Developers will be required to disclose if their game uses kernel anti-cheat. This applies to both new games and existing games. Non-kernel anti-cheat is encouraged to be disclosed as well, but it’s only mandatory for developers to declare if they’re using kernel anti-cheat for the time being.
It’s worth mentioning that many games use kernel anti-cheat on windows, but only use user space anti-cheat on Steam Deck and Linux.
I should probably mention some notable downsides to kernel anti-cheat as well:
Because kernel anti-cheat has full access to your PC, if any virus/etc can take advantage of a security vulnerability in the anti-cheat program, it gains absolute access to your PC.
Kernel anti-cheat needs special signing keys to get access to the kernel, but the more companies that get access to the keys the more likely it is to have compromised keys. Genshin impacts keys were compromised and used to sign ransomware, giving it full kernel access on any computers it was able to get on.
Devs have used kernel anti-cheat to secretly install Bitcoin miners on users machines
Kernel anti-cheat can be compromised and used to directly gain control of a users PC. Some apex legends streamers had their PCs compromised and cheats installed remotely through their anti-cheat during a tournament.
A lot of anti-cheat programs are created by Chinese companies or companies that are mostly owned by Chinese companies. China is well known for spying on users, and there’s a ban on a lot of Chinese hardware due to spying concerns and backdoors that the Chinese government requires to be in their devices. I think the invasive nature of kernel anti-cheat makes it an obvious spying platform, and I think it’s absurd to think that any anti-cheat coming from China isn’t actively spying on you.
I think it’s absurd to think any anti-cheat
coming from Chinaisn’t actively spying on you.Our data has proven to be very lucrative. The companies that make anti-cheat are also the types of companies that would want to cash in on our data.