On Easy Anti-Cheat - A Petition To The Community

@keylessword4029 said in On Easy Anti-Cheat - A Petition To The Community:

honestly after this apex legend debacle im considering just quitting this game now due to the anti cheat. obviously ezanticheat is going to deny they are they issue but even if it wasnt just their software but it allow access to inject code onto your machine by bad actors even if ezac doesnt get hacked its opening the door for the game itself to be hacked and slip that code in right? and with how the rare team has shown how sloppy their coding is time and time again with every single update breaking the game i am very worried.

i was more tolerant of the buggy nature of the game when it wasnt opening a back door into our systems but now knowing how easily hackable the game itself was and now its using ezanticheat.....

I'm as cautious about kernel-level AC as the next person, but I think it's important to keep a level head about this and not fall to the fearmongering... I suggest you watch Thor from Pirate Software's discussion on the Apex incident.

https://www.youtube.com/watch?v=-1zxjGxpnqA

It's a long video but a very interesting talk that may answer some questions you have.

In the meantime, there's no harm in taking a break for a few days if you are concerned, as nothing is 100% known about what happened right now. I'm sure over the coming days we will learn more.

Update to this situation around Apex Legends and a potential EAC RCE exploit... Respawn have finally commented on it here:

Note the last sentence... "Our teams have deployed"... While it doesn't get EAC 100% off the hook, it does suggest the issue is with Apex Legends rather than EAC.

I'm with Thor (Pirate Software, see above post) on this, while I am very cautious about kernel-level anti-cheat, the signs point to either individually compromised machines and/or Apex Legends servers being compromised, rather than Easy Anti-Cheat having any kind of RCE exploit, in this instance.

Even thinking logically, if someone did compromise EAC, we wouldn't know about it, they would be too busy taking everything they could before we found out.

I have little credibility here other than being a very new to the field CS major with some experience writing software that uses Kernel Calls and commands, mind you only for UNIX based systems.

What I will say is you'd be surprised by the amount of software that issues Kernel commands all the time on your average consumer computer. The kernel is simply the interface between how your operating system interacts with the hardware that it's installed on. Most security software or software involved in highly sensitive transactions and information transfer will inevitably issue Kernel privileged commands. There are different kinds of kernels out there with varying degrees of capabilities, and I will admittedly say I know very little about the Windows kernel.

What I can say is: why do we then trust Antivirus Software, Security-focused products, or even the Operating System developers themselves to always write perfect Kernel Mode code that nobody could ever dependency inject or find exploits against in malice. But then the moment a game developer wants to hire people with those same backgrounds to develop Anti-Cheat solutions for their games is when the hysteria ensues.

Yes there are some added risks by adding another kind of software that utilizes the Kernel, but when cheat developers themselves are already utilizing Kernel Mode to bypass most common Anti-Cheat softwares as well as secure their Cheats from being modified or copied it's kind of a must have to be able to see processes running at that authority level. I also know, having talked to some cheat developers in the past, many of the methods they use to develop cheats in the first place. Among those I've spoken to one thing has always been made clear. Riots anti-cheat HAS to be uninstalled from any system if you want to run the majority of cheats out there, even for other game titles. Their anti-cheat system is so effective it has often been better at detecting cheaters in other games than EAC itself and other Anti-cheat software. The majority of effective cheats left in games that utilize Vanguard have to utilize special hardware configurations to read memory directly off a computers motherboard and into another computer for processing, which is more difficult for cheat developers to do and more cumbersome for cheaters to take advantage of, leading to significantly less cheaters overall. A huge win for anti-cheat developers that has been sorely needed.

With anything there are pros and cons to be weighed and everyone will have their opinions on which they value more. But for me? I value fair gameplay very much and looking at the list of pros for Kernel Calls in Anti-Cheat software far outweigh the cons, especially in recent years where cheating has become so rampant and accessible that some game titles are seeing active playerbases where the majority of active players are utilizing a form of cheat.