Comment on Is it time to start a campaign against kernel-level anticheat?
CrazyLikeGollum@lemmy.world 3 weeks ago
I think it should also be noted that the games industry is not audited for security to the same degree as a lot of other industries. So vulnerabilities may not be found until years after launch and then go unpatched indefinitely because the company has already moved on to the next thing.
Hell, one of the older CoD games had an RCE vulnerability that as far as I’m aware is still not patched.
Plus, major publishers like EA are now pushing to create their own kernel-level anticheat in-house. Why should anyone trust them to create a secure piece of software that runs with the highest permissions possible when they can’t even be trusted to create stable, functional games?
simple@lemm.ee 3 weeks ago
Someone discovered Dark Souls games had a RCE but they never responded to the person that kept emailing them about it for months. The security guy then started invading streamers and crashing the game while doing fun stuff like showing text on the screen. Only then did Fromsoft take down the servers and patch things up - which took a few months.
Yes, game companies really don’t take security seriously.
reksas@sopuli.xyz 2 weeks ago
oh, so that was what it was about. they sure were really quiet about not caring about it in the first place.