Support us on Patreon
PayPalOne of the big topics of discourse in the Linux gaming sphere recently has been Tim Sweeney's statement on porting Fortnite to the Steam Deck, where Sweeney argues that Linux would be too difficult of a target and the market not big enough to warrant the amount of resources it would take to bring all of Fortnite on the platform.
The central crux of the issue, from Sweeney's point of view, is that making Easy Anti-Cheat, with all of its capabilities, run on Steam Deck (and thus on Linux) would be extremely difficult. He argues, that for a game of Fortnite's size this would open the flood-gates to significant influx of cheaters.
There have been some responses to this from the Linux side, with some accusing Sweeney of exaggerating the difficulty of such a port or that his statements are conflicting, because he simultaneously believes the Linux market is too small to be worthwhile but also would provide a way for too many cheaters. I will address some of these aspects a bit later, but for now let's focus on the main technical blocker, which is Easy Anti-Cheat.
Easy Anti-Cheat, or EAC, is an anti-cheat solution which apparently comes in a few configurations. We know that it can be run in a configuration where it is compatible with Linux/Proton apparently with just a relatively simple toggle. However, this mode of operation is seemingly a comparatively high-trust configuration, where only part of the anti-tampering protections of EAC are active. This may prevent some cheats but fail to detect others, which can be perfectly reasonable for games, where the number of cheaters and potential cheaters are fairly low or other systems complement the anti-cheat solution. There are plenty of games, even some popular free-to-play titles, which at best have this level of anti-tamper protection and they don't seem to have a major cheating epidemic, so clearly in many cases this should be enough. We also don't know the scope of cheats that are detected by EAC in this configuration, so this system by itself may already be fairly comprehensive.
EAC also contains a kernel-level component, which on Windows is installed as a kernel driver. This allows EAC code to run at a very privileged level and inspect essentially any and all parts of the system in order to detect tampering. This provides a very broad level of monitoring, which is also harder to bypass. Based on Sweeney's comments, this is the mode of operation used by Fortnite. It is also a mode of operation that is technically incompatible with the Linux way of doing things.
In Linux, the standard way of delivering drivers is by submitting the driver into the kernel source code tree, which naturally requires that the driver be open source. Most drivers are delivered this way, where the driver gets tightly integrated into the kernel and the drivers are updated when the kernel is updated. There are of course some notable exceptions to this rule, the largest of which is the Nvidia driver. The Nvidia driver is instead loaded as a separate kernel module, which allows Nvidia to keep its source code hidden, but also allows the driver to be updated separately from the kernel. So, EAC could surely use this approach as well, right?
The separate kernel module approach comes with some gotchas. Firstly, the kernel is licensed under GPLv2 and many of the parts in the kernel require the calling code to also be GPLv2 due to the "viral" quality of GPL. This means that, legally speaking, if Epic were to turn EAC into a kernel module and started poking around the kernel APIs, they'd have to open source EAC or they'd be in a legal grey area. The first approach is obviously not possible due to their business model and the second is at least not a great look.
Another problem with separate kernel modules is that the Linux kernel only guarantees a stable user-facing interface. This means that almost anything is allowed to change inside the kernel as long as user-level programs continue functioning. This is also the reason why sometimes the Nvidia driver stops working when you upgrade from one kernel to the next without installing an up-to-date Nvidia driver as well. So, when Sweeney is complaining about the multitude of kernel configurations, he's not wrong. EAC would need to maintain a compatibility shim similar to that of the Nvidia driver, which ensures that the EAC kernel module functions with each kernel version out there. Every time the kernel updates, an EAC engineer would need to go over the changes and update the compatibility shim every time there's a breaking change while still maintaining the compatibility with older kernel versions.
Theoretically you could overcome this problem somewhat by only targeting the Steam Deck and its SteamOS. This would give you a single kernel version to target, although Epic would need to negotiate with Valve in order to ensure their driver is somehow shipped with SteamOS.
But the problems don't end there. Since Linux is a fully open platform, there is technically nothing that would prevent a determined cheater from cracking open the Linux source code and making some tactical changes to how the kernel behaves, building the kernel and then making the EAC kernel module blind. On Windows the EAC developers can assume that the black box that is the NT kernel is at least somewhat difficult to modify by users. This means that in kernel-space they can assume some level of security through obscurity. On Linux this assumption does not hold. The only way for Epic to overcome that problem would be to negotiate with Valve to lock down the Steam Deck, which Valve has already decided not to do.
