Anticheat starts upon computer boot
![Gold](data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="32" height="32"><rect fill-opacity="0"/></svg>)
2Anticheat starts upon computer boot
Hi guys. I have played the game a little bit and it's fun! But there's one problem.
The kernel anticheat driver (vgk.sys) starts when you turn your computer on.
To turn it off, I had to change the name of the driver file so it wouldn't load on a restart.
I don't know if this is intended or not - I am TOTALLY fine with the anticheat itself, but I don't really care for it running when I don't even have the game open. So right now, I have got to change the sys file's name and back when I want to play, and restart my computer.
For comparison, BattlEye and EasyAntiCheat both load when you're opening the game, and unload when you've closed it. If you'd like to see for yourself, open cmd and type "sc query vgk"
Is this intended behavior? My first glance guess is that yes, it is intended, because you are required to restart your computer to play the game.
Edit: It has been confirmed as intended behavior by RiotArkem. While I personally don't enjoy it being started on boot, I understand why they do it. I also still believe it should be made very clear that this is something that it does.
If you are worried here is a small powershell script that will run valorant then on exit will ask if you would like to uninstall the anti-cheat (This will stop the kernel driver). When you relaunch the game a reboot is required and you would have to click no to not uninstall before playing.
#Set your Riot Games Install Folder Here
$RiotGames= "D:\Games\Riot Games\"
Start-Process -FilePath $RiotGames'Riot Client\RiotClientServices.exe' -ArgumentList "--launch-product=valorant --launch-patchline=live" -Wait
Start-Process -FilePath "$Env:Programfiles\Riot Vanguard\uninstall.exe"
#Set your Riot Games Install Folder Here
$RiotGames= "D:\Games\Riot Games\"
Start-Process -FilePath $RiotGames'Riot Client\RiotClientServices.exe' -ArgumentList "--launch-product=valorant --launch-patchline=live" -Wait
Start-Process -FilePath "$Env:Programfiles\Riot Vanguard\uninstall.exe"
For easier copy and paste.
Since people asked, I made a video to show you how to make a powershell script for the less tech savvy, that can be found here:
I highly encourage on your own time you look up the meaning of some of the functions so you understand what the script is doing and not just taking some dude on the internet and running it. Let me know either here on reddit or on the YT comment if you run into problems.
This is not working for me. It cant find the file although I can see that it is in the location that your code shows.
15 more replies
84 more replies
TL;DR Yes we run a driver at system startup, it doesn't scan anything (unless the game is running), it's designed to take up as few system resources as possible and it doesn't communicate to our servers. You can remove it at anytime.
Vanguard contains a driver component called vgk.sys (similar to other anti-cheat systems), it's the reason why a reboot is required after installing. Vanguard doesn't consider the computer trusted unless the Vanguard driver is loaded at system startup (this part is less common for anti-cheat systems).
This is good for stopping cheaters because a common way to bypass anti-cheat systems is to load cheats before the anti-cheat system starts and either modify system components to contain the cheat or to have the cheat tamper with the anti-cheat system as it loads. Running the driver at system startup time makes this significantly more difficult.
We've tried to be very careful with the security of the driver. We've had multiple external security research teams review it for flaws (we don't want to accidentally decrease the security of the computer like other anti-cheat drivers have done in the past). We're also following a least-privilege approach to the driver where the driver component does as little as possible preferring to let the non-driver component do the majority of work (also the non-driver component doesn't run unless the game is running).
The Vanguard driver does not collect or send any information about your computer back to us. Any cheat detection scans will be run by the non-driver component only when the game is running.
The Vanguard driver can be uninstalled at any time (it'll be "Riot Vanguard" in Add/Remove programs) and the driver component does not collect any information from your computer or communicate over the network at all.
We think this is an important tool in our fight against cheaters but the important part is that we're here so that players can have a good experience with Valorant and if our security tools do more harm than good we will remove them (and try something else). For now we think a run-at-boot time driver is the right choice.
