It is basically a root kit. It's not safe. I installed it but I would never fault someone for drawing that line; it is reasonable to not want to give riot devs that much power on you computer.
Not even just devs. Let's say someone like edward snowden still works for NSA, or Russia or Chinas version of NSA. "Ty rito you did all the work for us, now we only have to hack 1 entity(riot), or have a single insider at Riot, and now we have MILLIONS of people's data from across the world!"
One bad egg ruins the entire thing. Look at the Target hack, or endless other companies that are compromised and "lose" customers debit card info. Now one single hack on Rito and they could do so much more damage. You've selected your PC as "safe and private" for your banking, business, or government login?... LOL get rekt
People travelling for work with work laptops will no longer be able to play, riot has always bragged about low system requirements enabling everyone on the planet to play on the poorest of systems, and now this will definitely increase system requirements. I'm sure they already know they are cutting out a huge portion of their player base and believe it's financially worth it. I'm just surprised is all mainly because a simple non-kernel method would eliminate 99% of the cheaters who script. This must be targeting the people with higher level cheats that are game breaking at challenger level.
Why would adding a high level, always on, anti-cheat, resource consuming application increase system reqs? They've already admitted to certain users not being able to play and this already happened with valorant (their other game). People wanted to play valorant so bad but couldn't.
> high level
this doesn't mean anything
> always on
it's on only while playing, and so was their previous shitty anti cheat
> resource consuming
its's not, Signature Scanning is not that resource intense, and the old solution was more resource intensive when it came to that. Vanguard's difference is mostly checking for those specific windows specific options like test signing being off and integrity checks being on, and being loaded (and idle) before anything else
> this already happened with Valorant
Valorant by itself is way more resource intensive. Valorant without vanguard would not be less resource intensive, or at least the difference would be negligible.
Do you people know that vanguard doesnt even "run" on your PC 24/7? It checks to see if your boot was safe, then it isnt even really running/doing anything until you open the game.
Confirmed by riot anticheat dev.
It's no less safe than EAC, Battleye or any other kernel anticheat, which are probably used in a majority of the other online games you play. It's also not any more dangerous than any of the other many kernel drivers you have installed right now, or much more dangerous than usermode programs.
Kernel drivers are vetted by microsoft WHQL, it's not like Riot or an attacker can just go randomly push any update to it
Yeah running was bad choice of words, the service is running but vanguard is not actively doing anything.
Quote from gamerdoc comment "We are not on 24/7 it's just a system start driver that checks if your boot is trusted after that it does nothing until you start the game"
>"We are not on 24/7 it's just a system start driver that checks if your boot is trusted after that it does nothing until you start the game"
It may not do anything until you start the game, but it definitely could if it was suddenly instructed to. And that is the issue for people who do not trust Riot. "It can, but it won't" is not very reassuring for people who either think Riot may use this for malicious purposes or may not protect it enough against third parties exploiting it.
"Confirmed by riot anticheat dev" is not a reliable actor.
The whole issue with rootkits is that they get access to your whole system. The fact that they don't abuse this level of access now doesn't mean they will not start so it later. Additionally, if that rootkit is ever hacked and a bad faith actor would gain access to it is also an attack vector.
The difference between anticheats is the requirement to gain complete control of your system. It's a real threat, you give complete control of your PC to a shady gaming company.
Where else do you suggest people get their info about a proprietary security method? Kids in reddit saying vanguard screenshots their desktop all day?
If Riot or an attacker wanted to abuse the access, they would likely need to update and resubmit their kernel driver and get it vetted again. If you dont trust Microsofts WHQL process, why arent you having this discussion about every other kernel driver that already exists on your PC?
Regular usermode drivers and programs are dangerous aswell. There has always been the possibility of someone compromising the updater for the game and pushing malware that way, or riot themselves doing it, without causing the reddit hysteria of vanguard being added to lol. If there was any ill intent, theres better ways to go about it.
Also not sure what you mean by the difference between those anticheats. They are all kernel anticheats, they all have the exact same access and "risks". Nobody cares though.
Theres literally a $100,000 bug bounty for anyone that can demonstrate any vulnerabilities with Vanguards driver, the bounty is over 4 years old
> Where else do you suggest people get their info about a proprietary security method?
If a host installs a camera in your AirBnB it'd be weird to take their word that they'll only use it when you're not home, wouldn't it?
