62
Will kernel-level anti-cheat ever work on linux?
(lemmy.zip)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 08 Jun 2025
62 points (95.6% liked)
Linux
54950 readers
507 users here now
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
founded 6 years ago
MODERATORS
You can add your own signing keys to the UEFI and boot an modified bootloader and Kernel that you have signed yourself. So yes, it is possible to "lie"
For such a locked down system, akin to game consoles or smartphones, would be needed. And even those get jail broken and manipulated, so "total security" on there is not complete but easier to check and ensure. Another way to make sure that the code is not manipulated would be to put all those games into the cloud and have every player only play via streaming. All the code would then run on secured, locked down and verified machines.
Another technique that helps is to limit the amount of information shared with clients to need to know info. This can be computationally intensive server-side and hard to get right .. but it can help in many cases. There are evolving techniques to do this.
In FPS games, there can also be streaming input validation. eg. Accurate fire requires the right sequence of events and/or is used for cheat detection. At the point where cheats have to emulate human behaviour, with human-like reaction times, the value of cheating drops.
That's the advanced stuff. Many games don't even check whether people are running around out of bounds, flying through the air etc. Known bugs and map exploits don't get fixed for years.
And then your keys will be rejected by the anticheat. Just because you can sign your kernel and load it does not mean a kernel module can't verify who signed it.
Yes, but with a modified Kernel you can fake what the anticheat reads when it checks the key, so you just feed it the key it wants to see instead of your own. The anticheat module would need run on a higher level then the Kernel itself to prevent that, for example alongside the CPU (like the Intel Management Engine).
I am not an expert on secure boot so I can't tell whether that's possible or not. But if it is, what stops people from doing that with Windows now?
You can't really change the code of the windows Kernel and boot your own, that's one of the things stopping people now