Valorant - Riot Games’ Counterstrike Overwatch

Seems reasonable. /shrug

Basically a choice between “Trust us, we would never betray you or your operating system, we just need access to everything so most people cant cheat in our game and we are selling you this” vs. 40+ years of software vulnerabilities being exploited to the detriment of users.

Again: This isn’t software that protects your computer while you do online banking, or secures your most precious memories in digital format, but software that attempts to prevent some players from getting an unfair advantage in a leisure product, while interacting on centralized servers where every single client action could have been analyzed for pattern/anomally detection combined with user reporting and reactions.

Whatever you feel comfortable with.

AFAIK Riot is an American company subject to American law and also run one of the largest games on the planet. I would not assume for one moment they’d want anything to do with the kind of shit storm that would happen if they actually were found to be doing anything shady with it.

And I certainly don’t buy the Chinese Sock Puppet paranoia.

Yes… It’s not like a large American company has ever violated privacy, broken laws, or done shady shit with data.

If I applied that logic to every day life I don’t think there’s many places on Earth I could choose to live. I mean there’s tornados, earthquakes, hurricanes, wildfires. All kinds of things could go wrong.

In this case, like anything you allow internet access to, there’s always the chance something bad could happen. But I prefer at least trying to be reasonable about it than to Chicken Little the living shit out of it.

But if people want to pretend a game developer is some mustache twirling Bond villain that’s cool.

At the end of the day it’s just a silly game and entertainment and everyone will make their own choice. I don’t really have a horse in that race, but I do find it fascinating to see the conclusions people leap to.

Edit - Just to add, this is basically what many CS players wish Valve had done a decade or more ago. Valve chose not to host high performance servers and to limit their anticheat due to outcry about privacy issues. So what happened? You ended up with 3rd party services like ESEA and Faceit which both feature both of those things at a price. You recall the ESEA bitcoin mining thing?

It seems to me that Riot is trying to keep this under their control instead of shrugging and letting others fill that demand. But again, it’s just a game and if you choose not to play it’s your call if you want to or not.

Nah. If Riot messes up, I’m pretty sure it’s going to be incompetence or everyone below the lead just doing what’s ordered rather than stopping to think about what’s going on rather than straight-up evil. That’s how it happens at most companies.

I agree with you on that actually. That is entirely more likely and worrisome to me than anything else. Hopefully the steps they are taking will reduce the chances of any deeply weird issues being they’re offering rewards for finding flaws.

But I don’t do much of anything sensitive on my gaming pc and as an old school CS nut I really appreciate what they are trying to do. So until or unless I believe there’s something concrete to worry about, I’ll play.

So you are willing to have everyone elses computer potentially spied upon 24/7 just so you wont run into so many cheaters in games?

Thanks, I guess.

Course: One can opt out of playing (i.e. give up leisure activity/hobby), or work on defeating said spyware.

I was also a CS player a long time ago (0.2-1.1/1.6) and back then we policed against the most obvious cheaters by banning them by having server admins regularly playing the game (or users reporting). And sometimes it was kinda fun to see for example speedhackers join the server and race around superfast killing everyone, before they were banned.

Should become interesting in the future if every game (single and multiplayer, singleplayer to protect the "revenue stream from selling “unlocks” (or cheat codes as they were in the old days), and multiplayer to protect people from having a “bad experience” (until a false positive bans them and they only get scorn from the community, because anticheats are never wrong…) ) comes with its kernel level driver to “inspect and report”, course, believe MS have their own anti-cheat project that will probably mean the shit will be built into the OS at some point.

Quantify any actual spying you are referring to, or it’s just tinfoil hat territory.

I’m not telling you what to do, but however you feel about it does not mean the nasty driver touched you in private places.

Edit - Or just play CSGO. It had 1.3 million ccu and is still kicking just fine.

The same tinfoil hat territory that was attributed to everyone worried about the NSA programe revealed by Snowden? The tinfoil hat territory that had raised questions about Office 365 which later turned out to be true (https://alberthoitingh.com/2018/11/26/dutch-government-on-gdpr-compliance-office-365/), etc.

The same tinfoil hat territory related to security that people had when Capcom did the same thing for “anti cheat” with a driver which was then exploited
https://github.com/FuzzySecurity/Capcom-Rootkit) -
https://www.theregister.co.uk/2016/09/23/capcom_street_fighter_v/.