For context, I work in information security. Given that it’s difficult to verify these claims by inspecting the driver (one of the goals of anti-cheat, after all), will you release any public versions of the vulnerability audits? While I would like to trust Riot, many companies have classified severe vulnerabilities as minor.
Personally, I dislike this implementation. It may make sense to Riot in a vacuum with their own games and player base, but we play many games from various developers. If everyone opted for system drivers for anti cheat in multiplayer games, the chances of severe vulnerabilities on a system with various games go up. Not every developer follows rigorous code-writing policies or performs vulnerability audits on their software.
"The Vanguard driver does not collect or send any information about your computer back to us."
"it doesn't scan anything (unless the game is running)"
Thank you for the clarification, this is mainly what I was looking for.
You guys are aware of of the issue with Sony doing the same thing several years ago and it allowed hackers to access people's PCs?
I'm all for stopping cheating. But installing a literal rootkit is not the way to do it
At best this will be very bad PR for Valorant.
At worst you guys gonna get sued in USA over it... (I'm in Canada btw)
How do we know it's not being used by Tencent to spy on players? Because you said so?
Everyone should be very very upset and concerned by this.
id assume VGK loads at system start to prevent people using vulnerable drivers to either run their own code and or load unsigned drivers and will prevent the vulnerable driver from loading or prevent valorant from running after.
if this is the case i do see one hole in this form of security, you only know about publicly known vulnerable drivers. there are many other drivers that could be used other than what ill call "Driver C" because of, well the first letter. I know of one that is not only a very common driver but is also their latest version of that driver so I don't see how you could differentiate between someone using it to load cheats or is just wanting to use it for its intended purpose. not to mention the person who discovered it submitted a report in 2019 to the company and Microsoft, who both are still yet to acknowledge it, I've even gone as far as to contact my university to help him get the driver a CVE & fix but due to corna it seems that has been put on the back burner.
im not sure as to how much the advantages outweigh the disadvantages, especially to the trust of the game, would you care to explain what swayed the team's decision in favour of this?
Relevant Lord Gaben about VAC
There is also a social engineering side to cheating, which is to attack people's trust in the system. If "Valve is evil - look they are tracking all of the websites you visit" is an idea that gets traction, then that is to the benefit of cheaters and cheat creators. VAC is inherently a scary looking piece of software, because it is trying to be obscure, it is going after code that is trying to attack it, and it is sneaky. For most cheat developers, social engineering might be a cheaper way to attack the system than continuing the code arms race, which means that there will be more Reddit posts trying to cast VAC in a sinister light.
May I ask about accessibility software? I create custom AHK scripts for clients with limited use of their hands (such as RSI, missing fingers, etc), often times these scripts are paired with adaptive controllers.
Most of the scripts I make allow users to toggle things that the game often doesnt allow them too, or presses multiple buttons at once (sometime with a timings between them). For example in Valorant I've had a request to make a toggle run / walk key. All these scripts are aimed at making the users time spent playing more comfortable.
If it's a multiplayer PvP game I aim to get the go ahead from the devs before I start building things for people, and in the past there has been fair concern and pushback from some companies because of the "slippery slope" that these type of things can bring. On the other hand, some companies have even gone as far as to replicate the functionality of our accessibility software straight into their game, specifically ArenaNet built in a script that thousands of my users were using into Guild Wars 2.
I'm worried that such an in depth anti cheat will get my users suspended, but without it most of them are unable to play, or atleast cant play comfortably for very long. Is this something I need to be concerned about? Will these be judged on a case by case basis? Thankyou.
soo its a rootkit. we have seen how secure are those before. remember Sony music CD ? on top of that riot is owned by tencent
As much as I want to believe this line "The Vanguard driver does not collect or send any information about your computer back to us." it gets proven time and time again this is false. Doesn't exactly help your case being a Tencent company and all as well.
Consider informing users of what is being installed on their machines when they go through the installation process, rather than forcing them to do digging to find out that your code has done this.
Will you consider implementing an option to NOT run the driver at system startup by default, and prompt for a restart upon launching the game? I would feel much more comfortable compartmentalizing my play sessions in such a way that the driver is never running unless I am playing the game.
so if I were to use cheatengine for a singleplayer game for example would it have any effect?
