And then a game gets updated so the hashes don’t match and uh oh, everything is fucked. Oh, but we can change the hashes of the files in the executable! Yeah, so can they. People modding shit into the executable is basically a given. Let alone the fact that you’d need to sit through a steam “validation of files” length of time every time you’d need to launch a game (because validation works exactly as you have described).
What is gained is that it has access to more information. Some cheats use an entirely different program / process that reads memory and outputs info that is available to the game but hidden from the player. Like a client needs to know where a person on the other team is to be able to draw their model. So you read that, you put a little box over where they are, and bang you have wallhacks.
kevindqc@lemmy.world 1 month ago
Because there are kernel-level cheats
What you proposed can very easily be bypassed without even needing kernel access by just editing the executable code that checks hashes to always return true
msage@programming.dev 1 month ago
Boo freaking hoo.
It’s not like there are so many other ways to cheat, actually used in many games with anticheats.
We should all stop pretending it’s necessary to put malware into your computer just so some company can claim they have no cheaters, which is never even true.
sp3tr4l@lemmy.zip 1 month ago
… Buuut you can still defeat Kernel level Anti Cheats.
m.youtube.com/watch?v=RwzIq04vd0M&t=2s&pp=2AECkAI…
Which means that you still have to end up relying on reviewing a player’s performance and actions as recorded by the game servers statistically via complex statistical algorithms or machine learning to detect impossibly abnormal activity.
… Which is what VAC has been doing, without kernel level, for over a decade.
All that is gained from pushing AC to the kernel level is you ruin the privacy and system stability of everyone using it.
You don’t actually stop cheating.
It is not possible to have a 100% full proof anti cheat system.
There will always be new, cleverer exploitation methods, just as there are with literally all other kinds of computer software, which all have new exploits that are detected and triaged basically every day.
But you do have a choice between using an anti cheat method that is insanely invasive and potentially dangerous to all your users, and one that is not.