It seems anti-cheat technology is the new DRM. By that I mean that, with the gaming industry diving headfirst into the competitive online gaming scene, the concern over piracy has shifted into a concern over cheating making those online games less attractive to gamers. And because the anti-cheat tech that companies are using is starting to make the gaming public every bit as itchy as it was over DRM.

Consider that Denuvo’s own anti-cheat tech has already started following its DRM path in getting ripped out of games shortly after release after one game got review-bombed over just how intrusive it was. And then consider that Valve had to reassure gamers that its own anti-cheat technology wasn’t watching user’s browsing habits, given that the VAC platform was designed to sniff out kernel-level cheats. One notable Reddit thread had gamers comparing Valve to Electronic Arts as a result.

Which makes it perhaps more interesting that EA recently announced new anti-cheat technology that, yup, operates at the kernel level.

The new kernel-level EA Anti-Cheat (EAAC) tools will roll out with the PC version of FIFA 23 this month, EA announced, and will eventually be added to all of its multiplayer games (including those with ranked online leaderboards). But strictly single-player titles “may implement other anti-cheat technology, such as user-mode protections, or even forgo leveraging anti-cheat technology altogether,” EA Senior Director of Game Security & Anti-Cheat Elise Murphy wrote in a Tuesday blog post.

Unlike anti-cheat methods operating in an OS’s normal “user mode,” kernel-level anti-cheat tools provide a low-level, system-wide view of how cheat tools might mess with a game’s memory or code from the outside. That allows anti-cheat developers to detect a wider variety of cheating threats, as Murphy explained in an extensive FAQ.

The concern from gamers came quickly. You have to keep in mind that none of this occurs without the context of history. There’s a reason why, even today, a good chunk of the gaming public knows all about the Sony rootkit fiasco. They’re aware of the claims that DRM like Denuvo’s affects PC performance. They’ve heard plenty of horror stories about gaming companies, or other software companies, coopting security tools like this in order to slurp up all kinds of PII or user activity for non-gaming purposes. Hell, one of the more prolific antivirus companies recently announced a plan to also use customer machines for crypto-mining.

So it’s in that context that hearing that EA would please like to access the most base-level and sensitive parts of a customer’s PC just to make sure that fewer people can cheat online in FIFA.

Privacy aside, some users might also worry that a new kernel-level driver could destabilize or hamper their system (à la Sony’s infamous music DRM rootkits). But Murphy promised that EAAC is designed to be “as performant and lightweight as possible. EAAC will have negligible impact on your gameplay.”

Kernel-level tools can also provide an appealing new attack surface for low-level security exploits on a user’s system. To account for that, Murphy said her team has “worked with independent, 3rd-party security and privacy assessors to validate EAAC does not degrade the security posture of your PC and to ensure strict data privacy boundaries.” She also promised daily testing and constant report monitoring to address any potential issues that pop up.

Gamers have heard these promises before. Those promises have been broken before. Chiding the public for being concerned at granting kernel-level access to their machines just to keep online gaming less ridden with cheaters is a tough sell.

Filed Under: anti-cheat, kernel, security, video games Companies: ea

It’s not just DRM with these guys. As soon as I read “EA” I knew I wasn’t going to buy it.

“EAAC will have negligible impact on your gameplay.”

Wrong. It will have a serious impact, because we aren’t going to play games that subject OUR hardware and software to such compromise.

On the other hand, we will have a lot of fun cracking whatever crap game companies attempt to insert beyond the application memory space. Likely to be much more interesting than the game itself.

Oh hey, Riot tried this with their Valorant anti-cheat tool.

It was derided, then cracked in 3 weeks.

I get the concerns, but reminder: kernel-level anti-cheat uses the same code as malware. While it’s one use of malware that I reluctantly allow, due to the needs of online competitive gaming, I’m not too happy about it too.

Whenever someone says “PC”, I assume (and most likely correctly) that they are speaking of the Windows portion of that world. I have to express my wonder at how the Linux community will react to this kind of news. Or if EA (and others) will just ignore that segment.

WINe, nearly all VM systems, and Plays On Linux will all be highly impacted, I’m sure. I don’t see this going smoothly, not at all.

Not to mention the ever growing Steam Deck market.

It’ll be a cold day in **** before crap like that makes it into the Linux kernel.

No chance in hell that this stuff cpu even be attempted in the Linux, BSSd, or Apple. With some rare hand-compiled exceptions, you simply can’t do it without going to the extreme in changing settings.

