I don't think that will be the case sadly, just because the majority of gamers don't actually know or care about software having root or kernel level access. In a world where Linux becomes mainstream, AAA games will aim for those users, not hobbyists and enthusiasts like us.
What is the downside of this if I trust the software provider (eg Riot Games or presumably Valve if this ever comes to Linux)? I have recently come around in support of Riot's anticheat because multiplayer competitive games are so damaged without it, even though I use Linux 95% of the time.
It's hard to trust. I have a spare Windows PC where I install whatever on it, and the EA Javelin anticheat has screwed things up before. Wouldn't be doing that on a computer I care about.
Could the kernel have something built in to help with this? Like it can tell a program that nothing else is looking at its memory. And then secure boot attests that the kernel isn't tampered with.
> And then secure boot attests that the kernel isn't tampered with.
That's pretty much a dystopian scenario where you're unable to interact with any network services without using devices with software that's controlled and/or trusted by the service provider. Basically a grave threat to Free Software as a whole, the end of free reimplementations of things you rely on to connect with the society. We already have a glimpse of that on mobile phones controlled by Google and Apple, we don't need more.
There are kinds of games that actually rely on anticheats to be viable, but they're in the tiny minority and I don't think they're worth reorganizing the society over. Most just consider it a solution for problems caused by their incompetently designed netcode.
Linux and Windows both already support secure boot. Anyone is free to make a locked down version of Linux, and they have (game consoles, Android). Desktop Linux has way less market share than Windows. So what would you like SteamOS or the Linux kernel to do? I'm not fond of this stuff, but at least if people are using a partially locked down video game focused Linux, it's better than them going to Windows.
My comment is about remote attestation, which is incredibly user-hostile technology; not secure boot. Secure boot enables remote attestation, but by itself is mostly harmless.
Yes, I mentioned that (have you read my comment??). These are already nightmarish environments and we don't need to copy that nightmare onto other platforms.
Attestation-gated anti-cheat is invasive, and the direction it points is grim.
But "covers for incompetently designed netcode" doesn't hold at all.
Netcode and cheat-resistance are mostly orthogonal. Netcode is latency-hiding — prediction, reconciliation, interpolation. Cheating is the client being an endpoint you don't control. You can have flawless netcode and still get wallhacked, because a wallhack touches the renderer, not the wire. You have to ship that data for the client to draw the level.
Server-side validation kills the cheats that surface as state: speedhacks, teleports, impossible positions; but it's blind to the ones that don't touch state at all. A wallhack reads memory the client holds. A vision aimbot runs on a second machine reading the screen- nothing crosses the network for the server to reject.[0]
That's why the kernel and attestation stuff exists. Not lazy devs papering over a bug: a class of cheat that server authority structurally can't reach, because the cheat never lies to the server.
I understand the dystopia argument, and it's a decent one. "Just write better netcode" isn't.
I'd humbly request that you spend time trying to actually grapple with the problem, there are some exceptionally well paid and talented programmers who are working on this non-stop in the large publishing houses (EA, Ubisoft, Tencent, Activision) who would do anything to avoid paying royalties to shitty software that breaks the performance and reliability of their games: yet for some reason year over year they can't seem to manage it.
Worth understanding why that is, instead of assuming incompetence or malice; perhaps its a harder problem than you think.
> Cheating is the client being an endpoint you don't control.
No, cheating is enabled by the client being trusted despite of inherently not being trustable. The solution is to design the architecture of the game server in a way that makes it not rely on untrusted inputs and doesn't distribute knowledge the player isn't supposed to possess, rather than try to force the clients to be trustable by eliminating general purpose computing from the society. It's not always possible, but IME these cases where it's not are exceptions rather than rule.
Instead, more and more games just reuse some general purpose netcode for $engine to synchronize state between clients and eventually attempt to paper over the issues with that approach using anticheats. I've recently played a multiplayer game where I (accidentally, while messing around for benign reasons) noticed that I could control the global state of the entire map just by sending commands to the server that referred to various objects and they were accepted and broadcast regardless of whether my character had actually possessed them. That's the kind of code that, once the game gets popular enough to attract enough cheaters to cause actual pain, gets an anticheat slapped onto it the most eagerly, as nobody's going to rearchitect their game's entire netcode from scratch if they can just not do that.
Remember Fall Guys? A relatively big budget game with absolutely no reason to trust the client over anything other than the player's own key presses, where you could teleport over the map to instantly win the match? Solved with, of course, EAC.
I know it's frustrating, I really don't care. They can play or do something else. GTA Online from those comments actually does look like a case of bad netcode btw, and it does have kernel anticheat already.
As a reminder, GTA Online is the kind of product that made news here because players had to reverse engineer it to fix basic performance issues: https://news.ycombinator.com/item?id=26296339
My thinking would be that because the anticheat is closed source, it makes it a trust exercise in the developer where you've allowed them root access to your machine.
I'd also think outside of the developer's motives, and into any potential vulnerabilities that could use the anticheat as a privilege escalation point or the anticheat itself being given a bad / malicious update.
An open source kernel doesn't prevent attestation mechanisms. Anticheats on Windows increasingly require Secure Boot, and all others drivers to be signed/whitelisted; they could try to put similar restrictions on supported distros.
Yeah, I imagine Linux support would be more like a supported Linux distro rather than generic Linux support. Something like SteamOS but with kernel anti-cheat and secure boot from the start.
Big question is whether they can make craching the anti-cheat it hard/unpredictable enough that the publishers will trust it. If the publishers release such a platform and someone releases a live distro that can crack it with 3 mouse clicks, that's a lot of wasted effort.
I have no idea how effective the Windows anti-cheat is, but I imagine that Linux tooling in general is going to make it harder to lock a user out of controlling their own machine.
I strongly disagree. There have only ever been a handful of data exploits attributable to kernel-level anti-cheats. On the other hand, developers report that they significantly reduce cheating. As someone who plays online games, this is a tradeoff I gladly make.
I often feel these comments are made by people whose preferred games are not ruined by cheaters. This is happening right now in Arc Raiders, and it's really sad to watch. The developer, Embark, is now investigating using KLAC to reduce the number of cheaters.
As someone who doesn't play online games this is not a trade off I gladly make. Fortunately, however, KLAC will never become part of the Linux kernel, because adding it to an open-source system simply doesn't make sense.
If it doesn't, Linux will always be a second-class platform for gaming. Valve is currently working on solutions beyond user-space, and I hope they succeed. I would like to move to Linux but I'm not willing to give up online games, and I hate playing with cheater.
As I've already said, I don't play online games, and I'm not particularly concerned about all the fuss surrounding anti-cheat measures, so I don't think that suddenly makes Linux a "second-class gaming platform." For the games I do play, it's a first-class platform.
Sure, but maybe this is a different battle? First party Linux support is orthogonal to games not using kernel level anti-cheat solutions.
Tangentially, I wouldn't use kernel level anti-cheats, but if Valve's solution is indicative of the SotA in userspace anti-cheat solutions, there's a lot of room for improvement.
Thankfully that has been improving [1] and non-kernel is 100% possible today [2] with valve has so much on documentation and support for game and anti cheat developers to accomplish this.
Unfortunately many of these developers believe that kernel-level is mandatory (by virtue of believing that it actually works to prevent _all_ cheating, which we know it doesn't).
