andyburke

So let’s win and push for ranked choice.

Their children and children’s children forgot everything.

Mprotect stops any read and write and execute access to memory in both user and kernel lands (only rx or wx). Stuff like web browsers won’t work unless you have a program to mark it in elf to not use pax. However, this kills a lot of exploits with that turned on by itself (though there are probably work arounds if you are developing exploits which the other features would hopefully catch). That’s why people installed 3rd party unmainlined security patches, but that’s just me maybe idk.

I am having a hard time following what this does or why this is desirable. You’re saying there’s a patch this thing provides that … disables memory access … unless a flag is set in an executable … which will then bypass the security?

Client side anti-cheat faces similar issues, and there unlike your server you don’t control the hardware.

There are lots of options such that you can tune your false positive/negative rate. 🤷‍♂️ Tons of ways you can structure this depending on your game’s tech.

There are ways to detect and stop that, but they can and should happen on the server, not on the client.

No it doesn’t. We have any number of free and open source operating systems to choose from that are already more secure. The number of people in a situation where they absolutely need to run Windows specifically is small.

This is already true for the vast majority of games. 🤷‍♂️

Why would anyone want to run unmainlined security patches from a company?

This is how CrowdStrike happened.

This feels like security via business decision which is always the opposite of security. At least this would be open source now? 🤷‍♂️

Plastic and food shouldn’t mix.

We fucked up real bad. Gonna be a long road to fix this shit.