Hello guys,
Im intrested to buy Helldivers2, but im worrying about the Kernel Level Anti Cheat tool, named nProtect GameGuard and i asked myself, how big of a security issue it could be… since it only can be executed in Steam Proton, isnt this mainly only a problem for Windows user on a Kernel Level?
There is none.
Yes. Kernel Access needs root in general and that anti cheat is always run as user in wine. So the fix in proton is simply that the syscalls, which are requested by “nProtect GameGuard”, can now be requested correctly. More or less it gets replicated/faked, since that are then not real kernel calls as on windows.
However such a approach can break easily, since not intended… Meaning that the game won’t start in the future.
1 Like
You mean there is none in General (include windows10/11) or there is none for Linux?
I read a topic which included several reports from Windows Users and probably showed there is a really big problem for them with Kernel Level Anti Cheat in general… and specially for nProtect GameGuard, which humored some kind of ways to attack a systems who has installed this Rootkits.
Doesn’t sound cool, but better this as have a open security hole as in Windows10/11 now.
This is a Manjaro Forum and of course I am talking about Linux.
Well… you can also think the same way about any third-party driver, which you have to install on Windows. Any Kernel Driver would have full access to anything. I wonder why people think that installing the newest nvidia kernel driver is more secure than installing an anti-cheat kernel module.
At the end it is all about trust, especially when source is forbidden to read.
Sorry, but is there any prove for an “open security hole” or are there just rumors?
I just wanted to get double sure and there is no misunderstanding.
I didnt investigate there future, i can’t really tell… but it looks more like rumors.
Edit:
As far my Info’s are right, nProtect GameGuard has really bad reputation about being regulary updated.
You may miss the news about the Dark Souls 3, that the developer had to shutdown the PVP servers.
I never saw a news like that in relation with nvidia… and why should it?
I think there is a big difference between a local service with no online connection (nvidia) and a anti cheat tool that is designed to interact with outside online connections, specially when you host your own games.
What ever. 
Where is the connection to a anti-cheat kernel module? 
As far as I read, it was about the servers.
The anti-cheat kernel module usually can’t communicate over the net, just like nvidia driver module. It is not intended to do that. The game communicates with the module for “self-verifying” and checking of modification/manipulation.
Well in the article is only written that the attackers gained Low-Level Access to the Players Computers.
And since the true problem is hidden and not revealed to the community till today… i assume it should be related to a Anti-Cheating Tool which had Low Level Access, but who knows… possible im wrong here 
This topic was automatically closed 36 hours after the last reply. New replies are no longer allowed.