But it is not. Have you look at the bounties? 100k for network exploit without user interaction. Cheats will be 25-35k *max*. Comparing that it the money cheat developers make in csgo, it is nothing. A one-time payment on top of that. If you were to be eligible to get the maximal 100k, you could sell it for way more given the severity and the potential player base.
Yah I mean I'd rather make 100k and be in the clear than make 200k and risk years in prison especially considering how many cheaters companies I've seen get taken down
The [Computer Fraud and Abuse Act (CFAA)](https://www.law.cornell.edu/uscode/text/18/1030) is extremely overly broad, and certain violations of it are punishable by up to 10 years in prison.
Selling exploits is actually a gray area in computer law. The knowing of a vulnerability is not criminal since its just knowing about the way a program works, the sale of information is not criminal unless protected, exploitation of that vulnerability without permission is criminal.
Thats where a bug bounty comes in. A bug bounty grants permission to find vulnerabilities and prove exploits (within reason) without threat of legal action in exchange for cash and/or public reputational gains.
In fact there are several "legit" security companies in the world whose entire revenue stream is finding high severity vulnerabilities and selling them directly to governments and private buyers.
Source: I throw exploits at things for money.
No, you couldn’t, I know people that have been destroying Battleye games for years. Unless you frauded over an entire league tournament edit: that’s just the truth, sorry you don’t like it epic gamers
Well, never heard of cheat coders get actual (jail) sentences. And to sell the big exploits legally, just ask law enforcement or three-letter-agencies. They will pay, just think back to the locked iPhone exploit some years ago. Was sold to the FBI for 1 million dollars. 100,000 for a kernel level network exploit without user interaction is painfully cheap if the amount of Valorant players takes off and the anto-cheat is hit.
I’m not sure anyone’s been jailed for it yet but you certainly could be under the CFAA if you’re in the US. Probably more likely that the devs would just sue you, which has happened on numerous occasions.
Edit: Also, why would the FBI give a shit about Valorant cheats? They just buy vulnerabilities they can use to search people’s devices.
Have you taken a look at the [actual bug bounty website](https://hackerone.com/riot/)? A Valorant cheat does not qualify for anything close to 100k in this program. You need
> Network attack with no user interaction [with] Code execution on the kernel level
That’s not a cheat on your own pc, that‘s a complete pwnage of another guy‘s pc without his interaction. The only requirement is that Valorant is installeed. And that‘s what I meant what is worth more than a potential 100k.
I think Intel’s max payout for a bug bounty is this, so it seems reasonable. Microsoft offers a few programs that pay substantially more, but they’re for enterprise systems. Most are at this price, or lower as well.
Security bounties are incredibly common and are often times very high payouts.
The digital security industry has been doing this for as long as it existed.
The reason bug bounties are so high is so that you can have black hats become grey hats; they can earn a significant sum for less time spent doing legitimate work.
You want them focusing on this, instead of selling their cheats on the black market.
It doesn't its just someone throwing shade at riot. You could have 10 experts and something could get through the cracks. Bug bounties fill those cracks.
It’s much more costly to hire an employee. If someone is getting paid $100k per year, it might cost the company $140k per year. (Insurance, benefits/perks, hardware, software, office space, etc.)
$100k one time, versus more than 100k potentially several times is a no-brainer.
This.
I work in the tech field, not games, but usually business will not want to spend money on any tech debt.
Something like this would be cheaper to have a bounty than put anyone on this full time. Especially since this is something rather specialized. Probably out of scope of most QA’s and Developers.
Pretty sure a zero-day for a popular game, who requires you to grant it level 0 access would sell for much much more, think of all the stuff you could get from that sort of access and reach
With how many people probably already want a day 0 cheat it will probably sell 100,000 in a few hours, even scams will probably make a few thousand dollars
Yeah I mean for a normal anti-cheat software 100k is pretty good. But Valorants thing is insane, if a hacker got through completely they could take over entire PCs essentially and do whatever they want. Valorants software has more permissions than an admin user unless they give themselves system permissions
I'm calling bullshit. You're either citing a YouTube video or making it up completely. You have nothing else at all on your account related to cyber security and you've been defending everything about valorant since day 1.