Don't you think this whole thing is a little overkill?
Yes, cheaters are bad but if there's a security flaw in the driver that gets exploited, you've just created the next ILOVEYOU.
Not to mention Riot's almost certainly opened themselves up to fines under the GDPR.
I hope you realize this isn't a game you can win. Solution to Ring 0 anticheat measures? Ring -1 cheats, so people just move on to use hypervisors if they want to screw with your games, while you leave your legitimate players with potentially buggy and damaging latent malware installed in their systems.
We've tried to be very careful with the security of the driver. We've had multiple external security research teams review it for flaws (we don't want to accidentally decrease the security of the computer like other anti-cheat drivers have done in the past).
Would you care to give us links to those audits? They don't have to be in-depth about the possible security flaws they might have found or even mention how the system works at all, it's just to confirm that said security research teams actually do exist and it's not something you just literally made up to save some face.
The Vanguard driver does not collect or send any information about your computer back to us.
You pinky promise? Cool. I see no reason not to trust a large corporation, owned by even larger corporation that shares user data with communist chinese government /s
Too bad any chance of Linux support is out the window with your Anti-Cheat...
Is there a chance the anticheat could get compromised and be used to spy on user's login/bank credentials?
It's no harder to corrupt memory of an already running program than it is to load cheats before starting the anticheat.
Nah mate don't trust you on this one.
I don't like that it is that way. I have never cheated but I personally think there should be some option to turn it off. I am playing mutliple games and I still fear that the 20 thousand different anti cheat systems will interfere with each other and might get me banned somewhere else. Isn't it possible to implement a feature that it is turned off and if you wanna start the game, then you have to restart to turn it on AND you have a display somewhere that it's currently running? No one wants cheaters and I am all with you in the fight, I still don't want to get banned because let's say XIGNCODE3 from Black Desert Online detects Vanguard as Anti-cheat or vise versa. Cheating is a big issue especially in F2P games, I would even pay 15€ for a Premium Status that prioritizes matching me with other premium people (I think CS:GO had a similiar system).
this is such a shame and a breach of trust... i have loved this game so far have played so much but this is a deal breaker.. companies have been known to exploit the need to find cheaters with kernel anti cheats... esea for example.. not only that but we have to trust that it wont be compromised? and the recent issues revolving tencent i just dont think "just trust us lol" is good enough.. it needs to be clearly displayed and easily toggle able
TL;DR Yes we run a driver at system startup, it doesn't scan anything (unless the game is running), it's designed to take up as few system resources as possible and it doesn't communicate to our servers. You can remove it at anytime.
Yeah guys lets all trust a company to have a program on our PC's turned on all the time. We all know companies always do whats best for us and not their shareholders. Never in the history of mankind we consumers were fucked by companies. Yeah guys it's fine let them have acess to your computer ALL THE TIME even when the game IS NOT running...
What could go wrong? I want to thank you Arkem for clarifying this, and convince me and hopeful others to not install this spyware of a game.
So I am commenting on this as a Cheat developer.... a long time well known developer. I have basically bypassed every single anticheat ever created. This is what I do for a living and sometimes it works out well.
I was alerted to this thread about Valorant as many people in the recent days have been asking me to take a look at this game and its anticheat. While I still haven't decided if this game is worth my time (no offense to anyone developing the game but games are dime a dozen these days and most shooters die in a few months) or not. I don't even have an account for this game and while I do have a league account... I never made cheats for LoL either and actually don't cheat while playing games myself.
After reading through this thread extensively.... the presence of a boot-time driver is a useless and invasive technique. Many people give it pause because of what can be added to that driver in the future and because of the corruption that has happened in the anticheat world in the last years. Everything from password theft, to account theft to bitcoin miners to corporate espionage.... anti-cheats are not cast in any better light than cheats themselves are.
