Connect with us

Gaming

Riot addresses “kernel-level driver” concerns with expanded bug bounties

Published

on

Enlarge / Artist’s conception of hackers lining up for these new bug bounties.

Last week, we took a look at the new Vanguard anti-cheat system being used in Riot’s Valorant and the potential security risks of the kernel-level driver it utilizes. Now, in an effort to allow “players to continue to play our games with peace of mind,” Riot says it is “putting our money where our mouth is” with an expanded bug bounty program, offering more money for the discovery of Vanguard vulnerabilities.
Bug bounties aren’t new to the gaming industry or even to Riot Games, which says it has paid out nearly $2 million in such rewards since launching its bounty program in 2016. But Riot is now offering “even higher bounties” of up to $100,000 specifically for the discovery of “high quality reports that demonstrate practical exploits leveraging the Vanguard kernel driver.”

The largest bounties in Riot’s newly expanded program are available to attacks that are able to exploit the Vanguard driver to run unauthorized code at the kernel level—something of a nightmare scenario that could give an attacker full, low-level access to a machine—but exploits that merely provide “unauthorized access to sensitive data” will also be rewarded. The bounties apply to network-based attacks that need no user interaction, vulnerabilities that require user action (like clicking on a malicious link), and exploits that require “guest user” access to the system itself, in declining order of potential reward.

Offering bug bounties is an attempt to skew the incentive structure for potential Vanguard attackers, making it more lucrative to report flaws than to exploit them for use by cheating programs or hacking tools. Riot anti-cheat lead Paul Chamberlain said a similar issue of incentives was behind Riot’s decision to use a kernel-level driver for Vanguard in the first place.

Beating a kernel-level driver “requires a different (more strenuous) approach from cheat developers to attack,” Chamberlain told Ars. “For cheat developers operating at the kernel level, they need to work around the restrictions Microsoft places on kernel level software. This extra work reduces the incentives for cheat developers because their cheats become harder to make, less convenient for players to install, and just overall less profitable to sell.”

“We don’t expect that any protection will remain unbreached forever, but Vanguard’s protections are strong, and as cheat developers’ tactics evolve, so will ours.”

Earning player trust

In announcing the new bug bounties, a group of high-level Riot security employees wrote that they “understand the decision to run the driver component in kernel-mode can raise concerns.” That said, they also want to reassure players that “we would never let Riot ship anything if we weren’t confident it treated player privacy and security with the extreme seriousness they deserve.”

The statement reiterates that while the signed kernel-level driver runs at start-up “to prevent loading cheats prior to the client initialization,” a user-level client “handles all of the anti-cheat detections while a game is running.” At that point, the user-level client uses the driver “to validate memory and system state and to make sure the client has not been tampered with.” The driver itself “does not collect or send any information about your computer back to us,” they wrote.

“We’d never let Riot ship something we couldn’t stand behind from a player-trust perspective (not that we think Riot would ever try),” Riot’s security representatives wrote. “Players have every right to question and challenge us, but let’s be clear—we wouldn’t work here if we didn’t deeply care about player trust and privacy and believe that Riot feels the same way. We’re players just like you, and we wouldn’t install programs on our computer that we didn’t have the utmost confidence in.”

Continue Reading

Gaming

Patent detects in-game “collusion” by tracking “external connections”

Published

on

Enlarge / Call it a hunch, but something tells me these two players are working together…

Do you ever feel like your opponents in a free-for-all online game are trying to get you, specifically? It might not just be paranoia; it might be collusion among your opponents. And in a newly published patent, Electronic Arts details some potential tools and data points—both inside and outside the game—that it could use to detect and root out this unfair practice.

EA’s simply titled “Detecting Collusion in Online Games” patent, published earlier this month, defines collusion as when two or more players/groups that are “intended to be opponents” instead “contribute to a common cause” to “gain an unfair advantage” over others. In battle royale shooter, for instance, a small group of players communicating outside the game could stay together and gain a decided firepower advantage against their single opponents.

Many of the patent’s potential methods for discovering this kind of collusion use simple and obvious in-game data. If two or more ostensibly opposed players or teams show abnormal amounts of “time spent in proximity… without engagement,” for instance, there’s a good chance they’re working together. Even if those players show some cursory opposition at points, metrics like damage per second can be compared with the average to see if this is just opposition “for appearance sake.”