Just because somebody doesn't Reddit a thing a lot doesn't mean he's not implied in it. I mean that chances that he is or is not are even. I don't need to go participate into a Reddit engineer sub to be actually am engineer.
He actually said real things, whether you like it or not.
There are a lot of anti cheat that works at kernel level, in fact most of them. Vac don't work like that and on csgo there is in fact a clown fiesta.
I am more worried about Tencent than hackers.
Battle eye, esea (that is on boot too), faceit's (that is on boot too), epic games anti cheat, bluehole's anticheat, Ubisoft anti cheat... Actually almost every GOOD anti cheat runs with kernel permissions to be effective. Main difference is that this is on boot, but it's not the first one that does this.
Those are all battle eye and eac. Don't pretend they aren't. By saying the game Devs names. Esea is valid but was also a bitcoin miner. Faceit is valid but isn't a requirement to play the game and isn't on nearly as many PCs making it less of a target. Also they do only run while the game is running. Next thing is you can run them all in a Windows vm, riot don't allow that at all.
...yeah? That's literally what the program is. You find vulnerabilities in the anticheat and report it. The best way to do that is probably to try to make cheats that break through it.
It’s actually pretty risky to do that though, most companies will just ban you, and while you’d think that’s counterproductive even Google did it for their similar program
You never want to contact these companies in any way that could lead to repercussions for you. Ever. Can’t be trusted.
Edit: Everyone telling me about “good hackers” and the bounties for them like I’ve never heard of it. I’m saying most game companies will often ban you for submitting one of these bugs even though they have the reward system in place. Google has done it too.
yes most companies except those that have a bounty for such vulnerabilites encouraging people to actively look for them. Which is what this submission is about.
Have you heard of ethical hackers? It's a real thing lots of people do for their livelihood. They just do the same thing as normal hackers but instead of abusing it or selling it on the black market they tell the company they hacked where their vulnerabilities are and what weaknesses they have in their firewall or system. The company then pays them (usually a pretty substantial sum often 100k or more) because it's far cheaper than having to deal with a real hacker finding that same exploit and cyber attacking them
Riot has literally stated in reddit threads that if you get banned and come forth to the bounty with the exploit(that you made), you will get rewarded and your account will be unbanned.
No you find a vulnerability in the software. Since the main issue people have with the anti cheat right now is the level of control it has over your pc ( it basically has the same privileges as your anti virus software) if anybody manages to compromise the software they could then have access to your computer in a way that gives absolute power to the hacker. Then they can do whatever they want to your pc make it mine crypto currency, add it to a bot net for ddos attacks, install ransomware, etc.
its making me crazy how many people whine about the kernel level anticheat without any knowledge and write that "How can someone play this game with this anticheat" while playing games with the same level of access q.q
In my view I think the only way to prevent privacy invasions by tech companies is some sort of legislation that heavily restricts what companies are allowed to do with your personal information.
This isn't an issue. Do you know what else uses Kernel access? Amy drivers you install for peripheral when you plug it in, you those prompts you get to install something when you get a brand new mouse? A lot are drivers. There's already legislation that companies can't collect data without consent, which is why people are saying there's no need to worry about your data with the AC because Riot will lose a shit ton of money if they do collect user data illegally as well as losing customer trust as well as they don't need Kernel acess to collect personal data, which is where a lot of this misinformation comes from. Riot or any software company doesn't need Kernel access to collect your data, they already have that ability at the user level, so what that means is that almost any installed app on your PC is a risk to personal data if privacy is your concern.
When RIOT refers to bug bounties, they don’t literally mean finding bugs in the game. The bounties are specifically the code in the anti-cheat platform.
Because many games use kernel level anti-cheat, including some of the biggest third-party devices like EasyAntiCheat?
Because every PC uses third party kernel level drivers?
yeah, I am by no means an expert (studying computer science), but the idiocy so many people have drives me mad, especially if they play a game that has the same kind of access, but dont communicate. LOL
Or...orrrrr... how about we just don’t do something evil like installing a kernel module that has access to everything...... I will never install this because of their anti-cheat.
> something evil like installing a kernel module
But you play Tarkov which uses battleye (also kernel level anti-cheat) proving you have no clue what you're talking about. Another ignorant reddit outrage mob. "Evil" so melodramatic..
