Doom Eternal ROLLS BACK -> Denuvo Anti Cheat

[Reginald_001]

https://www.tweaktown.com/news/72559/doom-eternal-update-adds-denuvo-anti-cheat-with-kernel-mode-driver/index.html

 

UPDATE:

"Despite our best intentions, feedback from players has made it clear that we must re-evaluate our approach to anti-cheat integration," Stratton wrote. "As we examine any future of anti-cheat in Doom Eternal, at a minimum we must consider giving campaign-only players the ability to play without anti-cheat software installed, as well as ensure the overall timing of any anti-cheat integration better aligns with player expectations around clear initiatives—like ranked or competitive play—where demand for anti-cheat is far greater."

 

In short, Doom Eternal's latest updates bundles an extremely invasive Ring 0 / Kernel Level DRM.

 

- Write a bad review on Steam (Those corporate fucking shills deserve a lesson)

- Do NOT buy it.

- Ask for a REFUND. And KEEP ASKING for a refund until you get it.

- If you live in the EU make a complaint at your local authorities.

 

If we start tolerating this SHITTY behavior further then there will be no end in sight to the abuse of customers.

If you want an idea of how much damage this can do to your system, or just how fucking compromised your system is to this software: It can see EVERYTHING on your system. It has INTERNET ACCESS and it SENDS DATA to servers.

 

You only have their WORD for 'keeping your data safe and anonymous'.

 

Make of it what you will.

But I don't accept this.

It's up to us to stop this kind of publisher behavior by sending a clear message.

 

Let's turn this MIXED into an OVERWHELMINGLY NEGATIVE.

 

 

 

[Swanky]

Is there a difference to Denuvo used in games like Rise of the Tomb Raider?

[Reginald_001]

5 minutes ago, Swanky said:

Is there a difference to Denuvo used in games like Rise of the Tomb Raider?

I don't know. I don't buy games with that kind of evasive protection, which is my point.

[ToJKa]

20 minutes ago, Swanky said:

Is there a difference to Denuvo used in games like Rise of the Tomb Raider?

Yes, it's a new anti-cheat component that runs as a separate Windows service while the game is running. Different from Denuvo Anti-Tamper baked into the exe, that was in Doom Eternal since release.

 

Why review bomb it though? It turned everyone in the internet into a cybersecurity expert overnight

[Reginald_001]

Believe it or not, it's my actual job to know about these things. I work IT in a bank, did that in a hospital before that.

[Swanky]

If it's .exe included code then it shouldn't be vastly different from what's been used before. However, if it's kernel based and can possibly be used as either a backdoor by any party then it's kick in the nuts, no matter if it's just on startup of the program or the computer in general (which is way worse).

[Guest]

Don't forget KVA Shadow. It's an intrusive Windows kernel "feature" that was implemented by MS for security purposes. However, Microsoft DOES sign drivers for stuff like Easy Anti Cheat, which is why Epic Games has been dropping Linux support from their games.

A game anti cheat SHOULD NEVER have that kind of access to the kernel... EVER!

As a person who've worked with network and system security for years, I would never recommend a piece of software that requires KVA shadowing.

[Deso561PL]

Yeah no thanks, i removed game from my wishlist. Game looks cool, but denuvo sucks.

[ToJKa]

5 hours ago, Reginald_001 said:

Believe it or not, it's my actual job to know about these things. I work IT in a bank, did that in a hospital before that.

Ok, fine, i'll panic then. OH NOES! MY PORNS!

[Azzhat]

I unistalled the anticheat. I think it's bullcrap that they pulled that. But I don't play multiplayer anyway so...

[Reginald_001]

49 minutes ago, ToJKa said:

Ok, fine, i'll panic then. OH NOES! MY PORNS!

Check my signature. 100+ days PMO free.

Porn would be the last thing on my mind...

[Guest]

Anywhere that collects your data that promises to keep it secure &/or anonymous is pretty much too incompetent to actually do it, way too many examples of that. What the hell did they do take a page from fucking Valorant? Ring Zero DRM Anticheat? I play other games that have very good MP anti cheat and they don't require that overly invasive shit. Shame it's not my style of game but I heard it was done very well at least the single player.

[Swanky]

I found the following written by YT user Michelle D*israeli, which I think is a great explanation. Source (It's a Jimquisition video)

 

I'm a cyber security professional, working at a senior level and giving conference talks on security matters to technical and non-technical audiences. I've had friends ask me what I think about Valorant and Doom Eternal / Denuvo implementing kernel level drivers for detecting cheaters. There's a tension between gamers, game developers and security professionals, and I wrote the following over on Twitter, discussing the issue, and what i think can be done going forward.