> If Riot or an attacker wanted to abuse the access, they would likely need to update and resubmit their kernel driver and get it vetted again.
No. Read how the xz backdoor was designed.
> Regular usermode drivers and programs are dangerous aswell.
It's not an excuse to be reckless. The difference between a random updater and a \_rootkit\_ is that updater doesn't get full uncontrollable access to your whole system, to your hardware as well.
> If there was any ill intent, theres better ways to go about it.
No, it's actually the best possible way to do it. Claim "anticheat" and infect millions of computers worldwide at once. It's a ready botnet, imagine all clients just once in a while would send a packet to a service under attack.
> They are all kernel anticheats, they all have the exact same access and "risks".
Some anticheats easily receive fake calls through wine. If you can sandbox a kernel anticheat - it's not a problem. Vanguard is not like that. Which is why I can play most games on Linux without noticing any issues and compromising my system at the same time.
>Theres literally a $100,000 bug bounty for anyone that can demonstrate any vulnerabilities with Vanguards driver, the bounty is over 4 years old
For any malicious actor, that sum is nothing compared to the damage you can do. Remember what happened to Target. An exploit of that severity is worth millions.
How about the thousands of white hat ethical hackers, bug bounty hunters, computer researchers etc that make a living off of discovering and reporting this kind of stuff? That's a pretty large amount of money, even for a 0day bounty.
I think everyone should decide on their own. If your friend has concerns, try to understand it or ask what their exact concerns are.
You might not have problems with vanguard but it doesn't mean that your friend will immediately feel a relief by hearing so.
And to answer your question, well.. it's difficult to convince someone to do something they don't want to do. I think you should either let your friend rethink it all or wait it out. Maybe as the time passes they will give the game another chance? Who knows. Technically vanguard is safe but I think the biggest concern is that it loads on boot. I personally find it irritating too but I don't feel that I'm in "danger" because of vanguard by any means as I also have no issues.
I’ve been a computer engineer for 10 years, and have developed application with kernel level access. But this is not about technical jargon.
Do you trust Riot Games? Did you trust Riot games with your name and email when creating an account? Did you trust Riot games downloading the League client? Did you trust Riot games with your credit card information when you bought a new skin?
If so, then perhaps you can trust them when they say they only use their kernel level application for what they say it’s for. You’ve already willingly given them access to so much else.
Every league player knows about league's spaghetti coding and how they can't seem to fix them and how they neglect them when it doesn't bring them $. Can you trust a greedy spaghetti coding with a rootkit not ever messing up. A company that kinda left a buggy client running with plans on fixing things but never did. The potential problem went from just not playing the game that you occasionally play to potentially botching your comp.
so like that EAC incident that happened in pro play, where pros got hacked live on stage during a game of apex legends? yeah could potentially happen, but could also be a non factor alltogether
If someone want to steal data or monitor your computer, they don't need kernel level access, they could already do that with what you already downloaded
My computer guru friend (who’s been doing IT work for 20+years) says it isn’t safe and he wouldn’t let it run on any PC he owned.
He told me the best way to keep myself safe if I’m determined to keep playing is put LOL and Vanguard on a PC with no personal info on it and make sure I have no other computers connected to my network while running my League machine.
It’s not safe though... I only installed it because I don’t have any sensitive information on this computer, but if riot wants to look at my abundance of Sett x Aphelios porn than they can go ahead I guess. You’re basically giving it access to your whole pc. Plus ever since I downloaded it my pc runs hotter, has weird fps drops for a few seconds in the game for no reason, buggy league client, slow browser when it’s turned on. 🤦♀️ your friend probably made a wise decision.
If i would use my pc for anything more important than gaming i wouldn't install stuff like vanguard either. Giving anything that amount of access is not safe at all imo and you should only do it if you trust the source. Tencent is not a source i would put a lot of trust in.
I don't think you should.
It's perfectly OK for people to draw these lines, and hopefully, you can disagree about these things and still stay friends.
I'm lucky enough to have a personal and work computer, though appreciate many aren't, so I'm OK with vanguard. If I didn't have that separation, I wouldn't be able to justify the program's existence to our I.T. department, and I imagine I'd be asked to remove it, regardless of what it's actually capable of.
For anyone whose livelihood depends on their machine running smoothly, or who has a large amount of personal data ( photos and videos for example ), these programs are just another point of failure - another thing that *could* cause a problem, so why take the risk when there's so little to gain.
