Hacker News new | past | comments | ask | show | jobs | submit login

That's not really possible as long as the kernel allows the loading of arbitrary user-provided modules. Because the cheater will certainly run the cheat that requires kernel mode. If it's run in kernel mode, the API call can be intercepted.

How does the anticheat then work? Corewars. It's a cat and mouse game between the cheat provider and the game developer.

One would need a secure base layer, where also the MS anti-cheat lives, and all drivers can only run in a layer between this base layer and userland. I think that's already done for most of the graphics stack.

On the other hand, I am not convinced I want a system where I cannot load arbitrary kernel mode code if I choose to do so.






Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: