Comment

Tell me how any other app uploading your entire documents directory is okay then. “Into the kernel” is largely fear mongering. Other, less trustworthy apps can do plenty of damage, and you don’t seem to care about those.

If you really want to be secure, you can’t do gaming on the same machine as your security sensitive stuff. It’s not limited to these anti-cheats.

source

Sort:hotnew top

Goodeye8@piefed.social ⁨3⁩ ⁨days⁩ ago

"Into the kernel" is largely fear mongering.

Until it actually gets exploited.

And it's such a weird argument to make that just because some other app uploads your entire documents directory (which to be clear is also not okay) you shouldn't care about being forced into an potential attack vector that can take over your entire computer. Do you also leave your home server unsecured because Google is tracking you through your phone?

source
pupbiru@aussie.zone ⁨3⁩ ⁨days⁩ ago
code running in kernel space is hugely privileged… it can open up enormous security vulnerabilities because when you’re in the kernel you can bypass a LOT of security checks and restrictions… windows code is generally pretty well tested, so is unlikely to have particularly bad bugs like RCEs etc… but these kernel mode apps aren’t nearly as rigorously tested - things like this is what lead to the crowdstrike outage

things running in the kernel can also cause a lot more damage than user space apps, because the kernel doesn’t do a lot of the error checking and validation that stops things like kernel panics

source
- sugar_in_your_tea@sh.itjust.works ⁨3⁩ ⁨days⁩ ago
  And anti-cheat needs a lot of access (e.g. read app memory) and sees a lot of churn to evolve with cheat engines. More churn means less thorough testing, which means higher likelihood of an exploit.
  
  source
  - pupbiru@aussie.zone ⁨3⁩ ⁨days⁩ ago
    “needs” might be debatable… i’m just don’t think the trade-off is worth it (and thus don’t play games that require kernel-level access)
    
    source
    sugar_in_your_tea@sh.itjust.works ⁨3⁩ ⁨days⁩ ago
    It needs it to accomplish its goals. Whether its goals are worth accomplishing is a separate discussion entirely.
    
    source
- Serinus@lemmy.world ⁨3⁩ ⁨days⁩ ago
  If you really want to be secure, you can’t do gaming on the same machine as your security sensitive stuff. It’s not limited to these anti-cheats.
  
  source
  - pupbiru@aussie.zone ⁨3⁩ ⁨days⁩ ago
    that is wildly inaccurate. do you have a source?
    
    source
    Serinus@lemmy.world ⁨3⁩ ⁨days⁩ ago
    You’re running closed source software that has permissions to read your keyboard input to other applications (other than apps running as admin), they can access your files, and and they can communicate over the Internet.
    
    You’re inherently trusting these publishers if you’re gaming on Windows. Who is the publisher of Darkest Dungeon or Deep Rock Galactic or Lethal Company?
    
    source