Riot official response about League of Legends on Linux for Vanguard anti cheat

tldr for anyone:

They aren't fixing it. fuck y'all.

Also - it's not a rootkit - it just loads at boot and has higher privileges than the userspace that you can't contr.... oh. it's a rootkit. They don't want you to call it that though. It's not cancer... it's a growth.

- Funnily enough that's how a lot of modern cheats work. it's on a separate box. Good luck catching that automatically vanguard. Hard to out-ring the hardware layer.
  If it's not server based detection it's exploitable.
  I'm not in that line of work but make no mistake if it hasn't been yet: a cheat vector will probably involve patching the anti cheat software or attacking how it communicates.

Stop stealing our CPU cycles for high risk rootkits and start mitigating and detecting cheating on the server.

It's that easy.

I stopped playing games that want this bullshit. Don't need that shit in my life.

It's that easy.
I'm guessing you're not a programmer yourself? Because it's really really not that east to /just/ detect in the server side, hacks can be super sofisticsted these days and there are often many client side exploits that you simply cannot detect serverside.
- Actually, I am.
  Using rootkit anti-cheat is a shortcut that reduces cost for both dev time and hosting time at the expense of your customers' security and CPU. You also have to lay your cards on the table for those who are attacking you. It is not the right solution for this problem.
  Authoritative servers. Never trust the client, especially with information the player shouldn't have right now. Look at behaviors and group players based on if you think they cheat or not - let the cheaters play together, no need to spoil their fun and let them realize you know they cheat.
  People do some or all of this on the server now, but root kitting all machines to try to solve this problem to play video games is one of the dumbest approaches ever and we will realize it one day when a state level actor pops their zero day against a big install base.
- I'm a programmer, yes it is. It's not easy in the sense of easy to implement, it's easy in the sense that everything else is impossible. Client-side anti-cheat is impossible, and by that I don't mean hard, I mean perpetual-motion level of impossibility. If someone tells you they implemented a foolproof client-side anti-cheat you should be just as skeptical as if someone tells you they created a perpetual motion. It's impossible, never going to happen, want an example? Robot using a camera to watch the screen and directly moving the mouse and keyboard, completely undetectable from the client side.
  From the server perspective the person is cheating or is behaving like a human. If they're behaving like a human their behavior is completely indistinguishable from a human, so who cares if they're cheating?, whatever they're doing has them still at human level so if the game has skill based matchmaking (which most of these games do) he'll rise up until his cheating puts him in the same level of more skilled humans and everyone has fun. If he keeps rising forever he's not on a human level, therefore a cheater. More importantly this also penalizes people who buy bot leveled accounts, because their matches will be all against people they can't hope to win and the game will not be fun.
  Server side can also trick clients into giving up that they're cheating, e.g. sending ghosts behind walls to check for wall hacks or other similar things to gauge player responses.
  But what do I know? I'm just a senior programmer who's been working on servers for some years. l never worked on the client side anti-cheat though, also never tried to build a perpetual motion machine.
- It's not easy, but it's really not worth the massive gaping security vulnerability you are giving your users. One disgruntled employee giving out the keys to the castle or one programmer plugging in an infected USB, and every user now has a persistent malicious rootkit. The only way to fix an issue that deep after it gets exploited is to literally throw away your hard drive.
It’s not easy. And league is free. So banning people won’t work well either. They can’t ban ip addresses either without banning college campuses, some apartment buildings, and Internet cafes.
But that wastes their clockcycles to make sure you're not cheating. So much easier to make everyone's experience worse so they don't have to upgrade and build out more servers.

Fuck Riot. Never playing their games again. If you're going to have a shitty anticheat at least give people the option to play in anticheat disabled lobbies. Besides, they should be doing anticheat at the server level not spying on the boot sequence of client PCs. That shit is unnecessary for a fucking banking app let alone a goddamn game. It's just a game, let us enjoy it rather than making such a ridiculously over the top response to cheating.

If you’re going to have a shitty anticheat at least give people the option to play in anticheat disabled lobbies.
This, a thousand times. I can understand requiring anti-cheat for Ranked matches, but some of us just wanna screw around. If there's no progression tied to the match why should they care?
(Microtransactions, if I had to guess)
- Yup, at the very minimum let me continue to play TFT. You can't really cheat there, and if you could, that's more likely due to an underlying gamplay/UX problem.

The issue with this entire statement is that despite the amount of system access they want, and the complexity of the software they've made, cheating is as rampant as it was before. The fact that they continue treating Linux as an issue, just as Ubisoft do with Siege, or Bungie with Destiny, just shows that there is a much larger issue at hand

Even worse, it proves that they themselves don't understand the entire psycho-social scope and workings of cheating. Cheating is not an entirely technical problem. It's multidimensional.

The "any backdoors we leave open for it" bit kinda sounds like straight-up complaining that they can't compromise users' security without compromising their own control over users' systems?

