I think its interesting that mainstream PC gaming press is now talking about Linux. We have the benchmark Youtube channels doing some benchmarks of it as well and plenty of reports of "it just works", which is pretty promising at least for the games that aren't intentionally excluded by DRM. For me its still controllers and equipment incompatibility due to my VR headset and sim wheel/pedals setup, I use Linux everywhere else in my router and home servers. I just hope that Nvidia notices that there does appear to be a swing happening and improves their driver situation.
I'd say there are two remaining roadblocks. First and biggest is kernel level anti-cheat frameworks as you point out. But there's also no open source HDMI 2.1 implementation allowed by the HDMI cartel so people like me with an AMD card max out at 4K60 even for open source games like Visual Pinball (unless you count an adapter with hacked firmware between the card and the display). NVidia and Intel get away with it because they implement the functionality in their closed source blobs.
This is kind of a niche problem. It only affects people with AMD GPUs running games at over 4k60 with HDMI. Get an NVidia or stay at 60 FPS or stay at 1080p or use DisplayPort and you will be fine.
It is not really a roadblock, more like a bump, and it is not the only bump by far. Some games just don't run on Linux, or quite terribly and they don't have a big enough community for people to care. Sometimes one of your pieces of hardware, maybe an exotic controller, doesn't like linux. Sometimes it is not the fault of the game at all, but you want to do something else with that PC and it isn't supported on Linux, and you don't want to dual boot. Overall, you will have less problems with gaming on Windows, especially if you don't really enjoy a trip to stackoverflow and the command line, but except for anti-cheat maybe, there is no "big" reasons, just a lot of small ones.
It's a blocker if you want to use a TV, there are almost 0 TVs with DP. This HDMI licensing crap is also the reason a Steam Deck can't output HDMI > 4K@60 unless you install Windows on it.
Yup this works but there's as of yet no HBR13.5 or better input so you're not getting full hdmi 2.1 equivalent. But if you don't care about 24 bits per pixel DSC then you can have an otherwise flawless 4k120hz experience.
DP is something like a free superset of HDMI, so you can use a fully passive DP-HDMI cable. Obviously the feature set will be limited, but it will work.
DP however can't transfer audio, which doesn't matter for a desktop but matters a lot for a TV.
> DP is something like a free superset of HDMI, so you can use a fully passive DP-HDMI cable.
No, it's not, the protocol is completely different (DP is packet-based while HDMI traditionally was not, though AFAIK HDMI 2.1 copied DP's approach for its higher speed modes). When you use a passive DP-HDMI cable (which AFAIK is not fully passive, it has level shifters since the voltages are different), it works only because the graphics card detects it and switches to using the HDMI protocol on that port; if it's not a dual-mode port (aka "DP++" port) it won't work and you'll need an active DP-HDMI adapter.
> DP however can't transfer audio, which doesn't matter for a desktop but matters a lot for a TV.
On the desktop I'm using to type this message, I use the speakers built into the DP-connected monitor (a Dell E2222HS). So yes, DP can and does transfer audio just fine. If it couldn't, then active DP to HDMI adapters wouldn't be able to transfer audio too.
The only thing DP doesn't have AFAIK is ARC, which might matter for a few more exotic TV use cases, and HEC, which AFAIK nobody uses.
If you have a TV with low latency for gaming, 4K, and 120+hz, then you have a really expensive TV, and you likely care about quality. I'd reckon most of this popultion also owns a separate monitor for PC gaming.
Up until a year or two ago, the majority of monitors (and graphic cards) used DisplayPort 1.4 and HDMI 2.1. With HDMI 2.1 (42 Gbps) having more bandwidth than the DisplayPort (26 Gbps).
This is my case with my relatively new/high-end RTX 4080 and OLED monitor. So until I upgrade both, I use HDMI to be able to drive a 1440p 240hz 10-bit HDR signal @ 30 Gbps.
I had said I wouldn’t upgrade from my RTX 3080 until I could run “true 4K”.
I finally got the 240hz 4K uncompressed but it required buying a $1300 Asus OLED monitor and the RTX 5090. It looks amazing though, even with frame gen. Monster Hunter had some particularly breathtaking HDR scenes. I think it uses DisplayPort 2.1? Even finding the cable is difficult, Microcenter didn’t have them in April and the only one that worked was the one that came with the monitor.
This is the first I learned of this since personally I have no need of anything over 4k@60 (that already borders on absurd in my mind). I'm curious if this is something that's likely to get reverse engineered by the community at large?
Outrageous that a ubiquitous connection protocol is allowed to be encumbered in this way.
For the particular use case I mentioned in my earlier post (Visual Pinball), 4k@120 is actually a pretty big deal. We often play on screens 42" and up so the 4k detail is put to good use and makes things like the instruction cards in the corners legible. But the bigger difference is the smoothness in gameplay that 120Hz gets you. The ball travels really fast so 120 Hz helps gameplay a lot while reducing lag at the same time. And because a large chunk of the playfield is static at any one time, you don't need something like a 5090 to hit 120 Hz at that resolution like you might with a triple-A shooter.
TVs don't support displayport, so it makes Linux PCs like the Steam Machine inferior console replacements if you want high refresh rates. A lot of TVs now support 4K/120hz with VRR, the PS5 and Xbox Series X also support those modes.
(Some games support 120, but it's also used to present a 40hz image in a 120hz container to improve input latency for games that can't hit 60 at high graphics quality.)
It took a long time to move from the old component input over to HDMI. The main thing that drove it was the SD to HD change. You needed HDMI to do 1080p (I believe, IDK that component ever supported that high of a resolution).
Moving from HDMI to display port is going to be the same issue. People already have all their favorite HDMI devices plugged in and setup for their TVs.
You need a feature that people want which HDMI isn't or can't provide in order to incentivize a switch.
For example, perhaps display port could offer something like power delivery. That could allow things like media sticks to be solely powered by the TV eliminating some cable management.
The legacy issue is even worse than that. I have a very new Onkyo RZ30 receiver and it is all HDMI with no DisplayPort to be seen. So it is the whole ecosystem including the TV that would need to switch to DP support.
> For example, perhaps display port could offer something like power delivery.
It already does. A guaranteed minimum of 1.65W at 3.3V is to be provided. Until very recently, HDMI only provided a guaranteed minimum of something like 0.25W at 5V.
It's not nothing, but it's also very little to play with.
5W is what I'd think is about the minimum for doing something useful. 25W would actually be usable by a large swath of devices. The raspberry pi 4, for example, has a 10W requirement. Amazon's fire stick has ~5W requirement.
> It's not nothing, but it's also very little to play with.
Sure. But it's ~6.6x more than what HDMI has historically guaranteed. It's pretty obvious to anyone with two neurons to spark together that the problem here isn't "amount of power you can suck out of the display port". If it were, DP would have swept away HDMI ages ago.
> It's pretty obvious to anyone with two neurons to spark together that the problem here isn't "amount of power you can suck out of the display port".
Nobody said it was.
I gave that out as and example of a feature that DP might adopt in order to sway TV manufacturers and media device manufactures to adopt it.
But not for nothing, 0.25W and 1.67W are virtually the same thing in terms of application. Just because it's "6.6x more" doesn't mean that it's usable. 0.25W is 25x more than 0.01W, that doesn't make it practically usable for anything related to media.
> But not for nothing, 0.25W and 1.67W are virtually the same thing in terms of application.
You really can't power an HDMI (or DisplayPort) active cable on 0.25W. You can on 1.67W. This is why in mid-June 2025 the HDMI consortium increased the guaranteed power to 1.5W at 5V. [0] It looks pretty bad when active DP cables (and fiber-optic DP cables) never require external power to function, but (depending on what you plug it into) the HDMI version of the same thing does.
> Nobody said it was.
You implied that it was in a bit of sophistry that's the same class as the US Federal Government saying "Of course States' compliance with this new Federal regulation is completely voluntary: we cannot legally require them to comply. However, we will be withholding vital Federal funds from those States that refuse to comply. As anyone can plainly see, their compliance is completely voluntary!".