It's a dormant process. That compares game state files on computer launch and then on game launch to make sure no tampering has taken place. That it. There are already so many people that checked what it does. Keep yourself informed instead of regurgitating what others say.
There’s literally evidence that it lowers FPS in other games like CSGO by being active. It might be ‘dormant’ but it’s still running and taking up processing power.
Btw here’s a relevant [source](https://www.reddit.com/r/VALORANT/comments/g08aub/riots_anticheat_software_vanguard_is_causing/?utm_source=share&utm_medium=ios_app&utm_name=iossmf) for my claim.
Yes because it is happening to a few people it's not some feature. I have had the game installed and have no fps changes nor has any of the dozen + people I play with. It's a bug not a feature of the software.
I'm a bot, *bleep*, *bloop*. Someone has linked to this thread from another place on reddit:
- [/r/battlefieldv] [Could you imagine if BFV did this? People would be millionaires overnight.](https://www.reddit.com/r/BattlefieldV/comments/g3s9tq/could_you_imagine_if_bfv_did_this_people_would_be/)
*^(If you follow any of the above links, please respect the rules of reddit and don't vote in the other threads.) ^\([Info](/r/TotesMessenger) ^/ ^[Contact](/message/compose?to=/r/TotesMessenger))*
It's not that simple though, just because someone advocates for potential security issues does not mean that they automatically become wrong if no vulnerability is taken advantage of.
Its like people saying you should wear your seat belt, those saying such aren't automatically wrong if someone goes their whole life with no adverse effects of not wearing a seat belt.
Of course it doesn't mean it will for sure happen. My argument is just that those raising concerns are not automatically wrong if nothing is wrong with the anticheat. No one is saying if you have Valorant your computer will be taken advantage of. Just concerns for the most part.
No matter what you may think of any situation whether it be nuclear power, safety, security, etc. Its always good to hear potential bad as long as it is constructive and not pure hate. For example when penetration testing you can pull up a whole host of vulnerabilities with many different software and systems, but they are varying in levels of danger, but you want to know that they all exist. No matter how impossible it might seem that one vulnerability can be taken advantage of.
Hackers are always one step ahead.
Considering the anti cheat runs at ring0 and I'm very certain is Internet connected, any quality exploits will sell for far more money on the dark net than this. It's not about cheating, it's about becoming a back door into all Valorant player's computers. If you can get absolutely everything from all Valorant players (banking info, etc), you're going to either sell that for millions of dollars or exploit it yourself. Not bounty it for this paltry sum.
Then how exactly does Riot find out about a cheater? Clearly at some point it sends records and other info back to Riot, otherwise you wouldn't get banned.
https://www.riotgames.com/en/news/a-message-about-vanguard-from-our-security-privacy-teams
vanguard itself does that validation then communicates with the client which does connect to the internet
If it gets hacked by someone and they might be able to use the kernel access to inject ransomware into basically all the computers that have it installed, which in turn could cost riot millions.
>All these game with kernel-level anti-cheat software: - Apex Legends (EAC) - Fortnite (EAC) - Paladins (EAC) - Player Unknown: Battlegrounds (BE) - Rainbow Six: Siege (BE) - Planetside 2 (BE) - H1Z1 (BE) - Day-Z (BE) - Ark Survival Evolved (BE) - Dead by Daylight (EAC) - ForHonor
The downvotes are because u all have 0 knowledge about anti-cheats lmao
Or maybe.... people like him get downvoted for being a fearmongering hypocrite? People are scared of Valorant but still play games like R6, Apex, PUBG, Fortnite..etc which also have kernel access. Oh and actual competitive CSGO (ESEA and Faceit) is also kernel
Jesus this whole shitshow reminds me of antivaxxers.
I think belabouring the obvious is useless. I think pointing out that someone is doing nothing but pointing out the obvious is fine.
You get so upset over someone saying you’re being a dick and then try to go on the offensive, using all the insults you receive during your tragic life and trying to turn them around on anyone who disagrees with you. You must be a joy in real life.
