this post was submitted on 04 May 2024
1014 points (96.4% liked)

Helldivers 2

1885 readers
15 users here now

Welcome to the Helldivers 2 Community on the Fediverse.

Links

Galactic War Status

Rules

Banner by Noobmasterpro


founded 10 months ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] Alk 71 points 7 months ago (1 children)

"Beloved by all" Don't be so hasty. I wish I could love games with kernel level anti cheats, but there are far better games with less risky software.

[–] [email protected] 18 points 7 months ago* (last edited 7 months ago) (1 children)

It's a really fun game though so idk I don't care (about the privacy concerns, your opinion is valid regardless)

[–] [email protected] 51 points 7 months ago (4 children)

It's not just privacy. Kernel level anti cheat software opens up a new attack vector for malicious actors, e.g. your computer is less secure. Your system also becomes less stable and is prone to crash more often. This is all dependent on the skill of the software engineers writing the kernel level anti cheat of course.

Unfortunately, most software, if not most of modern IT is a house of cards.

[–] [email protected] 10 points 7 months ago

Kernel level anticheat software opens up a new attack vector for malicious actors

This is one of my favorite techniques used by threat actors.

Essentially, for those of you who aren’t familiar with the BYOVDD technique, code is signed by companies when it is set to publish. This signature is proof that the company actually released the code, and generally, if the code is signed by someone you trust, it means that it doesn’t contain malware.

However, programmers are often bad about writing secure code. Security is hard, and kernel-level code is complex, so things slip through the cracks and the code becomes vulnerable to exploitation from the threat actor.

The fun part is when there is signed code that operates at the kernel level. To an OS and many security systems, signed code is good code. If a threat actor exploits signed code to arbitrarily do things like download and execute malware, or just behave maliciously, security software often throws up its hands and goes “Well, it is signed by a trusted company, it’s probably fine lol.” But because this code operates at such a privileged level, the amount of damage that can be done is devastating.

This was used in 2022 by threat actors to spread ransomware. The vulnerable kernel-level software they used was Genshin Impact’s anticheat.

Thankfully, crafting an exploit like this is pretty difficult to do, and since the signatures used for the code is revoked when malicious activity is seen, it is unlikely that you will see this specific technique used against you on your personal computer. But your IT and/or cybersecurity team might see the Helldivers anticheat used to ransom their systems sometime in the future.

[–] [email protected] 4 points 7 months ago (1 children)

Not to mention Sony itself has been busted multiple times installing goddamn rootkits

[–] Hobbes_Dent 1 points 7 months ago

On audio CDs iirc.

[–] [email protected] 1 points 7 months ago

Your system also becomes less stable and is prone to crash more often.

That statement isn't a theory and sounds more like a verifiable fact. Is that true more Helldivers 2?