Valve isn't likely to make SteamOS the kind of platform that facilitates intrusive* anti-cheat** or which is locked down in a way to prevent cheating at the client side. This means that a number of competitive multiplayer games will never run on it. I think in this regard, consoles still have an advantage*** if you're into those kinds of games.
* I don't care what the intention is, they are _objectively_ intrusive.
** Last time I argued this, someone seemed to assume that I was claiming that writing Linux kernel drivers is harder than Windows kernel drivers. I am not arguing that, you need some kind of trusted party enforcing signed kernel drivers and a signed kernel in order to make KLA sufficiently hard to bypass.
*** In terms of the average Joe just wanting their game to run rather than having to think about the ethical implications of buying hardware you don't actually own or running an OS which gives control of your hardware to various corporations (but not you).
> Valve isn't likely to make SteamOS the kind of platform that facilitates intrusive* anti-cheat* or which is locked down in a way to prevent cheating at the client side. This means that a number of competitive multiplayer games will never run on it. I think in this regard, consoles still have an advantage** if you're into those kinds of games.
Depends on just how successful SteamOS gets. If it start to have a significant market share, competitive multiplayer games might start to find it hard to ignore it. Though how they decide to deal with that, I have no idea.
I think Valve see a future for anti-cheat where most of it is behavioral analysis. Client-side anti-cheat is a big game of cat and mouse. It does make cheat harder to develop, but to a point where the customer is impacted. Post game analysis cannot be countered "technically". Cheat would need to mimic a real player behavior, which at the end is a success. If you can't tell if a player is cheating or not, does it matter that they are ? Although for things like wallhacks, it might be harder to detect.
"you can't tell if a player is cheating or not, does it matter that they are"
This is basically effectively where KLA has gotten to. There are still plenty of cheaters, people just don't realize.
I think it does matter in a strictly moral sense, and if people were more aware of how bad the problem is, they would likely be outraged. Alas, since they can't see it, they are not aware of it, so there is no outrage and the games companies are satisfied.
I think the assumption that Valve would choose user protection over getting games to work is flawed, they want openness where possible because they see it as a competitive advantage. With VAC they clearly think that maximally invasive anti-cheat isn't necessary so maybe they'll try to push providers in that direction?
Valve thinks it's not necessary and it's still in the air if it really isn't.
They have bet on the behavioral analysis anti-cheat horse but it hasn't won any races yet.
Moreover, they've proven that it's certainty more difficult to get it working than regular old fuck-the-end-user anti cheat.
Lastly, don't assume that the success of the platform will persuade these companies. They were already firmly un-persuaded when the steam deck got popular. And really, I think the popularity of a platform depends on the support of these companies more than the support of these companies depends on the popularity of a platform.
There is a real need for anti cheat / certified hardware. Valve is uniquely be positioned to address it because they have trust from the gaming community. Ideally a single anti cheat mechanism would be shared by all software vendors. Online games could request "console mode" involving hardware key exchange. Done right this wouldn't have to be invasive like current anti cheat.
It's either invasive anti-cheat on a vendor controlled platform or it's a totally locked down vendor controlled platform, there are no other options in the client side anti cheat space.
Given that valve refuses to use KLA for their own competitive multiplayer games, and has gone out of their way to not make their hardware locked down, I really dont think they will go down the path of making a locked down platform or facilitating intrusive anti cheat.
Is it truly either-or? Obviously the root of anti-cheat needs to be totally locked down, aka the TPM. But almost all "open" computers have a locked down TPM. The TPM doesn't need to prevent you from running an unsigned firmware, kernel, modules or user software, it only needs to report on whether you are / have. You can reboot your computer into "trusted" mode and run your games with anti-cheat. Then when you're done playing you can as much unsigned software as you want.
You ask if it's either intrusive spyware or if it's a locked down system and then describe dual-booting intrusive spyware.
A TPM is entirely under your control. It's designed in such a way that you can't do certain things with data within it, but that's not because (at least in theory) someone else can and is controlling your TPM to prevent you from doing those things. The TPM, unlike an installation of Windows, doesn't only listen to Microsoft.
What I'm describing is exactly the situation now. Many people dual boot Windows & Linux, with kernel level anti-cheat on their Windows partition. The existence of Linux on the same computer does not prevent the kernel level anti-cheat from working on Windows.
Similarly, the presence of unsigned software on a computer would not stop a Linux kernel level anti-cheat from working, and the kernel level anti-cheat shouldn't prevent the unsigned software from working. Once you run that unsigned software, your machine is tainted similarly to the way your kernel is tainted if you load the NVidia driver.
I wonder if it’s possible to implement anti-cheat as a USB stick. Your GabeCube or gaming PC would stay open by default, but you could buy an anti-cheat accessory that plugs into a free USB port. Connecting that device grants access to match making with other people who have the device.
There are several products that rely on a USB device like this for DRM solutions. It’s probably much easier to unlock static assets than validate running code, but I don’t have insight on the true complexity.
>I wonder if it’s possible to implement anti-cheat as a USB stick. Your GabeCube or gaming PC would stay open by default, but you could buy an anti-cheat accessory that plugs into a free USB port. Connecting that device grants access to match making with other people who have the device.
What does the USB stick actually do? The hard part of implementing the anti-cheat (ie. either invasive scanning or attestation with hardware root of trust) is entirely unaddressed, so your description is as helpful as "would it be possible to implement a quantum computer as a USB stick?"
* I don't care what the intention is, they are _objectively_ intrusive.
** Last time I argued this, someone seemed to assume that I was claiming that writing Linux kernel drivers is harder than Windows kernel drivers. I am not arguing that, you need some kind of trusted party enforcing signed kernel drivers and a signed kernel in order to make KLA sufficiently hard to bypass.
*** In terms of the average Joe just wanting their game to run rather than having to think about the ethical implications of buying hardware you don't actually own or running an OS which gives control of your hardware to various corporations (but not you).