Riots Valorant subreddit mod censoring and other issues about their anti cheat controversy

[Evolution of Metal]

About Microsoft statements, how about Windows 10 not letting Starforce amd SecuROM protected games run at all?

There was a time when i dealt with this shit as a weekly basis. No need for official statements, it's all in that video.

SecuROM thankfully didn't attack your pc since it was server based, but it's still draconian.

Click to shrink...

Video states that nobody replicated Starforce issues to claim the reward, and the lawsuit was dropped because there was no evidence that Starforce was causing these issues. You missed your 10k! I asked for the articles, and you delivered, so I supposed there is a level of reasonable fear when it comes to game companies bundling potentially bad software.

• Disc-based security solution from 2003 (stopped in 2006) which reportedly wears out/glitches cdroms.
• Low level anti-cheat which works exactly like more prestige CSGO (ESEA, Faceit) queues for years now.

Just for clarification: does your argument/suspicion applies to Valorant, or does it apply to every single program that requires a low-level access?

 

[Onlygames]

I've uninstalled the game for now, including the Vanguard anti-cheat program. Does this mean I'm good or do I need to take further actions even?

 

[packy17]

Opening up your computer to anyone with bad intentions was a good thing when?

I can't believe what people will hand over just to play a videogame. No wonder shit happens.

Click to shrink...

There's no evidence that the driver is insecure or exploitable.

We have an actual screenshot in this thread from a hack forum of people discussing spreading FUD about Vanguard.

 

[Skyfireblaze]

Honestly my stance on the issue is that this is basically the security vs freedom debate just with a different spin. Do like like cheating to happen in online-games? Absolutely not! But if the only way to stop cheating online proactively is to have a Ring-0 driver installed then I think a boundary was overstepped that shouldn't have been overstepped. And if that's the case I think the right call is to just accept that some matches will be ruined by cheaters and have them banned retroactively as per VAC and other anti-cheat solutions and maybe look into different ways to prevent cheating.

Now I'm no developer of any sort but could server-based games have some sort of anti-cheat in their netcode? I'm thinking maybe every game-client could go and verify each other, like every player-client connected to the server double-checks on a kill for example if the kill could have happened within normal game logic. So if you have 10 players and one of them is a cheater that for example has a 1000 damage weapon, the other 9 clients would notice that dealing so much damage with one shot should be impossible and then immediately disconnect and possibly ban the 10th client.

Of course this wouldn't stop things like wall-hacks and such but that is possible because basically the game knows where everyone is at every time. Would it be possible to handle positioning purely server-side and only expose the location to a player-client when it's actually relevant like when a player enters the vision or sound range of another or comes into the range of a thrown skill etc.

I realize that if these things are possible they would likely increase network and performance overhead due to excessive redundancy but I think it might be worth it for heavy E-sports leaning titles that are generally light on resources anyway.

 

[Dave.]

I've uninstalled the game for now, including the Vanguard anti-cheat program. Does this mean I'm good or do I need to take further actions even?

Click to shrink...

You can't possibly know because it had ring 0. That's half the issue.

 

[Reinhardt Schneider]

Video states that nobody replicated Starforce issues to claim the reward, and the lawsuit was dropped because there was no evidence that Starforce was causing these issues.

Click to shrink...

The whole Starforce thing was a shitshow and there were always suspicion that they didn't even try to replicate the issues. I will not tell you to believe me, but i know what i experienced and what i had to repair over those years.

(Even nowadays, there are some naïve people that want to get into retro PC gaming and they end up having to take their PC to me or one of the local stores because they didn't research the thing properly)

My theory is that they developed the DRM with a one and only kind of setup in mind. The 2 disc drives issues described in the video? I literally experienced that, just like becoming unable to play CD music (As i've always loved to do that while working)

I asked for the articles, and you delivered, so I supposed there is a level of reasonable fear when it comes to game companies bundling potentially bad software.

Click to shrink...

Yeah, there is, and completely founded. Starforce is the most notable example for how awful it was, but it wasn't the only one.

In general, anything that installs at kernel level is not to be trusted at all. That's why Microsoft implemented driver signature verification

Just for clarification: does your argument/suspicion applies to Valorant, or does it apply to every single program that requires a low-level access?

Click to shrink...