Any boot time driver will be defeated, and by creating a huge wall that prevents cheats; the only thing you serve to do is push up the price of cheats. You also just result in more people (players) getting scammed by fake cheat developers or by cheats that get their accounts banned (although this doesn't stop cheating as people who want to cheat just obtain more accounts, and for any game that is cheap or free this is an even bigger problem).
I have thought for many years about developing my own anticheat to show all these "anticheat devs" how to actually build an anticheat. The goal of any anticheat should be to prevent game-disruption level cheats and to make the playing field as fair as possible. However when you look at clients like EAC, BattleEye, ESEA, Esportal, and others they are all inherent failures. Even FaceIT client is a failure in that regard (despite their big money contracts and specialized privileges for windows through MS partnerships) there are still cheats and ways to cheat on FaceIT.
It seems so far in reading this that the goal of Valorant is to "prevent" cheaters. By creating a secure wall for the game and its user-mode/runtime client to detect cheats. However that is only following what the rest of these failure clients have done. Let me elaborate on what I mean by that:
You will never defeat all cheats, and you will never make it impossible to cheat. You will only increase the cost of entry to cheat. Allowing those with the deepest pockets to win everything with the most complex of cheats while everyone else will lose. Those who rise to the top will be exempt from these rules (just as it is in other esports games like CS) and as such nothing will change.
In my observation; only FaceIT SERVERSIDE client has been close to what I would consider a "success" by anticheat standards. This is a heavily modified version of SMAC for CSGO with some AI aimbot detections and a few other timer based detections.
The reason I consider this "serverside" anticheat such a success is because it blocks most all cheats while also blocking no cheat at all. This is such an effective method because it effectively creates an "even" playing field for all players. Nobody is able to do anything outrageous no matter what kind of cheat they have so everyone (even cheaters) have to play by the rules. With this being said; certain types of cheats do give people an edge... and that is not something you will ever be able to prevent. However the edge given is much smaller and while taking this approach would mean that there are plenty of "cheats available" for the game the cheats won't do very much and many people won't bother. Infact cheaters in these scenarios often get bored of using the cheats because of their lack of any real advantage.... those who need a little bit of an edge but are generally worse players will play at the same level as better players who are legit.
So how do you achieve such a thing? You prevent the fundamentals of cheats at a server level. Measuring reaction time for corner peaking (prevents aggressive triggerbots, which are highly disruptive), measuring angles for invalid angles (preventing spinbots and 3d perfect-accuracy aimbots), using PVS (possible visible scenario) technology to prevent the sending of data to players clients before they should be able to start to see a player (might be similar to this fog of war I see you talk about), and measuring player input speeds for preventing things like perfect bhop and perfect autoshoot. If you measure the angles of players aiming also; you will prevent auto headshot aimbots that aim at the centers of your players hitboxes or bones (there are ways around this, but randomizing where you aim makes the aimbot in general much less effective especially at a distance). You also want to monitor the movements of players on the map and account for lag but measure player travel speeds to prevent any type of speedhacks. Lastly you want to monitor the order in which commands are sent and what is possible through interpolation to prevent rewind hacks like "backtrack" which exist in CSGO. Combine the above techniques with a final skill based matchmaking system like "FairFight" and you will essentially pit the "cheaters" with other "cheaters" and people who have the same skill to play with those cheaters and avoid any game-disrupting scenarios that cause people to quit.
If you truly care about cheating in the game then you would want to implement what I wrote above and ignore this boot-driver garbage that will just be bypassed by cheat devs with private cheats sold to the highest bidders. Even combining the above technique with your boot driver technique is less effective.... this is because the smaller edges that cheats give are more valuable in a game where cheats are blocked for "the masses". Instead if people who "want to cheat" and "can afford it" just purchase these "legit cheats" that will pop up on the market... you only have to deal with cheats that get very popular (through some type of in-game / runtime anti-cheat that deals with signatures and the such). VAC had quite a bit of success with this throughout the years as cheaters were very discouraged after getting banned, despite having a "cheating streak" before that. Delayed bans are definitely useful in this regard.