Nope, these games just won’t come to non-windows computing.

There is already a barrier to getting support if you’ve made modifications to your operating system. The Windows UAC and TPM and Bitlocker and other tools make it very difficult to mess with the OS. That allows a trust relationship between software consumers and vendors… so that a consumer that reports an issue with software isn’t victim blamed.

Unfortunately, any modifications made to the running kernel will only hurt that trust. Instead of “what version of Windows are you running” the vendor will want to ensure the kernel is untouched.

In the Linux world, if you install something that is unverified as being superawesome it flags its presence. For example, loading the NVIDIA binary blob driver wins you this:

[ 1.909249] nvidia: loading out-of-tree module taints kernel. [ 1.909260] nvidia: module license ‘NVIDIA’ taints kernel. [ 1.918412] nvidia: module verification failed: signature and/or required key missing – tainting kernel [ 1.974994] NVRM: loading NVIDIA UNIX x86_64 Kernel Module 510.85.02 Tue Jul 12 16:51:23 UTC 2022 [ 19.960640] nvidia_uvm: module uses symbols from proprietary module nvidia, inheriting taint.

Fundamentally altering how the operating system works is a legitimate goal, but doing so in a way that is unverifiable (e.g. no source code and no inspection by trusted parties) is not.

That allows anti-cheat developers to detect a wider variety of cheating threats, as Murphy explained in an extensive FAQ.

Would that make them Murphy’s Laws?

One would hope that the gamers would give EA the finger, but after watching Nintendo shitting on its fans with no great outcry, I have little hope of seeing this.

We’re doing this to protect the fun! No one likes cheaters!

Yep and the only possible way to do this is to give us unfettered, unrestricted access to your system at a deep level that we “can’t” tell you about or the cheaters will win!! Of course they would NEVER EVER misuse this to their benefit, look at all of those sensitive databases LEO’s have access to and promise to not abuse… oh wait.

We can’t trust fscking cops to not abuse their access and we are to expect that some drone inside EA won’t take a peek to see what they can see?

One would hope that the gamers would give EA the finger, but after watching Nintendo shitting on its fans with no great outcry, I have little hope of seeing this.

I didn’t even watch the last Nintendo Direct. You know what finally broke the camel’s back? Getting a Steam Deck. I didn’t need Nintendo anymore.

One would hope that the gamers would give EA the finger, but after watching Nintendo shitting on its fans with no great outcry, I have little hope of seeing this.

I’ve been flipping EA and Nintendo both birds for over a decade now. Any games I buy for my Nintendo consoles are pre-owned, as were the consoles themselves, and unless they come for one of those consoles (such as The Sims 2 and The Sims: Castaway) because the carts are clean of malware, then I don’t buy games from EA at all.

Linux world laughs at you for suggesting this. Windows world eyes you skeptically. Apple just tells you to get the fuck out. Who at EA thought this was a good idea?

I’ve said it before, I say it again: If you want anti-cheat tools? Run them server side. Or make them otherwise optional for leaderboards or what not.

EA: Give us complete and total access to your computer, what could possibly go wrong?

Hackers breaking the anti-cheat in 3 weeks or less.

I mean, Riot Games fucking tried…

Hackers figuring out how to detect and exploit the anti-cheat module to take over your machine.

Well, modern anti-cheat software is basically repurposed malware in terms of principles and sometimes code…

Right. It’s not like we had any issues, after all. Oh, wait…

Is it funny how I trust online pirates more than I trust EA?

You make a great point. Let’s face it, we read about lots of stories of corrupt cops ruining people’s lives. Today there was a piece Tim wrote up right here on TD about redactions in a case where cops lost their qualified immunity to COMPLETELY F UP some woman’s life who was cooperating with them and in the right.

Speeders are people who exceed the speed limit. I’m one of them. In my home state exceeding 85MPH or the posted speed limit by 15MPH is criminal. So I am a criminal. My friends are criminals.

My ex-business partner spent $5K to plead a criminal traffic citation down to no jail no “other fines”.

My adopted son spent about that for the same thing. Same freeway-haunted jurisdiction. Don’t speed on I-10 near Eloy, AZ!

My other friend in an SUV had her car impounded, license taken, jail for the night, then pled down to “careless driving.”

Another smashed into a barrier… was smashed herself… and because of her job refused to take a plea… so ended up doing 3 days in jail and $250 fines and 20 hours community service.