Oh, no, i have no issue with Valorant at all, i'm all for anti-cheating solutions. My issue is with low level access. The Ring 0 gives free access to everything, so i don't trust anything that install a that level and isn't a driver for any hardware or virtual device i have knowllingly installed.

 

[Naga]

The devs responded to this directly on reddit yesterday.

TL;DR Yes we run a driver at system startup, it doesn't scan anything (unless the game is running), it's designed to take up as few system resources as possible and it doesn't communicate to our servers. You can remove it at anytime.
(...)
The Vanguard driver can be uninstalled at any time (...)

Click to shrink...

What's the point then?

 

[Onlygames]

You can't possibly know because it had ring 0. That's half the issue.

Click to shrink...

Explain it to me like I'm 5.

 

[Reinhardt Schneider]

Explain it to me like I'm 5.

Click to shrink...

Ring 0 is the lowest level of access possible. Kernel level. Having uninstalled the Anti-cheat measure isn't enough because, as it's installed at ring 0 level, it could have very easily installed anything else without having to ask the user for permission.

Watch the video i linked a few posts ago. Starforce was a DRM that installed itself at ring 0 level and fucked up your PC in a number of ways without ever asking for anything. Not saying is will be the case, though.

 

[브라이언]

League is transitioning to this said rootkit next year.

 

[Onlygames]

Ring 0 is the lowest level of access possible. Kernel level. Having uninstalled the Anti-cheat measure isn't enough because, as it's installed at ring 0 level, it could have very easily installed anything else without having to ask the user for permission.

Watch the video i linked a few posts ago. Starforce was a DRM that installed itself at ring 0 level and fucked up your PC in a number of ways without ever asking for anything. Not saying is will be the case, though.

Click to shrink...

Soooo I'm screwed atm? Until they, or someone else, offers a way to comletely remove any traces?

 

[Reinhardt Schneider]

Soooo I'm screwed atm? Until they, or someone else, offers a way to comletely remove any traces?

Click to shrink...

No, you're not unless the software actually does something like that. Still early to know.

I mention Starforce constantly because it's an example of what could go wrong, but hopefully this won't be the case.

Nobody seems to have reported this kind of behavoir from this so it would be safe to say that you're... well, safe.

 

[ShinUltramanJ]

There's no evidence that the driver is insecure or exploitable.

We have an actual screenshot in this thread from a hack forum of people discussing spreading FUD about Vanguard.

Click to shrink...

Only a matter of time then. I don't see how it's worth the risk, but that's me.

 

[packy17]

Only a matter of time then. I don't see how it's worth the risk, but that's me.

Click to shrink...

If you feel that way, you might want to uninstall the drivers for your mouse and GPU, because those are also kernel-level.

 

[Reinhardt Schneider]

If you feel that way, you might want to uninstall the drivers for your mouse and GPU, because those are also kernel-level.

Click to shrink...

Is not really the same, you know?

This is a software that installs itself at ring 0 just because

 

[Altair]

I understand being thorough, especially after coming from Destiny where Bungie lets cheaters run rampant in Trials on PC, but this seems like it's going a bit too far.

 

[packy17]

Is not really the same, you know?

This is a software that installs itself at ring 0 just because

Click to shrink...

... it's not "just because"... it's to be proactive against cheats. More proactive than any other AC out there. And the risk to security is exactly the same as it is for every other kernel-level driver on your PC, of which there are many.

 

[Reinhardt Schneider]

And the risk to security is exactly the same as it is for every other kernel-level driver on your PC, of which there are many.

Click to shrink...

This is your only argument to defend this and it's getting really repetitive. Installing at Kernel level doesn't makes it more proactive, just more risky.

If it acts as a driver and only works when the game is booted, then it's no different than Valve's VAC solution
If it doesn't and it's enabled by default then it's too invasive and such behaviour should not be allowed.

There's nothing else than that. By your own argument, neither Starforce nor any of the hundreds of thousands of trojans and rootkits in existence are different than drivers, ergo they are inoffensive.

 

[packy17]

This is your only argument to defend this and it's getting really repetitive. Installing at Kernel level doesn't makes it more proactive, just more risky.

If it acts as a driver and only works when the game is booted, then it's no different than Valve's VAC solution
If it doesn't and it's enabled by default then it's too invasive and such behaviour should not be allowed.