I remember years ago playing planetside 2 which had an "aggressive anticheat" that used some sort of a driver (I never bothered to look at it) and after dealing with players who teleported through the map stabbing everyone in the back a few times I just simply quit the game. My entire group of friends also quit the game due to these game-disrupting cheats and this is essentially what people are fed up with in CSGO. I saw the same thing in League of Legends years ago with these "crit hacks" that I was on the receiving end of and combined with people botting; ultimately made me and my friends quit LoL also.
VACNet and VAC in general (combined with casual SMAC anticheats) have curbed cheating to some extent that cheaters are often matched with cheaters and people who disrupt games have to go through a great deal of hoops to get back into the game. Forcing them to change their ways or keep purchasing hardware.
So in summary, its best to "allow" some form of cheats to be sold to the public by various developers but curb what is possible with cheats from the get-go. By having a range of "accessable" cheats on the market, it makes for a much easier crack down on popular cheats that may get out of hand. It also saves tons of money on the anti-cheat side because you don't get into this never ending cat-mouse war that has been going on for decades now.
You can choose to listen to me and re-think your strategy or you can choose to go down the route you have already chosen. Just understand that I have more experience in this industry than almost anyone else at this point and I have seen both sides arguments forever. There is no way to "win" as an anticheat dev, just as there is no way to "win" as a cheat developer. Both sides are paid for their respective jobs and honestly cheaters are typically pretty content playing with other cheaters, and regular players are also content with playing with cheaters that they don't know are cheating. The main thing that makes a game "fun" is competitiveness / competition. When you are winning too easily or losing too harshly you tend to get bored and move on.
If you would like to contact me directly you can add me on Telegram or something as my details are pretty public on the internet. I would be more than glad to help to guide you in understanding what the best path to take is to make this game truly a long standing successful game that everyone enjoys playing.
I'll be avoiding this game like the plague moving forward, then. I, for one, am not happy about having a program running in the background that I have no control over that runs with elevated privileges non-stop, and "come on, trust us" isn't enough, and means absolutely nothing from a company owned by Tencent.
So our PCs might be eventually exploited via your driver only when the game is running? Do we get that information upon installation or have I missed it?
Should I have a webcam recording everything I do so you can verify that I'm not cheating? Or do you want the keys to my house just so you can check in and really be sure? Oh but it's fine because "you should trust us we totally won't abuse the privacy infringement we're forcing on you."
And it's the correct choice, it's the only way to catch the sweaty nerds that are cheating
You know, by doing it this way it just became a challenge. I don't play Riot games out of principle, and I usually don't develop cheats, but by building such an invasive piece of technology all you've done is painted a target on your back.
This has just become a challenge to break your kernel driver, just to prove how pointless this unnecessarily invasive technology is (and why you should have better server-side validation of client actions instead, but you're too cheap for that).
Did you work on league of legends security and if so, was Valorant harder or easier to setup? I would imagine league was easier as so many things are server side.
Any comment on the cheating programs that have already popped up
Ok, so, question: if we can simply uninstall the driver at any point the game's not running, and it not being active all the time is what allows for some additional cheats to get through, then what's stopping people from taking advantage of that potential vulnerability anyways by just uninstalling it, pre-loading their cheats, and then reinstalling the driver again? From what you've described, it sounds like this is going to affect the average user who can't be assed to do this every time, more than cheaters who are already exploiting every vulnerability they can.
And additionally, if it only does cheat detection when the game is running, then how does it always being active help prevent cheaters?
I'm not sure if this is because of that driver, but I tabbed out of game and closed it from the windows screen, PC essentially took a shit, couldnt shutdown via start menu, had to turn it off via power button and got stuck in a boot loop, couldn't even get to automatic repair, it'd just black screen, never happened before, only thing I could think of was the Valorant anti-cheat, after about 30 restarts it just sorted itself out. But still, thought I'd mention it.
Any update on the cheater situation? And the fog or war system already been contested if I’m right in saying so or is the fog of war system still not implemented?
This may or may not be related, but is there any issue of the anti-cheat being triggered in a virtual machine with PCIe card passthorugh'd? My main machine is a server/workstation hybrid.