So, from EAC's point of view the Linux platform can never be quite fully trusted, which is entirely fair, because from the user's point of view EAC can never be quite fully trusted.
But surely Epic could still somehow bring Fortnite to the Steam Deck, right? Surely they could ship a version of Fortnite without the kernel-level component, right?
That they could, which brings us to the points about market share and the viability of cheating. Sweeney argues that the Linux market is too small, which initially sounds a bit odd because he then goes on to worry about the large numbers of cheaters. The kicker is here that the small Linux market doesn't necessarily guarantee a low number of cheaters. If it turns out that certain cheats are possible via a Linux version of Fortnite, this will attract some cheaters to use the platform in order to bypass EAC. It won't be all of the cheaters, many casual cheaters would likely not bother to learn Linux in order to cheat in a video game, but there is no doubt a group of cheaters that would take the opportunity. So, Fortnite would see some increase in cheating, but without good data it is hard to determine how big that effect would be. However, considering the popularity and free-to-play nature of Fortnite, it could very well be that it would be an attractive enough target for cheaters to attack even if there is a slightly higher initial investment. Cheat makers on the other hand would probably eventually find ways to package their offerings in an accessible enough format, like boot-to-cheat USBs or pre-configured VM images.
Some solutions to this problem have been proposed. For example, they could silo Steam Deck/Linux users in such a way that they will never come into contact with the rest of the playerbase. This would contain cheating, but it's also a hard-handed measure that would likely be unpopular. It would also require some amount of work to accomplish and I think it's fair for Epic to discount options that would cause extra work on them.
So, what's the solution to the problem? Here's the thing: I don't think there is one. My personal opinion is that client-side anti-cheat is fundamentally limited and taking it into the kernel is a bandaid that comes with excessive cost and is simply incompatible with the Linux platform. So, as long as Epic insists on maintaining its current anti-cheat approach with Fortnite, I just don't think there's going to be Fortnite on Linux.
And that doesn't mean Tim Sweeney is wrong or lying about the difficulties of adapting that approach to Linux. It just means that a new or different approach is needed in the future.
Article taken from GamingOnLinux.com.
Quoting: TheSHEEEPAt least that is the situation on Windows.
Normally - shouldn't be. Windows has its own ACL. If someone gives full access to their own data - well, too bad. But no, they can't already do it, unless you let them. So this logic is garbage, becasue they imply that you should let them.
And let's assume they could do it in some way. Their argument basically goes - so give us even more. My point is - it's a slippery slope. The push should be in the opposite direction, not in the direction of some dystopian nightmare.
Also the argument of "too late" is fake as it has always been. It's never too late for them to claim they need higher level of access? So it's never too late for users to push back against that trash either.
Last edited by Shmerl on 10 February 2022 at 8:29 am UTC
As for client side spying to prevent cheating, it might be a solution but not like it's done now. It can't be about letting untrusted corporates learn verything about who you are and what you do on your personal computer. It needs some kind of containerization. Inside you can spy whatever you want. Outside you only spy with open source stuff. And if it can't be done inside linux screw it. Windows partition for Fortnite, linux for trading and banking. Live happy and secure.
Quoting: SamsaiEAC also contains a kernel-level component, which on Windows is installed as a kernel driver. This allows EAC code to run at a very privileged level and inspect essentially any and all parts of the system in order to detect tampering. This provides a very broad level of monitoring, which is also harder to bypass. Based on Sweeney's comments, this is the mode of operation used by Fortnite. It is also a mode of operation that is technically incompatible with the Linux way of doing things.
I was thinking... we can paraphrase this: "with EAC cheaters will have easier time to cheat on linux. By design." Or for the average Joe out there "Linux is the OS of cheaters to cheat". Fast forward 2-3 years and I don't like where all this is going.
Quoting: ShmerlBut no, they can't already do it, unless you let them. So this logic is garbage, becasue they imply that you should let them.You have to let them if you want to use their software. That's the situation. If anyone likes it or not or if it should be done or not is beyond the point.
