Another big area of Windows that uses kernel-level drivers is anti-cheating engines for games. Microsoft has been speaking with game developers about how to reduce the amount of kernel usage, but it’s a more complicated use case as cheaters often have to purposefully tamper with their machine to disable protections and get cheating engines running.
“A lot of [game developers] would love to not have to maintain kernel stuff, and they are very interested in how they do that,” Weston says. “We’ve been talking about the requirements there, and I think we’ll have more to say on that in the near future.” Riot Games told me last year that it’s willing to follow potential Windows security changes and “recede from the kernel space.”
I don’t know if this is Windows trying to stop hemorrhaging users to Linux, but if they go ahead with this it will likely hilariously backfire and make multiplayer games become even more compatible with Linux.
It’s MS trying to not have another meltdown like CrowdStrike. They tried to do it with Vista, and they pussied out when all the same fucks cried out ‘but we can’t fuck with the OS like a bent-over ho’, and so MS let it slide in the ‘eventually’ to-do bin until it was demonstratably their fault for not clamping down on kernel access.
Also lol “willing to follow”, as I understand it MS isn’t giving them an option or opinion this time around. Gtfo of the kernel or your shit will stop working. I think the deadline is 2026, but it’s been a while since this was all announced.
sp3ctr4l@lemmy.dbzer0.com
on 26 Jun 22:00
nextcollapse
I fucking called this after the Crowd Strike catastrophe.
MSFT would start massively reworking their entire concept of who actually gets kernel access, because uh, causing a Y2K event is uh, really bad, actually… and yep, that probably means the kernel level AC paradigm is no longer workable.
Fucking obviously duh, wow, turns out just letting any old ‘vetted’ vendor submit goddamned kernel level code updates without being strenuously verified each time is a bad fucking idea, wow, who could have guessed??!?
Another big area of Windows that uses kernel-level drivers is anti-cheating engines for games. Microsoft has been speaking with game developers about how to reduce the amount of kernel usage, but it’s a more complicated use case as cheaters often have to purposefully tamper with their machine to disable protections and get cheating engines running.
“A lot of [game developers] would love to not have to maintain kernel stuff, and they are very interested in how they do that,” Weston says. “We’ve been talking about the requirements there, and I think we’ll have more to say on that in the near future.” Riot Games told me last year that it’s willing to follow potential Windows security changes and “recede from the kernel space.”
I wonder whether solutions like Twincat for industrial PC/PLCs will be affected by this. Interfacing directly with the kernel and replacing the scheduler are, AFAIK, fundamental to making Windows viable for real time use.
GreenCrunch@lemmy.today
on 26 Jun 22:11
nextcollapse
An interesting question. Assuming they’re only targeting security/antivirus products at the moment (see the discussion regarding anti-cheat) it may be that those applications get a pass for now.
I’m just speculating. It seems like, at least at the moment, anti cheat continues to be able to run as kernel. The article says Microsoft will have more to say on anti cheat “in the near future.”
It may be that they don’t crack down on the realtime applications as hard, since the number of users impacted is so much smaller. Antivirus and anti cheat are on many millions of machines and are usable by the average consumer. Specialty software may be considered differently, I. E. “You know what you’re doing and what risks you’re assuming” for the more technical customer.
It will be interesting to see where they go with this.
mostlikelyaperson@lemmy.world
on 27 Jun 18:44
collapse
I could see some exception for windows 11 IoT being made, but I honestly don’t know.
threaded - newest
Cool. Do anticheat vendors next.
Do them now! Haha
I don't know if I'm reading it in the way it was intended, but I'm laughing my ass off.
“you could, like, fuck off with that shit”
“what does that mean” 🤔 🤔
I don’t know if this is Windows trying to stop hemorrhaging users to Linux, but if they go ahead with this it will likely hilariously backfire and make multiplayer games become even more compatible with Linux.
Steam is already rubbing their hands grubbingly.
It’s MS trying to not have another meltdown like CrowdStrike. They tried to do it with Vista, and they pussied out when all the same fucks cried out ‘but we can’t fuck with the OS like a bent-over ho’, and so MS let it slide in the ‘eventually’ to-do bin until it was demonstratably their fault for not clamping down on kernel access.
Also lol “willing to follow”, as I understand it MS isn’t giving them an option or opinion this time around. Gtfo of the kernel or your shit will stop working. I think the deadline is 2026, but it’s been a while since this was all announced.
Didn’t think I’d be excited about something Microsoft is doing, but this sounds great!
oh don’t worry, the future will be worse. My prediction: full hardware attestation DRM linked to your personal information.
Ah yes, like Apple does. This makes sense.
.
I fucking called this after the Crowd Strike catastrophe.
MSFT would start massively reworking their entire concept of who actually gets kernel access, because uh, causing a Y2K event is uh, really bad, actually… and yep, that probably means the kernel level AC paradigm is no longer workable.
Fucking obviously duh, wow, turns out just letting any old ‘vetted’ vendor submit goddamned kernel level code updates without being strenuously verified each time is a bad fucking idea, wow, who could have guessed??!?
Just have copilot check the code 🙃
Simple as
Just check? Write the code, even 😁
Vanguard is the only thing holding me to windows. Microsoft and Riot pls
I wonder whether solutions like Twincat for industrial PC/PLCs will be affected by this. Interfacing directly with the kernel and replacing the scheduler are, AFAIK, fundamental to making Windows viable for real time use.
An interesting question. Assuming they’re only targeting security/antivirus products at the moment (see the discussion regarding anti-cheat) it may be that those applications get a pass for now.
No I think they are limiting kernel access. These are just what moist people know that would use it.
What about us folks on the drier side of life?
Just Remember to take care of your skin
AKA crunchy people
I’m just speculating. It seems like, at least at the moment, anti cheat continues to be able to run as kernel. The article says Microsoft will have more to say on anti cheat “in the near future.”
It may be that they don’t crack down on the realtime applications as hard, since the number of users impacted is so much smaller. Antivirus and anti cheat are on many millions of machines and are usable by the average consumer. Specialty software may be considered differently, I. E. “You know what you’re doing and what risks you’re assuming” for the more technical customer.
It will be interesting to see where they go with this.
I could see some exception for windows 11 IoT being made, but I honestly don’t know.
Wouldn’t it have made more sense for them to improve the boot recovery process instead?
If the system fails to boot after a driver update, roll back the update and inform the user on startup.
AFAIK the Crowdstrike issue wasn’t a driver update, just virus definitions outside the driver, so your method wouldn’t have helped.
Here’s hoping anticheat goes with them.