DP 1.4 could have offered 4kW over its connector and TVs would still be using HDMI. Just as Intel and Microsoft ensured the decades-long reign of Wintel prebuilt machines [1], it's consortium that controls the HDMI standard that's actively standing in the way of DP deploying in the "home theater".
[0] "HDMI 2.1b, Amendment 1 adds a new feature: HDMI Cable Power. With this feature, active HDMI® Cables can now be powered directly from the HDMI Connector, without attaching a separate power cable." from: <https://web.archive.org/web/20250625155950/https://www.hdmi....>
[1] The Intel part is the truly loathsome part. I care a fair bit less about Microsoft's dirty dealings here.
> You implied that it was in a bit of sophistry that's the same class as the US Federal Government saying "Of course States' compliance with this new Federal regulation is completely voluntary
This is a very bad faith interpretation of my comment. I did not imply it and I'm not trying to use CIA tricks to make people implement it as a feature.
I think it's not really an issue for 95-99% of users who uses devices with non open source drivers so there is no incentive for manufacturers to add it?
For the same sorts of reasons that made it so for decades nearly every prebuilt PC shipped with an Intel CPU and Windows preinstalled: dirty backroom dealings. But in this case, the consortium that controls HDMI are the ones doing the dealings, rather than Intel and Microsoft.
"But Displayport doesn't implement the TV-control protocols that I use!", you say. That's totally correct, but DisplayPort has the out-of-band control channel needed to implement that stuff. If there had been any real chance of getting DisplayPort on mainstream TVs, then you'd see those protocols in the DisplayPort standard, too. As it stands now, why bother supporting something that will never, ever get used?
Also, DP -> HDMI active adapters exist. HDR is said to work all the time, and VRR often works, but it depends on the specifics of the display.
Correction, you can get 4K@120hz with HDMI 2.0, but you won't get full chroma 4:4:4, instead 4:2:0 will be forced.
In my case I have an htpc running linux and a radeon 6600 connected via hdmi to a 4k @ 120hz capable tv, and honestly, at the sitting distance/tv size and using 2x dpi scaling you just can't tell any chroma sub-sampling is happening. It is of course a ginormous problem when on a desktop setting and even worse if you try using 1x dpi scaling.
What you will lose however is the newer forms of VRR, and it may be unstable with lots of dropouts.
I'm bit puzzled, isn't VRR more for low powered hardware to consume less battery (handhelds like steam deck)? How does it fit hardware that is constantly connected to power?
Variable refresh rate is nice when your refresh rate doesn't match your output. Especially when you're getting into higher refresh rates. So if your display is running at 120hz, but you're only outputting 100hz: you cannot fit 100 frames evenly into 120 frames. 1/6 of your frames will have to be repeats of other frames, and in an inconsistent manner. Usually called judder.
Most TVs will not let you set the refresh rate to 100hz. Even if my computer could run a game at 100hz, without VRR, my choices are either lots of judder, or lowering it to 60hz. That's a wide range of possible refresh rates you're missing out on.
V-Sync and console games will do this too at 60hz. If you can't reach 60hz, cap the game at 30hz to prevent judder that would come from anything in between 31-59. The Steam Deck actually does not support VRR. Instead the actual display driver does support anything from 40-60hz.
Competent cheat makers don't have much difficulty in defeating in-kernel anticheats on Windows. With the amount of insight and control available on Linux anticheat makers stand little chance.
The best Valve could do is offer a special locked down kernel with perhaps some anticheat capabilities and lock down the hardware with attestation. If they offer the sources and do verified builds it might even be accepted by some.
Doubt it would be popular or even successful on non-Valve machines. But I'm not an online gamer and couldn't care less about anticheats.
Anticheat is one of those things where I probably sound really old, but man it’s just a game. If you hate cheating, don’t play on pub servers with randoms or find a group of people you can play with, like how real life works.
For competitive gaming, I think attested hardware & software actually is the right way to go. Don’t force kernel-level malware on everyone.
Yeah, that's hilariously impractical if you like these games.
> pub servers
Most of these popular competitive games probably don't even have community servers of any kind. Maybe some games like RTSes have custom matches, but they're not used much for the standard game mode, at least not for public lobbies.
Sorry but you're just old IMO :) PUBG or Arc Raiders have over 100 players in a game. Even Valorant or League have 10 players in a match. It's definitely not easy to find 9 friends to play the same game at the same time as you. And playing any of these games with a cheater can completely wreck the match. If the cheaters go unchecked, over time they start to dominate games where like 30% might be cheaters who can see through walls and insta headshot you and the entire multiplayer mode of the game is ruined. Even worse some cheaters are sneaky, they might have a wallhack or a map showing all players but use it cautiously and it can be quite hard to prove they're cheating but they build up a huge advantage nonetheless. Most of us are happy to have effective anti-cheat, and it's not forced upon us. I understand the tradeoff to having mostly cheater-free games is having to trust the game maker more and am fine with that. Riot for example is quite transparent about what their anti-cheat does, how it works and I don't consider it "malware" anymore than I consider a driver for my graphics card to be "malware" even if they do operate in kernel mode.
This was never an issue 20 years ago when we had 64 player servers, but the 64 player servers also generally had a few people online with referee access to kick/ban people at any given time. That seemed like it worked well to me.
Exactly 20 years ago I was both a competitive CS player and I also liked reverse engineering so I was somewhat interested in the cheating community and even programmed a custom injector and cheat for CS (it was surprisingly easy if you knew a bit about Windows APIs).
Cheats were a problem. Not even a nascent problem, but already established. Bad enough that VAC was released in 2002, Punkbuster in 2000...
In competitive gaming you cannot just find a stable friends group to play against: you need competition, and a diverse one. We somewhat palliated this by physically playing in LAN, but that still limits to a radius around you and it's cumbersome when you can just find an opponent online (we had manual matchmaking on IRC before modern matchmaking existed).
The problem is that cheating can be very subtle if done correctly. The difference between "that guy is better that me" and "that guy can see through walls" is pretty much undetectable through non-technical means if the cheater is not an idiot. This poisons the competitive scene.
Competitive gaming is huge. It was big back in the day but now it's a monster. Just check the largest categories on Twitch: LoL, TFT, WoW, CS, Valorant...
Competitive gaming cannot possibly be huge. Like literally it is impossible for 99% of gamers to be competitive in any meaningful sense (if you play a game with 1M players and are in the top 1%, congrats, there are 10,000 people who are better than you. You are still unremarkable). It never was huge; it was just a niche you were in. There's massively more people that are just playing the game too blow off steam.
People play competition sports. They except no, or minimal amounts of cheating. Your personal feelings about it don't matter. The kid that plays basketball with 12 years olds on saturday mornings has the right to not have to deal with cheaters, and it doesn't matter if he's in the top .0001% or a shitty player that cannot distinguish his hands from his ears.
Have a quick look at the ladder on Counter Strike, or Faceit, or ranked play on League of Legends/Valorant/Whatever: it's not a niche. These games requiring kernel AC no matter the type of play is another subject, but people play to compare themselves to other, massively.
The kid that plays basketball with 12 year olds on Saturday mornings has the right to just go use the court at the park without being strip searched and drug tested because it's just a game and he's there to have fun. He actually does not have some right to demand no one else cheat, or even that they use the court to specifically play with some established rules. If other people are there playing HORSE or "what time is it Mr Fox", that's fine.
People who get intensely serious about 12 year olds playing basketball because their kid will be in the NBA some day so everyone needs to take the game very seriously so their kid can practice have rightly always been mocked. The entire point is to have fun.
I've played in Friday night sports leagues where people were drinking during the tournaments (and sometimes that's the point, c.f. sloshball). There are absolutely tons of people that do not take even the "competitions" seriously, and even more that aren't even serious enough to join a league.
Video games being something people play at home, I'd probably be surprised if there weren't more people that regularly play any given esports title under the influence of marijuana or alcohol than there are those who take it as a serious thing[0].
On competitive coding, Advent of Code removed the global leaderboard exactly because "people took things too seriously, going way outside the spirit of the contest".