How does driver help with detection of cheats loaded before the game runs, if it doesn't do anything until the game runs?
The Vanguard driver does not collect or send any information about your computer back to us.
I don't believe you one second about this. You pretty much installed a rootkit on other people PC. What you did should be illegal.
But I have no way to know if it scans stuff, and it’s been causing people a lot of performance issues, so at least one of your statements is false. What do you think about releasing the source code? I don’t think very many people are ok with having anti cheat that could possibly be scanning your computer at all times, or could have a vulnerability that wasn’t found
What's stopping cheaters from just putting the driver in a lower ring cage and impersonating it?
Is it possible to have an option so it behaves as follows: have it not load automatically on start but then if you want to play valorant you have to restart your computer?
For people who would play valorant maybe once a week or similar I think this could be fairly useful, but im not sure how viable it would be.
We've tried to be very careful with the security of the driver. We've had multiple external security research teams review it for flaws (we don't want to accidentally decrease the security of the computer like other anti-cheat drivers have done in the past). We're also following a least-privilege approach to the driver where the driver component does as little as possible preferring to let the non-driver component do the majority of work (also the non-driver component doesn't run unless the game is running).
My main concern with this is handing off privileged info to unauthorized processes. Does the driver do some verification of the non-driver component's "identity" before disclosing data? Like a digital signature check on the process opening its I/O devices? Or can any admin-level process connect and probe kernel address space via Vanguard?
My opinion is still going to be a hard line in the sand of unacceptable. I closed LoL on the 7th and over the next 48 hours it dumped over 100GB of crash logs onto my C drive(where LoL was not installed). Thankfully I have the ability to pull my drive and delete the file from another device because my computer would not boot(Windows 10 needs more than 22MB to boot).
Yes we run a driver at system startup
This shouldn't be the goddamn case to begin with.
I was wondering why I had to restart the computer the first time I installed the game. The fact that I had to find someone else who investigated this which led to this post on Reddit rather than be informed as part of the software installation as to what's going on is the first indication to me that I can't trust your company.
Second to that is the fact that installing a kernel level driver is the dream of every malware in the world. They usually need me to restart my computer after they install, but that means I can catch them with antivirus before that happens. But you've done the work for them. All they need is a way to hook into your driver. You aren't going to know every bug your driver might hit because it's a bug and it hasn't been found yet.
Finally, I use my computer for more than just playing your game. I have risks to manage and I can't accept not knowing the risks YOU'RE willing to manage in your software because now you've made them not only my risks, but my highest priority risks by elevating them to the highest privilege on my system.
I found the game sorta fun, but I'm not keeping it installed until you change your anti-cheat methods and remove the kernel level driver from your software. I'd rather lose a match to a team of cheaters than risk my entire computer and everything that goes through it every day.
Wtf No. There is a reason why leading ACs dont do that. Hell naw, fix this shit or get lost.
This is good for stopping cheaters because a common way to bypass anti-cheat systems is to load cheats before the anti-cheat system starts
Which It wouldn't detect because you just said it's only scanning when the game is running?
Fuck you.
This presents to great of a security risk for me, especially since I'm working from home. Please consider altering the anticheat so it only runs when the game is open. I'm not willing to trade security for marginally better anticheat.
Running the driver at system startup time makes this significantly more difficult.
This is wrong. I can easily pre-patch system functions prior to initialization. It is extremely easy to even make it launch as a system service, and trick the driver to appear as if it launched at startup.
Well that's unfortunate, I was looking forward to this game. Regardless of if you've consulted industry experts (to which I would like to know who those companies are) introducing even a signed driver on startup can create a security risk. There are also valid reasons to disable driver signing outside hacking and cheating. There are other very successful anticheat systems out there that do not utilize such an invasive system that is very much effective in the fight against cheaters but this is simply too much at least for me to accept as a reasonable approach. While you're right about putting our trust in riot, you're track record and company association is working against you on that front.
