Kernel Level Anti-Cheat Questions/Concerns

@jill-the-coward

The answers to your questions can be found on EPIC’s site under the EAC section. Rare aren’t going to reveal details on their anti cheat, as you suspect, so getting info is better taking it from the source.

https://www.easy.ac/en-us/

@jill-the-coward said in Kernel Level Anti-Cheat Questions/Concerns:

I was disheartened to hear that SoT was going with kernel-level anti-cheat. I think it's a bit silly that we're going with such an extreme solution for a casual game but I understand what's done is done and its coming so I (and others I assume) had some questions for Rare.

-First off I understand that you don't want to reveal your hand to the cheaters so there is only so much you can tell us. Are there plans to do a news post or something going more in depth into the system than we got in Drew's 30s summary in the Sot News video? If not could there be?

Unfortunately, due to the extremely sensitive nature of the topic (in terms of user privacy) probably not. Those who know, will know - it's best if we keep our hands off. You may be able to do a FOI request, but since it concerns the security of millions of users, you'd have to have some serious investigative journalism skills.

-Does the AC software run on its own or does it only run while SoT is running, not before or after? Are you sure?

From my understanding, the EAC for SoT is exclusive to SoT and shouldn't be running while other programs are being run. It should run similarly to other competitive UE games' EAC.

-I have programs like Cheat Engine and Melon Loader installed on my computer for totally innocent purposes. Being an online game, I think SoT is safe from these things anyway but I have heard of instances of kernel solutions banning people for having these programs innocently. Am I going to be redbearded for having these programs?

Cheat Engine and Melon Loader are already flagged, so as long as you don't use them for SoT, you should be good. Sometimes false flags can happen (esp with anti-virus stuff) so be sure to keep tabs on your program logs. Just make sure that nothing is pathed through the files where SoT is installed (you could partition your HDD/SDD).

-Are there any black box portions of the anti-cheat software or has Rare been granted access to 100% of the source code from Epic? I know sometimes software companies use trade secret laws to hide proprietary code from customers and I trust a 3rd party less than I trust Rare.

Unless the source code for UE4/EAC was leaked, absolutely not. From my understanding, the code/program for SoT's EAC is specific to only SoT, so other UE games may have their own versions of EAC. That being said, EAC/UE is an industry standard (which doesn't mean I trust it any more). It may be feasible to datamine that, but that would be illegal (in some jurisdictions) and dangerous (to other consumers who don't have good opsec). If it's truly a concern, you can campaign for an audit through the government - but that's a very hard legal campaign.

If you don't know what kernel level anticheat means then I suggest you look into it. It is not just a theoretical security risk, kernal AC has been used for crypto farming and ransomware attacks as recently as last year.

I agree with what you're saying. But with the frequency and extremely fast-paced evolution of cheats/anti-cheats, it's one of the easiest and fuss-free ways to detect and execute. This game has enough bloat and optimization problems, and the cheat community continues to be toxic as ever. I think a big problem is asking ourselves, why do people cheat? Is it because they want 120 fov, or because they enjoy ruining people's day? It's both a community and technical problem.