Congratulations on living in a country that doesn't take playing sports with integrity I guess. I've been playing handball, soccer, swimming, from age 8+ on, in a club. Every single saturday game was taken seriously by players. Yes, we fucked around on other games, but competition has always been on every player's mind. If you don't want the pressure of competition, you just tell the coach, and you're not put in for those games.
And no, it's not "parents who think their kid will be in the NBA", it's that children who register in a club want to play competitively. On a country of 70 million, we have about 5 million registered players in different sports, the majority of which take integrity to heart.
[0] A poll on a subreddit, on a dead game with absolutely zero serious competitive scene does not count as "serious research". Yes, players play shitfaced also. The vast majority do not queue for competitive games and just fuck around in normals. Whether that's on modern games with dedicated queues for comp play, or games with dedicated leagues like ETF2L, Faceit and others.
It invalidates the idea that we need to take it seriously and have locked down computers with remote attestation to play games. People who take games seriously are a very small niche. You are in a bubble if you think otherwise.
This is like saying we need to institute drug testing at all parks to play football. Cheating in sports is a problem that very few players are concerned with. Caring about who wins isn't even common. Most are just kicking a ball around with their mates.
Those players can have their own solutions. They should recognize they are a tiny bubble and not insist the other 999,000 players need the same.
And they don't even need it all the time either. I did once participate in a CS:S tournament, so I guess I was "competitive", but half the time I was on gun game or ice world or surf maps. My friends and I played normal Warcraft 3 against each other, but otherwise I pretty much only played custom maps, which were apparently popular enough to spawn an entire new genre. I never ran into problems queueing for something like preschool wars or wintermaul. When we did queue for ladder sometimes it was like 10 minutes to find a match.
To your earlier point about e.g. Valorant: my mom invited me to play on weekends with her and my sister. I know my mom is 0% competitive. This was not some serious thing. I couldn't play with them because I'm not going to buy another computer just to run it. That's the absurdity here.
I have been watching this thread and you are triple downing on a point that you have no real experience with. Competitive e-sports is a real thing. There are e-sports arenas. (How are people even arguing this on HN?)
The International (a DOTA 2 competition) has like $40m in prizes. EWC in 2025 was $70m. 99.6 million people watched the League of Legends World Championship final. And we're not even talking about the millions of dollars of sponsorship involved.
That's great your mom isn't competitive in Valorant, but massively irrelevant. It's like me saying "I play flag football with friends, there is no competitive football."
Anti-cheat is important because this is how the best players are discovered, this is how they're recruited. If a game is 50%+ cheaters, the game will die... DOTA2 would cease to exist today as a big deal. Same with Valorant.
Aside from competitive gaming, GTA V online makes $1 BILLION in ARR. That would be $0 if the game was flooded with cheaters.
Now this isn't me defending kernel level anti-cheat, I think there are better ways to do it and some games do a great job here.
But man, calling GTA V online and competitive e-sports a "tiny bubble" is like calling the NFL a "tiny bubble".
I didn't say there's no competitive e-sports; I said basically no players are part of it, and that's true. The amount of money around a tournament is irrelevant to the fact that 99.99% of players do not participate in such tournaments.
Millions of people play American football casually vs a couple thousand in the NFL, and football isn't a very popular sport to actually play. We don't need to drug test everyone at the park. We don't need to require everyone to play with official league equipment. Again, >99.9% of football players are not in the NFL. The NFL is a tiny bubble in the world of people who play football.
And it's trivial for e-sports tournament organizations with millions of dollars in prizes to spend $50k on a set of standard, controlled computers to play on. Cheating shouldn't be a problem when money is on the line because the only time a player touches the machine is at the tournament. You use standard league equipment during league games. Otherwise who cares?
As far as I know, GTA V does have cheaters and has since the beginning, so it's apparently an example of how it doesn't matter.
Even so, no game ever is 50% cheaters, or anywhere near that. Even games like Gunz: The Duel where the netcode was so garbage that hits were decided on the computer of the person being shot still didn't have many cheaters. Probably less than 1% of players. The overwhelming majority are just having fun. Cheats are boring after like 5 minutes.
That's really the paradigm shift - communities were self-organizing and self-moderating before. Now game publishers want to control all aspects of the online experience so they can sell you content and skins, so that means matchmaking and it means they have to shoulder the moderation burden.
> communities were self-organizing and self-moderating before
This led to legit players that were just good being banned by salty mods, or cheaters that were subtle enough to only gain a slight edge not being banned.
And now, you have false anticheat bans. If you get banned from a server you can just join another server. (or even start your own!) If you get falsely banned from the game by anti cheat your money was in some sense stolen.
It was still an issue enough that some developers made BattlEye for anti-cheat 20 years ago for Battlefield games. It's still one of the more popular anticheats today.
Other games did similarly. Quake 3 Arena added Punkbuster in a patch. Competitive 3rd party Starcraft 1 server ICCUP had an "anti-hack client" as a requirement.
> Most of us are happy to have effective anti-cheat
I could almost get on board with the idea of invasive kernel anti-cheat software if it actually was effective, but these games still have cheaters. So you get the worst of both worlds--you have to accept the security and portability problems as a condition for playing the game AND there are still cheaters!
It's kind of like when people say Google is getting worse and has too many spam results even while I suspect they're actually improving, but the volume and quality of spam has gone up 100x so it looks like they're doing worse. The question is what is the base rate of attempts to cheat and how many of those attempts does kernel anti-cheat prevent vs. conventional mechanisms. I don't have the answer, but my intuition is cheating is more accessible and viral in many ways now with professional level marketplaces and actors working to build and sell cheats. I also don't think the industry would dedicate so much effort into invasive anti-cheat which is difficult, risky and gets them negative PR unless they felt it truly necessary. Counter Strike a few years ago had huge, huge numbers of cheaters and the super popular games like that attract a lot of attention. But ultimately, this is a cat and mouse game like search & SEO, so you're right there are still cheaters and getting that number to 0 is probably impossible.
Worst of both worlds? In theory this is accurate, in practice, it isn’t. The crux of why people are fine with it as far as I can identify is “but these games still have cheaters” - people aren’t looking for 0 cheaters so much as < X% are cheaters, keeping the odds low than any given match they are in has a cheater.
Valorant really is the only FPS where I was never once suspicious that someone may be hacking. I mean, I don’t play it and the anti-cheat is part of the reason, but it does absolutely work.
> I don't consider it "malware" anymore than I consider a driver for my graphics card to be "malware" even if they do operate in kernel mode.
the bloggers/journalists calling it malware is doing the conversation a disservice. The problem is only really the risk of bugs or problems with kernel level anti-cheat, which _could_ be exploited in the worst case, and in the best case, cause outages.
The classic example recently is the crowdstrike triggered outtage of computers worldwide due to kernel level antivirus/malware scanning. Anti-cheat could potentially have the exact same outcome (but perhaps smaller in scale as only gamers would have it).
If windows created a better framework, it is feasible that such errors are recoverable from and fixable without outages.
I'm not giving a small time software vendor proprietary access to my machine at that level. I honestly think that anyone who accepts it must be woefully uninformed about the risks involved.
I'm already salty about the binary blobs required by various pieces of firmware.
People just don't care. Even Stallman is okay with a microwave with closed-source firmware as long as it doesn't try to update its firmware.
For most people, a computer is just another appliance. They don't consider the security implications that this appliance can leak credit cards and such.
But I think they ought to. I also suspect that the current state of affairs is largely due to lack of understanding.
> as long as it doesn't try to update its firmware
I agree. But that isn't what we're talking about here. Things that can't update their firmware generally don't need you to upload a binary blob to them on startup.
I play a lot of dota 2 and never really notice anything that is obvious cheat wise. IMO league would probably be fine to do valve level anti cheat, it's even a less twitchy of a game than dota.
FPSs can just say 'the console is the competitive ranked' machine, add mouse + keyboard support and call it a day. But in those games cheaters can really ruin things with aimbots, so maybe it is necessary for the ecosystem, I dunno.
Nobody plays RTSs competitively anymore and low-twitch MMOs need better data hiding for what they send clients so 'cheating' is not relevant.