Dropping items that another team or player consistently picks up is another potential sign of collusion, as is the same player or players showing up on opposing teams consistently in match after match. Colluding players may also tend to finish in similar ranked positions during their matches, especially “once the unfair advantage provided by colluding is nullified” as some of the colluding players are eliminated.

Big Brother is watching (for collusion)

Beyond easy-to-detect in-game data, though, EA’s patent details other signs of collusion that can be gleaned from things like “social relationships and communications” and “third-party system connections and interactions” outside the game. That kind of data ranges from simple relationships like a “friends list” provided by the gaming platform to completely external relationships like “social media connection data.”

The patent mentions “a cross team shared community metric” that counts “the number of group or community memberships… where players from both teams are members.” Things like “the number of posts by a player in a particular community” shared with another player could also signify potential collusion.

Just some of the internal and external factors that EAs patented method could use to detect collusion among players.
Enlarge / Just some of the internal and external factors that EAs patented method could use to detect collusion among players.

Even “the content of extra-game communication” could be fed into the algorithm, according to the patent, such as “messages to a forum which players from both teams are participating.” A “machine learning algorithm” could be used to glean any collusion-related context from this kind of out-of-game communication, or a simple keyword search could be used, according to the patent.

To be clear, the patent is upfront in saying that any player data used in any of these detection algorithms “would be in compliance with privacy policies that respect players’ privacy, and in accordance with player privacy settings or preferences.” That said, there’s something a little Big Brother-y about the prospect of a publisher like EA scanning your Twitter posts and Reddit community memberships to see if you’re trying to coordinate cheating in their online game.

Then again, in a world where players will go to extreme lengths to hide their cheating using external devices, maybe this kind of external social graph analysis is needed to root out some of the worst colluders (or at least some of the least-careful ones).
In any case, having a patented design doesn’t mean EA is (or ever will) use this kind of system in the wild. For now, it’s just an interesting look at how one company is thinking about potential ways to detect the human side of online cheating as well as the technical side.

Continue Reading

Gaming

Report: FTC “likely” to file suit to block Microsoft/Activision merger

Published

on

Enlarge / Just a few of the Activision franchises that will become Microsoft properties if and when the acquisition is finalized.

Microsoft / Activision

The Federal Trade Commission will “likely” move to file an antitrust lawsuit against Microsoft and Activision Blizzard to block the companies’ planned $69 billion merger deal. That’s according to a new Politico report citing “three [unnamed] people with knowledge of the matter.”

While Politico writes that a lawsuit is still “not guaranteed,” it adds that FTC staffers “are skeptical of the companies’ arguments” that the deal will not be anticompetitive. The sources also confirmed that “much of the heavy lifting is complete” in the commission’s investigation, and that a suit could be filed as early as next month.

Sony, the main opponent of Microsoft’s proposed purchase, has argued publicly that an existing contractual three-year guarantee to keep Activision’s best-selling Call of Duty franchise on PlayStation is “inadequate on many levels.” In response, Microsoft Head of Xbox Phil Spencer has publicly promised to continue shipping Call of Duty games on PlayStation “as long as there’s a PlayStation out there to ship to.” It’s not clear if the companies have memorialized that offer as a legal agreement, though; The New York Times reported this week that Microsoft had offered a “10-year deal to keep Call of Duty on PlayStation.”

Numerous statements from Microsoft executives, including Spencer, have suggested the company is less interested in bolstering its position in the “console wars” and more interested in boosting its mobile, cloud gaming, and Game Pass subscription offerings. Beyond Call of Duty, Politico reports that the FTC is concerned over how Microsoft “could leverage future, unannounced titles to boost its gaming business.”

Microsoft “is prepared to address the concerns of regulators, including the FTC, and Sony to ensure the deal closes with confidence,” spokesperson David Cuddy told Politico. “We’ll still trail Sony and Tencent in the market after the deal closes, and together Activision and Xbox will benefit gamers and developers and make the industry more competitive.”