EDIT: I'd like to point out, that getting your driver digitally signed by Microsoft is a great first step. It shows that you genuinely care about your software and methods. You are simply taking a bigger risk than any other company has in the past, and I really hope this doesn't start a trend. Also, I'm not saying your anti-cheat doesn't work, I'm just more adverse to invasive practices as I also work in the IT field and have to take these types of solutions into account every time a piece of unapproved software is installed on any of my user's workstations. I would say there's no way a piece of software like your anti-cheat software would be approved in our environment, albeit gaming software isn't going to installed regardless, but still if there's some kind of license checking software that provides the same functionality as your anti-cheat, it would be turned down in a heartbeat. The only kernel level software that I can think of that would be acceptable is the intel management engine. I hope you reconsider, but it seems you're dead set on this solution being the only way.
You guys do understand what kind of potentially critical security flaw this is right?
Welp, thanks for telling me to stay away from all Riot Games productions in the future, my dude. If your company at all thinks this nonsense is EVER acceptable, you're getting no more of my money going forward. I'm not going to risk the stability of my system to a program that forcibly runs at startup, with administrative privileges no less, without properly informing me of the fact it is seeking these permissions. You're causing a massive, gaping security hole in the systems of your users, and it's utterly shameful you're trying to sell it as a feature. Not to even begin to go into how trash your company has been at coding... well, anything!
I am considering a lawsuit. I dont think installing a kernel driver is an acceptable way of dealing with cheaters. Especially when you dont inform the users about such risky additions to their system.
If it can just be uninstalled what's the point? Does the game still operate without that component of the cheat system gone?
"It can be uninstalled at any time". Until the next time you play the game where we automatically reinstall it. Have fun running that uninstall EVERY TIME.
Question: Can you provide some kind of logistical explanation why you chose to use a program that installs at the root level of security (aka Ring 0), and is part of our boot process now instead of running only while the relevant application is being used (like nearly every other anticheat software out there)?
And how, as head of a security team, do you justify doing a process that can potentially become a backdoor for someone to gain absolute control of a machine from bootup but is only used for a single application on said machine?
Edit: Consider if you will how other systems like this in the past got misused.
Securom ringing any bells? How about safedisk?
Further Edit: A friend brings up a great point that this feels like a bit of corporate laziness. This helps you guys get cheat data much more reliably and easy but at the cost of our overall system security, safety, and integrity. You've given yourselves a sort of backdoor, promise to use it legally and honorably, but don't seem to care that historically other people take advantage of these to do less legal and honorable things.
Especially when your majority stakeholder Tencent has made some major bad public relation choices in the name of censorship for Glorious China. The miracle country with no more COVID-19 outbreaks.
I was not aware of this and am not OK with it. I have installed Valorant (not impressed BTW, but whatever). Will uninstalling the game remove the driver and the anticheat software? How can I confirm this driver, and the rest of whatever you have decided to place on my PC outside of the allocated software install, is completely removed? Please provide instructions or a support link. Thx.
P.S. Anti-cheat shouldn't work like malware. FFS you already have cheaters just days into your beta, so whatever you did didn't even work. Get yo shit together.
Cool - you made a root kit. I haven’t bought a Sony product since Sony decided to install a root kit on my computer from a cd I bought ~20 years ago.
Thank you for assisting me with any Riot purchases in the future. Great job, buddy.
Is it possible that this could lead to false positives if the driver detects an odd program such as the old fubar music player or something along the lines of that?
i take it this will be the same anti-cheat that is planned to be implanted to the league client in the near future ?
Does it work with Shadow Streaming service? I've heard you guys ban people playing with Shadow
I have several reverse engineering tools I use on other games (not to cheat). I do not run any when playing Valorant for obvious reasons, is it safe to have them installed on my machine and I won’t get flagged?
Are there countries where this can be illegal to do so without a computer owner's permission? If so, what do you guys do in that situation?
Everytime big companies says they dont spy on you they still do though. Imma still click i agree Nd accept shot without reading but this whole block of text is probably just another fake stress reliever for the doubters. Only way for us to truly know is for you to reveal its actual code and thats never happening. so yea..