We are at the point where camera + modded input devices are cheap and easy enough I dunno if anti-cheat matters anymore.
I think the problem comes when someone makes a cool, fun, silly little game that is otherwise great when played with randoms, and cheating just sorta spoils it.
Case in point from a few years back - Fall Guys. Silly fun, sloppy controls, a laugh. And then you get people literally flying around because they've installed a hack, so other players can't progress as they can't make the top X players in a round.
So to throw it back - it is just a game, it's so sad that a minority think winning is more important than just enjoying things, or think their own enjoyment is more important than everyone else's.
As an old-timer myself, we thought it was despicable when people replaced downloaded skins in QuakeWorld with all-fullbright versions in their local client, so they could get an advantage spotting other players... I suppose that does show us that multiplayer cheating is almost as old as internet gaming.
You clearly don’t play competitive shooters and thus aren’t qualified to opine on the matter.
Competition vs other human beings is the entire point of that genre, and the intensity when you’re in the top .1% of the playerbase in Overwatch/Valorant/CSGO is really unmatched.
Not a gamer, but it seems like super competitive games should be played on locked down consoles not custom-built PCs where the players have full control?
Also, for more casual play, don't players have rankings so that you play with others about your level? Cheaters would alll end up just playing with other cheaters in that case, wouldn't they?
At one point I recall that Valve implemented a rating system so that cheaters who got reported would all end up playing in the same pool with each other.
This seems both semi probably but also like maybe a bit of a critical moral hazard for Valve. Right now folks love Valve. They do good things for Linux.
Making a Valve-only Linux solution would take a lot of the joy of this moment away for many. But it would also help Valve significantly. It's very uncomfortable to consider, imo.
> Competent cheat makers don't have much difficulty in defeating in-kernel anticheats on Windows. With the amount of insight and control available on Linux anticheat makers stand little chance.
The issue isn’t binary, but a spectrum. Studios clearly believe that there is less cheating when using kernel level anti-cheats. They have the data so they would know. This is an existential threat to their profit so we can trust they use the most effective tool. Anecdotally, I and many others also experience less cheating in games using kernel level anti-cheat. I’m not saying no cheating. I’m saying less cheating. That’s very important for me and many others.
Valve has stated they are working on kernel level anti-cheat “tools”, but they haven’t yet revealed a method. The entire concept is antithetical to the Linux security model so it requires significant refactoring. That’s a huge investment in not just capex and opex because the fork becomes much more difficult to maintain over time. I think they’ll do their best to work in user space, but I don’t think they’ll succeed and will have to bite the bullet. SteamOS will become more and more its own fork, including consumer-friendly features which Linux fans typically don’t care about.
Sure you can secure boot the kernel and the game binary itself but then you have all the surrounding support from the OS that also need to interop without being tamperable. Screenshots, network and input devices for example are routed through user space before reaching the game, and they can be used to make cheats. Now some of those layers are getting more isolated, for example with Wayland. Even so, that means your secure boot chain must go all the way up to include a non tampered window manager too, taking you closer and closer into reinventing a Android like console OS.
> that means your secure boot chain must go all the way up to include a non tampered window manager too,
Yeah, that's the entire point. The whole distro in this scenario would be signed reproducible FOSS builds. No untrusted binaries would be permitted to run. State of entire filesystem verified except specific directories. Think Android without the app store and no user provided APKs permitted.
Valve already manages SteamOS so this isn't as crazy as it might initially sound.
Although it does occur to me now that one of the newer GPLs has an anti-tivo provision. Not sure if this would run afoul of that. It's access to a subset of a service that would be restricted (competitive matches), everything else would still work.
You don't have to play these specific games though. I mean, what's your privacy, what's not being bombarded by ads in your OS worth to you? Have you taken an honest thought about this?
If you want to play games with friends, you have to play whatever the group plays. This is especially problematic as the group tries out new games, increasing the chance you can’t join because you’re not on Windows.
Personally I'd be interested to see what would happen if Sony/MS did what they could to make keyboard/mouse experience as good as possible on their consoles (I'm writing from a position of ignorance on the state of mouse/keys with current consoles) and encouraged developers to offer a choice in inputs, so that the locked-down machines can become the place for highest confidence in no/low cheaters. If other people want to pay through the nose to go beyond what consoles offer on the detail/resolution/framerate trifecta then I'm sure they could do so, but I really don't see how you lock down an open platform. That challenge has been going for decades.
> I'm writing from a position of ignorance on the state of mouse/keys with current consoles
I'm far from an authority on this topic but from my understanding both Sony/MS have introduced mkb support, but so far it looks to be an opt-in kind of thing and it's still relatively new.
All major consoles support keyboard & mouse or similar.
The problem is more the audience. Console players generally expect to be able to just connect the console to the TV, sit on the sofa and play with the official controller. That’s all the game are required to support to be published on the platform.
Even if you were willing to play at a desk, you’d be matchmaking into a special (and small) mouse pool on the console game. Anyone willing to go through so much faff will accept the extra annoyances of a PC, even with kernel anti cheat.
This really depends on the friends you have. I've never encountered this limitation because no one in my friend group plays competitive ranked games. Basically anything with private sessions doesn't require anticheat, so Valheim, RV There Yet, Deep Rock Galactic, etc. all work fine.
Yes, but Linux really has gotten a lot better in recent years. At least whatever runs on Steam. I almost never had any problems with newer indie games.
My friends are understanding that I don't play games with rootkit anti cheat (whether on Linux or Windows). There are enough games that we can play other games together still, and when they want to play the games with such anti-cheat (e.g. Helldivers 2) they simply play without me. No big deal.
Yes, but sometimes it is nice to socialize with other people and they might play these types of games. I don’t enjoy Call of Duty, but I’ll play it from time to time so I can chat with my brother (this is the only way to get him on the phone/microphone for some reason). I value the time I am spending with him more than a bit of privacy (in that context).
I am very pro-Linux and pro-privacy, and hope that the situation improves so I don’t have to continue to compromise.
besides ads and privacy concerns it's been such a delight not having to deal with unwanted updates, hunting phantom processes that take up cpu time, or the file explorer that takes forever to show ten files in the download folder. I cannot be paid to use windows at this point.
Well yeah but then eBPF would not work and then the anti cheat could just show that it's not working and lock you out.
This isn't complicated.
Even the Crowdstrike falcon agent has switched to bpf because it lowers the risk that a kernel driver will brick downstream like what happened with windows that one time. I recently configured a corporate single sign on to simply not work if the bpf component was disabled.
Well but then attackers just compile a kernel with a rootkit that hides the hack and itself from the APIs of the BPF program, so it has to deal with that too or it's trivially bypassed.
Anticheat and antivirus are two similar but different games. It's very complicated.
The bpf api isn't the only telemetry source for an anti cheat module. There's a lot of other things you can look at. A bpf api showing blanks for known pid descendent trees would be a big red flag. You're right that it's very complicated but the toolchain is there if someone wanted to do the hard work of making an attempt. It's really telemetry forensics and what can you do if the cheat is external to the system.
I'd be less antianticheat if I could just select the handcuffs at boot time for the rare occasion where I need them.
Although even then I'd still have qualms about paying for the creation of something that might pave the path for hardware vendors to work with authoritarian governments to restrict users to approved kernel builds. The potential harms are just not in the same league as whatever problems it might solve for gamers.
Once a slave, always a slave. Running an explicitly anti-user proprietary kernel module that does god-knows-what is not something I'd ever be willing to do, games be damned. It might just inject exploits into all of your binaries and you'd be none the wiser. Since it wouldn't work on VMs you'd have to use a dedicated physical machine for it. Seems to high of a price to play just a few games.
Being able to snapshot and restore memory is a pretty common feature across all decent hypervisors. That in and of itself enables most client-side cheats. I doubt they'd bother to provide such a hypervisor for the vanishingly small intersection of people who:
- Want to play these adversarial games
- Don't care about compromising control of hypervisor
>Being able to snapshot and restore memory is a pretty common feature across all decent hypervisors
A hypervisor that protects against this already exists for Linux with Android's pKVM. Android properly enforces isolation between all guests.
