Yup.
Yeah really not much else needed to be said here. What happened with Crowdstrike is exactly the sort of exploit Kernel Level Anti-Cheat in general has been critized for enabling on consumer hardware.
Yes, works on the same layer.
Yes, the key difference being that nobody’s playing Valorant on airport displays. Just yesterday I installed a new early access game for two accounts at home and discovered that it just wouldn’t work with the non-admin account because of anti-cheat. All of this is making me consider going back to running games under flatpak.
In theory, yes. Vanguard uses ring 0 access; and Failures/crashes on the code that are running on that level will lead to BSOD.
In practice, Riot very likely tests Vanguard on various hardware as parts of their tests before shipping updates on it, as it’s used by all players that play Lol and Valorant; and a fuckup like that would mess the trust they’ve built between the players. Players are trusting them to run ring 0 code on their computer, so they can have a cheatless experience after all.
In practice, CrowdStrike very likely tests Falcon on various hardware as parts of their tests before shipping updates on it, as it’s used by a huge amount of enterprises; and a fuckup like that would mess the trust they’ve built with those enterprises. Enterprises are trusting them to run ring 0 code on their computer, so they can have a malware-less experience after all.