You say it can be uninstalled, but I'd guess the game wouldn't let you in then if it's not running? So it's essentially required if that's the case and if it's not then what's the point of having it if it's not a requirement. You should be able to opt-out during installation of the game if it's not actually required.
I work with tools commonly used for cheating such as Ida, x64dbg and my own custom hypervisor. I'm aware all these and exspecially the hypervisor will get me banned while the game is running, but seeing as your Anticheat starts on runtime are you going to ban me if I use those while the game is not running say I load my hypervisor then unload it before starting the game. Im happily playing vanguard without cheats and I'd hate to have to dual boot just to not get banned and still work.
i still don't like this, even if i trusted you. You have to find another way. I don't want to have a software from a game impacting my pc even when i'm not running that game.
Hey, I’ll take advantage of this to ask a question. Are you guys looking into why vanguard causes frame drops in other games (such as war zone for exemple)? Are we gonna see a fix for that soon? How can I fix it in the time being? Thank you for your answer!
Would you consider open sourcing the anti-cheat system or at the very least the driver? If it is properly written, it should not help cheaters bypass it and would allow third parties to examine the system for its safety and thus increase the public trust.
If I remove this to test something, will I have to reinstall the game or will it just re-install the driver and request reboot again the next time I launch? I ask because ever since installing Valorant, I am unable to close out of Escape from Tarkov without either completely shutting down my computer or creating a new desktop. Alt+F4/ALT+CTRL+DEL do not work. EFT came out with a patch the same day I installed Valorant, so it's hard to say if it's Valorant, but I'd like to rule it out by removing, testing EFT a couple times, and then re-installing.
246 more replies
Is this compliant with GDPR? What data are you collecting and how are you storing it? What is the main way you store it? Where are you storing it and why? Does it leave the borders of Europe while transferring? How long are you storing data? Can I see and remove the data somewhere? /u/RiotArkem ?
They say they aren’t storing or sending any data from your pc.
Do I believe it? No
5 more replies
They wrote an article about this https://na.leagueoflegends.com/en-pl/news/dev/dev-null-anti-cheat-kernel-driver/
Love people taking the dev's word.
This is Riot Games, owned by Tencent. Maybe read up on that conglomerate :). They have on other games been clear that all data is funneled to China and thus they don't have to obey GDPR laws ( completely illegal ). See the ring of elysium page on steam and their TOS.
a kernel mode driver for a game. cool... was considering passing on this game and now 100% passing on it.
can you elaborate on how you turned this behavior off? i'm a bit concerned that this will get buried under clips and ppl spamming about keys. this is likely nothing serious, but is certainly something worth looking into, given who owns riot...
Yeah, just find "C:\Program Files\Riot Vanguard" and change "vgk.sys" to "vgk1.sys" or any other name, then restart your PC. You'll have to rename it back and reboot again when you want to play Valorant.
press windows + R and run "msconfig". in the services tab you see all autostart services and can activate/disable them. restarts maybe requiered.
exactly how I feel about this driver.
They can as well just scrap it now. Doing it the intrusive way and cheaters still persist. What comes next?
Already bypassed? Then this whole thing is fucking pointless?
Their Anti-cheats job is detect cheaters not insta-ban or stop cheaters use apps so its easier for Riot to quickly ban them.
2 more replies
There is a post in r/pcgaming where they say that the anticheat is not deleted when you remove valorant. I will want to know the reason for this to be honest, why do you need an anticheat for a game you don't have?
Its abhorrent. How much of the general player-base expected Valorant, and soon vanguard for league of legends, and riot games to install an extreme security risk on your pc, number 1, for it not to be removed after uninstalling valorant, 2. How would I check to make sure even uninstalling vanguard has not left any marks on my system?
I just installed vanguard thinking hey its an anticheat so what, didnt expect it to be this sort of thing. My fault but again this was totally unexpected.
To people without properly updated systems and drivers I guarantee its going to cause widespread problems too.
Imagine trusting a Chinese owned company to install something that can be easily exploited to get info directly from your computer.
2
Very Hyped
Giga Uber Hyped
