Don’t get me wrong, Vanguard is BS, and I quit playing riot games because of it. However, simply having low level access isn’t sufficient to classify it as spyware, otherwise drivers would be spyware. I still haven’t seen any evidence that it currently does anything nefarious with that access, which means it’s quite unlikely it’s being used for mass surveillance.
To me, there are 2 problems: 1) It could be used for targeted attacks, and the likelihood anyone would find out is much lower than in a widespread surveillance scenario. 2) It could be used to deploy a massive bot-net.
I think the US reclassification here is precautionary in nature.
Exactly. I avoid kernel-level anti-cheat not because of any known spying they do (and honestly, anything w/ user-level privileges can read all your personal data), but that they add yet another attack vector for a bad actor. I highly doubt Vanguard gets as much security scrutiny as drivers, for example.
And the lack of a reason for vendors to put security first. “It’s just a game” or whatever, so they’ll do the bare minimum to keep the money flowing.
Drivers, on the other hand, make or break a sale, because it makes the product look bad. So if a driver gets exploited, customers are likely to buy from a competitor. If that happens w/ a game, players will get pissed but keep playing the game.
What speculation? It’s literally spyware. You are giving it full low level access to your processor.
Don’t get me wrong, Vanguard is BS, and I quit playing riot games because of it. However, simply having low level access isn’t sufficient to classify it as spyware, otherwise drivers would be spyware. I still haven’t seen any evidence that it currently does anything nefarious with that access, which means it’s quite unlikely it’s being used for mass surveillance.
To me, there are 2 problems: 1) It could be used for targeted attacks, and the likelihood anyone would find out is much lower than in a widespread surveillance scenario. 2) It could be used to deploy a massive bot-net.
I think the US reclassification here is precautionary in nature.
Exactly. I avoid kernel-level anti-cheat not because of any known spying they do (and honestly, anything w/ user-level privileges can read all your personal data), but that they add yet another attack vector for a bad actor. I highly doubt Vanguard gets as much security scrutiny as drivers, for example.
Yep, agreed. It’s the potential for exploitation that’s the main issue.
And the lack of a reason for vendors to put security first. “It’s just a game” or whatever, so they’ll do the bare minimum to keep the money flowing.
Drivers, on the other hand, make or break a sale, because it makes the product look bad. So if a driver gets exploited, customers are likely to buy from a competitor. If that happens w/ a game, players will get pissed but keep playing the game.