There's nothing else than that. By your own argument, neither Starforce nor any of the hundreds of thousands of trojans and rootkits in existence are different than drivers, ergo they are inoffensive.

Click to shrink...

This is nothing like Starforce or Securom, and such has been debated and proven here and on reddit - not interested in repeating it. And calling anything at ring0 a "rootkit" is misleading/a misnomer - rootkits are inherently malicious. This driver is not. You can make whatever unsubstantiated hypothetical security-based argument you want, but it doesn't change the fact that as of now there's absolutely no evidence that the driver itself is insecure or malicious. Until there is, everything is just "what-ifs" and "maybes", and I'm not interested in concern trolling.

 

[pksu]

... it's not "just because"... it's to be proactive against cheats. More proactive than any other AC out there. And the risk to security is exactly the same as it is for every other kernel-level driver on your PC, of which there are many.

Click to shrink...

More proactive? PunkBuster had kernel driver something like ten years ago and other competitors like EAC are using those too. And pretty much all ACs have been hacked from time to time regardless of kernel drivers.

Now I'm no developer of any sort but could server-based games have some sort of anti-cheat in their netcode? I'm thinking maybe every game-client could go and verify each other, like every player-client connected to the server double-checks on a kill for example if the kill could have happened within normal game logic. So if you have 10 players and one of them is a cheater that for example has a 1000 damage weapon, the other 9 clients would notice that dealing so much damage with one shot should be impossible and then immediately disconnect and possibly ban the 10th client.

Click to shrink...

AFAIK the current state of the art is to use machine learning to filter out cheaters based on player's input/state data that can be recorded server side anyway. While that might work for a lot of cases it's not exactly a solved problem yet.

 

[Reinhardt Schneider]

This is nothing like Starforce or Securom, and such has been debated and proven here and on reddit - not interested in repeating it. And calling anything at ring0 a "rootkit" is misleading/a misnomer - rootkits are inherently malicious. This driver is not. You can make whatever unsubstantiated hypothetical security-based argument you want, but it doesn't change the fact that as of now there's absolutely no evidence that the driver itself is insecure or malicious. Until there is, everything is just "what-ifs" and "maybes", and I'm not interested in concern trolling.

Click to shrink...

I'm just going to say that, and anyone with a minimum of computer knowledge would agree, that software that installs at kernel level is not to be trusted unless it comes with a clear justification and from a source used to install at that level without fucking it up

At the very least, i can say i'm speaking from experience here.

 

[packy17]

More proactive? PunkBuster had kernel driver something like ten years ago and other competitors like EAC are using those too. And pretty much all ACs have been hacked from time to time regardless of kernel drivers.

Click to shrink...

The difference between Punkbustr/EAC and Vanguard is that vgk.sys runs on boot. It does nothing until Valorant is launched, but since the driver is always running anyway it's harder to tamper with or disable it prior to launching a game, which is how most other modern anti-cheats are bypassed. It's still possible, just harder. The argument about whether it's worth the added risk will never go away, and the people who aren't okay with it will likely just leave or never play the game. I don't see Riot backing down on this.

 

[Zem]

This is the same as FaceIT which is completely fine for me. I'd quite happily take this and knowing the game is 99.99% (possibly 100%?) cheat free over having cheats in the game.

 

[EloKa]

This is the same as FaceIT which is completely fine for me. I'd quite happily take this and knowing the game is 99.99% (possibly 100%?) cheat free over having cheats in the game.

Click to shrink...

It's not the same as the AntiCheat from FaceIT. The big differences are that the one from Riot is more intrusive and the one from FaceIT kinda works.

 

[Jsee80]

I hope the next multiplayer game I get into uses this.

Sucks to split the player base but let people uninstall the anti-cheat if they want. They can play with the bots like its always been and others can have a cheat-free experience. (If the shit actually works)

 

[DJKippling]

this is just pure fear mongering. ESEA, FaceIT etc have been doing the same thing for many many years. If you want a competitive game to tackle cheaters then this is what you need to do. Can't wait for them to remove it and then people complain about cheaters in 3 months time. Not to mention this was already known months ago and no one cared.

 

[Rosebud]

So the day the government will forced you to use a device in your bedroom with a dormant micro / camera, connected to the internet, you will accept it.

Click to shrink...