Boo fucking hoo, I guess 🤷

That's a pretty standard position nowadays from a lot of different tech companies. They can't possibly give the user any freedoms, because it might compromise something. It's this broad assumption that all users that refuse to surrender control of their device should never be trusted and therefore not have their desires respected.
Like how Google continues to actively punish users that claw back control of their devices through custom roms or rooting, and of course Apple has been doing that forever. Microsoft is threatening more invasive restrictions in windows, too. It's why shit like integrity checking is continuing to be pushed.
The pattern is very clear: you are required to let them stick their arm up your device's ass to participate in our "modern" tech space.
It's the equivalent of a store that forces all customers to strip naked before entering to prevent shoplifting. You of course don't have to enter that store, but that store has also run virtually all the other stores out of business, and it's the only one that carries the specific brand of chips you're looking for.
- In my country there was a story about a lady who got viral because it had been customary for shops to make people leave their backpacks and purses on a locker or with an employee. Then a security employee also had to check your receipt against the items in your bag before you left. It's extremely annoying and cumbersome, it can add up to half an hour of extra time when the shops are full and there aren't enough employees to do the checks.
  So one day she went to buy groceries, before giving her purse to the employee she emptied it and itemized everything there was in there on a piece of paper. Then she bought her groceries and had the clerk double check the price and weight of every item she bought against the price tags and content labels of everything. Including the prepackaged meats. Then, when picking up her purse back, she had the list of items and emptied the bag again in front of the employee.
  The manager noticed and went to her mad at what she was doing. She argued with him that they treated her as a thief so she would treat them as thieves themselves and pointed out how she had been charged for an extra plastic bag they didn't gave her (we get charged the price of the bags).
  Of course nothing came of it, but it riled social media discourse over here for a while. Some low end (local bodegas) and high end stores stopped the practice as the economic situation stabilized, but it was still a quirky detail. Some employees did steal stuff from customers bags. Same lady had a field day during the days of stores trying to return change on payments with lollipops and candy. So she tried to pay with a bag of candy and lollipops. That one was wild as well.

My main issue with this blog post is that rather than properly addressing concerns, they make fun of them.

It's not a rootkit, journalists just spread misinformation for clicks

Why is it not a rootkit, then??

Because journalists.

So .. do we have any evidence that rootkits actually decrease the amount of cheating? Like... At all?

The awnser is a firm no. Cheaters have moved to hardware based cheats with DMA boards. On valorant some cheaters have started exploiting remote play services to use machine vision based aim bots. Neither of those two methods can be detected by a kernel level anti cheat.
- And now they have more fun working with hardware than software. No needing to reverse engineer the game either since you're just processing display output and executing inputs on separate hardware like an Arduino or Raspberry Pi
it totally decreases the amount of cheating by a lot. Like the biggest decrease in history. That's right. It's huge. /trumpvoice
Also
trust me bro
- I wouldn't trust you if you were a valid SSL cert, bro

and the difficulty in securing it is only compounded by all the frustrating differences between distributions.

You DO NOT get to bitch about dIfFeReNcEs while you're writing rootkits. Fuck off.

yesterday, there were just over 800 Linux users on League.

And how many of them were cheating? ರ⁠_⁠ರ

DotA 2 works right? Just upgrade to DotA 2

Yeah, but what if I want:
pre-2010 graphics
a free rootkit
a single ugly stagnant map with no skins
a single and unchangeable and uninspired drone of an announcer
a game whose bug-ridden, laggy client leaks memory and processes
a game whose client prevents you from spectating pro games, past and present
a pro scene rampant with match fixing and ads injected into the horrendous casting
If not League of Legends, where else am I gonna get all of that from?
- I love that you mentioned that abomination they call a client. Something so bad a developer solo wrote a better one only to have them hire that person and quietly kill the project.

The "distributions" argument always smells like bullshit. Developers actually interested on supporting Linux usually stick to one or two distros of their choice. (Typically Ubuntu.)

Beyond that: I don't play LoL, but the fact that they need such an aggressive rootkit as anti-cheat hints poor game design. As in, why are your players so eager to cheat?

I'm guessing that people just like feeling superior to others and video games are a convenient outlet for that. There's no changing that via game design unless LoL ceases to be a competitive game.
Typical for a group of people that probably dedicated their whole careers to Windows. Could have just put it plainly that they don't want to pay engineers that have the skills to do this on Linux.

So basically, “it’s too hard, and our engineers are not good at their jobs.”

