• Lmaydev@programming.dev
        link
        fedilink
        arrow-up
        2
        ·
        edit-2
        10 months ago

        It’s a driver.

        Here the attacker installed the driver after gaining remote access.

        So it’s not actually anything to do with having the game installed.

        But it’s still a massive problem.

        • HuntressHimbo@lemm.ee
          link
          fedilink
          arrow-up
          30
          ·
          edit-2
          10 months ago

          You’re missing the point of what he is saying. The anti-cheat itself runs in a level with extreme access to anything on your computer. The anti-cheat is like almost all software almost certainly exploitable. You are trusting that no one will ever crack Vanguard in a way that exposes your user data, and that Riot will never change it to collect more than you think they are.

          • naeap@sopuli.xyz
            link
            fedilink
            arrow-up
            10
            ·
            10 months ago

            Not even about user data, this is just the side dish. You have complete control over the system and spy on, and probably even can do, whatever

            • HuntressHimbo@lemm.ee
              link
              fedilink
              arrow-up
              2
              ·
              10 months ago

              You’re 100% right. Not only can they steal data, but they could use kernel level access to make your hardware misbehave, perhaps even to the point of damage. They could probably trash a hard disk or GPU for instance. It also gives them a locally controlled device on whatever network you’re on. From there they can weaponise their new access to attack other devices on the network, or cause the network itself to fail.

              It just goes to show how dangerous this is, that even a programmer and security enthusiast like myself forgets to mention a huge chunk of the possible damages.

    • Empricorn@feddit.nl
      link
      fedilink
      English
      arrow-up
      27
      ·
      edit-2
      10 months ago

      It’s kernel-level control of your system, basically rootkit malware that you choose to infect your computer with. Keep in mind, it’s always running, whether you’re playing a game or not! By definition, it literally has more control of your system than you do signed in with your own private password. Ask yourself this: if the anti-cheat was compromised, sold, re-prioritized, bypassed by hackers or foreign interests, etc… How would you even know?

      I understand that all this sounds paranoid, but remember that you chose to give it system-wide access! I likely hate online cheaters at least as much as you, but the potential security/privacy implications are far too great, not to mention the performance hit every single game with kernel-level anti-cheat suffers…

      • SuperDuper@lemmy.world
        link
        fedilink
        arrow-up
        3
        ·
        10 months ago

        Keep in mind, it’s always running, whether you’re playing a game or not!

        Not necessarily. You can close the software. You’ll need to restart your computer before launching Valorant, but it absolutely does not need to be running while you aren’t playing.

      • Serinus@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        10 months ago

        This isn’t really different from most software on your system. I can exfiltrate plenty of your data on Windows without root. And are you reviewing the source code of every application you run?

        It’s a problem when Riot does it, but not Nvidia?