To be fair, everyone is fine with smartphones.

 

[pksu]

The difference between Punkbustr/EAC and Vanguard is that vgk.sys runs on boot. It does nothing until Valorant is launched, but since the driver is always running anyway it's harder to tamper with or disable it prior to launching a game, which is how most other modern anti-cheats are bypassed. It's still possible, just harder. The argument about whether it's worth the added risk will never go away, and the people who aren't okay with it will likely just leave or never play the game. I don't see Riot backing down on this.

Click to shrink...

This. It's just one step in the cat-and-mouse game between cheaters and ACs.

 

[Thera]

To be fair, everyone is fine with smartphones.

Click to shrink...

Yeah... and that's part of the problem...

 

[Hyun Sai]

Are people responding to this thread not reading it and just shitting out hot takes?

It's a rootkit that is straight up running in the background 24/7 and causing frame rate issues in other games

Click to shrink...

Nah, I read it and it's still not remotely close to what you're saying.

 

[Uiki]

I mean... Valve is specifically avoiding something like this for VAC because of the backlash. Anticheat is good and all but not when it has full access to my system. See ESEA fuckups (their anticheat also has kernel access) during the years.

 

[Delusibeta]

The punchline to this discussion is that the impression I'm getting is that Vanguard appears to be ineffective as a proactive anti-cheat, and Riot is having to do VAC-style ban waves after the fact. And it's closed beta, Riot still has full control as to who gets in. I suspect that Vanguard is going to wind up looking useless shortly after open beta.

 

[closer]

Lmao this thread is so passive aggressive

 

[SapientWolf]

I'm impressed people here are actually defending this practice.

Click to shrink...

Are you really though?

this is just pure fear mongering. ESEA, FaceIT etc have been doing the same thing for many many years. If you want a competitive game to tackle cheaters then this is what you need to do. Can't wait for them to remove it and then people complain about cheaters in 3 months time. Not to mention this was already known months ago and no one cared.

Click to shrink...

Case in point, an ESEA employee exploited the software to mine Bitcoin with user machines. Several people reported damaged hardware as a result. This stuff is use at your own risk. And the risk is not just theoretical.

 

[Uiki]

this is just pure fear mongering. ESEA, FaceIT etc have been doing the same thing for many many years. If you want a competitive game to tackle cheaters then this is what you need to do. Can't wait for them to remove it and then people complain about cheaters in 3 months time. Not to mention this was already known months ago and no one cared.

Click to shrink...

Well.. I don't know how many matches you played but I ran into wallhackers and aimbotters at least 3 times already... so no, I'm complaining that their anticheat has full access to my system and it's still crap.

 

[molnizzle]

Well.. I don't know how many matches you played but I ran into wallhackers and aimbotters at least 3 times already... so no, I'm complaining that their anticheat has full access to my system and it's still crap.

Click to shrink...

No system will ever be 100%. It's going to be cat and mouse forever.

...but the ones with the highest success percentage will likely need root access like this. I'm okay with that.

 

[Uiki]

No system will ever be 100%. It's going to be cat and mouse forever.

...but the ones with the highest success percentage will likely need root access like this. I'm okay with that.

Click to shrink...

I'm not. Uninstalled ESEA as soon as they pulled of this shit.. and their anticheat actually worked.

I don't really care about cheaters. You still get them anyway... like you said, nothing you can do against them. Report and go on.

 

[Skyfireblaze]

More proactive? PunkBuster had kernel driver something like ten years ago and other competitors like EAC are using those too. And pretty much all ACs have been hacked from time to time regardless of kernel drivers.


AFAIK the current state of the art is to use machine learning to filter out cheaters based on player's input/state data that can be recorded server side anyway. While that might work for a lot of cases it's not exactly a solved problem yet.

Click to shrink...

Interesting, yeah I can see that but hopefully things move further in that direction do we'll arrive at a point where the game itself can notice: "Hey that shouldn't be possible!" instead of having to go full blanket monitoring of client-machines during a game.

 

[Deleted member 21709]

Does this uninstall with the game?

 

[Deleted member 2840]

It's still possible, just harder.

Click to shrink...

Is it now? People are already complaining about cheaters, and the game isn't even fully available.

 

[Skyfireblaze]

The whole Starforce thing was a shitshow and there were always suspicion that they didn't even try to replicate the issues. I will not tell you to believe me, but i know what i experienced and what i had to repair over those years.