It's Harder to solve than you think. I came upon a documentary a while ago where they go a bit more in depth on the subject and what cheaters can do nowadays.
No company has solved the problem tbh. Even games like counter strike are riddled with cheaters and even on faceit there's plenty of people that are dodgy AF and likely cheat.
It's not an easy problem to solve and it is, AFAIK, still an unsolved problem in shooters. So your comment is a bit salty. Might as well claim every game engineer worldwide isnt good at their job because nobody has solved this yet. Not that I'm defending riot.
The rootkit "solution" is complete bullshit. It is completely disproportionate and a massive security/privacy risk. And to top it off it's not even a solution that's good enough.
This is the documentary I saw: https://www.youtube.com/watch?v=RwzIq04vd0M&
It did remove my appetite for playing PvP shooters for a while.
- The rootkit isn't a solution. It's a bandaid - and a bad one at that. Moba and FPS hacks have already moved outside the hardware of the PC or into the virtual space. It's a beware of dog sign on the fence meant to scare users... while ultimately doing very little (besides providing a vector real hackers and tools can exploit to gain access to your system.)
  Seriously anyone willing to install a rootkit on their system that that company is behind deserves whatever comes their way next.
- I’m sorry but I just don’t buy that.
  First of all, you can’t solve a problem you’re not willing to work on.
  Second, no one is expecting a solution that bans 100% of cheaters and has zero false positives. We all know that’s unrealistic. So saying no one has solved it yet is kind of misleading. There are existing solutions that work well enough for most people.
  Third, there are solutions that can run entirely on the server side that would work for every system. Riot just isn’t willing to use them.
  My comment stands. Bad engineers that can’t solve a problem other people have already come up with solutions for.

WINE
\ Is
\ Not
\ (an)
\ Emulator

What makes you think they are referring to Wine in that particular case, and not the emulation of the kernel level anticheat on userland? It's also arguably not an entirely correct use of the word there either, but it's fine.
- What makes you think they are referring to Wine in that particular case.
  Them talking about Lutris and Wine in that same paragraph and using the phrasing "even allowing" implying it's what they're currently doing. But looking again, you're right. They were referring to VMs.

I hear Dota is better anyways and I think it runs natively.

Kernel anticheat is just like gaming piracy, where developers are constantly fighting ghosts rather than tackling the social issues that encourage the behaviours they want to avoid.

there are no social issues you can ever fix to be found here. give a 11 year old an auto-win button for counter strike that he can press whenever he loses a single round and feels his pride hurt - he'll press it.
i think that anti cheats display a disrespect to the customer, because in an ideal world he should then run two computers instead of one. one for online banking, the other one for every company's favorite rootkit with questionable maintenance.
the only way out, in my view, is going to server side ai cheat detection.

I don't believe that only 800 people played on Linux. It makes no sense to me in the grand scheme of things. I have a personal YT channel with only 108 subs and my random low effort video on how to get League running on Steam Deck has almost 70k views which is nuts and there are many other much better videos than mine with many more views. If only 0.1% of those people are active players that would still make a lot more than "800" figure. I know this is just a random speculation but 800 is just waaaay too low.

Those 70k views are probably people like me:
Want to try it and bounce violently off of the toxic ass community
So that 800 might actually be a believable number given you go through some hurdles just to get, well, LOL players

Makes business sense. Why bother developing for 800 users when you have hundreds of thousands, if not millions, to worry about? The software company I work for has to make this kind of decision all the time.

But it was nice of them to include a viable strategy for cheaters via VMs.

Edit: I should clarify that "business sense" is almost always a poor excuse, and considering the potential growth in the Linux market thanks to handhelds, Proton, and NVK, seems dumb to thumb your nose at that potential.

800 feels like a number they cherry picked considering the overall community size.
Speaking personally: their vm detection is hot garbage and they know it. Detecting a VM is easy enough for anyone- detecting cheating via it is far more difficult. They flag a VM as such and wait for a report to roll in then blindly ban it.... only to reverse it when pressured. This isn't the behavior of an org with concrete evidence. It's a smokescreen.

How far is the company willing to go to prevent cheating? Cameras in people's homes to make sure they're not using another computer that your anti-cheat has no access to?

If players tolerate that then competitive gaming is going in a deeper dark pit of proprietary spyware in the name of fighting cheating, an arms race with no end.

Solution is easy: don't play LoL 🤷

Anti Commercial-AI license

I've never actually noticed cheaters during the time I played the game. If they cheat and matchmaking puts me against them, it just means that me without cheats and them with cheats are equivalent in skill level, so it's a fair and fun game. So I don't see the point in preventing cheats in the first place unless you're at the very top of the ladder, and there's so few people up there that it should be easy to just manually ban the cheaters.

I'm dual booting windows and linux and I'm only using Windows for applications I can't get to run on Linux. If I'm installing Vanguard on Windows, could that be a safety concern for my Linux partition? Since I have no personal data on Windows, I wouldn't mind installing it there, as long as it's not an issue for my linux partition

Good riddance, spent several years hooked to League. That being said, the fragmentation argument is bullshit, they could ship a read-only container in a flatpak and it'd run everywhere.

Kernel level is a huge risk and it doesn't guarantee anything, especially in the age of Ai cheats and network mitm cheats

You can't do shit with flatpak as a kernel level anti cheat.
- That's the point. A read only container to keep low hanging fruit at bay, and flatpak to distribute without having to repackage to every distro under the sun.
  I don't fuck with the game, the game doesn't fuck with my system.