cross-posted from: https://lemmy.zip/post/8449648
Thinking about installing Riot’s rootkit
If I have an encrypted Linux partition and a Windows partition that I use as a bootloader into Riot’s games, what are the drawbacks of installing their kernel level anticheat?
So, Benefits: Being able to play their games. Drawbacks : a lot, and it seems like they are not getting talked about a ton.
Here is the deal: Riot doesn’t trust you that you will interact with their entertainment software in a fair way witb other users of the same software. So they demand that you install a kernel level anti Cheat which gives them full control of your system. And then they demand that you trust them not to abuse that power. Because if you try to figure out if you can trust them… They will ban you. It’s the equivalent of having someone demand of you to take NSFW Pictures whenever, wherever, however much they like and telling you that they won’t share those.
Yes they can decrypt everything from your encrypted drive if they wanted to, so not even an encrypted file system that windows can’t even read natively will save you. Remember that they can read and write any file they want to so they can get to your decryption key, figure out your file system and get windows to read if they wanted to. It’s the same with kernel level cheat developers that likely charge money for their cheats. Heck if they wanted, they could use your machine to mine crypto if they wanted to. Or ransom it with encryption of their own. Or get you in legal trouble in so many other ways like putting incriminating files on your machine.
In short they don’t trust you and want full acces while demanding that you trust them with no way of knowing if you can. Which means you can’t have privacy with a kernel lever anti Cheat or rather rootkit because that is what it actually is.
Also consider who owns riot games. And think about how protected or in that case rather how not protected your data is.
And then ask if you want to give a third party that level of control over a machine you own and paid for.
I would worry less about Riot being the one who is gonna be decrypting your stuff and worry more about some malicious actor who manages to get access to your computer. Running anything that communicates over the internet with such high priveleges is a massive attack surface
Given that they got hacked multiple times, and every update breaks their client, I don’t think it makes sense to trust they can secure their malware.
Well, we don’t need to imagine; Genshin Impact already showed us.