this post was submitted on 26 Jul 2024
339 points (99.1% liked)

Steam Deck

14899 readers
39 users here now

A place to discuss and support all things Steam Deck.

Replacement for r/steamdeck_linux.

As Lemmy doesn't have flairs yet, you can use these prefixes to indicate what type of post you have made, eg:
[Flair] My post title

The following is a list of suggested flairs:
[Discussion] - General discussion.
[Help] - A request for help or support.
[News] - News about the deck.
[PSA] - Sharing important information.
[Game] - News / info about a game on the deck.
[Update] - An update to a previous post.
[Meta] - Discussion about this community.

Some more Steam Deck specific flairs:
[Boot Screen] - Custom boot screens/videos.
[Selling] - If you are selling your deck.

These are not enforced, but they are encouraged.

Rules:

Link to our Matrix Space

founded 3 years ago
MODERATORS
 

Kernel anti-cheat systems are currently the bane of Linux/Steam Deck gaming, haven't actually proven to be effective at stopping cheaters (see Valorant for an example), and lead to various security concerns from giving 3rd parties full access to your machine to being used to install ransomware and malware.

Windows tried to restrict kernel access years ago, but backed down under pressure from various companies. However Crowdstrike's outages have shown the sever consequences of leaving kernel access open, and we might finally see kernel access to be cut off.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 62 points 4 months ago* (last edited 4 months ago) (2 children)

MS had this implemented originally in NT4 then started allowing more drivers direct access for performance.

They tried again with VISTA but McAfee and Symantec cried to the EU and forced MS to back down.

Apparently apple got away with implementing it however.

[–] [email protected] 97 points 4 months ago (1 children)

Apple implemented a kernel API for security software and made it good enough that they forced their own tools to use the API.

MS’s own tools depended on kernel access but they tried locking out 3rd party vendors without building a replacement like Apple did.

McAfee and Symantec correctly pointed out how this would be using monopolist powers to block competitors.

Microsoft needs to shut up and do the work to make their kernel secure.

[–] [email protected] 33 points 4 months ago

Apple implemented a kernel API for security software and made it good enough that they forced their own tools to use the API.

I haven't looked at the Security API in depth but I have looked at the iOS APIs.. Apple gets away with their own apps having MUCH MUCH deeper access than what they give 3rd parties.. I would be SHOCKED if their kernel API is all they use in their own tools.

Microsoft needs to shut up and do the work to make their kernel secure.

The EU ruling is very broad however, if it has just been security tools YES MS could have just built out the APIs and used them for defender, but the EU ruling makes it so open we have wonderful video game anti cheat and DRM drivers from all sorts of providers playing around in driver / kernel space.

[–] breadsmasher 3 points 4 months ago (1 children)

Apple got away with implementing it

I have no idea either way - floating a question.

Did apple previously allow kernel access and then restrict it again? It seems the specific issue with MS vs McAfee etc is due to originally being allowed access, but microsoft restricted it, affecting their products?

[–] [email protected] 8 points 4 months ago* (last edited 4 months ago)

Yes, System extensions on macOS Catalina 10.15 or later allow software https://developer.apple.com/support/kernel-extensions/