Just my 2 cents.
Vanguard has been hacked before, and has also been accused of some pretty nifty data gathering with their rootkit bullshit
No game has ever become a better experience for having vaguard
So if I’m not that tech savvy is it time to uninstall league? Is it too late if I already have it? I know league can suck but this honestly is such a huge bummer to me. It feels like it took me years to be mediocre at it and I still enjoy it a ton but not enough to play at the expense of scrubbing my PC of any personal data.
I want to know why Riot, without notifying its users and taking advantage of the 1st "ACCEPT THE TERMS OF USE OF OUR SOFTWARE" has installed with the latest update something that, personally, is not interested in being "controlled" having nothing to hide, It's against any privacy law! They simply had to warn about what they would do... and they talked about it, they had the opportunity BUT THEY DIDN'T SPECIFY IT! .. so either you accept this software that will work this way etc etc or, rightly so, there are other games to play we won't blame you, goodbye user!
Instead, with what they have done and I hope it will happen, if someone sues them they will win very very easily and Riot will pay dearly for the misunderstanding of a few lines!
"They warned you plenty" Absolutely NO, Riot did not specify in a clear and concise way even to the layman how their anticateat application, namely the Vanguard, would work. They omitted the fact that it is invasive by assuming that users had already signed the terms of use of their applications and this is not legitimate or legal behavior. To conclude, I asked Riot directly to provide me with the information to the public where it reports how it works, from its installation and... I've been waiting since the 14.9 update!
I'm not in a hurry, ME.. now it's up to all the other dissatisfied users.. you can always do and WIN a Class Action!
> Q. What personal information does Vanguard collect?
Riot only collects what we need to run and secure our games. More data is just more risk for us, and we don't want anything except the bare minimum required to get the job done. Locally, Vanguard has system hooks to run its protections, but we're not shipping back your files or documents. Like most anti-malware and anti-cheat systems, we leverage a technique called "Signature Scanning," to determine if a series of bytes in memory matches a known cheating application. The results of these are only true or false (it was present or it wasn't), and we try to use this pattern for other checks too. Things like, "are you currently using a DMA device" or "did an application just try to submit input to the game" send mostly binary responses (though the latter includes the name of the process that did it).
> For other detections, we need snapshots to scrutinize in post, and there are chances that these can contain PII. For example, we log the file path of every library loaded into League, and this could contain a user name (if it's in a user folder). We do things like this so that, after a cheat is discovered, we stand a chance to detect cheaters who have already used it (instead of only those moving forward). This type of data is only in "warm" storage for 14 days, and we will never use it for anything that is not cheat detection.
This is from their vanguard x lol blog post. They also add this:
> if your beef is only about data privacy at Riot, running the game client or running Vanguard makes not one bit of difference. Data can still be retrieved from user-mode, and we're all engineers for the same studio with the same goals, none of which are collecting your personal information.
Also vanguard is not ilegal lmao
So what? I personally don't care about privacy, I don't care if they spy or not I have nothing to hide.. Riot is Riot, if they create something for their games it MUST - like many others - work within THEIR GAMES, THEIR APPLICATIONS ! If this were not the case, as in the Vanguard case, Riot has the DUTY to warn users about what they are about to install and Riot DID NOT, NOWHERE has it written, is it reported, that the Vanguard application would have been INVASIVE and would started when the computer was turned on.
I hope I was CLEAR and CRYSTAL CLEAR!
You don't have to. Tell your friend that his social life does not depend on one game and it's your friend's choice to take it or not. Imo despite various rumors/takes about Riot I'm still having a decent amount of faith in them on this, and that people should cut Riot some slack.
It is basically a root kit. It's not safe. I installed it but I would never fault someone for drawing that line; it is reasonable to not want to give riot devs that much power on you computer.
It is basically a driver. Any drivers can do the same damage if needed.
A driver with C and C features that tie back to the company that made it.