Plenty of speed bumps remain

The reports of a potential FTC lawsuit add to a growing list of troubling signals about the proposed purchase from various international governments. Earlier this month, the European Commission said it was moving on to an “in-depth investigation” of the deal. In the UK, a similar “Phase 2” investigation by the country’s Competition and Markets Authority has scheduled hearing for next month.

Those international investigations are expected to wrap up in March, ensuring the proposed deal won’t close before then and giving the FTC some time before it would have to file suit. Any such lawsuit would need to be approved by a majority of the four current FTC commissioners and would likely start in the FTC’s administrative court. And whatever the outcome, legal maneuvering in the case could easily delay the planned merger past a July 2023 contractual deadline, at which point both companies would have to renegotiate or abandon the deal.

An FTC lawsuit in this matter would also be a the strongest sign yet of a robust antitrust enforcement regime under FTC chair Lina Kahn, a big tech skeptic who was named to the post in June. Back in July, Kahn announced an antitrust lawsuit against Meta (formerly Facebook) and its proposed $400 million purchase of Within, makers of VR fitness app Supernatural.

Three months after Microsoft’s proposed purchase was announced in January, a group of four US Senators wrote an open letter strongly urging the FTC to take a close look at the deal. Last month, merger news site Dealreporter said FTC staff had expressed “significant concerns” about the deal. And this week, the New York Times cited “two people” in reporting that the FTC had reached out to other companies for sworn statements laying out their concerns about the deal, a possible sign of lawsuit preparations.

Continue Reading

Gaming

Crypto and NFTs aren’t welcome in Grand Theft Auto Online

Published

on

Enlarge / Cold hard (virtual) cash only in GTA Online, please.

Cryptocurrencies and NFTs have been formally disallowed from Grand Theft Auto Online‘s popular role-playing (RP) servers. That’s according to a new set of guidelines posted on Rockstar’s support site last Friday.

In the note, the game’s publisher says its new RP server rules are aligned with Rockstar’s existing rules for single-player mods. Both sets of rules prohibit content that uses third-party intellectual property, interferes with official multiplayer services, or makes new “games, stories, missions or maps” for the game. This means RP servers based on re-creating Super Mario Kart in the Grand Theft Auto world, for instance, could face “priority in enforcement actions” from Rockstar.

But the new RP guidelines surpass the existing single-player mod guidelines in barring “commercial exploitation.” That’s a wide-ranging term that Rockstar says specifically includes selling loot boxes, virtual currencies, corporate sponsorships, or any integrations of cryptocurrencies of “crypto assets (e.g. ‘NFTs’).”

It’s all been done before

The new guidelines seem to directly respond to “The Trenches,” a role-playing community launched in September by OTF Gaming and rapper Lil Durk. That server advertised integration with both “endemic and non-endemics brands in the gaming space” and a “Trenches Pass” NFT drop to access specific on-server content.

“We’ve been asked to cease all operations of Trenches,” OTF Gaming said in a statement on social media. “We have no choice but to comply with their demands, as we intend to do right by Take-Two and Rockstar. We will be working with them to find an amicable solution to this matter.”

If this situation sounds familiar, it might be because developer Mojang similarly barred NFT integration from its online servers in July. At the time, Minecraft-based crypto project NFT Worlds said it was hoping to work with Mojang to “find an alternative outcome that’s beneficial to the Minecraft player base.”

Days later, though, NFT Worlds said it gave up on that and began work on a new game that will be “based on many of the core mechanics of Minecraft” but which will be “completely untethered from the policy enforcement Microsoft and Mojang have over Minecraft.”

In Minecraft‘s case, Mojang said that the “scarcity and exclusion” inherent to NFTs “does not align with Minecraft values of creative inclusion and playing together.” That reasoning applies less to GTA Online, though, a game that rakes in hundreds of millions of dollars annually by selling in-game currency and exclusive items for use by players.

If anything, things like NFTs and loot boxes could be seen as competition for GTA Online‘s official monetization efforts. With that competition cut off, though, Rockstar sounds eager to allow RP servers to continue to operate within reason.

“Rockstar Games has always believed in reasonable fan creativity and wants creators to showcase their passion for our games,” the company writes. “Third-party ‘Roleplay’ servers are an extension of the rich array of community-created experiences within Grand Theft Auto that we hope will continue to thrive in a safe and friendly way for many years to come.”

Continue Reading

Trending