Update, May 20: After a flood of complaints, Doom Eternal's creators have announced plans to reverse the course of their anti-cheat system at the kernel level.
In a Wednesday post on Reddit's Doom community, executive producer of Doom Eternal, Marty Stratton, confirmed that the next patch of the game will completely remove Denuvo Anti-Cheat from the game. "Despite our best intentions, player feedback has made it clear that we need to reevaluate our anti-cheat integration approach," wrote Stratton. "When we examine the future of anti-cheat in Doom Eternal, we must at least consider giving campaign-only players the ability to play without anti-cheat software installed, and the general timing of an anti-cheat Better ensuring integration is in line with players' expectations for clear initiatives – like ranked or competitive games – where the demand for anti-cheat is far greater. "
Stratton also claimed that the problems with the latest patch with "performance and frame rate degradation" are in no way due to the new Denuvo system, but rather to problems with "customizable skins" and "a code change that we had with VRAM -Assignment made ". id Software has not yet released this upcoming patch.
* Insert Tarzan scream *
Just a look at this picture lets me plan my next move and choice of weapon in my head.
If you feel that the open mouth only asks for a grenade to be inserted, you are right.
Blasting grunts with a flamethrower drops armor in a process that doesn't even make sense in "video game".
The balance between air and ground enemies really forces you to be situational in three dimensions.
If you play Doom Eternal, you will see bloody guts so often that they have no real effect.
Yes, it's a sword, not a weapon. Yes, it is still a doom game.
These guys aren't as bad as they look, but only if you can aim properly.
The armor of this cyber mancube requires a charged bloodbeat to recharge. After that, he's a cupcake.
Each of these enemies needs a different weapon and strategy to effectively kill them.
I love the surprised expression on the face of the Mancubus in this setting.
One of the most relentless enemies in the game.
Doom Eternal is the latest game that uses a kernel-level driver to detect scammers in multiplayer matches.
The game's new driver and anti-cheat tool was provided by Denuvo's mother Irdeto, a company that was once known for its almost unbeatable piracy protection and is now known for its somewhat effective but often cracked piracy protection. However, the new Denuvo anti-cheat protection is completely independent of the company's Denuvo anti-tamper technology, which uses code obfuscation to prevent crackers (and which was discussed for Doom Eternal shortly after launch anyway ).
The new Denuvo anti-cheat tool will be made available to Doom Eternal players after "countless hours and millions of gameplay sessions" during a two-year early access program, Irdeto said in a blog post announcing its launch . Unlike Valorant's similar Vanguard system, the Denuvo Anti-Cheat driver does not have annoying tray icons or splash screens that players can use to monitor their system.
"This invisibility could raise some eyebrows," admits Irdeto.
No running outside of the game
To address potential concerns, Irdeto writes that Denuvo Anti-Cheat will only run when the game is active, and Bethesda's patch notes also state that "use of the kernel mode driver begins when the game starts and stops, if the game ends for any reason. "This is a major difference from Valorant's Vanguard system, which requires the driver to be loaded at system startup to" monitor system status for integrity ".
"There is no monitoring or data collection outside of multiplayer games," Michail Greshishchev, Product Owner of Denuvo Anti-Cheat, told Ars via email. "Denuvo does not try to maintain the integrity of the system. It does not block cheats, game mods or developer tools. Denuvo Anti-Cheat only recognizes cheats."
Enlarge /. Denuvo announced a partnership with the Esports Integrity Coalition when anti-cheat technology was first announced in 2018.
Greshishchev added that the company's driver "has received certification from renowned (ed) kernel security researchers, has undergone regular whitebox and blackbox audits, and has been tested for penetration by independent cheat developers." He said Irdeto also set up a bug bounty program to detect any bugs they might have missed.
And because of Denuvo Anti-Cheat's design, Greshishchev says the driver is safer than others who may be more exposed to the Internet. "Unlike existing anti-cheats, Denuvo Anti-Cheat does not transfer shell code from the web," Greshishchev told Ars. "This means that if compromised, attackers cannot send arbitrary malware to the players' computers.
"The same slot machines already have a sea of sub-par (security-related) administrative services with active internet connections," he continued. "Drivers from mouse and keyboard manufacturers, lighting and overclocking services, etc. If attackers really wanted to compromise players' computers, they would go through them – not the most powerful manipulation software in the world."
When a driver exploit is discovered in the wild, Greshishchev told Ars that revocable certificates and self-expiring network keys can be used as "kill switches" to turn them off. "No security professional can say that his solution is infallible, but our penetration tests, certifications, and security checks are significantly higher than any reasonable standard," he said.
Time for kernel panic?
The use of kernel mode drivers is widespread in anti-cheat tools for multiplayer games to ensure that lower privilege "user mode" tools that attempt to change the game code can be detected and stopped. While fraudsters can still get around this by using code signing exploits to install their own kernel-level cheat tools, the process is more difficult.
Loading an anti-cheat driver in kernel mode only when a game is running, as Denuvo does, is also very different from running an anti-cheat driver in rootkit style from the start for security reasons. The latter leads to a significantly higher risk of exploits at the system level that can be carried out without the knowledge of the user and creates "a large attack surface with little benefit," as the independent security researcher Saleem Rashid told Ars regarding the security driver Vanguard from Valorant.
However, some members of the Doom Eternal community are not happy with how the Denuvo anti-cheat tool was introduced or what security risks it causes on their systems.
"No software, especially no anti-cheat, should have access to your system at the kernel level, and if so, we should have been informed before purchasing," Reddit user extant_dinero wrote in a popular thread the doom subreddit and asked the users to delete the game. "I wouldn't have bought it if I knew it would be added. Just because other pieces of software do it doesn't do it right."
But Greshishchev tells Ars that such fear is out of place. Denuvo Anti-Cheat is "not to be different from Nvidia's graphics drivers or Steam's customer service," he said. "Unlike the anti-cheats of the past, there are no file system hooks, no need to start with the operating system, no annoying tray icons or splash screens."
"It is human nature to be afraid of the unknown and not a lot of technical claims from us could address this. Over time, trust builds up, and we believe that if Denuvo Anti-Cheat unites you, we will Player in your favorite game. " Gain your trust. "