Desktop Linux distros are way behind in terms of security compared to Android. If desktop Linux users ever want L1 DRM to work to get access to high resolution movies and such they are going to need such a hypervisor. This is not a niche use case.
It "protects" against this given the user already does not control the hypervisor, at which point all bets are off with regard to your rights anyway. It's actually worse than Windows in this regard.
I would never use a computer I don't have full control over as my main desktop, especially not to satisfy an external party's desire for control. It seems a lot more convenient to just use a separate machine.
Even mainstream consumers are getting tired of DRM crap ruining their games and movies. I doubt there is a significant Linux users would actually want to compromise their ownership of the computer just to watch movies or play games.
I do agree that Linux userland security is lackluster though. Flatpak seems to be a neat advancement, at least in regard to stopping things from basically uploading your filesystems. There is already a lot of kernel interfaces that can do this like user namespaces. I wish someone would come up with something like QubesOS, but making use of containers instead of VMs and Wayland proxies for better performance.
You already don't control the firmware on the CPU. Would you be okay with this if the hypervisor was moved into the firmware of the CPU and other components instead?
I honestly think you would be content as long as the computer offered the ability to host an arbitrary operating system just like has always been possible. Just because there may be an optional guest running that you can't fully control that doesn't take away from the ability to have an arbitrary guest you can fully customize.
>to satisfy an external party's desire for control.
The external party is reflecting the average consumer's demand for there not being cheaters in the game they are playing.
>It seems a lot more convenient to just use a separate machine.
It really isn't. It's much more convenient to launch a game on the computer you are already using than going to a separate one.
Ah, I see, you're talking about Intel ME/AMD PSP? That's unfortunate and I'm obviously not happy with it, but so far there seems to be no evidence of it being abused against normal users.
It's a little funny that the two interests of adtech are colliding a bit here: They want maximum control and data collection, but implementing control in a palatable way (like you describe) would limit their data collection abilities.
My answer to your question: No, I don't like it at all, even if I fully trust the hypervisor. It will reduce the barrier for implementing all kinds of anti-user technologies. If that were possible, it will quickly be required to interact with everything, and your arbitrary guest will soon be pretty useless, just like the "integrity" bullshit on Android. Yeah you can boot your rooted AOSP, but good luck interacting with banks, government services (often required by law!!), etc. That's still a net minus compared to the status quo.
In general, I dislike any methods that try to apply an arbitrary set of criteria to entitle you to a "free" service to prevent "abuse", be it captchas, play integrity, or Altman's worldcoin. That "abuse" is just rational behavior from misaligned incentives, because non-market mechanisms like this are fundamentally flawed and there is always a large incentive to exploit it. They want to have their cake and eat it too, by eating your cake. I don't want to let them have their way.
> The external party is reflecting the average consumer's demand for there not being cheaters in the game they are playing.
Pretty sure we already have enough technology to fully automate many games with robotics. If there is a will, there is a way. As with everything else on the internet, everyone you don't know will be considered untrusted by default. Not the happiest outcome, but I prefer it to losing general purpose computing.
I'm talking about the entire chip. You are unable to implement a new instruction for the CPU for example. Only Intel or AMD can do so. You already don't have full control over the CPU. You only have as much control as the documentation for the computer gives you. The idea of full control is not a real thing and it is not necessary for a computer to be useful or accomplish what you want.
>and your arbitrary guest will soon be pretty useless
If software doesn't want to support insecure guests, the option is between being unable to use it, or being able to use it in a secure guest. Your entire computer will become useless without the secure guest.
>Yeah you can boot your rooted AOSP, but good luck interacting with banks, government services (often required by law!!), etc.
This could be handled by also running another guest that was supported by those app developers that provide the required security requirements compared to your arbitrary one.
>That "abuse" is just rational behavior from misaligned incentives
Often these can't be fixed or would result in a poor user experience for everyone due to a few bad actors. If your answer is to just not build the app in the first place, that is not a satisfying answer. It's a net positive to be able to do things like watch movies for free on YouTube. It's beneficial for all parties. I don't think it is in anyone's best interest to not do such a thing because there isn't a proper market incentive in place stop people from ripping the movie.
>If there is a will, there is a way.
The goal of anticheat is to minimize customer frustration caused due to cheaters. It can still be successful even if it technically does not stop every possible cheat.
>general purpose computing
General purpose computing will always be possible. It just will no longer be the wild west anymore where there was no security and every program could mess with every other program. Within a program's own context it is able still do whatever it wants, you can implement a Turing machine (bar the infinite memory).
They certainly aren't perfect, but they don't seem to be hell-bent on spying on or shoving crap into my face every waking hour for the time being.
> insecure guests
"Insecure" for the program against the user. It's such a dystopian idea that I don't know what to respond with.
> required security requirements
I don't believe any external party has the right to require me to use my own property in a certain way. This ends freedom as we know it. The most immediate consequences is we'd be subject to more ads with no way to opt out, but that would just be the beginning.
> stop people from ripping the movie
This is physically impossible anyway. There's always the analog hole, recording screens, etc, and I'm sure AI denoising will close the gap in quality.
> it technically does not stop every possible cheat
The bar gets lower by the day with locally deployable AI. We'd lose all this freedom for nothing at the end of the day. If you don't want cheating, the game needs to be played in a supervised context, just like how students take exams or sports competitions have referees.
And these are my concerns with your ideal "hypervisor" provided by a benevolent party. In this world we live in, the hypervisor is provided by the same people who don't want you to have any control whatsoever, and would probably inject ads/backdoors/telemetry into your "free" guest anyway. After all, they've gotten away with worse.
We already tried out trusting the users and it turns out that a few bad apples can spoil the bunch.
>It's such a dystopian idea that I don't know what to respond with.
Plenty of other devices are designed so that you can only use it in safe ways the designer intends. For example a microwave won't function while the door is open. This is not dystopia despite potentially going against what the user wants to be able to do.
>I don't believe any external party has the right to require me to use my own property in a certain way.
And companies are not obligated to support running on your custom modified property.
>The bar gets lower by the day with locally deployable AI.
The bar at least can be raised from searching "free hacks" and double clicking the cheat exe.
>who don't want you to have any control whatsoever
This isn't true. These systems offer plenty of control, but they are just designed in a way that security actually exists and can't be easily bypassed.
>and would probably inject ads/backdoors/telemetry into your "free" guest anyway.
This is very unlikely. It is unsupported speculation.
> We already tried out trusting the users and it turns out that a few bad apples can spoil the bunch.
You say this as if the user is a guest on your machine and not the other way around.
It's not a symmetrical relationship. If companies don't trust me, they don't get my money. And if I don't trust them, they don't get my money.
The only direction that gets them paid is if I trust them. For that to happen they don't have to go out of their way to support my use cases, buy they can't be going out of their way to limit them either.
> designed in a way that security actually exists
When some remote party has placed countermeasures against how you want to use your computer, that's the opposite of security. That's malware.
>You say this as if the user is a guest on your machine and not the other way around.
The user is a guest on someone else's network though. You may be a guest to Netflix and they require you to prove your machine is secure for them to provide you 1080p video. You are free to do whatever you want with your own machine, but Netflix may not want to give you 1080p video files if they don't trust your machine.
>When some remote party has placed countermeasures against how you want to use your computer, that's the opposite of security. That's malware.
I think it's fair to have computers that allow you to disable integrity protections and do whatever you want. You just shouldn't be able to attest that your system is running 1 set of software when in reality it's running something else. It's fraud.
No it's still my network that I'm on. I don't have to be a good neighbor because I also own all the adjacent hardware.
There's already a body of laws that incentivize against violating copyright. It lunacy to stack on additional ones in service of the same goal. That's like saying that it's both illegal to speed, and it's also illegal to tell your friends that you'll be there in 15 minutes when you'd have to speed to get there sooner than 20, whether or not you actually do the speeding.
Devices are not legal persons, they can't sign contracts on your behalf, nor can they commit fraud on your behalf. If a bogus is attestation is necessary in service of interoperability, that's a technical detail not a legal one. If what you want is copyright enforcement, focus on the crime not the circumstance under which a such a crime is possible.
