• Limonene@lemmy.world
    link
    fedilink
    English
    arrow-up
    42
    arrow-down
    1
    ·
    9 months ago

    Microsoft has enforced mandatory digital signatures for drivers, and getting a digital signing key from Microsoft costs a ton of money. So, presumably they do care.

    In contrast, consider nProtect GameGuard, the anti-cheat system in Helldivers 2. It is a rootkit, and runs in the kernel. Why does Microsoft permit this? Shouldn’t this be blocked? It must be using either an exploit like the article, or a properly signed driver. Either way, Microsoft could fix it – by patching the exploit, or revoking the signing key.

    The fact that Microsoft hasn’t done anything about malicious anticheat rootkits is a sign that they really don’t care. They just want their payment.

    • SteveTech@programming.dev
      link
      fedilink
      English
      arrow-up
      14
      ·
      8 months ago

      I might be completely wrong, but I’ve heard that a key is only a few hundred dollars, and once you’ve got it you can sign whatever you want. I think ReactOS also used to offer free driver signing for open source projects.

      So I guess if ReactOS can afford one, so can most anti-cheat companies.