Modern kernel anti-cheat systems are, without exaggeration, among the most sophisticated pieces of software running on consumer Windows machines. They operate at the highest privilege level available to software, they intercept kernel callbacks that were designed for legitimate security products, they scan memory structures that most programmers never touch in their entire careers, and they do all of this transparently while a game is running. If you have ever wondered how BattlEye actually catches a cheat, or why Vanguard insists on loading before Windows boots, or what it means for a PCIe DMA device to bypass every single one of these protections, this post is for you.
I still dont trust any anticheat that runs on the Windows NT kernel.
We need more better or open source anticheats that dont run in the kernel.
Or open source maybe can run in kernel idk.“Cheat developers began using PCIe DMA devices to read game memory directly through hardware without ever touching the OS at all. The response to that is still being developed.”
What the fuck so they’ve put a device in-between the ram and system?
DMA devices aren’t in between the RAM and CPU, but they can talk to both of them (somewhat) independently. It’s more like a shared bus.
BattlEye, EAC, and Vanguard are not documented to abuse this access for surveillance
According to whom? How can it be actually verified that they’re not currently exfiltrating data?
they pinky promised that they aren’t
Can games be designed to have server side/server authority anti cheat? Or is the user’s computer always going to have the ability to cheat in a game.
Server side protection for example only sends info where someone else is when you could actually see them. However this also means legit players see people suddenly appearing.
The answer always seems to be no for both performance and development reasons :(