I am sure that previous valid concerns regarding this kind of malpractice was called tinfoil by your ilk before it was then proven to be true, or the “potential” risk became a working exploit that compromised the users.

There should be absolutely NO reason for a game to install a ring 0 driver, giving itself full access to your computer and making your system more vulnerable (Adding a larger attack surface) just so it can prevent a few people from cheating. The goal of this malware is also primarily to prevent people from cheating, the goal is not to protect the players from threats, which will also dictate where the resource usage and skillset for development will be focused.

If a cheat was released, leading to thousands of aimbots in every game, came out tomorrow, and Riot scrambled to update their rootkit because of all the crying about on the internets from players who lost matches; do you think they would focus on making sure it didn’t introduce any new flaws that could be abused by other malicious third parties, or only to make sure nobody could get a few extra kills per round?

So called “Anti-cheat” on the client attempts to achieve its goal by for example:

  • Monitoring system memory (i.e. spying)
  • Monitoring running applications (i.e. spying)
  • Attempting to isolate the game executable from being modified/hooked by other applications (Does not require a kernel level driver)
  • Blocking attempts to start the game if it finds running processes that it doesn’t “agree with”. (Based on spying)
  • Reporting said (and erroneous) block attempts back to known/unknown parties for processing (Spying)

Since the the software is closed source and communicates with Riot over encrypted traffic there is no way of knowing what it sends back or which other features it will get through updates.

And since we are in tinfoil territory, I am sure that any system level driver such as this anti cheat will not cause system instability either, right?

Maybe you wanted to install a security update from Microsoft, but since you are running another piece (or several, that may conflict with each other) of spyware/rootkits MS disables the update flag (because your system is incompatible). So now you have a choice between patching your computer against 0 day exploits, or uninstalling (if possible, and working) the spyware/rootkit just so you can patch security or other flaws in your operating system - which also means you can not play the game anymore - until Riot fixes their driver… Or you can choose to continue playing and risk getting aANOTHER rootkit on your computer with even more malicious intent. Or maybe you just get stuck in an endless greenscreen of death reboot cycle.

And when you know many players will gladly offer an arm or a leg to play a game (like you advocate) we can be sure that they will NOT update, NOT get patched for a potential 0-day and you will look at thousands of computers being hijacked into yet another botnet.

Questions in the end:

  • Would you agree to give every company you interact with full access to your computer and its connected devices?
  • How about web sites or forums, can we be sure you are not a bot without seeing you typing in real time?

I didn’t ask about other security issues from other companies, and I said in prior post that them potentially screwing something up is a potential (please understand that word) issue.

I asked you to show how this specific driver is “spying on you”. You imply that it is by default a tool for China to spy on you. Obvious nonsense when you have nothing more than “it could happen”. You are turning possibilities, however remote, into hyperbolic absolutes.

And yes, personally any device I connect to the internet is automatically a security risk and no sane person can possibly plug everything. Period.

Uh, when did I advocate spending a dime for a ftp game? Oh, I didn’t. Don’t put your crazy words in my mouth please.

I’m afraid I can’t continue to respond to you because I have go spray my pc with lysol and then incinerate it so that China does not know I post here.

Just for funzies, here’s an article about a reverse engineering opinion on this:

Here’s one on the same site about some actually invasive seeming behaviour from Battle-Eye in Escape from Tarkov depending on installed applications. https://secret.club/2020/03/31/battleye-developer-tracking.html

When I asked the author about people tossing around Rootkit left and right he replied:

People calling this a rootkit have absolutely no idea what that term means. Vanguard is not actively trying to hide itself, it doesn’t need to.

Watch out for China though, wash your hands #papabless.

Some Vanguard changes incoming: https://www.reddit.com/r/VALORANT/comments/g9aoap/upcoming_vanguard_changes/

Launched today, open to the masses.

I’ve been giving it a shot. I like it!

This game has made me realize very quickly how my twitch shooter days are long over.

They must be, as it is correct form to blame lag or cheaters for any loss in a fps.

It’s not an arena fps. You don’t usually need to be incredibly fast if you learn the angles.

Not to say that you are required to like it, but it really doesn’t require anything crazy aim wise.

It still takes some precision, but so far it feels like it is something learnable. I really really like the ‘stop and shoot’ model. None of this silly bunny-hopping gameplay.

Hopping around like a maniac is really easy in this, but you won’t be shooting people while doing it unless you’re right up in their face.

90% is just learning the angles, crosshair placement and using your ears and the minimap.

It’s off to a very good start honestly.