 

Firstly, let's look at the three sides at play here: Gamers want to be treated fairly, but generally also generally want to be sure that any competitive online play is actually fair for all. The problem is that once a cheat starts to be used, it becomes rapidly adopted as that's seen as the new fair playing field. Game developers need a healthy online community around their game in order to be able to promote it and run events and support any further development. They need to be able to detect and securely react to the presence of any cheat engine. Security professionals, including operating system developers, need all developers to follow best practices. Applications only should have high level system access if they absolutely need it, and as a rule, games don't. So what is it that concerns us security professionals about these anti-cheat systems?

 

 

There's three big risks from the kernel level access required by Valorant or games using Denuvo anti-cheat (like Doom Eternal). Firstly, there's a huge risk to player privacy. By definition, anti-cheat programs have to invade player privacy to try & spot cheat apps. By going for full kernel level access, they now though can freely access any file they want, without asking for the player's permission. This potentially includes a user's passwords if they're not using any secure means to store them (like a password manager). It also allows full snooping of all network traffic, and arguably needs to in order to detect certain forms of cheating. It also allows reading of other programs' memory, so even encrypted network traffic could be intercepted. No private discussions over discord any more!

 

The second issue with a kernel level anti-cheat system is that it can make changes without the user's permission. If the system believes that an open source application is actually cheater software, it could close the program or delete the files. Or if a developer decided to play dirty, it could corrupt your installation of a competitor's game. As a developer, this is a big reason why you should be avoiding this level of access - it's not a good look to ask for permission to potentially do this. All of these changes or snooping could be made without the user knowing they've been performed, so it's a big risk.

 

The third issue, however, is the one that most concerns me - hijacking of the anti-cheat system. Game developers know about the above issues, and generally go to great lengths to ensure that their anti-cheat system doesn't do anything improper. But malware developers are actively looking for the next undefended way to gain exactly that sort of access for themselves. The big concern a lot of us in the security community have over Valorant & Doom Eternal's kernel level anti-cheat protections is that these systems will be used as ways to infect user's machines. Where ways to gain access exist, the bad guys will do anything to abuse them. Competitive online games have been big business for decades now, and back in 2002 and earlier we were dealing with phishing campaigns and malware associated with them. Now it's even worse. And even for malware not aimed at gamers, some malware families use a suite of different attacks. Denuvo anti-cheat will be common enough to be a tempting target for home users. Almost by definition, these anti-cheat programs will be heavily attacked by the bad guys out there. People will want to use cheats or remove the invasive anti-cheat system, so any weaknesses they have will be found, sooner or later.

 

This means when you use a game that has such a system, you are placing huge trust in the developer to be able to write super secure safe code that can't be abused by an attacker. You've played games, right - are they always bug-free? But as I said above, anti-cheat systems are here to stay. Developers and gamers alike need them. So what can we do about this situation? I have two ideas, both of which I think should be followed. Firstly, game and anti-cheat developers need an industry agreed code of practice. Where possible they should open source, be transparent about the functioning & build chain used, have requirements for security testing, and bug bounties put in place. As a long time follower of Jim, I too have little faith in the industry to have meaningful standards and do the right thing, but it's better than nothing, and they could ask cyber security bodies to actually write and review the standard. Secondly, the real solution to this is for game developers to shift the weight of the problem to the people who are best placed to address it - Operating system and Antivirus developers. Rather than stealing kernel level access, they should be given safe windows in. AV vendors could agree a standard API, or Microsoft could implement a DirectX library for cheat detection & a means for the OS to prevent games from working properly if a cheat is detected. Valve & Epic could also offer similar tools for games running from their platforms. Sidenote: turns out that anti-cheat systems have been cheating the system themselves, reading kernel memory to try and discover undocumented Windows features. This is extremely against proper coding practices for Microsoft systems, and is why anti-cheat systems often cause system crashes.

[Ernest Lemmingway]

I have a hard time believing any company would still use Denuvo. The whole thing is a joke and gets so quickly cracked by hackers it's a waste of time and money to use. Plus there are countless online guides to remove any form of it not baked into an executable (and DOOM Eternal has copies of an executable that doesn't have it to begin with because Bugthesda shipped physical copies with and without it at once ?).

 

I guess this is a case of "you get what you pay for" regarding piracy protection.

[Reginald_001]

I just requested a refund for the third time at Steam. I'm still pissed off. Don't think I'm the only one either..

Don't care about the 90 dollars. Care about the principle.

 

[Reginald_001]

I just requested a refund for the seventh time on Steam (the first SIX were declined).

I'm using different channels for each request.