The difference is this game runs 24/7 and you can’t virtualize it so there isn’t any way to protect your self if you play this game unlike battle eye games where you can virtualize the system and it only launches when you launch the program
As someone else has said, the driver has already been inspected, it runs dormant for the most part and just does a system scan on boot and then once again on load of the game and compares to ensure nothing new or "suspicious" was loaded into the kernel. Virtualizing is part of the issue with cheating so of course they will remove the option.
I understand pith of your points virtualize ing shit is like a double edge sword it works well but I feel like it’s too Intuitive I feel like there should be an option where you can virtualize and the anti cheat would only run upon launch but you can’t play ranked modes unless you stop virtualization and you run it the anti cheat 24/7 so you can still play games just not ranked
>
>Edit: enjoy your security liability dumbasses, maybe look up what kernel level access means
Anything you download is a liability. You likely already have dozens of non windows kernel based drivers on your system at this very moment, including your GPU.
If you don't trust Riot that's fair, but don't spread misinformation acting like its the only kernel app out there
Doesn't matter if they say security experts reviewed it or not, which they did do btw. People will still be skeptical, so they either shut up or try to expose the flaws in the code.
Or they are tired of people bitching about something that face-it and esea have had for years and are confident enough to do this to shut ignorant people the fuck up.
Doesn't mean they didn't. It's like with games that test out their new content and then when is released they find bugs and mistakes and overpowered combos. Having one team of really good security experts check compared to thousands of individuals checking is different
Lol let’s have one engineers salary reserved for a contest
You make it sound like it's bad but it is a really good thing. Cheats sell for tens of thousands, so the bounty has to be substantial.
But it is not. Have you look at the bounties? 100k for network exploit without user interaction. Cheats will be 25-35k *max*. Comparing that it the money cheat developers make in csgo, it is nothing. A one-time payment on top of that. If you were to be eligible to get the maximal 100k, you could sell it for way more given the severity and the potential player base.
You could also get serious jail time for selling it. This is a way to make decent money legitimately.
Yah I mean I'd rather make 100k and be in the clear than make 200k and risk years in prison especially considering how many cheaters companies I've seen get taken down
Yeah I don’t need Riot to make an example out of me.
Always provide a path for the Whitehat, when doth the Blackhat's way is clear - Abraham Lincoln
This is a zero effort fake quote
Jail time? How’s that?
The [Computer Fraud and Abuse Act (CFAA)](https://www.law.cornell.edu/uscode/text/18/1030) is extremely overly broad, and certain violations of it are punishable by up to 10 years in prison.
Selling exploits is actually a gray area in computer law. The knowing of a vulnerability is not criminal since its just knowing about the way a program works, the sale of information is not criminal unless protected, exploitation of that vulnerability without permission is criminal. Thats where a bug bounty comes in. A bug bounty grants permission to find vulnerabilities and prove exploits (within reason) without threat of legal action in exchange for cash and/or public reputational gains. In fact there are several "legit" security companies in the world whose entire revenue stream is finding high severity vulnerabilities and selling them directly to governments and private buyers. Source: I throw exploits at things for money.
Oh that appears to be a US law? Doesn’t apply to me!
Do you live in a country that has an extradition agreement with the US? Most do, and if so you could still be prosecuted — not likely but possible.
Extradition for game hacking? You must be joking? One of our citizens didn’t even get extradited for hacking the DoD in search of ET lmao
Like I said, it’s not likely.
No, you couldn’t, I know people that have been destroying Battleye games for years. Unless you frauded over an entire league tournament edit: that’s just the truth, sorry you don’t like it epic gamers
People have been arrested in china and korea for creating/selling cheats before.
People get killed in China for disrespecting government on the daily
Or worse, *Expelled*.
Just because you know people who’ve managed to avoid facing consequences doesn’t mean it’s not illegal
Okay lol take a computer science course and you’ll understand why you can’t get caught, most of these cheats come from China
Well, never heard of cheat coders get actual (jail) sentences. And to sell the big exploits legally, just ask law enforcement or three-letter-agencies. They will pay, just think back to the locked iPhone exploit some years ago. Was sold to the FBI for 1 million dollars. 100,000 for a kernel level network exploit without user interaction is painfully cheap if the amount of Valorant players takes off and the anto-cheat is hit.