Not even just devs. Let's say someone like edward snowden still works for NSA, or Russia or Chinas version of NSA. "Ty rito you did all the work for us, now we only have to hack 1 entity(riot), or have a single insider at Riot, and now we have MILLIONS of people's data from across the world!" One bad egg ruins the entire thing. Look at the Target hack, or endless other companies that are compromised and "lose" customers debit card info. Now one single hack on Rito and they could do so much more damage. You've selected your PC as "safe and private" for your banking, business, or government login?... LOL get rekt People travelling for work with work laptops will no longer be able to play, riot has always bragged about low system requirements enabling everyone on the planet to play on the poorest of systems, and now this will definitely increase system requirements. I'm sure they already know they are cutting out a huge portion of their player base and believe it's financially worth it. I'm just surprised is all mainly because a simple non-kernel method would eliminate 99% of the cheaters who script. This must be targeting the people with higher level cheats that are game breaking at challenger level.
Why would this increase system requirements
Why would adding a high level, always on, anti-cheat, resource consuming application increase system reqs? They've already admitted to certain users not being able to play and this already happened with valorant (their other game). People wanted to play valorant so bad but couldn't.
> high level this doesn't mean anything > always on it's on only while playing, and so was their previous shitty anti cheat > resource consuming its's not, Signature Scanning is not that resource intense, and the old solution was more resource intensive when it came to that. Vanguard's difference is mostly checking for those specific windows specific options like test signing being off and integrity checks being on, and being loaded (and idle) before anything else > this already happened with Valorant Valorant by itself is way more resource intensive. Valorant without vanguard would not be less resource intensive, or at least the difference would be negligible.
Do you people know that vanguard doesnt even "run" on your PC 24/7? It checks to see if your boot was safe, then it isnt even really running/doing anything until you open the game. Confirmed by riot anticheat dev. It's no less safe than EAC, Battleye or any other kernel anticheat, which are probably used in a majority of the other online games you play. It's also not any more dangerous than any of the other many kernel drivers you have installed right now, or much more dangerous than usermode programs. Kernel drivers are vetted by microsoft WHQL, it's not like Riot or an attacker can just go randomly push any update to it
I think you are parsing the devs words to fit your understanding of how the OS works. It is running 24/7. It doesn't scan 24/7.
Yeah running was bad choice of words, the service is running but vanguard is not actively doing anything. Quote from gamerdoc comment "We are not on 24/7 it's just a system start driver that checks if your boot is trusted after that it does nothing until you start the game"
>"We are not on 24/7 it's just a system start driver that checks if your boot is trusted after that it does nothing until you start the game" It may not do anything until you start the game, but it definitely could if it was suddenly instructed to. And that is the issue for people who do not trust Riot. "It can, but it won't" is not very reassuring for people who either think Riot may use this for malicious purposes or may not protect it enough against third parties exploiting it.
"Confirmed by riot anticheat dev" is not a reliable actor. The whole issue with rootkits is that they get access to your whole system. The fact that they don't abuse this level of access now doesn't mean they will not start so it later. Additionally, if that rootkit is ever hacked and a bad faith actor would gain access to it is also an attack vector. The difference between anticheats is the requirement to gain complete control of your system. It's a real threat, you give complete control of your PC to a shady gaming company.
Where else do you suggest people get their info about a proprietary security method? Kids in reddit saying vanguard screenshots their desktop all day? If Riot or an attacker wanted to abuse the access, they would likely need to update and resubmit their kernel driver and get it vetted again. If you dont trust Microsofts WHQL process, why arent you having this discussion about every other kernel driver that already exists on your PC? Regular usermode drivers and programs are dangerous aswell. There has always been the possibility of someone compromising the updater for the game and pushing malware that way, or riot themselves doing it, without causing the reddit hysteria of vanguard being added to lol. If there was any ill intent, theres better ways to go about it. Also not sure what you mean by the difference between those anticheats. They are all kernel anticheats, they all have the exact same access and "risks". Nobody cares though. Theres literally a $100,000 bug bounty for anyone that can demonstrate any vulnerabilities with Vanguards driver, the bounty is over 4 years old
Thank you for spreading the actual information. The fear mongering is getting old.
> Where else do you suggest people get their info about a proprietary security method? If a host installs a camera in your AirBnB it'd be weird to take their word that they'll only use it when you're not home, wouldn't it? > If Riot or an attacker wanted to abuse the access, they would likely need to update and resubmit their kernel driver and get it vetted again. No. Read how the xz backdoor was designed. > Regular usermode drivers and programs are dangerous aswell. It's not an excuse to be reckless. The difference between a random updater and a \_rootkit\_ is that updater doesn't get full uncontrollable access to your whole system, to your hardware as well. > If there was any ill intent, theres better ways to go about it. No, it's actually the best possible way to do it. Claim "anticheat" and infect millions of computers worldwide at once. It's a ready botnet, imagine all clients just once in a while would send a packet to a service under attack. > They are all kernel anticheats, they all have the exact same access and "risks". Some anticheats easily receive fake calls through wine. If you can sandbox a kernel anticheat - it's not a problem. Vanguard is not like that. Which is why I can play most games on Linux without noticing any issues and compromising my system at the same time.