So, assuming that someone is a player of Fortnite, they already let them and so the devs already have access. Someone who isn't a Fortnite player (or other similar games) isn't bothered by any of this anyway.
Quoting: BlackBloodRumThe are big differences being:1) Completely irrelevant for 99% of people. I don't know if I've even seen people sharing PCs with different people using different accounts in the last 15+ years and I've been living in 3 different countries and seen lots of homes (I'd say)...
1) With user level privileges (on Linux, without SUDO enabled) they can only collect info on the current user and that users related processes (things that user has access to). Other users and their information are safe.
2) When the game stops, the spying stops so long as its process is ended.
3) We can write apparmor or SELinux profiles or put it in other sandboxes to limit the information it has.
4) When a kernel module is involved, it has access to everything.
5) You can't sandbox it.
6) A kernel module starts up when your kernel starts, it stops when your kernel stops, so it is basically active the entire time you use your computer.
2) So? If the game devs wanted to find out something about you, they could do it while the game is running, including information not only pertaining to the game. Little need for spyware to run permanently unless remote access was the goal.
3) That's the hoops I was talking about.
4-6) Yes, but as I wrote, all of that doesn't really let you do more to gain personal information about a user. Most of that was already possible before. Albeit involving more work, but if someone really wanted to, they could.
The entire thing comes down to a trust problem. Do you trust a dev not to do "bad things" with access you give them?
If so, you can give them access.
If not, no technicality is ever going to make you "feel safe" unless you manage to run the entire thing sandboxed (not sure if possible and/or performance impact for games).
Last edited by TheSHEEEP on 10 February 2022 at 11:16 am UTC
Quoting: pete910Quoting: SamsaiQuoting: Lancabanwith everything saifd about the Linux kernel and different versions and hackabiltiy etc. yet it plays on Android, even on 3rd party Roms and Kernels just fine.Theoretically yes. I think the overriding issues are that Android is a market big enough to take the risk and generally speaking tech illiterate enough that the likelihood of someone installing a custom ROM to cheat in Fortnite is so unlikely, that it doesn't register as a realistic risk.
Would that not have the same exact issues and from a significantly larger player base than desktop Linux users?
Right now I can take my phone, root it, throw on a different Rom, and even use a different customized kernel, and still play Fortnite. This has been done, proven, viewed, tested, and seems to be OK.
Think you've just shot your own argument in the foot there.
It's a given than 99% of cheaters have no clue on how to write a cheat let alone a kernel driver on windows, Which also would be true for Linux side or the deck.
So the entire premise fails as a result of that theory.
The simple fat is that he has no intention of allowing fortnite on the deck. Am sure if the deck had been produced by say Samsung it wouldn't have been an issue.
This!
They do have a bit of a sense but that sense comes out from to lazy to invest time and money as they would see no real or huge gains on a game in Linux. Im some what positive it comes from investor group once they calculated cost/time and returns.
I like how they always puts "small player base" like an excuse for anything to do with Linux in gaming but they do not realize that once you can play games on Linux - same Windows player base will shrink and Linux base - grows as i believe many of us just run games in VM`s or just dual boots or just use 2 PC`s.
I can not re-call who was , what game developer etc. they had Linux,Mac and Windows game - Linux player base was the best to deal with bugs and issues as they where most technical and detailed everything and i thing gave some ideas and fixes how to do it.
Plus, any game which is F2P and its popular will have cheaters even with a paywall. Look at Apex Legends - its borderline unplayable in some regions due to cheaters and anti-cheat is not helping a lot.
If person wants to cheat - he will and if he can not create a cheat there is always a cheat provider even if anti-cheat is running at kernel level.
BlackBloodRum Feb 10, 2022
Quoting: TheSHEEEPWow.Quoting: ShmerlBut no, they can't already do it, unless you let them. So this logic is garbage, becasue they imply that you should let them.You have to let them if you want to use their software. That's the situation. If anyone likes it or not or if it should be done or not is beyond the point.
So, assuming that someone is a player of Fortnite, they already let them and so the devs already have access. Someone who isn't a Fortnite player (or other similar games) isn't bothered by any of this anyway.