I wonder if you could use check-point and restore in userspace (https://criu.org/Main_Page) so that after the game boots and passes the checks on a valid system you can move it to an "invalid" system (where you have all the mods and all the tools to tamper with it).
I don't really care about games, but i do care about messing up people and companies that do such heinous crimes against humanity (kernel-level anti-cheat).
The war is lost. The most popular game that refuses to use kernel-level anti-cheat is Valve's Counter-Strike 2, so the community implemented it themselves (FaceIT) and requires it for the competitive scene.
Yep, a plenty of prior art on how to implement the necessary attestations. Valve could totally ship their boxes with support for anticheat kernel-attestation.
Is it possible to do this in a relatively hardware-agnostic, but reliable manner? Probably not.
What do you mean? Ship computer with preinstalled Linux that you can't tamper? Sounds like Android. For ordinary computers, secure boot is fully configurable, so it won't work: I can disable it, I can install my own keys, etc. Any for any userspace way to check it I'll fool you, if I own the kernel.
No, just have the anti-cheat trust kernels signed by the major Linux vendors and use secure boot with remote attestation. Remote attestation can't be fooled from kernel space, that's the entire point of the technology.
That way you could use an official kernel from Fedora, Ubuntu, Debian, Arch etc. A custom one wouldn't be supported but that's significantly better than blocking things universally.
You can't implement remote attestation without a full chain of exploits (from the perspective of the user). Remote attestation works on Android because there is dedicated hardware to directly establish communication with Google's servers that runs independent (as a backchannel). There is no such hardware in PCs. Software based attestation is easily fooled on previous Android/Linux.
The call asks the TPM to display the signed boot chain, you can't fake that because it wouldnt be cryptographically valid. The TPM is that independent hardware.
How would that be implemented? I'd be curious to know.
I'm not aware that a TPM is capable of hiding a key without the OS being able to access/unseal it at some point. It can display a signed boot chain but what would it be signed with?
If it's not signed with a key out of the reach of the system, you can always implement a fake driver pretty easily to spoof it.
Basically TPM includes key that's also signed with manufacturer key. You can't just extract it and signature ensures that this key is "trusted". When asked, TPM will return boot chain (including bootloader or UKI hash), signed by its own key which you can present to remote party. The whole protocol is more complicated and includes challenge.
Tpm isn't designed for this use case. You can use it for disk encryption or for identity attestation but step 1 for id attestation is asking the tpm to generate a key and then trusting that fingerprint from then on after doing a test sign with a binary blob. The running kernel is just a binary that can be hashed and whitelisted by a user space application. Don't need tpm for that.
Ah, got it. With enough motivation this is still pretty easily defeated though. The key is in some kind of NVRAM, which can be read with specialized equipment, and once it's out, you can use it to spoof signatures on a different machine and cheat as usual. The TPM implementations of a lot of consumer hardware is also rather questionable.
These attestation methods would probably work well enough if you pin a specific key like for a hardened anti-evil-maid setup in a colo, but I doubt it'd work if it trusts a large number of vendor keys by default.
Once it's out you could but EKs are unique and tied to hardware. Using an EK to sign a boot state on hardware that doesn't match is a flag to an anti-cheat tool, and would only ever work for one person.
It also means that if you do get banned for any reason (obvious cheating) they then ban the EK and you need to go source more hardware.
It's not perfect but it raises the bar significantly for cheaters to the point that they don't bother.
> Using an EK to sign a boot state on hardware that doesn't match is a flag to an anti-cheat tool
The idea is you implement a fake driver to sign whatever message you want and totally faking your hardware list too. As long as they are relatively similar models I doubt there's a good way to tell.
Yeah, I think there are much easier ways to cheat at this point, like robotics/special hardware, so it probably does raise the bar.
Any sane scheme would whitelist TPM implementations. Anyway fTPMs are a thing now which would ultimately tie the underlying security of the anticheat to the CPU manufacturer.
Uh, you'd have to compile a Kernel that doesn't allow it while claiming it does ... And behaves as if it does - otherwise you'd just fail the check, no?
I feel like this is way overstated, it's not that easy to do, and could conceptually be done on windows too via hardware simulation/virtual machines. Both would require significant investments in development to pull of
Right, the very thing that works against AC on Linux also works for it. There are multiple layers (don't forget Wine/Proton) to inject a cheat, but those same layers could also be exploited to detect cheats (especially adding fingerprints over time and issuing massive ban-waves).
And then you have BasicallyHomeless on YouTube who is stimulating nerves and using actuators to "cheat." With the likes of the RP2040, even something like an aim-correcting mouse becomes completely cheap and trivial. There is a sweet-spot for AC and I feel like kernel-level might be a bit too far.
All it takes is going to cd usr src linux and running make menuconfig. Turning off a few build flags. Hitting save. And then running make to recompile. But that's like saying "well if I remove a fat32 support I can't use fat32". Yea it will lock you out showing you have it disabled. No big deal.
That would require that they actually make the effort to develop Linux support. The current "it just works" reality is that the games developers don't need to support running on Linux.
Pirate everything. Stop feeding beasts and they have no power.
The idea that you need intrusive surveillance in order to make games fair is absurd. If you need fair games, you need referees and moderation, which means you need to train and pay competent people and establish open and transparent rules and tools. You can also give your refs latitude, so if someone is obviously cheating, they have the power to do something about it. You should also require and implement publicly transparent and auditable actions with recourse for players to prevent abuses of power.
That's expensive. It's much easier to create a terms of service with vague guidelines, implement a totally intrusive, absurdly invasive rootkit that does some bare minimum scanning for known cheats and patterns, which establishes an arms race and provides bad actors a nice little point of ingress when the responsible company inevitably fails to protect their users competently.
Just like media platforms, if you cannot moderate at the scale at which you're operating, then it shouldn't be legal to operate at that scale.
People should stop giving money to companies that don't deserve it. No game is worth sacrificing your integrity for. "Just trust us, we know what we're doing" is a huge red flag, and it should be criminal to do what they do.
AI refs are going to be a very real possibility in the near future that can be just as fair and competent as humans, so the "necessity" for rootkits won't be a valid argument for much longer. It'll still be expensive, but multiplayer gaming fairness shouldn't ever serve as a reason for nuking privacy.
I always wondered. Isn't exactly what eBPF would allow you to do?
Assuming that cheats work by reading (and modifying) the memory of the game process you can you can attach a kprobe to the sys_ptrace system call. Every time any process uses it, your eBPF program triggers. You can then capture the PID and UID of the requester and compare it against a whitelist (eg only the game engine can mess with the memory of that process). If the requester is unauthorized, the eBPF program can even override the return value to deny access before the kernel finishes the request.
Of course there are other attack vectors (like spoofing PID/process name), but eBPF covers them also.
All of this to say that Linux already has sane primitives to allow that, but that, as long as devs don't prioritize Linux, we won't see this happening.
but how does the anti-cheat know that the kernel is not modified such that it disables certain eBPF programs (or misreports cheats/spoofs data etc)?
This is the problem with anti-cheat in general (and the same exists with DRM) - the machine is (supposedly) under the user's total control and therefore, unless your anti-cheat is running at the lowest level, outside of the control of the user's tampering, it is not trustworthy. This leads to TPM requirements and other anti-user measures that are dressed as pro-user in windows.
There's no such thing in linux, which makes it inoperable as one of these anti-cheat platforms imho.
Great point. As I mentioned there are other attack vectors and you can mitigate them. For mitigating what you are mentioning for instance you don't just run one eBPF program, but you run a cluster of them that watch each other:
(The following was refined by an LLM because I didn't remember the details of when I was pondering this a while back)
All your anti cheats are eBPF programs hooked to the bpf() syscall itself.
Whenever any process tries to call BPF_PROG_DETACH or BPF_LINK_DETACH, your monitors check if the target is one of the anti cheats in your cluster of anti-cheats.
If an unauthorized process (even Root) tries to detach any of your anti-cheat processes, the eBPF program uses bpf_override_return to send an EPERM (Permission Denied) error back to the cheat.