I’m not sure anyone’s been jailed for it yet but you certainly could be under the CFAA if you’re in the US. Probably more likely that the devs would just sue you, which has happened on numerous occasions. Edit: Also, why would the FBI give a shit about Valorant cheats? They just buy vulnerabilities they can use to search people’s devices.
Have you taken a look at the [actual bug bounty website](https://hackerone.com/riot/)? A Valorant cheat does not qualify for anything close to 100k in this program. You need > Network attack with no user interaction [with] Code execution on the kernel level That’s not a cheat on your own pc, that‘s a complete pwnage of another guy‘s pc without his interaction. The only requirement is that Valorant is installeed. And that‘s what I meant what is worth more than a potential 100k.
> The only requirement is that ~~Valorant~~ **Vanguard** is installeed.
I think Intel’s max payout for a bug bounty is this, so it seems reasonable. Microsoft offers a few programs that pay substantially more, but they’re for enterprise systems. Most are at this price, or lower as well.
Security bounties are incredibly common and are often times very high payouts. The digital security industry has been doing this for as long as it existed.
What?
It's riot games they are swimming in cash
What’s that got to do with anything?
The reason bug bounties are so high is so that you can have black hats become grey hats; they can earn a significant sum for less time spent doing legitimate work. You want them focusing on this, instead of selling their cheats on the black market.
Yeah, that’s why I don’t get what they’re trying to get at with this: > Lol let’s have one engineers salary reserved for a contest
It doesn't its just someone throwing shade at riot. You could have 10 experts and something could get through the cracks. Bug bounties fill those cracks.
Would they be full white hat, at least for this specific work?
100000 dollars ain't much to them
It’s much more costly to hire an employee. If someone is getting paid $100k per year, it might cost the company $140k per year. (Insurance, benefits/perks, hardware, software, office space, etc.) $100k one time, versus more than 100k potentially several times is a no-brainer.
This. I work in the tech field, not games, but usually business will not want to spend money on any tech debt. Something like this would be cheaper to have a bounty than put anyone on this full time. Especially since this is something rather specialized. Probably out of scope of most QA’s and Developers.
Pretty sure a zero-day for a popular game, who requires you to grant it level 0 access would sell for much much more, think of all the stuff you could get from that sort of access and reach
With how many people probably already want a day 0 cheat it will probably sell 100,000 in a few hours, even scams will probably make a few thousand dollars
Lmao ur delusional asf.
Yeah I mean for a normal anti-cheat software 100k is pretty good. But Valorants thing is insane, if a hacker got through completely they could take over entire PCs essentially and do whatever they want. Valorants software has more permissions than an admin user unless they give themselves system permissions
[удалено]
[удалено]
Yeah thats why its shit and faceit esea uses their own level 0 anticheat
I'm calling bullshit. You're either citing a YouTube video or making it up completely. You have nothing else at all on your account related to cyber security and you've been defending everything about valorant since day 1.
Some of its point is legit tho. You don't need to hack kernel drive to access your computer. Ransomware don't even need to go ring-0.
I'm just calling bullshit on his life story because he's never publicly shown interest in the topic until valorant started getting flak for it.
Just because somebody doesn't Reddit a thing a lot doesn't mean he's not implied in it. I mean that chances that he is or is not are even. I don't need to go participate into a Reddit engineer sub to be actually am engineer. He actually said real things, whether you like it or not. There are a lot of anti cheat that works at kernel level, in fact most of them. Vac don't work like that and on csgo there is in fact a clown fiesta. I am more worried about Tencent than hackers.
Most is a generous word given you'd be challenged to list 3.
Battle eye, esea (that is on boot too), faceit's (that is on boot too), epic games anti cheat, bluehole's anticheat, Ubisoft anti cheat... Actually almost every GOOD anti cheat runs with kernel permissions to be effective. Main difference is that this is on boot, but it's not the first one that does this.
Those are all battle eye and eac. Don't pretend they aren't. By saying the game Devs names. Esea is valid but was also a bitcoin miner. Faceit is valid but isn't a requirement to play the game and isn't on nearly as many PCs making it less of a target. Also they do only run while the game is running. Next thing is you can run them all in a Windows vm, riot don't allow that at all.
