Gaming & Culture

Riot turns on ability to turn off kernel-level anti-cheat tool

Riot Games announced last night that a new update to the Vanguard anti-cheat system used in Valorant will let users disable and/or easily uninstall the kernel-level security driver via a system tray icon.

That doesn’t mean cheaters can just turn off the anti-cheat tool and do whatever they want, though—Vanguard still needs to be installed and running to actually play Valorant. If you shut off the service from the system tray, you’ll have to restart your entire system before loading up Valorant. And if you uninstall Vanguard altogether, it will automatically be re-installed when you launch the game, requiring another restart.

The system tray tool will also notify users when Vanguard blocks certain third-party apps from running on your system. Users can disable Vanguard at that point and run the suspect app normally.

While Riot says “most players will never run into such a scenario,” the vast majority of such app-blocking behaviors deal with “software [that] has a known vulnerability or is being exploited in the wild.” That includes apps found in CVE databases that could let a cheater load unsigned code into the system kernel.

“Ultimately, you get to choose what software you run on your computer,” Riot writes. “You can uninstall or stop Vanguard to allow your software to work, but that will have the side effect of not allowing Valorant to work until you reboot.”

While Riot acknowledges that there are already working cheats out in the wild for Valorant, the company maintains that Vanguard “make[s] it difficult for all but the most determined to cheat, while also giving us the best chance to detect the cheats that do work.” Cheaters that do get through the Vanguard system can still be “remove[d]… from our ecosystem by leveraging other game systems,” Riot writes.

The changes come as Riot continues to try to quell concerns about Vanguard’s use of a startup-loaded kernel-level driver, which it says is necessary to monitor system integrity and user-level hacks from outside of Valorant. The company says the driver “isn’t giving us any surveillance capability we didn’t already have” and that Vanguard “does not collect or send any information about your computer,” in any case.

But the driver itself could potentially be exploited for serious kernel-level attacks on Windows systems, a setup that independent security researcher Saleem Rashid told Ars “introduces a large attack surface for little benefit.” Riot has expanded its bug bounty program to encourage hackers to report any unknown driver exploits, and Riot anti-cheat lead Paul Chamberlain tells Ars the company would “likely be able to respond within hours” to disable the driver if such a vulnerability were found.

Listing image by Riot Games

Riot addresses “kernel-level driver” concerns with expanded bug bounties

Artist's conception of hackers lining up for these new bug bounties.

Enlarge / Artist’s conception of hackers lining up for these new bug bounties.

Last week, we took a look at the new Vanguard anti-cheat system being used in Riot’s Valorant and the potential security risks of the kernel-level driver it utilizes. Now, in an effort to allow “players to continue to play our games with peace of mind,” Riot says it is “putting our money where our mouth is” with an expanded bug bounty program, offering more money for the discovery of Vanguard vulnerabilities.

Bug bounties aren’t new to the gaming industry or even to Riot Games, which says it has paid out nearly $2 million in such rewards since launching its bounty program in 2016. But Riot is now offering “even higher bounties” of up to $100,000 specifically for the discovery of “high quality reports that demonstrate practical exploits leveraging the Vanguard kernel driver.”

The largest bounties in Riot’s newly expanded program are available to attacks that are able to exploit the Vanguard driver to run unauthorized code at the kernel level—something of a nightmare scenario that could give an attacker full, low-level access to a machine—but exploits that merely provide “unauthorized access to sensitive data” will also be rewarded. The bounties apply to network-based attacks that need no user interaction, vulnerabilities that require user action (like clicking on a malicious link), and exploits that require “guest user” access to the system itself, in declining order of potential reward.

Offering bug bounties is an attempt to skew the incentive structure for potential Vanguard attackers, making it more lucrative to report flaws than to exploit them for use by cheating programs or hacking tools. Riot anti-cheat lead Paul Chamberlain said a similar issue of incentives was behind Riot’s decision to use a kernel-level driver for Vanguard in the first place.

Beating a kernel-level driver “requires a different (more strenuous) approach from cheat developers to attack,” Chamberlain told Ars. “For cheat developers operating at the kernel level, they need to work around the restrictions Microsoft places on kernel level software. This extra work reduces the incentives for cheat developers because their cheats become harder to make, less convenient for players to install, and just overall less profitable to sell.

“We don’t expect that any protection will remain unbreached forever, but Vanguard’s protections are strong, and as cheat developers’ tactics evolve, so will ours.”

Earning player trust

In announcing the new bug bounties, a group of high-level Riot security employees wrote that they “understand the decision to run the driver component in kernel-mode can raise concerns.” That said, they also want to reassure players that “we would never let Riot ship anything if we weren’t confident it treated player privacy and security with the extreme seriousness they deserve.”

The statement reiterates that while the signed kernel-level driver runs at start-up “to prevent loading cheats prior to the client initialization,” a user-level client “handles all of the anti-cheat detections while a game is running.” At that point, the user-level client uses the driver “to validate memory and system state and to make sure the client has not been tampered with.” The driver itself “does not collect or send any information about your computer back to us,” they wrote.

“We’d never let Riot ship something we couldn’t stand behind from a player-trust perspective (not that we think Riot would ever try),” Riot’s security representatives wrote. “Players have every right to question and challenge us, but let’s be clear—we wouldn’t work here if we didn’t deeply care about player trust and privacy and believe that Riot feels the same way. We’re players just like you, and we wouldn’t install programs on our computer that we didn’t have the utmost confidence in.”

In February, Apple TV+’s Mythic Quest is the next “game devs on TV” show

[embedded content]
The trailer for Mythic Quest: Raven’s Banquet.