(End LLM part)
Of course, you can always circumvent this by modifying and compiling the kernel so that those syscalls when targeting a specific PID/process name/UID aren't triggered. But this raises the difficulty of cheating a lot as you can't simply download a script, but you need to install and boot a custom kernel.
So this would solve the random user cheating on an online match. Pro users that have enough motivation can and will cheat anyway, but that is true also on windows. Finally at top gaming events there is so much scrutiny as you need to play on stage on vetted PCs that this is a non-issue
It's open source. Somebody will simply publish an AUR package with a custom kernel that is one command away. You're underestimating the capability of motivated nerds to make a good UX when needed :p. This is how we ended up with SteamOS in the first place
But given Linux kernel is monolithic and you can enforce signing of kernel modules too, using TPM to make sure the Kernel isn't tampered with is honestly the way to go.
You can't, but circumventing anti cheats already happens on windows with all their fancy kernel level anti cheats.
I believe the goal is to make it so uncomfortable and painful that 99.999% of the users will say fuck it and they won't do it. In this case users need to boot a custom kernel that they download from the internet which might contain key-loggers and other nasty things. It is not just download a script and execute it.
For cheat developers, instead, this implies doing the modifications to allow those sys-calls to fly under the radar while keeping the system bootable and usable. This might not be trivial.
Another unresolved roadblock is Nvidia cards seriously underperforming in DX12 games under Proton compared to Windows. Implementing DX12 semantics on top of Vulkan runs into some nasty performance cliffs on their hardware, so Khronos is working on amending the Vulkan spec to smooth that over.
What percentage of games require DX12? From what I recall, a surprisingly large percentage of games support DX11, including Arc Raiders, BF6 and Helldivers 2, just to name a few popular titles.
At the same time, Vulkan support is also getting pretty widespread, I think notably idTech games prefer Vulkan as the API.
DX12 is overwhelmingly the default for AAA games at this point. The three titles you listed all officially require DX12, what DX11 support they have is vestigial, undocumented and unsupported. Many other AAAs have already stripped their legacy DX11 support out entirely.
Id Software do prefer Vulkan but they are an outlier.
DX12 is less and less the default, most gamedev that I’ve seen is surrounding Vulkan now.
DX12 worked decently better than openGL before, and all the gamedevs had windows, and it was required for xbox… but now those things are less and less true.
The playstation was always “odd-man-out” when it came to graphics processing, and we used a lot of shims, but then Stadia came along and was a proper linux, so we rewrote a huge amount of our render to be better behaved for Vulkan.
All subsequent games on that engine have thus had a vulkan friendly renderer by default, that is implemented cleaner than the DX12 one, and works natively pretty much everywhere. So its the new default.
I am wondering can game be shipped with their own "kernel" and "hypervisor", basically an entire VM. Yes performance will take a hit, but in my experience with my own VM, it's like 15-20%.
Clearly, when there will be enough Linux gamers another solution to the kernel-level anti-cheat issue will be found. After all, the most played competitive shooter is CS and Valve has does not use kernel-level AC.
> After all, the most played competitive shooter is CS and Valve has does not use kernel-level AC.
Valve doesn't employ kernel AC but in practice others have taken that into their own hands - the prevalence of cheating on the official CS servers has driven the adoption of third-party matchmaking providers like FACEIT, which layer their own kernel AC on top of the game. The bulk of casual play happens on the former, but serious competitive play mostly happens on the latter.
The best description I've been able to give of the dichotomy of CS is this: there is no way for a person to become good enough to get their signature into the game, without using kernel-level ACs.
The competitive CS leagues do use AC though. The big issue for these games is the free-to-play model does not work without anti-cheat. Having a ~$20 fee to cheat for a while before getting banned significantly reduces the number of cheaters, and that's what CS does with their prime server model.
And for what it's worth, I'm pretty sure Valorant is the most played competitive shooter at the moment.
How does their revenue rely on it? People won't buy/recommend their games if they can't solve a fundamental problem, without full control over the machine their product is running on? Then they can change their business model and/or game mechanics. Simple as that. The only reason that blatant security violation was ever considered a viable option is because Microsoft gave them the ability to actually do it with the click of a button. Those companies can adapt, or die.
First, let's ask ourselves how many PCs have users play games with anti-cheat frameworks. I'm absolutely no expert, but if it's more than, what? 10%? let's even say 20% - I'd be surprised.
> and unfortunately a good majority of the gaming industry by revenue relies on it.
Well, it used to be the case that game makers relied on copy protection in floppy discs, and movie distributors on DVD/BluRay copy protection. Conditions changed and they adapted.
Isn't it a more fundamental problem? I can imagine a cheating setup where you have a separate PC with a HDMI capture stick ("analog hole") and access to the controllers.
I dont get the feeling they care. Microsoft is so lost under Satya at this point. Totally blinded by Azure and AI and stock price growth. At some point they're going to realize all the ground they've lost and it's going to be a real problem. They're repeating a lot of the same mistakes that cost them the browser and mobile market.
Yeah. MS must have been so hurt about losing to the iPhone, they really jumped the gun on AI as if to avoid a similar mistake. It's Satya's major play and I think they are already paying for that decision. xbox is hollowed out so that AI can be funded, while the pc/console hybrid project is doomed to fail because "windows everywhere" doesn't work if windows is crap. indeed, they might be left with just the cloud business in the end.
And the funniest thing is: not having a mobile platform anymore will be the death knell for all of their AI efforts.
I’m not really into this AI shenanigans, but it seems to me that if you want people to use /your/ bot, you gotta give it to people in the most seamless and efficient way possible, and that does not translate well to a desktop OS.
I don’t think they would have dethroned iOS or even Android had they stayed their ground, but they probably would’ve had a stronger base to build upon for their Copilot nonsense. Those that used Windows Phone used it because they loved it, Copilot could’ve garnered some good rep from those already sold on Microsoft’s platform; instead, they’re trying to shove it down people’s throats even though very few people actually use Windows because they actively like it, most use it because it’s the “default” OS and they do not (and care not to) know any better.
"Totally blinded by Azure and AI and stock price growth."
Stock price growth is their core business because that is how large firms operate.
MS used to embrace games etc because the whole point was all PCs should run Windows. Now the plan is to get you onto a subscription to their cloud. The PC bit is largely immaterial in that model. Enterprises get the rather horrible Intune bollocks to play with but the goal is to lock everyone into subs.
If people were buying new PCs every year like they used to I'd be worth it. Turns out there isn't as much value having a "captive market" on a PC unless it's locked down.
When the rumour was Windows 10 will be the last windows! I don't think people thought it would because of win11 would be so unbearable it would finally drive users to Linux.. but here we are. RIP.
The irony is that gaming on linux got better but the instigator was not the OSS community. All of it was funded by closed source software competing with other close source software. The OSS community by itself did not have the conviction to climb over this bulwark.
But when Steam started to develop Proton, WINE was 90% there! Valve only had to provide the remaining 90%.
The strength of Linux and Free software in general is not in that it's completely built by unpaid labor. It's built by a lot of paid, full-time labor. But the results are shared with everyone. The strength of Free software is that it fosters and enforces cooperation of all interested parties, and provides a guarantee that defection is an unprofitable move.
This is one of the reasons you see Linux everywhere, and *BSD, rarely.
> This is one of the reasons you see Linux everywhere, and *BSD, rarely.
I doubt it's a large reason. I'd put more weight on eg Linus being a great project lead and he happens to work on Linux. And a lot of other historical contingencies.
BSD does a few things right, hence it's used by Netflix (who share back some of their work), userland of macOS (because Apple don't like GPL, I assume), PS4 and PS5 (IDK if anything seeps back upstream from there).
It isn’t about conviction. Gaming takes tremendous resources and they were not there. But if this starts shifting the tides there is a possible future where game developers start building for Linux as a primary target and to run games on Windows or Mac you would use emulation. In fact this seems like a better overall approach given that there are no hidden APIs with Linux.
Money and resources suddenly materialized once someone realized that there was profit in it is pretty much the expected way this goes. OpenTofu happened not because of some OSS force of will but because a group of companies needed it to exist for their business.