Quoting: BlackBloodRumThe are big differences being:1) Completely irrelevant for 99% of people. I don't know if I've even seen people sharing PCs with different people using different accounts in the last 15+ years and I've been living in 3 different countries and seen lots of homes (I'd say)...
1) With user level privileges (on Linux, without SUDO enabled) they can only collect info on the current user and that users related processes (things that user has access to). Other users and their information are safe.
2) When the game stops, the spying stops so long as its process is ended.
3) We can write apparmor or SELinux profiles or put it in other sandboxes to limit the information it has.
4) When a kernel module is involved, it has access to everything.
5) You can't sandbox it.
6) A kernel module starts up when your kernel starts, it stops when your kernel stops, so it is basically active the entire time you use your computer.
2) So? If the game devs wanted to find out something about you, they could do it while the game is running, including information not only pertaining to the game. Little need for spyware to run permanently unless remote access was the goal.
3) That's the hoops I was talking about.
4-6) Yes, but as I wrote, all of that doesn't really let you do more to gain personal information about a user. Most of that was already possible before. Albeit involving more work, but if someone really wanted to, they could.
The entire thing comes down to a trust problem. Do you trust a dev not to do "bad things" with access you give them?
If so, you can give them access.
If not, no technicality is ever going to make you "feel safe" unless you manage to run the entire thing sandboxed (not sure if possible and/or performance impact for games).
Well that would be your decision your welcome to it.
But personally I don't understand how someone could be okay with allowing a third party to basically have full reign over their computer and what it does.
For me it's more about system integrity and security.
Personally I could never trust it. For example a kernel module can change firewall rules in such a way its undetectable from the userspace, it could install other software silently, it could remove software, remove or edit files etc. Afterall, it has kernel level access. It can do absolutely anything, silently and undetectably.
I accept and understand you're okay with that.. and that's certainly a choice you're welcome to make, but it won't be on my systems.
Last edited by BlackBloodRum on 10 February 2022 at 11:35 am UTC
Quoting: GuestOne is also assuming that it's only the dev that has access. Even polkit has recently had a severe exploit found that could quite easily give someone root access, something it was never designed to do. So it's not just worrying about the dev doing bad things, it's worrying that someone else can get into your system and do bad things as a result of an inherently bad security design.Sure, but that is true for everything.
If a game is popular enough, then I'm sure it becomes a target - not just for cheaters, but if the rewards of finding a security vulnerability are gaining unrestricted access to systems that includes credit card information, banking details, personal information, etc, then you can bet a lot of "bad people" will be putting a good deal of effort into finding some security hole that they can exploit.
Didn't Intel itself have some of these security risks found (and fixed) recently?
As soon as you use a computer accessing/using online services, you should be aware that NOTHING you do with it or on it will ever be 100% safe.
People who you don't trust CAN target you, if they so desire, always, it's just a matter of incentive and resources. There is nothing you can do to entirely prevent it, so doing more than a reasonable minimum becomes a waste of time for the vast majority of people (as most people are not valuable targets).
If you really wanted full privacy, your only solution would be to not exist online or digitally in any shape, way or form. Good luck with that...
With all of that in mind, one thing you can decide is who you will or won't trust (knowing full well that they themselves could become victims of attacks).
So if I really wanted to play Fortnite (I sure don't) I'd just roll with it as I trust the developers to not try and build a psychological profile of me while trying to prevent cheating.
Quoting: TheSHEEEPWith all of that in mind, one thing you can decide is who you will or won't trust (knowing full well that they themselves could become victims of attacks).
So if I really wanted to play Fortnite (I sure don't) I'd just roll with it as I trust the developers to not try and build a psychological profile of me while trying to prevent cheating.
? With open source you don't "trust", you precisely know what it's happening on your machine. You know for instance if an hypothetical anti cheat module is looking only for cheats or also for what's going on in your browser. And you know which part of what is found remains in your machine and what is sent back to the corporate cloud.
It's just that. If have nothing to hide, you don't take the trouble to hide what you do. That's the issue with anti cheats. That's what makes them spyware. Were they open source, there would be far less if not no concern at all in having them scanning your memory.
Last edited by Mal on 10 February 2022 at 12:52 pm UTC
areamanplaysgame Feb 10, 2022
See more from me