplayer platform is server side anticheats. It is very obviously the way to go and we are seeing extremely slow adoption (e.g. Marvel Rivals).

Doesn't Splitgate 2 have kernel level anti cheat that works on Linux? Maybe it is "trapped" inside wine/proton but they explicitly made it work and people are thanking them on steam discussions.

I think its less a question of the technical feasibility, and more of an issue that we, as users, don't want more closed-source blobs in our kernels. Meanwhile, the publishers insist that they can't open-source their anti-cheat code; Their idea being that if we know what's in it, it will be easier to bypass.

Basically, one distro or a few(at most) may get anti-cheat integrated one day(like, say, SteamOS), but it will likely never be in your standard Linux kernal.

They could go the rought of kernel modules, I would think, but for whatever reason, we're still having this conversation.

No Wine/Proton cannot translate calls that run too deep into the Kernel

Absolutely nothing prevents somebody from writing a kernel level anticheat on Linux.

Users would throw a fit, and it would be way easier to bypass, but it certainly could be made.

Meanwhile in indie land, I just tried to cheat my way through a Chapter 3 minigame in Deltarune, and Toby Fox himself showed up in his dogsona to blow up the game and make me start the minigame over.

This is the extent to which anti-cheat measures should go.

One way I can imagine it being some certified Linux kernel versions that are accepted and worked together with anticheat creators. That way Valve could use the Kernel in Steam Deck or SteamOS, so any game works out of the box. And other distribution users can just install this Kernel too, if their distributions provide it.

Anyone who don't want to have Kernel level anticheat systems enabled on their system, do not need to install the Kernel. Therefore they are secure against it. But for anyone else who wants it, they can. At least this option would be a compromise.

I'm not a programmer or cheater or anything, but I think the answer is yes and no. Yes it could technically be done and even work as intended as long as the device is locked down to prevent the user from replacing the shipped kernel (which would be a bad thing for users). However, savvy people could (in theory) make custom kernels that lie to the kernel module, causing the module to report there is no cheating when there is. It's my understanding that it's close to the current situation with Windows and virtual machines and anticheat: you can cheat by running your game in a VM and then have that virtual hardware extract secret information or flip bits in the right spots. Most competitive games will refuse to run in a VM for this reason.

No.

It is probably actually easier to create on linux as it is foss and there are also good projects like eBPF which can maybe even simplify and make it more secure.

It already works, but studios using anticheats that DO support Linux CURRENTLY don't bother implementing it because we're maaaaaybe 3% of the market on a good day, so they say "fuck it" and don't expend a few dev hours to enable it because they see it as a pain to deal with v users who need it.

I hope to fuck not.

What does it even mean? People can recompile the kernel to turn the crap off.