Will wine ever be able to run anticheat?
-
I simply do not believe that it costs that much to cheat with kernel level anticheat.
kernel level anticheat is pointless malware in my book, let it burn
It requires either a Direct Memory Access card and supporting software or a video capture card and enough processing power to run fast image classification for AI aim bots.
Anything running directly on the PC can be detected by the kernel anti-cheat.
You can look online for the hardware and prices
-
I'm not finding any information online other than that it's difficult
Yes, we are waiting for the CrowdStrike aha moment where the industry learns the hard way that anticheat with root privileges was a dangerous idea not worth the risks.
-
That would ba a massive win in my book, kernel level anticheat is malware
You cannot realistically make it impossible to detect that you're running on wine. Wine just implements the Windows ABIs. The actual code running is totally different. Even just reading any of the binary code of literally any function would reveal it's different from the Windows code. How are you going to stop it from doing memory reads on stuff that it needs to be able to read? You can't. You'd need a full hardware emulator for that.
-
It requires either a Direct Memory Access card and supporting software or a video capture card and enough processing power to run fast image classification for AI aim bots.
Anything running directly on the PC can be detected by the kernel anti-cheat.
You can look online for the hardware and prices
What about a VM?
-
Can't you just use a virtual machine?
That would let you hide things from the kernel anti-cheat but the AC can detect that it is running in a VM and just won't let you play.
-
What about a VM?
Anti-cheat just detects that it's running on virtual hardware (VMs don't try to lie to the kernel) and will refuse to allow you to connect.
You won't get banned but it'll either stop you when you try to launch the client or it'll kick you when you try to connect to a game instance.
-
That would let you hide things from the kernel anti-cheat but the AC can detect that it is running in a VM and just won't let you play.
Is there really no such thing as a virtual machine that can't pretend to be real hardware?
-
Anti-cheat just detects that it's running on virtual hardware (VMs don't try to lie to the kernel) and will refuse to allow you to connect.
You won't get banned but it'll either stop you when you try to launch the client or it'll kick you when you try to connect to a game instance.
That would let you hide things from the kernel anti-cheat but the AC can detect that it is running in a VM and just won't let you play.
-
I'm not finding any information online other than that it's difficult
IIRC Most major anti-cheat platforms support linux these days. The SteamDeck forced their hand.
The problem is the developers. They have the ability to specifically block Linux and that's only going to change once enough people use it.
-
Is there really no such thing as a virtual machine that can't pretend to be real hardware?
The short answer is no.
There's a lot of study on this topic from the cybersecurity perspective. If you could create an undetectable virtualization layer then it would be used for real-world cyberattacks to steal money and the existence would be quickly noticed by security researchers (and future hardware would include changes to mitigate the vulnerability). It wouldn't be used for creating aimbots for video games.
If you want to read into the technical details, this stackoverflow thread has a lot of links to various papers and articles on the topic: https://stackoverflow.com/questions/39533/how-to-identify-that-youre-running-under-a-vm
-
It not being worth using is good, I want this malware practice to die.
i'm sure there are already workarounds on windows, it's not like cheating has been eliminated there
It not being worth using is good, I want this malware practice to die.
Which is a noble goal in my view, I completely agree. But you will not be able to use anything like wine to achieve this...anti-cheat software is specifically designed to prevent all the things that wine does (For the reason that there is no technical difference between a "cheat program" and what wine does)
i’m sure there are already workarounds on windows, it’s not like cheating has been eliminated there
Actually I read about an interesting way a few months ago...on games that enabled linux support in their anti-cheat systems windows "cheats" started spoofing the OS signature to make the anti-cheat system think it runs on wine and turning of the kernel-level anticheat...
But as I said, the effectiveness of anit-cheat is a different discussion independent of the question if wine will support them. Even if anti-cheat systems are ineffective it doesn't change that they are mainly aimed at stopping exactly the kind of "trickery" wine does. Wine would have to play the same cat and mouse game with anti-cheat as cheats do...if it finds a away to work around them the anti-cheat systems need to find a way to prevent that workaround.
-
I'm not finding any information online other than that it's difficult
-
I'm not finding any information online other than that it's difficult
https://areweanticheatyet.com/no-js
Proton anti-cheat works with punk buster and what ever garbage gta5 is using now.
-
I'm not finding any information online other than that it's difficult
I hope not. I hope it never does. Windows users are weird enough not giving a shit about installing rootkits on their computer. We don't want this in Linux. What computer is worth compromising just for some game to determine whether or not you're cheating at it?
-
I hope not. I hope it never does. Windows users are weird enough not giving a shit about installing rootkits on their computer. We don't want this in Linux. What computer is worth compromising just for some game to determine whether or not you're cheating at it?
I don't want it to properly function, I want it to run in userspace.
-
I'm not finding any information online other than that it's difficult
Most could, but most are also designed not to because adding a virtualization type of layer allows for ways to circumvent it. Anticheat needs to trust the environment it is running in so it can rely on the information. Wine is designed to replicate things it trusts in Windows, but not actually necessarily replicate the way the kernel actually does those things, so the things they are relying on might not mean the same thing as the do in Windows. So they'd need to analyze and possibly implement things a bit differently. This takes time and money and for companies like this, the customer isn't the user, so they have little reason to cater to users needs. Pro gaming and a few online game companies are their primary customers and they generally don't want to support Linux anyway.
-
I'm not finding any information online other than that it's difficult
Only anticheat that doesn't nest itself very deep into the windows kernel.
-
I'm not finding any information online other than that it's difficult
WINE Is Not an Emulator (that's what the acronym actually stands for).
At a program level, WINE creates a dummy Windows directory structure, slaps files where an exe expects them, and executes the program.
EXEs (well, all programs) will use system calls to request resources (ie. files, access to hardware like GPUs, data from other processes) which Windows maps to certain areas of memory and has its own protocols for how to handle requests. Linux has its own protocols and methods that are incompatible, hence why Windows and Linux apps can't run natively together.
Then the magic happens: WINE maps these requests to Linux requests so that the running program is none the wiser. It asks for GPU resources like a Windows app would, then gets those resources back just like a Windows app would expect. There are thousands of edge cases, hundreds of system calls, and a bunch else that complicates things but that's how WINE (and Proton) works.
The reason this fucks up Kernel-level anticheat is that it isn't trying to communicate via these established channels. They usually operate with full resources outside of the jurisdiction of your OS, and scan your memory bit-by-bit rather than asking the OS politely via system calls for info on other processes.
With WINE, whilst a typical application will not notice the differences they're designed to not throw a fit if your underlying OS is configured differently, a kernel anticheat will not even recognise the system as a valid OS even if it was able to run in the first place.
The solution here is systems like EasyAC that give up the benefits of being able to analyse processes at the kernel level in favour of portability. Another potential solution (though unlikely imo) is a cross-platform kernel anticheat protocol, that all major operating systems agree to implement, similar to how operating systems will implement the TCP/IP protocol to communicate across networks regardless of underlying OS.
-
https://areweanticheatyet.com/no-js
Proton anti-cheat works with punk buster and what ever garbage gta5 is using now.
GTAV? I thought there would be more fanfare considering how much coverage the removal of Linux support got
-
IIRC Most major anti-cheat platforms support linux these days. The SteamDeck forced their hand.
The problem is the developers. They have the ability to specifically block Linux and that's only going to change once enough people use it.
There's also the challenge of getting developers to retroactively fix AC support for games that are still popular but not otherwise maintained. Though this is usually an issue with kernel level stuff that can't easily be fixed on Proton's end on a case by case basis.