 

I've now gone as far as to set aside some budget for my lawyer to go after this refund. He laughed at first when I called him, but when I explained the situation we set out for a max budget to spend on it. We're going the European Law route, starting with a refund request for Valve Software/Steamworks.

 

It should be clear this is an issue of principle, not money.

[ToJKa]

Since i was done with the game anyway (because i finished it on Nightmare, because i'm awesome ?), i uninstalled it. Afterwards i found no sign of the Anti-Cheat on my system. The service gone, executables, even registry entries (apart from some settings and uninstall information).

So while it may be a security risk, there at least doesn't seem to be a malicious intent by the software.

 

And besides, why bother trying to hack an obscure service, that runs only when the game does, when all hackers need to do is to send an email with the topic of "nudest nudes that ever nuded".

 

But yes, resisiting publishers changing a game after it's release i do support, who knows what they'll do if they start getting away with it. Seems indeed that many are requesting refunds, but few are succeeding in getting them.

 

But i also think the shitstorm would be much smaller if it wasn't called "Denuvo Anti-Cheat"

[Reginald_001]

I actually never heard of it before I got the update last Friday. I then proceeded to do some research (I never just 'install' stuff) after which I found what it does. It could have been called 'sweetest pussy in the world.exe' and I'd still have been pissed off.

 

[Reginald_001]

Here's why I am RIGHT about this:

 

https://eur-lex.europa.eu/legal-content/EN/TXT/?qid=1403274218893&uri=CELEX%3A32011L0083

 

The notion of functionality should refer to the ways in which digital content can be used, for instance for the tracking of consumer behaviour; it should also refer to the absence or presence of any technical restrictions such as protection via Digital Rights Management or region coding. The notion of relevant interoperability is meant to describe the information regarding the standard hardware and software environment with which the digital content is compatible, for instance the operating system, the necessary version and certain hardware features.

[Ernest Lemmingway]

Good luck with that, Reginald. Bugthesda will likely have to be taken to court again before they issue refunds. Even through third-party platforms like Steam. Only Australia has ever ruled against them and folks everywhere else are still trying to get them to refund 76 after eighteen months.

[Reginald_001]

13 hours ago, Ernest Lemmingway said:

Good luck with that, Reginald. Bugthesda will likely have to be taken to court again before they issue refunds. Even through third-party platforms like Steam. Only Australia has ever ruled against them and folks everywhere else are still trying to get them to refund 76 after eighteen months.

I have a lawyer. And he's getting 'into' it... When I'm done.. They will pay me to fucking stop.

We've submitted two major complaints at:

 

- The European Privacy Office

- The European Commission of Consumer Rights

 

I'm not done by a LONG shot. The Press is our next step, we're gonna make this big.

 

I AM PISSED

THIS IS FUCKING WAR.

[Reginald_001]

I just got the bad news, from my lawyer in Brussels. He called his contact in the court.

 

- As Steam is in the US (country of lawlessness) the EU law does not protect me, because it's 8 weeks after the fact it goes against EU/US trade agreements but no one will do anything about that. (I am right, but have no 'rights').

- The EU privacy commission is 'already investigating Denuvo' and other such software.

 

Nothing can be done.

So I made a decision mateys.

 

Not one more cent to the gaming industry, ever.

[spaceman1]

35 minutes ago, Reginald_001 said:

US (country of criminals)

That's uncalled for and as a Native American I take exceptional offense too that. 

[Reginald_001]

5 minutes ago, spaceman1 said:

That's uncalled for and as a Native American I take exceptional offense too that. Maybe if you people would've stayed on your part of the world instead coming over here raping and pillaging  you wouldn't have that problem today.

Yes yes the term criminals was chosen in anger. I'd already edited it to lawlessness, which is arguably true compared to the insane amount of rights we enjoy in the EU compared to the US. As is once again evident in this case. If this was a European firm, this wouldn't have been an issue and I'd have gotten my money back long ago, in fact it wouldn't have happened in the first place, as there are laws in place against this kind of publisher behavior.

 

[spaceman1]

17 minutes ago, Reginald_001 said:

Yes yes the term criminals was chosen in anger. I'd already edited it to lawlessness, which is arguably true compared to the insane amount of rights we enjoy in the EU compared to the US. As is once again evident in this case. If this was a European firm, this wouldn't have been an issue and I'd have gotten my money back long ago, in fact it wouldn't have happened in the first place, as there are laws in place against this kind of publisher behavior.

 

I'm sorry didn't mean to come off that way. I'm just extra cranky having to stay confined cause I have Covid has made me little stir crazy. I'm just glad I have a mild case of it......I already had 3 friends die from it.