This flow is basically the bread and butter for the OSS community and the only way high effort projects get done.
This still has a "sometimes" on it, there are more then a few games that need magic proton flags to run well, nothing you can't go look up on protondb, but lots of games you would want to play with friends might have some nasty anti-cheat on it that just won't let you play it at all.
Gaming works fine with exception of things like BF6 that require kernel level anti cheat.
The one thing I haven’t been able to get working reliably is steam remote play with the Linux machine as host. Most games work fine, others will only capture black screens.
I get to see the Steam Big Picture albeit very laggy. Also the games I tried such as Transport Fever 2 and Valheim are streamed and visible but still noticeably laggy. Only some games such as Arc Raiders yield a black image.
Proton has gotten so good now that I don't even bother checking compatibility before buying games.
Granted, I don't play online games, so that might change things, but for years I used to have to make a concession that "yeah Windows is better for games...", but in the last couple years that simply has not been true. Games seem to run better on Linux than Windows, and I don't have to deal with a bunch of Microsoft advertising bullshit.
Hell, even the Microsoft Xbox One controllers work perfectly fine with xpad and the SteamOS/tenfoot interface recognizes it as an Xbox pad immediately, and this is with the official Microsoft Xbox dongle.
At this point, the only valid excuses to stay on Windows, in my opinion, are online games and Microsoft Office. I don't use Office since I've been on Unixey things so long that I've more or less just gotten used to its options, but I've been wholly unable to convince my parents to change.
I love my parents, but sometimes I want to kick their ass, because they can be a bit stuck in their ways; I am the one who is expected to fix their computer every time Windows decides to brick their computer, and they act like it's weird for me to ask them to install Linux. If I'm the one who has to perform unpaid maintenance on this I don't think it's weird for me to try and get them to use an operating system that has diagnostic tools that actually work.
As far as I can tell, the diagnostic and repair tools in Windows have never worked for any human in history, and they certainly have never worked for me. I don't see why anyone puts up with it when macOS and Linux have had tools that actually work for a very long time.
> At this point, the only valid excuses to stay on Windows, in my opinion
I didn’t see a performance increase moving to Linux for the vast majority of titles tested. Certainly not enough to outweigh the fact that I want EVERY game to work out of the box, and to never have to think if it will or won’t. And not all of my games did, and a not insignificant number needed serious tweaking to get working right.
I troubleshoot Linux issues all day long, I’ve zero interest in ever having to do it in my recreation time.
That’s a good enough reason for me to keep my windows box around.
I use Linux and OSX for everything that isn’t games, but windows functions just fine for me as a dumb console and I don’t seem to suffer any of these extreme and constant issues HN users seem to have with it from either a performance or reliability standpoint.
If you want every game to work then you would be better off with a game console. I've had plenty of bullshit fighting with DLL files and registry keys to get games working on Windows in the past. Maybe it's gotten better since Windows 7, which is the last time I seriously did any Windows gaming, but I doubt it.
For some reason amongst other people, these bits of debugging just "don't count". I don't know why.
> If you want every game to work then you would be better off with a game console.
I have a console. They can not offer performance I can tolerate. I require 120+ fps for most titles in order to not get motion sickness from modern displays.
> I've had plenty of bullshit fighting with DLL files and registry keys to get games working on Windows in the past.
I've had no such fighting. Shit, the last time I touched a registry to "fix" anything in windows was probably XP.
> I don't know why.
Probably because not everyone has the same experience. None of the major operating systems is free of issue, but in the same vein, neither have caused me particularly more headaches than another.
The Quest 3 works offline with ALVR streaming over a private (non-Internet connected) WiFi network. Together with my 3090 I get 8k @ 120fps with 20ms latency over a WiFi6e dongle. I had to manually install the dkms for the dongle on PopOs, but apart from that it just works. ALVR starts SteamVR and then I use Steam to start the game. Proton seems to use Vulcan for rendering.
> I just hope that Nvidia notices that there does appear to be a swing happening and improves their driver situation.
I firmly believe that Nvidia doesn't want the general public to ever have better hardware than what is current as people could just run their own local models and take away from the ridiculous money they're making from data centers.
In step they're now renting their gaming GPUs to players with their GeForce now package.
The market share for Nvidia of gamers is a rounding error now against ai datacenter orders. I won't hold my breath about them revisiting their established drivers for Linux.
> I firmly believe that Nvidia doesn't want the general public to ever have better hardware than what is current as people could just run their own local models and take away from the ridiculous money they're making from data centers.
You're underestimating them. They don't even want rich professional users to own hardware that could compete with their datacenter cash cow.
Take RTX 6000 Pro, a $10k USD GPU. They say in their marketing materials that these have fifth-generation tensor cores. This is a lie, as you can't really use any 5th-gen specific features.
Take a look at their PTX docs[1]. The RTX 6000 Pro is sm_120 in that table, while their datacenter GPUs are sm_100/sm110. See the 'tcgen05' instructions in the table? It's called 'tcgen05' because it stands for "Tensor Core GEN 05". And they're all unsupported on sm_120.
I’ll keep repeating it: the more people vote with their wallet, the more game companies will deploy Linux - including the anticheat.
EAC has the support for Linux, you just have to enable it as a developer.
I know this, I worked on games that used this. EAC was used on Stadia (which was a debian box) for the division, because the server had to detect that EAC was actually running on the client.
I feel like I bring this up all the time here but people don’t believe me for some reason.
This does not mean it supports the full feature set as from EAC on Windows. As an analogy, it's like saying Microsoft Excel supports iPad. It's true, but without VBA support, there's not going to be many serious attempts to port more complicated spreadsheets to iPad.
Funnily enough the most annoying things on my system at the moment is RGB and keyboard/mouse customisation.
I haven’t found a tool that can access all the extra settings of my Logitech mouse, not my Logitech speakers.
OpenRGB is amazing but I’m stuck on a version that constantly crashes; this should be fixed in the recent versions but nixpkgs doesn’t seem to have it (last I checked).
On the other hand I did manage to get SteamVR somewhat working with ALVR on the Quest 3, but performance wasn’t great or consistent at all from what I remember (RTX 3070, Wayland KDE).
Have you tried running the windows RGB utility via Wine with HIDRAW enabled for the device?
Alternatively, given you’re running NixOS you can just override the `src` of the derivation with a newer version. This is part of the point of running NixOS: making small modifications to packages in the fly.
Good idea about HIDRAW — I’ll have to look into that, thanks!
I did try overriding the src for OpenRGB but as I’m on unstable, something else in the dependency chain must have broken as the post-install patches weren’t applying IIRC.
Wasn’t urgent but I’ll likely get back to it at some point.
I was annoyed recently because I replaced my GPU and I had to boot into Windows for the first time in months and install drivers just to turn off the RGB on the card because OpenRGB wouldn't find it.
When that steam deck clone came out and games played better on SteamOS than on Windows on the exact same hardware, it woke a bunch of people up. Microsoft scrambled to bring the startup time and footprint down but shots had already been fired.
You don’t want a vendor you have to publically shame to get them to do the right thing. And that’s MS if any single sentence has ever described them without using curse words.
I've got the Legion Go S with Steam OS, and that shit is great. It's stable, my games run well, the OS is pretty much entirely in the background, but I can still access it fully if I need to. Love it.
What might help is if AMD or Nvidia take the gamble and create decent drivers and advertise Linux compatibility, driving up sales, forcing their competitor to do the same.
But they work out of the box, which is my point. You can use a device that can be inbetween which places screen into fixed space in front of you for example. While it is cool, it is kind of a hassle to have this device inbetween. I just plug them directly and they work.
>which is pretty promising at least for the games that aren't intentionally excluded by DRM.
Sadly, those exclusions are pretty big asks for the common folk. That's always what it comes down to. Some killer tool you need for whatever reason that either doesn't work on Linux, or is severely compromised.
I'm very comfortable with Linux, but my work still requires Unreal Engine. And good luck getting that going in Linux. So I'm stuck with dual booting at the bare minimum.