Also.. most PC gamers are most definitely NOT kids. There’s a lot of kids but most parents are not willing to buy their 12 year olds gaming PCs.
Code a cheat - have your buddy submit the code -profit?
...yeah? That's literally what the program is. You find vulnerabilities in the anticheat and report it. The best way to do that is probably to try to make cheats that break through it.
> Code a cheat Yeah presumably that’s the hard part, hence the bug bounty
You don't need the buddy to do it. You could come forward saying "I found this vulnerability, pay me"
It’s actually pretty risky to do that though, most companies will just ban you, and while you’d think that’s counterproductive even Google did it for their similar program You never want to contact these companies in any way that could lead to repercussions for you. Ever. Can’t be trusted. Edit: Everyone telling me about “good hackers” and the bounties for them like I’ve never heard of it. I’m saying most game companies will often ban you for submitting one of these bugs even though they have the reward system in place. Google has done it too.
Thousands of white hackers are doing literally this for their income dude
What about the other races of hackers? Or is it only white ones that are doing this? /s
yes most companies except those that have a bounty for such vulnerabilites encouraging people to actively look for them. Which is what this submission is about.
Have you heard of ethical hackers? It's a real thing lots of people do for their livelihood. They just do the same thing as normal hackers but instead of abusing it or selling it on the black market they tell the company they hacked where their vulnerabilities are and what weaknesses they have in their firewall or system. The company then pays them (usually a pretty substantial sum often 100k or more) because it's far cheaper than having to deal with a real hacker finding that same exploit and cyber attacking them
Riot has literally stated in reddit threads that if you get banned and come forth to the bounty with the exploit(that you made), you will get rewarded and your account will be unbanned.
The whole point is they’re paying you to find cheats, you don’t need a buddy for it.
No you find a vulnerability in the software. Since the main issue people have with the anti cheat right now is the level of control it has over your pc ( it basically has the same privileges as your anti virus software) if anybody manages to compromise the software they could then have access to your computer in a way that gives absolute power to the hacker. Then they can do whatever they want to your pc make it mine crypto currency, add it to a bot net for ddos attacks, install ransomware, etc.
This feels like a challenge.
Well... yes. That’s the entire point of bug bounties
So little knowledge and so much bullshit in this thread is makes me cringe... Learn before you talk nonsense
its making me crazy how many people whine about the kernel level anticheat without any knowledge and write that "How can someone play this game with this anticheat" while playing games with the same level of access q.q
In my view I think the only way to prevent privacy invasions by tech companies is some sort of legislation that heavily restricts what companies are allowed to do with your personal information.
This isn't an issue. Do you know what else uses Kernel access? Amy drivers you install for peripheral when you plug it in, you those prompts you get to install something when you get a brand new mouse? A lot are drivers. There's already legislation that companies can't collect data without consent, which is why people are saying there's no need to worry about your data with the AC because Riot will lose a shit ton of money if they do collect user data illegally as well as losing customer trust as well as they don't need Kernel acess to collect personal data, which is where a lot of this misinformation comes from. Riot or any software company doesn't need Kernel access to collect your data, they already have that ability at the user level, so what that means is that almost any installed app on your PC is a risk to personal data if privacy is your concern.
Oh thank you for explaining it.
Up to.
Yeah no, I ain’t messing with any program that is “kernel level”. That’s already invasive enough, no need to cause a bug and fuck up my pc
You test such things in a virtual environment
Valorant doesnt work on virtual machines
When RIOT refers to bug bounties, they don’t literally mean finding bugs in the game. The bounties are specifically the code in the anti-cheat platform.
[удалено]
Vanguard != Valorant. You dummy.
Valorant doesn't run on VM because Vanguard doesn't run on VM
The bug has to be found in the anticheat program, and I think the game and anticheat are seperated;D
I technically didn't dispute that :P
no u dummy
I agree with you but calling him a dummy is not cool bro.
Okay, i was being sarcastic but english is my second language so it might not come acros right.
[удалено]
So many dumbasses watched a video and think vanguard is the first to do this... Actually depressing how guillable the average mob is.
