How Kernel Anti-Cheats Work
davikr
102 points
78 comments
March 15, 2026
Related Discussions
Found 5 related stories in 52.6ms across 3,663 title embeddings via pgvector HNSW
- AutoKernel: Autoresearch for GPU Kernels frozenseven · 44 pts · March 11, 2026 · 49% similar
- Who Writes the Bugs? A Deeper Look at 125,000 Kernel Vulnerabilities MBCook · 67 pts · March 04, 2026 · 48% similar
- My university uses prompt injection to catch cheaters varun_ch · 16 pts · April 05, 2026 · 45% similar
- AI bug reports went from junk to legit overnight, says Linux kernel czar amarant · 41 pts · March 27, 2026 · 45% similar
- John Carmack about open source and anti-AI activists tzury · 279 pts · March 13, 2026 · 43% similar
Discussion Highlights (8 comments)
Retr0id
This got me wondering how easy it'd be to automate discovery of BYOVD vulns with LLMs (both offensively and defensively)
metalcrow
>TPM-based measured boot, combined with UEFI Secure Boot, can generate a cryptographically signed attestation ... This is not a complete solution (a sufficiently sophisticated attacker can potentially manipulate attestation) I was not aware that attackers could potentially manipulate attestation! How could that be done? That would seemingly defeat the point of remote attestation.
eddythompson80
While I’m not really a gamer, I do think the conundrum of online games cheating is an interesting technical problem because I honestly can’t think of a “good” solution. The general simplistic answer from those who never had to design such a game or a system of “do everything on the server” is laughably bad.
istillcantcode
I could have sworn online gambling people fixed this years ago with just wifi. I thought I remembered reading a comment on here about the online gambling for kids no cheating people not talking to the online gambling for adults no cheating people.
matheusmoreira
Never forget the risks of trusting game companies with this sort of access to your machine. https://www.vice.com/en/article/fs-labs-flight-simulator-pas... Company decides to "catch pirates" as though it was police. Ships a browser stealer to consumers and exfiltrates data via unencrypted channels. https://old.reddit.com/r/Asmongold/comments/1cibw9r/valorant... https://www.unknowncheats.me/forum/anti-cheat-bypass/634974-... Covertly screenshots your screen and sends the image to their servers. https://www.theregister.com/2016/09/23/capcom_street_fighter... https://twitter.com/TheWack0lian/status/779397840762245124 https://fuzzysecurity.com/tutorials/28.html https://github.com/FuzzySecurity/Capcom-Rootkit Yes, a literal privilege escalation as a service "anticheat" driver. Trusting these companies is insane . Every video game you install is untrusted proprietary software that assumes you are a potential cheater and criminal. They are pretty much guaranteed to act adversarially to you. Video games should be sandboxed and virtualized to the fullest possible extent so that they can access nothing on the real system and ideally not even be able to touch each other. We really don't need kernel level anticheat complaining about virtualization.
jrockway
I still don't understand why people don't cheat in FPSes by looking at the video stream and having a USB mouse that emits the right mouse movements. (The simplest thing is to just click when someone's head is under your crosshair, in games with hitscan weapons.)
throw10920
I would love to see a modern competitive game with optional anticheat that, when enabled, allows you to queue for a separate matchmaking pool that is exclusive to other anticheat users. For players in the no-anticheat pool, there could be "community moderation" that anti-anticheat players advocate for. It'd be really interesting to see what would happen - for instance, what fraction of players would pick each pool during the first few weeks after launch, and then how many of them would switch after? What about players who joined a few months or a year after launch? Unfortunately, pretty much the only company that could make this work is Valve, because they're the only one who actually cares for players and is big enough that they could gather meaningful data. And I don't think that even Valve will see enough value in this to dedicate the substantial resources it'd take to try to implement.
EPWN3D
> Modern kernel anti-cheat systems are, without exaggeration, among the most sophisticated pieces of software running on consumer Windows machines. They operate at the highest privilege level available to software, they intercept kernel callbacks that were designed for legitimate security products, they scan memory structures that most programmers never touch in their entire careers, and they do all of this transparently while a game is running. Okay, chill. I'm willing to believe that anti-cheat software is "sophisticated", but intercepting system calls doesn't make it so. There is plenty of software that operates at elevated privilege and runs transparently while other software is running, while intentionally being un sophisticated. It's called a kernel subsystem.