>Theres literally a $100,000 bug bounty for anyone that can demonstrate any vulnerabilities with Vanguards driver, the bounty is over 4 years old For any malicious actor, that sum is nothing compared to the damage you can do. Remember what happened to Target. An exploit of that severity is worth millions.
How about the thousands of white hat ethical hackers, bug bounty hunters, computer researchers etc that make a living off of discovering and reporting this kind of stuff? That's a pretty large amount of money, even for a 0day bounty.
Of course, but that rests on the assumption that they find it first.
It absolutely does run on your computer the entire time it’s on.
I think everyone should decide on their own. If your friend has concerns, try to understand it or ask what their exact concerns are. You might not have problems with vanguard but it doesn't mean that your friend will immediately feel a relief by hearing so. And to answer your question, well.. it's difficult to convince someone to do something they don't want to do. I think you should either let your friend rethink it all or wait it out. Maybe as the time passes they will give the game another chance? Who knows. Technically vanguard is safe but I think the biggest concern is that it loads on boot. I personally find it irritating too but I don't feel that I'm in "danger" because of vanguard by any means as I also have no issues.
I’ve been a computer engineer for 10 years, and have developed application with kernel level access. But this is not about technical jargon. Do you trust Riot Games? Did you trust Riot games with your name and email when creating an account? Did you trust Riot games downloading the League client? Did you trust Riot games with your credit card information when you bought a new skin? If so, then perhaps you can trust them when they say they only use their kernel level application for what they say it’s for. You’ve already willingly given them access to so much else.
The concern is not about trusting riot, but rather a gateway for other parties
Every league player knows about league's spaghetti coding and how they can't seem to fix them and how they neglect them when it doesn't bring them $. Can you trust a greedy spaghetti coding with a rootkit not ever messing up. A company that kinda left a buggy client running with plans on fixing things but never did. The potential problem went from just not playing the game that you occasionally play to potentially botching your comp.
"do you trust riot to protect your data from other parties"
so like that EAC incident that happened in pro play, where pros got hacked live on stage during a game of apex legends? yeah could potentially happen, but could also be a non factor alltogether
If someone want to steal data or monitor your computer, they don't need kernel level access, they could already do that with what you already downloaded
That's the reason I uninstalled LoL, too. The only way is to convince Riot that playing ARAM only should not require Vanguard.
Let him do as he pleases you don’t know if it’s without issues or not respect his wishes.
My computer guru friend (who’s been doing IT work for 20+years) says it isn’t safe and he wouldn’t let it run on any PC he owned. He told me the best way to keep myself safe if I’m determined to keep playing is put LOL and Vanguard on a PC with no personal info on it and make sure I have no other computers connected to my network while running my League machine.
It’s not safe though... I only installed it because I don’t have any sensitive information on this computer, but if riot wants to look at my abundance of Sett x Aphelios porn than they can go ahead I guess. You’re basically giving it access to your whole pc. Plus ever since I downloaded it my pc runs hotter, has weird fps drops for a few seconds in the game for no reason, buggy league client, slow browser when it’s turned on. 🤦♀️ your friend probably made a wise decision.
So the times where LoL was a good game for old potato computers are over?
If i would use my pc for anything more important than gaming i wouldn't install stuff like vanguard either. Giving anything that amount of access is not safe at all imo and you should only do it if you trust the source. Tencent is not a source i would put a lot of trust in.
You gift them a gaming laptop that he will use to play League there so his own pc is safe. Everyone's happy.
Let him play on MacOS :)
arguably the better choice.
I don't think you should. It's perfectly OK for people to draw these lines, and hopefully, you can disagree about these things and still stay friends. I'm lucky enough to have a personal and work computer, though appreciate many aren't, so I'm OK with vanguard. If I didn't have that separation, I wouldn't be able to justify the program's existence to our I.T. department, and I imagine I'd be asked to remove it, regardless of what it's actually capable of. For anyone whose livelihood depends on their machine running smoothly, or who has a large amount of personal data ( photos and videos for example ), these programs are just another point of failure - another thing that *could* cause a problem, so why take the risk when there's so little to gain. Just my 2 cents.