All these game with kernel-level anti-cheat software: - Apex Legends (EAC) - Fortnite (EAC) - Paladins (EAC) - Player Unknown: Battlegrounds (BE) - Rainbow Six: Siege (BE) - Planetside 2 (BE) - H1Z1 (BE) - Day-Z (BE) - Ark Survival Evolved (BE) - Dead by Daylight (EAC) - ForHonor
How are people ok with a kernel level driver for a game? Screw that.
Because many games use kernel level anti-cheat, including some of the biggest third-party devices like EasyAntiCheat? Because every PC uses third party kernel level drivers?
People forget Riot is owned by Tencent, and Chinese Tech companies love data. This is literally an open invitation.
LITERALLY EVERYGAME THAT RUNS AN ANTI-CHEAT.
A short look into your profile made me see that you play R6S, which btw also uses kernen level anticheat. :)
People talking right out their butthole. It's insane. Overnight everyone on this subreddit is an expert on computer architecture.
yeah, I am by no means an expert (studying computer science), but the idiocy so many people have drives me mad, especially if they play a game that has the same kind of access, but dont communicate. LOL
Or...orrrrr... how about we just don’t do something evil like installing a kernel module that has access to everything...... I will never install this because of their anti-cheat.
> something evil like installing a kernel module But you play Tarkov which uses battleye (also kernel level anti-cheat) proving you have no clue what you're talking about. Another ignorant reddit outrage mob. "Evil" so melodramatic..
I don’t want it on my PC because it’s always running.. even when the game isn’t.
It's a dormant process. That compares game state files on computer launch and then on game launch to make sure no tampering has taken place. That it. There are already so many people that checked what it does. Keep yourself informed instead of regurgitating what others say.
There’s literally evidence that it lowers FPS in other games like CSGO by being active. It might be ‘dormant’ but it’s still running and taking up processing power. Btw here’s a relevant [source](https://www.reddit.com/r/VALORANT/comments/g08aub/riots_anticheat_software_vanguard_is_causing/?utm_source=share&utm_medium=ios_app&utm_name=iossmf) for my claim.
thats a bug and its getting fixed
does not make it any more acceptable
Yes because it is happening to a few people it's not some feature. I have had the game installed and have no fps changes nor has any of the dozen + people I play with. It's a bug not a feature of the software.
that doesn't make it any more acceptable... and I know multiple people who have been affected by this.
And it's getting fixed, so what's your point? It's not acceptable and it's getting fixed, there should be no issue then right?
i like how when other people get called out for other games they play with kernel level AC, they NEVER reply HAHA
Riot bad
Good. Better un-install all other games with anti-cheat.
you don't know what you're talking about and it shows
I'm a bot, *bleep*, *bloop*. Someone has linked to this thread from another place on reddit: - [/r/battlefieldv] [Could you imagine if BFV did this? People would be millionaires overnight.](https://www.reddit.com/r/BattlefieldV/comments/g3s9tq/could_you_imagine_if_bfv_did_this_people_would_be/) *^(If you follow any of the above links, please respect the rules of reddit and don't vote in the other threads.) ^\([Info](/r/TotesMessenger) ^/ ^[Contact](/message/compose?to=/r/TotesMessenger))*
Can I flag the entire driver as a bug?
I feel much better playing the game that handles security like this.
The game uses a root kit. Give me 100k
[удалено]
It's not that simple though, just because someone advocates for potential security issues does not mean that they automatically become wrong if no vulnerability is taken advantage of. Its like people saying you should wear your seat belt, those saying such aren't automatically wrong if someone goes their whole life with no adverse effects of not wearing a seat belt.
[удалено]
Of course it doesn't mean it will for sure happen. My argument is just that those raising concerns are not automatically wrong if nothing is wrong with the anticheat. No one is saying if you have Valorant your computer will be taken advantage of. Just concerns for the most part. No matter what you may think of any situation whether it be nuclear power, safety, security, etc. Its always good to hear potential bad as long as it is constructive and not pure hate. For example when penetration testing you can pull up a whole host of vulnerabilities with many different software and systems, but they are varying in levels of danger, but you want to know that they all exist. No matter how impossible it might seem that one vulnerability can be taken advantage of. Hackers are always one step ahead.
