Are you saying that the solution here is to sell computers so locked down that no user can install anything other than verified software?
Are you saying that the solution here is to sell computers so locked down that no user can install anything other than verified software?
I'm still not seeing how that would solve it. These are all multiplayer games. You could intercept the network traffic before it reaches the machine and then use a separate device to give you audio or visual cues. In StarCraft, reading the network traffic with a pi and hearing "spawning 5 mutalisk" is gonna completely change the game.
You can't do anything with a locked-down computer. It can encrypt all its traffic and you can't see anything.
That’s what I want as a gamer. I want a PC that works as a console. Whether I want that for other use cases or this machine doesn’t matter. I’m happy to sandbox _everything else_, boot into a specific OS to game etc.
The thing about gaming is that it’s not acceptable to leave 5% performance on the table whereas for other uses it usually is.
Question for you - why don’t you buy a console? (I agree with you by the way, it’s why I have a ps5)
I never played using a controller and I never will. And I do want a high end PC for other use cases.,
_most_ games now do KBM on console and matchmake separately for it. It's still not perfect, but it's gotten much better.
> And I do want a high end PC for other use cases.,
Right, you don't want two devices (that's fair). How can you _possibly_ trust the locked down device won't interfere with the other open software it's installed side by side with?
Those use cases don't work with completely locked down OS.
Also you can plug a mouse in a console… that's a weird excuse.
I don’t need to game in the same OS that I do other things. But having two sets of hardware seems like a waste.
Having a useless locked down machine isn't a waste?
Not if I can just leave that sandbox when I want to (boot another OS/mode/leave a sandbox etc) no?
Just know that it will still get cracked and cheats will exist. I suspect this is Microsoft's next "console" as they have been developing "anti-cheat" for quite some time.
> it’s not acceptable to leave 5% performance on the table whereas for other uses it usually is.
I think that’s an incredibly rare stance not held by the vast majority of gamers, including competitive ones.
I don’t think a sandbox like a VM would work even if it could be done with only 5% perf hit? Wouldnt any game run in a VM be possible to introspect from the hypervisor in a way that is hard to see from inside the VM? And that’s why these anticheats disallow virtualization?
That would mean those who are concerned about the integrity would want to sandbox everything else instead. And even if people are ok with giving up a small bit of perf when gaming, I’m sure they’re even more happy to give up perf when doing online banking.
Get a console then.
Or we just boot into some console-esque gaming OS or mode to game. I’m not sure why this would be so controversial. The alternative is the one we see here.
But that requires you not owning your computer, which I hope is controversial.
Mid range hardware can run majority of games at high fps. You can easily leave performance on the table.
No. No it can not. Unless you mean a 5070/80 is mid range.
That’s not really incompatible with this? That’s just how secure boot works. You can re-enlist keys for a different root of trust, or disable it and accept the trade-off there.
The idea is that it would require a verified hypervisor, and verified operating system for the game, but you could still at the same time be running an unverified operating system with unverified software. The trusted and untrusted software has to be properly sandboxed from one another. The computer does not need to be locked down so you can't run other hypervisors, it just would require that the anticheat can't prove that it's running on a trusted one when it isn't.
The security of PCs is still poor. Even if you had every available security feature right now it's not enough for the game to be safe. We still need to wait for PCs to catch up with the state of the art, then we have to wait 5+ years for devices to make it into the wild to have a big enough market share to make targeting them to be commercially viable.
But if you can get in before the OS, you can change what it does. You'd need attestation in the hardware itself so the server can know that what's running isn't signed by Microsoft's key, for example.
Attestation is how the user mode anticheat would prove that it is running on a secure system / unmodified game.
No. I'm saying we should all drink the blood of babies to stay eternally youthful. You didn't read between the lines deeply enough.