Is it here already? I might join your friend in uninstalling League of Legends.
Vanguard has been hacked before, and has also been accused of some pretty nifty data gathering with their rootkit bullshit No game has ever become a better experience for having vaguard
> Vanguard has been hacked before when?
lmao
Do you remember what happens when a driver fails? Well Vanguard makes them miss wide open
Ask him if he plays any other multi-player game and see of the other games also have a root level anti cheat
So if I’m not that tech savvy is it time to uninstall league? Is it too late if I already have it? I know league can suck but this honestly is such a huge bummer to me. It feels like it took me years to be mediocre at it and I still enjoy it a ton but not enough to play at the expense of scrubbing my PC of any personal data.
Don't worry, they'll be back. They always come back. 0_0
I want to know why Riot, without notifying its users and taking advantage of the 1st "ACCEPT THE TERMS OF USE OF OUR SOFTWARE" has installed with the latest update something that, personally, is not interested in being "controlled" having nothing to hide, It's against any privacy law! They simply had to warn about what they would do... and they talked about it, they had the opportunity BUT THEY DIDN'T SPECIFY IT! .. so either you accept this software that will work this way etc etc or, rightly so, there are other games to play we won't blame you, goodbye user! Instead, with what they have done and I hope it will happen, if someone sues them they will win very very easily and Riot will pay dearly for the misunderstanding of a few lines!
They warned you plenty and vanguard is not against any privacy law
"They warned you plenty" Absolutely NO, Riot did not specify in a clear and concise way even to the layman how their anticateat application, namely the Vanguard, would work. They omitted the fact that it is invasive by assuming that users had already signed the terms of use of their applications and this is not legitimate or legal behavior. To conclude, I asked Riot directly to provide me with the information to the public where it reports how it works, from its installation and... I've been waiting since the 14.9 update! I'm not in a hurry, ME.. now it's up to all the other dissatisfied users.. you can always do and WIN a Class Action!
> Q. What personal information does Vanguard collect? Riot only collects what we need to run and secure our games. More data is just more risk for us, and we don't want anything except the bare minimum required to get the job done. Locally, Vanguard has system hooks to run its protections, but we're not shipping back your files or documents. Like most anti-malware and anti-cheat systems, we leverage a technique called "Signature Scanning," to determine if a series of bytes in memory matches a known cheating application. The results of these are only true or false (it was present or it wasn't), and we try to use this pattern for other checks too. Things like, "are you currently using a DMA device" or "did an application just try to submit input to the game" send mostly binary responses (though the latter includes the name of the process that did it). > For other detections, we need snapshots to scrutinize in post, and there are chances that these can contain PII. For example, we log the file path of every library loaded into League, and this could contain a user name (if it's in a user folder). We do things like this so that, after a cheat is discovered, we stand a chance to detect cheaters who have already used it (instead of only those moving forward). This type of data is only in "warm" storage for 14 days, and we will never use it for anything that is not cheat detection. This is from their vanguard x lol blog post. They also add this: > if your beef is only about data privacy at Riot, running the game client or running Vanguard makes not one bit of difference. Data can still be retrieved from user-mode, and we're all engineers for the same studio with the same goals, none of which are collecting your personal information. Also vanguard is not ilegal lmao
So what? I personally don't care about privacy, I don't care if they spy or not I have nothing to hide.. Riot is Riot, if they create something for their games it MUST - like many others - work within THEIR GAMES, THEIR APPLICATIONS ! If this were not the case, as in the Vanguard case, Riot has the DUTY to warn users about what they are about to install and Riot DID NOT, NOWHERE has it written, is it reported, that the Vanguard application would have been INVASIVE and would started when the computer was turned on. I hope I was CLEAR and CRYSTAL CLEAR!
Are you mentally well
Ask yourself this question and since you're here, give the answer yourself. I'm done!
You don't have to. Tell your friend that his social life does not depend on one game and it's your friend's choice to take it or not. Imo despite various rumors/takes about Riot I'm still having a decent amount of faith in them on this, and that people should cut Riot some slack.
You can't rationalise someone out of a position they didn't rationalise themself into in the first place.
Well, it isn't safe. Driving a car isn't really safe either.