In practice, it’s essentially infeasible to make a non-detectable virtualization stack. Timing is really really hard to match (as is everything else). You can edit the binary that’s doing the detection, but this is time consuming. Every new feature they push costs you time and will poison your hardware id.
You can go further by, say, requiring fTPMs that are on the SoC (super common these days for most recent consumer CPUs). If you can’t boot into linux without the PCRs reflecting your virtualization stack being in the boot chain, you’re cheat is quite detectable.
Cheating will slowly look more and more like trying to hack your own machine.
Secure Boot+TPM combined with decent firmware will make cheating a lot harder. If the firmware ensures random devices don’t get BME set before the IOMMU is properly, attestably, configured, you are basically now stuck looking for bugs in the TPM and UEFI if you want to shove yourself beneath the OS unnoticed. These are full of bugs, so that will work for a while, until it doesn’t.
Popping windows will probably work for some time, but HVCI will make this a pain once ubiquitously required.
And you have to do all of this while also not being detected for aberrant behavior. Eventually, the analog hole might end up being easier, lol.
Which OSes are actually imposing DMA restrictions on internal cards? That feels like something that would impose noticeable overhead, but I guess I can imagine a special mode that enforces this for competitive gaming...
It's not a global on-off switch. With a proper IOMMU, the hypervisor/operating system can lock out specific devices from DMA access, or confine them to specific address ranges.
Allegedly some of the anticheats are configuring the IOMMU through Windows APIs (vanguard, faceit, and a smattering of chinese anticheats). It’s hard to find good public information though. They do some mix of blocking access and deliberately leaving some pages as bait (and monitoring iommu d-bits/faults)
> These are full of bugs, so that will work for a while, until it doesn’t.
You're forgetting that vendors have to implement this into a pretty complicated system already and that configuration space is constantly changing due to new CPUs and other hardware coming into existence. There will always be holes due to emergent configuration and implementation issues.
> but HVCI will make this a pain once ubiquitously required.
Then there will be new pressure to get at the underlying keys that protect the system. When you consider the size of the keys vs. the size of the reward for liberating them it's obvious how this is going to play out.
> And you have to do all of this while also not being detected for aberrant behavior
For tournaments I don't understand the problem. Every other modern non computer based sport has this issue. They understand they can't be perfect, and any attempts to do so would ruin the nature of the competition itself, so you're better off recording as much data, video and audio from the player as you possibly can. That way if there are any accusations later you have the data to consider them.
This is a race to a corporate controlled future for no particularly good reason.
>Then there will be new pressure to get at the underlying keys that protect the system.
just decap your CPU no big deal it just destroys it.
Unless you do something stupid and expose, for some reason, a function from the TPM to return the private key (something that basically noone has done in the past 15 years), you're not breaking those keys. It hasn't been broken on a PS5, on an Xbox One, on an iPhone, on the vast majority of Android phones.
>Every other modern non computer based sport has this issue. They understand they can't be perfect
In every single popular online game right now, hop in on a game, there is a very high chance that one of the players is cheating. From regular scripting in DotA, to aimbotting, to whing, to anything you can imagine. For players, this leads to a frustrating experience. And frustration leads to players leaving the game. Unlike someone cheating at football, which you can personally physically grab and beat the shit out of for ruining the game for others, the best you can do online is leave. For developers, players leaving and a reputation of having cheaters means that your future attempts at making any money through the online portion of your game is dead.
You inferred break but I meant leak. As the financial incentives increase so does the pressure on the physical part of the system. Which historically has always been the weakest and is often exploited.
> hop in on a game
Do you mean public lobby? And you're willing to completely sacrifice your control over your own computer to have a pleasant public gaming experience? Aren't there other ways to solve this problem? In particular by moving it away from the monopolized server/lobby model we currently have?
> And frustration leads to players leaving the game.
It sounds like the game lacks capabilities if this is what is happening. In previous eras I would have just left the server and told the client to ignore it forever. Then servers which allow cheating either intentionally or due to bad management do not get played on.
> Unlike someone cheating at football
Think F1 and Nascar. They have cheating problems. There's millions of dollars on the line. Of course they do. Yet.. they seem to manage just fine without resorting to violence. Which I think is the more apt comparison because the lead for this story is how it impacts tournaments and other scenarios where monetary rewards are up for grabs.
> at making any money through the online portion of your game is dead.
Then you need to provide a service that is worth the money. Punting on the problem and insisting that gamers submit to these types of hardware schemes that don't actually address the totality of the problem is ridiculous. I don't see how it's a problem for them not to profit. Why should they? What is their "stewardship" worth here exactly?
> you're not breaking those keys. It hasn't been broken on a PS5, on an Xbox One, on an iPhone, on the vast majority of Android phones.
Because NSO/Mossad has a different way to get into these phones. When finding software exploits will no longer be viable, we might see some new interesting attacks..
The different way is called a hammer and your hands. They don't have magic tools to break encryption.
We're barely finding out software ways to attack the Xbox360 and it requires rowhammer level of fuckery. Hardware attacks are in the vast majority of cases destructive or relying on some side effects. If you don't leave JTAG pins on your board, they're pretty much never reliable.
With the default key hierarchies, the benefit is more limited. It raises the bar. Implementing known vulnerabilities takes work. And not ever configuration is vulnerable to every issue. And, for a lot of the vulns, the OS vendor shoves things in the dbx to mitigate.
With custom hierarchies, it's a bit more compelling. But it's a lot of work to maintain.
The most interesting toy economy I’ve seen has been d2jsp and its “forum gold”. Forum gold is primarily used as a fiat currency for diablo 2 trading. It’s a janky digital currency on a janky forum from like 20ish years ago, that’s still alive today. You can technically buy the currency from the forum, but in practice few do that. Most people just trade items to bootstrap.
Having futzed with bartering in diablo (and non-fiat trading denominated in items of stable value), I quickly came to appreciate fiat currency. Being able to combine two “half trades” into an equivalent barter exchange is vastly easier.
At one point I was able to trade some of the forum gold I accumulated from diablo 2 for a “perfect IV foreign Ditto” for shiny pokemon breeding.
Had the same experience. Took the janky decompilation from ghidra, and it was able to name parameters and functions. Even figured out the game based on a single name in a string. Based in my read of the labeled decompilation, it seemed largely correct. And definitely a lot faster than me.
Even if I weren’t to rely on it 100% it was definitely a great draft pass over the functions.
You can go further by, say, requiring fTPMs that are on the SoC (super common these days for most recent consumer CPUs). If you can’t boot into linux without the PCRs reflecting your virtualization stack being in the boot chain, you’re cheat is quite detectable.