Really the big problem is they just suck at writing software and they don't want to put appropriate controls server side because it is more resource intensive for them. So might as well hack your computer, because why not. There is literally no reason user mode anti cheats with appropriate server side verification cannot work.
Honestly I wish valve would put in stronger customer protections such as disallowing most third-party eula's when acquiring software through steam.
Everyone wants cheaters banned, but nobody wants to run a rootkit on their own machine.
The real solution to avoid cheaters is to play on Console. You’ll still get some cheaters using strikepacks, which is an external device, but you won’t run into anyone with a modified client or bots running in ring zero, because the Consoles are sandboxed operating systems. Maybe it’s possible to rig up some cheating device with HDMI capture and automated controller input, but it’s not worth the hassle.
I wonder if Microsoft could help, by introducing a “Windows gaming” mode. You boot your PC into this mode and it’s sandboxed to the level of an Xbox. Or even if it’s not sandboxed, it’s at least a dedicated environment where you don’t mind running kernel level anticheat.
I think you've nailed the reason why these rootkits keep getting added, but I feel like there must be something else these game companies want... Why do they keep adding it to single player games for example?
They HAVE to be assumed to be hostile bad actors. I definitely hope valve stands their ground on this one.
These kind of cheats just shouldn’t be possible from the client side. And there’s really no excuse for it when the servers have 20Hz tick rate (lowest of any AAA multiplayer shooter), so they’ve got plenty of time to perform additional computation.
The weird thing is that hackers can target a streamer in the first place, which people have speculated is due to the debug info on screen leaking the server ID. But that implies the hacker needs to perform a server exploit, too - or at least, he needs to send some untrusted data from the client that the server will interpret in a way that resembles an exploit (but is more technically a logic error).
As long as they keep translating Windows, they are at the mercy of whatever game studios decide to do with their Windows games.
The correct decision, of course, would have been for their server to properly detect impossible client actions. But I guess that's a lot more work.
The next generation of cheats will probably emulate Windows well enough to avoid detection, so I feel somewhat thankful for them kicking off an arms race that'll lead to Wine becoming more precise.
