A missing blog post image


As an introduction to the League of Legends / Riot Games / Tencent Holdings environment, I will only paste what I have written for an other unpublished post :

League of Legends (below, “LoL”) is a MOBA still developed by its original publisher : Riot Games (USA).
Riot Games is, and has been for some years now, owned at 100% by Chinese (Tencent Holdings).
There are still some serious working conditions issues at Riot place.

The Subject

Some weeks ago, I’ve come across this click-baiting-but-technical blog post from Riot : /dev/null: Anti-Cheat Kernel Driver.
The main goal of this solution is to load their anti-cheat in a more privileged environment than the cheats’ one.
I was not very keen about the idea (and I am not alone), but I naively thought that we would have some months of idealogical struggling ahead before really dealing with such an intrusive technology.

But more recently, it finally appeared “Project A” has been renamed to “VALORANT” and is already “available” through a really odd process, including another third-party platform (one more obscure partnership ?) :

A missing blog post image

Anyway, VALORANT, running in BETA with currently only few players, is acting as a production-grade testing environment for their new Vanguard anti-cheat solution.

Now look, let’s check again what an operating system kernel is supposed to do (from the Wikipedia page) :

The kernel performs its tasks, such as running processes, managing hardware devices such as the hard disk, and handling interrupts, in this protected kernel space.

Please help me, I can’t manage to find the part specifying it gives a special access to vendors for shipping their BLOB, running in a privileged and dangerous environment :roll_eyes:

In computer science, if engineers happened to separate what is a matter of applications from what is a matter of system, there were (and there still are) good reasons.
Intel thought it could mix those, it ended up very badly.
And I mean, what could be more “applicative” than softwares developed by a video games company ?

And guys, I don’t expect the world to get a C.S. degree to remove an application from their system :cry:

The point is, and I’m looking at you Riot, your code will contain vulnerabilities. It’s a fact, as it contains code rendering a “service”.
And you can argue it might be the most legitimate BLOBs Earth would ever known, it will anyway.

What would happen if a 0-Day is (un)discovered ?
You would have (maybe) prevented a minority from bothering a part of the community, and greatly exposed tens Millions of players.
Is it worth the risk ?
If I were a company’s CSO, I would not accept it.

Personal two cents about cheating in LoL : In 7 years and thousands of games played, I only encountered a scripter once and, thanks to him, it wasn’t even in Solo Queue :smile:
Personal two cents direct comment : Maybe we (EUW players) are relatively spared from cheaters ? Do your statistics only address NA ?

List of (not-so)naive advices for Riot Games in their difficult fight on this (important) matter :

I do hope too that you know you will f*ck impair all LoL GNU/Linux users once the official public client will be “patched” (and Lutris is already discouraging new players from “picking up League” :ok_hand: :joy:) :

A missing blog post image

By the way, how are you gonna handle MacOS players ? Are you on the verge of coding a BSD kernel module too ?

Anyway, I hope you also well-comprehend the problem of being owned by a Chinese group.
If, one day maybe, Tencent decides to take over Riot’s games development back to China, players would end up having a ring-0 piece of software (in-)directly handled by the Communist Party :100:

Note to Epic Games shareholders : Don’t be stupid, keep those determinant 10% to stay you out of this contingency.

So here we are, just wanted to add my two cents on the subject from my own PoV, hoping that divergent thoughts are the way forward to a better world, and that we cannot let those news handled by business vendors :

A missing blog post image

Yes, the link refers to a store page to buy a product.
No, it’s not a joke (click on the link above if you don’t trust me).

To conclude, I’d refer to this Reddit thread, like often, encountered after the post redaction…
… and good luck to Riot that will have to deal with all of these users (well-)thinking that their computer is spying on them, because that’s definitely what their new “driver” is doing.