Kernel anti-cheat systems are currently the bane of Linux/Steam Deck gaming, haven’t actually proven to be effective at stopping cheaters (see Valorant for an example), and lead to various security concerns from giving 3rd parties full access to your machine to being used to install ransomware and malware.
Windows tried to restrict kernel access years ago, but backed down under pressure from various companies. However Crowdstrike’s outages have shown the sever consequences of leaving kernel access open, and we might finally see kernel access to be cut off.
I mean Valorant has a lot of cheaters, it doesn’t really seem like kernel anti-cheat has been more effective than other forms of anti-cheat. There’s also an increasing number of hardware peripherals that offer cheating assistance, and these can’t be detected by kernel anti-cheat because the cheating happens on separate hardware.
My point is that kernel anti-cheat has major privacy and security tradeoffs, which is a steep cost to pay. A steep cost is only worth it if it has a significant benefit to the users, and in practice it doesn’t.
Have you considered that the reason cheaters have to go hardware level is because kernel level anti-cheats are effective at what they’re supposed to do?
I’ll also ask this question, what do you are the alternative solutions to client side anticheats?
I’m not against client side anti-cheats in general, but kernel level ones are too big of a security risk in my opinion.
The US government is banning apps like tiktok and considering banning DJI drones due to the amount of data they collect and send back to China. Several of the most popular games using kernel anti-cheat are all Chinese owned companies, and the whole point of kernel anti-cheat is that it has full access to your computer (making it hard to hide cheating). I have a strong suspicion that even if Microsoft doesn’t restrict kernel access, we may see government bans on some of these games.
I get the privacy issue but there’s effectively no non-kernel anticheats on the market. I think VAC doesn’t run in kernel level and CS is known to have a huge cheating issue, so much that competitive CS has spun off into third party provider who among other things uses a kernel level anticheat. You can’t be for client side anticheat and be against kernel anticheat. Non-kernel anticheat simply doesn’t do its job.
I can’t imagine how Microsoft locks down Kernel so that it’s also locked down for cheat developers (because they don’t really care about regulations). If it’s locked for anticheat developers but not for cheat developers then it’s going to end up being a bad time for us.