Information Security
linux gaming
Updated Sun, 18 Sep 2022 09:23:00 GMT

How dangerous can an anti-cheat software be, on Linux operating systems?


There are anti-cheat software for Windows that run with really high privileges in order to detect cheats on the users' machine. These anti-cheat claim to run 'on kernel' and scan the user files and memory to detect software that could be interacting with the game (e.g. cheats/hacks).

Recently, I found that some of those companies have their anti-cheat support for Linux games (native ones), which made me wonder how that detection would work. What can these anti-cheat software do on Linux, especially if the game is running on user-mode and not sudo? Would they be able to scan other users' processes/memory and detect a cheat running on another user, for example?




Solution

Linux as an operating system is wide open for meddling using 1000 ways, so there will be no anti-cheat software for Linux in the nearest future, at least for distros which don't offer some sort of guarantee that the system hasn't been tampered with.

In Windows there are multiple layers of protection which guarantee that you run the pristine Windows installation, including executable files and libraries since almost every executable file in Windows is digitally signed.

In Linux at the moment only the boot loader (GRUB) and the kernel with its modules are signed (and that applies only to a handful of distros including Fedora, RHEL and Ubuntu), everything else is not.

When you cannot guarantee that your system libraries are not modified all bets are off.

What can these anti-cheat software do on Linux, especially if the game is running on user-mode and not sudo?

Everything any application running under user account can do, including reading your files, or even sniffing your passwords. It's pretty trivial to do in X11 (which allows all applications to access all input devices) or using LD_PRELOAD= under Wayland.

If you're concerned about any of this, you should not be running proprietary software ever. I'd even say that you shouldn't even use a normal PC which is rife with proprietary features you cannot control, e.g. UEFI, Intel ME/AMD PSP, GPU, WiFi/Bluetooth, LAN, SSD/HDD, etc. etc. etc.





Comments (2)

  • +0 – "...there will be no anti-cheat software for Linux in the nearest future". Well, they claim to support Linux, at least EAC and BE do have this support. With that said, would you agree that their Linux support is probably much weaker (if not, completely ineffective) when compared with their Windows support? — Jul 09, 2022 at 18:23  
  • +0much weaker (if not, completely ineffective) when compared with their Windows support - absolutely. — Jul 09, 2022 at 20:09