(Even nowadays, there are some naïve people that want to get into retro PC gaming and they end up having to take their PC to me or one of the local stores because they didn't research the thing properly)

My theory is that they developed the DRM with a one and only kind of setup in mind. The 2 disc drives issues described in the video? I literally experienced that, just like becoming unable to play CD music (As i've always loved to do that while working)



Yeah, there is, and completely founded. Starforce is the most notable example for how awful it was, but it wasn't the only one.

In general, anything that installs at kernel level is not to be trusted at all. That's why Microsoft implemented driver signature verification



Oh, no, i have no issue with Valorant at all, i'm all for anti-cheating solutions. My issue is with low level access. The Ring 0 gives free access to everything, so i don't trust anything that install a that level and isn't a driver for any hardware or virtual device i have knowllingly installed.

Click to shrink...

Does Vanguard actually have a Microsoft signed Signature?

The more I think about it the more likely I see it happening that cheaters eventually will find a way to tell Valorant that Vanguard is installed and fake the checks when it's actually not and in this hypothetical scenario it's of course the person who did nothing wrong that has potential issues while cheaters don't.

 

[Delusibeta]

Does this uninstall with the game?

Click to shrink...

No, but there's a separate uninstall routine. Apparently, Riot is planning on adding League of Legends support later.

 

[SweetNicole]

Reddit - Dive into anything

www.reddit.com

Worth reading.

 

[Uiki]

Reddit - Dive into anything

www.reddit.com

Worth reading.

Click to shrink...

The Whole ESEA Bit-Coin Situation!

— Show More —What do you guys think about ESEA after this?r/GlobalOffensive Reddit thread: http://www.reddit.com/r/GlobalOffensive/comments/1dgad2/esea_clien...

www.youtube.com

Worth watching.

 

[Skyfireblaze]

I'm wondering, what would people think about a compromise for Valorant and League of Legends? Have Vanguard as a requirement to be installed for Ranked games and for Unranked it doesn't need to be installed and more conventional anti-cheat methods would be used.

 

[molnizzle]

I'm not. Uninstalled ESEA as soon as they pulled of this shit.. and their anticheat actually worked.

I don't really care about cheaters. You still get them anyway... like you said, nothing you can do against them. Report and go on.

Click to shrink...

Because you run into them less and they are handled faster.

I'll be honest, I don't believe you for a second that you've actually run into 3 cheaters in Valorant already. But if that keeps you from playing the game, so be it. I'm grateful that Riot is willing to let certain players go to maintain competitive integrity to the largest extent possible.

The Whole ESEA Bit-Coin Situation!

— Show More —What do you guys think about ESEA after this?r/GlobalOffensive Reddit thread: http://www.reddit.com/r/GlobalOffensive/comments/1dgad2/esea_clien...

www.youtube.com

Worth watching.

Click to shrink...

Funny, that's mentioned right in the post you quoted!

I'm wondering, what would people think about a compromise for Valorant and League of Legends? Have Vanguard as a requirement to be installed for Ranked games and for Unranked it doesn't need to be installed and more conventional anti-cheat methods would be used.

Click to shrink...

Against. Zero tolerance for cheating. No safe spaces for piece of shit hackers.

 

[Jroc]

I'm in no rush to give the PRC government ring-0 access on my PC just so I can play a Counter-Strike clone with less hackers.

 

[Arkanius]

So now attacking this shitty practice of giving the keys to our PCs to Tencent is Propaganda by hackers.
Lmao

 

[Wamb0wneD]

May want to look at the rest of this guys videos...

Click to shrink...

Just because he's an asshat doesn't mean he's wrong about this though.

 

[Skyfireblaze]

Because you run into them less and they are handled faster.

I'll be honest, I don't believe you for a second that you've actually run into 3 cheaters in Valorant already. But if that keeps you from playing the game, so be it. I'm grateful that Riot is willing to let certain players go to maintain competitive integrity to the largest extent possible.


Funny, that's mentioned right in the post you quoted!


Against. Zero tolerance for cheating. No safe spaces for piece of shit hackers.

Click to shrink...

That's a fair stance to take. It's really difficult but I still don't think the fight against hackers should allow for that kind of blanket security.