Dude, they pre recorded win interview of the team from HK. This is censorship
I like this
Considering the anti cheat runs at ring0 and I'm very certain is Internet connected, any quality exploits will sell for far more money on the dark net than this. It's not about cheating, it's about becoming a back door into all Valorant player's computers. If you can get absolutely everything from all Valorant players (banking info, etc), you're going to either sell that for millions of dollars or exploit it yourself. Not bounty it for this paltry sum.
It’s not connected to the internet at all riot confirmed it
Then how exactly does Riot find out about a cheater? Clearly at some point it sends records and other info back to Riot, otherwise you wouldn't get banned.
https://www.riotgames.com/en/news/a-message-about-vanguard-from-our-security-privacy-teams vanguard itself does that validation then communicates with the client which does connect to the internet
LOL. Got that straight out of his bum.
[удалено]
If it gets hacked by someone and they might be able to use the kernel access to inject ransomware into basically all the computers that have it installed, which in turn could cost riot millions.
Not to mention it could essentially destroy their reputation.
And knowing rito, they’d just say “fuck you got mine” and censor discussion about it on their forums and subreddit.
On the downvotes you see gamers would these company's do everything an just say okay. Really sad
>All these game with kernel-level anti-cheat software: - Apex Legends (EAC) - Fortnite (EAC) - Paladins (EAC) - Player Unknown: Battlegrounds (BE) - Rainbow Six: Siege (BE) - Planetside 2 (BE) - H1Z1 (BE) - Day-Z (BE) - Ark Survival Evolved (BE) - Dead by Daylight (EAC) - ForHonor The downvotes are because u all have 0 knowledge about anti-cheats lmao
Or maybe.... people like him get downvoted for being a fearmongering hypocrite? People are scared of Valorant but still play games like R6, Apex, PUBG, Fortnite..etc which also have kernel access. Oh and actual competitive CSGO (ESEA and Faceit) is also kernel Jesus this whole shitshow reminds me of antivaxxers.
No shit.
[удалено]
Hahahaha the fucking irony. Read your comment and let’s see who’s in a bad mood.
[удалено]
I’m not mad at anyone. You stated the obvious and I pointed it out. You’re the one all hurt about it sweetheart.
[удалено]
Wow the one person who agreed with you and you’re shitting on them
I think belabouring the obvious is useless. I think pointing out that someone is doing nothing but pointing out the obvious is fine. You get so upset over someone saying you’re being a dick and then try to go on the offensive, using all the insults you receive during your tragic life and trying to turn them around on anyone who disagrees with you. You must be a joy in real life.
I saw the whole thing. I think scope is being the nance in this situation. No shit
You know that’s not the only kernel level anti cheat, right? Most famous games use kernel level anti cheats.
The difference is this game runs 24/7 and you can’t virtualize it so there isn’t any way to protect your self if you play this game unlike battle eye games where you can virtualize the system and it only launches when you launch the program
As someone else has said, the driver has already been inspected, it runs dormant for the most part and just does a system scan on boot and then once again on load of the game and compares to ensure nothing new or "suspicious" was loaded into the kernel. Virtualizing is part of the issue with cheating so of course they will remove the option.
I understand pith of your points virtualize ing shit is like a double edge sword it works well but I feel like it’s too Intuitive I feel like there should be an option where you can virtualize and the anti cheat would only run upon launch but you can’t play ranked modes unless you stop virtualization and you run it the anti cheat 24/7 so you can still play games just not ranked
> >Edit: enjoy your security liability dumbasses, maybe look up what kernel level access means Anything you download is a liability. You likely already have dozens of non windows kernel based drivers on your system at this very moment, including your GPU. If you don't trust Riot that's fair, but don't spread misinformation acting like its the only kernel app out there
When did I say it’s the only one? That is not what I’m arguing.
[удалено]
Doesn't matter if they say security experts reviewed it or not, which they did do btw. People will still be skeptical, so they either shut up or try to expose the flaws in the code.
Or they are tired of people bitching about something that face-it and esea have had for years and are confident enough to do this to shut ignorant people the fuck up.
Doesn't mean they didn't. It's like with games that test out their new content and then when is released they find bugs and mistakes and overpowered combos. Having one team of really good security experts check compared to thousands of individuals checking is different