AND YET I trust all these “criminals” more than the cops who steal money from veterans, cars from poor people, houses from landlords who rent to pot-users, and then cover their tracks, cover for each other, get the court to give them qualified immunity, and continue this vicious cycle.

So YEAH, it is FUNNY how you trust online pirates more than EA. Pirates give you stuff. They don’t destroy your stuff. EA, who knows. All the DRM in the world won’t make me trust them.

So YEAH, it is FUNNY how you trust online pirates more than EA. Pirates give you stuff. They don’t destroy your stuff. EA, who knows. All the DRM in the world won’t make me trust them.

Yeah, it’s like Valve is the only big company who understands all this (as telling by their “Piracy is a service problem” statement a while back and their current Steam Deck which is open AF).

In my home state, exceeding 85MPH or the posted speed limit by 15MPH is criminal.

Dude, you just doxxed yourself. I now know you’re a Texan.

No, but you just outed yourself as being utterly unable to complete a Google search.

No, but you just outed yourself as a liar. First result in Google, fuckball.

The very first thing to think when you hear the letters E and A is their gameplay-affecting microtransactions. We all remember the Staw Wars: Battlefront 2 controversy. I predict this anticheat will be mostly focused on its pay2win scheme to defend its microtransactions, the same way Grand Turismo 7 requiring an internet connection (despite being a ps4/5 exclusive) not because of piracy, but because of the same reason and also plan to be a live service.

Also, it’s FIFA 23, the series that are infested with microtransactions and these games barely get any major update from the previous years.

I get that a lot of these anti-cheat systems are designed and installed to keep casual gamers from getting frustrated when faced with potential cheaters.

What I don’t get is how most titles require me to install these things when I only want to play solo/offline…

At least give me the option to not install the anti-cheat, even if that means that competitive play and things like achievements are disabled/limited.

At this point, the arms-race has gotten to the point that I rather not install the anti-cheat software (and possibly the entire game) because of security concerns.

Consider it a lost sale 🙂

…here’s a quick reminder:

DRM (initialism for “Digital Rights Management”) — noun — closed-source “black box” spyware that acts as the digital equivalent of an ankle bracelet tracking device for paying customers but does nothing to prevent copyright infringement carried out by non-paying customers; colloquially known as “Digital Restrictions Management”; a stupid fucking idea

It’s worse when you realize that modern kernel-level anticheat software operates on a similar principle to malware.

So it’s basically akin to swallowing a poison to not cheat, and getting the antidote as long as you don’t cheat, while playing.

…colloquially known as “Digital Restrictions Malware”…

Legitimate Owners/users Inconvenienced, but not the pirates.

It wasn’t cheaters that forced me out of multiplayer games. It was the terrible mechanics, a reskinned game I already bought, narrow kill boxes, limited player base and microtransactions. Instead of rolling out quality games that can retain players, studios seem to go out of their way to piss of as many people as they can.

If they are really so concerned about security, and not say, all of the business opportunities this might open up for them, stick with console gaming. Consoles are already fairly locked down and it’s already more difficult to cheat with one than a bog standard PC.

Want a locked down ‘gaming‘ machine, Sony, Microsoft, Nintendo are all more than willing to sell you one.

….but, last time I checked, they don’t have all of that juicy PII, and the console makers somewhat limit your opportunities for making additional money on the side.

Time to stop buying EA games.

So, when is the exploit that allows this going to be oatched out of the kernel?

Oh wait, it’s allowed because someone paid enough to be a “trusted provider” never mind.

Ah but you see you’ve stumbled upon the truth behind their masterful anti-cheat strategy, as no-one is less likely to cheat than someone who isn’t even playing the game.

By reducing the number of suckers buying their games they reduce the number of potential cheaters, making this one of the most effective anti-cheat moves in gaming history.

Wow It’s Really Amazing game.

Let’s go ahead and pre-applaud the throngs of idiots that will buy these infected games anyway because: gotta have the latest version. As infected game sales numbers go unaffected, more and more publishers will attempt to follow EA’s example until some class action lawsuits smack the house of cards down.

Ah but you see you’ve stumbled upon the truth behind their masterful anti-cheat strategy, as no-one is less likely to cheat than someone who isn’t even playing the game.

By reducing the number of suckers buying their games they reduce the number of potential cheaters, making this one of the most effective anti-cheat moves in gaming history.

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

This feature is only available to registered users. You can register here or sign in to use it.