Yesterday, Apple solidified its most high-profile 2020 original series debut so far: Mythic Quest: Raven’s Banquet is a half-hour comedy from the team behind It’s Always Sunny in Philadelphia, and all nine episodes of the show’s first season will be available to subscribers of the new streaming service on February 7, 2020.

For fans of modern TV comedy, the cast and crew involved might be particularly exciting. Sunny alums Rob McElhenney and Charlie Day are executive producers, and McElhenney and Megan Ganz (Sunny, Community, Modern Family) co-created the series. On camera, McElhenney stars as the fictional game company’s creative director, Ian Grimm, and the rest of the cast is equally delightful: Danny Pudi (Abed on Community) and F. Murray Abraham (Dar Adal on Homeland) headline an ensemble with Imani Hakim (Everybody Hates Chris), Charlotte Nicdao (Thor: Ragnarok), David Hornsby (Cricket on Sunny), Ashly Burch (an actual video game actor in Life Is Strange), and Jessie Ennis (Better Call Saul). The series is a collaborative production between Lionsgate, 3 Arts Entertainment… and Ubisoft, which debuted a teaser back at E3 2019.

The basic premise sets up Mythic Quest as a massively popular medieval-styled MMORPG on the brink of pushing out its first major expansion. (Hmmm, MQ kinda-sorta sounds familiar.) We see Ian Grimm (McElhenney) and his team watching a trailer for this release that puts the game in totally appropriate cultural context. “When we think of cultural touchstones, we think of ET, Star Wars, Avatar, and yet our industry drawers the entertainment business,” Grimm says, moments before appearing shirtless in what appears to be a gladiator-type arena. “When we think about legends, why not think about Mythic Quest?”

Sunny has always been a particular brand of humor, so maybe “your mileage may vary” should be the expectations for Mythic Quest once it launches early next year. But either way, it’s yet another example in what’s been a growing, recent string of game developer portrayals in the second half of the decade. AMC’s Halt and Catch Fire (2014) might be the pinnacle of these, with Kotaku UK even calling it the only show that even got games right (likely not a goal for Mythic Quest). But HBO’s Silicon Valley had a few recurring game development characters, the lead in Netflix’s Russian Doll is a game developer, and in the last two years NBC debuted then cancelled a series called I Feel Bad that used a game development company as its setting for office-place humor. Wherever Mythic Quest falls in that spectrum, we’re at least safely assuming these developers won’t end up in a time loop where all roads lead to destruction (ala Netflix’s also game-developer-centric, Bandersnatch).

Listing image by Apple TV+

Star Wars: Rise of Skywalker spoiler-free review: Kylo, Rey save the film

Promotional image for Star Wars Episode IX.

Enlarge / The best new-trilogy actors awaken in Rise of Skywalker.
Ars Technica takes spoilers seriously in film reviews. After this article’s opening section, minor plot details are revealed to explain certain opinions, but we otherwise do not include any “major” spoilers. Deeper spoilers will likely appear in the comments section upon the film’s launch, usually posted with spoiler tags.

The best thing about Star Wars Episode IX: The Rise of Skywalker is that it concludes the latest trilogy much in the same way it began. This new trilogy has all the trappings you’d expect in a Star Wars film wishlist: droids, Wookiees, blasters, lightsabers, epic space battles, wacky new characters, and on and on.

But the beating heart of this film, and the biggest reason I recommend it, is the evolving and intriguing relationship between Rey (Daisy Ridley) and Kylo Ren (Adam Driver). Rise of Skywalker is often a turbulent ride, usually to its detriment, but the storytelling conclusion for these eternally linked rivals (and the performances that carry these characters to their most powerful moments in the Star Wars series) eke this film across the “good enough for fans” line.

Without that quality (an admittedly large percentage of the film), Rise of Skywalker might otherwise serve as proof that director/co-writer J.J. Abrams was the wrong person to finish the latest trilogy. The film rushes between plot points, overuses certain characters, and wastes others. And whether you loved, tolerated, or hated 2017’s The Last Jedi, it’s easy to conclude that the previous film’s most intriguing developments and concepts were abandoned—and without any convincing proof that Abrams had better ideas in store.

“I’ll go without your blessing”

From here on out, the review is more specific about Rise of Skywalker‘s successes and failings, so while it is mindful of spoilers, you’ve been warned.

Let’s begin with the biggest failing of the film by far: how the character of Princess Leia awkwardly fits into the plot.

Shortly after the tragic passing of actor, writer, and activist Carrie Fisher, Lucasfilm announced that she would appear in Rise of Skywalker as Leia and that the film would use her real-life footage, as opposed to a CGI-ified Fisher. The resulting footage is perhaps the worst-case scenario Star Wars fans could have imagined: cookie-cutter dialogue against a green screen that could conceivably be slapped into any plot, devoid of the heart or humor that consistently marked Fisher’s work in the role of Leia.

One example of her toothless dialogue, transcribed verbatim from the film: “This mission is everything. We cannot fail.” Notice how spoiler-free that sentence is? Sure, that sounds like something Leia might say while serving as a general on a Resistance outpost. She offers slightly more specific dialogue in one interaction in the film, to set a major plot point into motion, but even that sequence has a jarring disconnect between herself and the character in question—and fails to sew together her character picking up a baton that was dropped at the end of Last Jedi. Everything about Leia’s appearance in Rise of Skywalker is rough, and it forces at least one other character to awkwardly produce the exclamation point that she was clearly set up to do herself.

In late 2017, I suggested recasting the role of Leia. I really wish someone at Lucasfilm could have either done that or jettisoned certain plot threads.

Instead, in order to make Leia’s limited appearance work, the film begins with a blur of fetch-quest activity. A pair of early sequences include striking visuals as heroes whiz through a variety of worlds, but these differ from the slowly unfolding opening sequences that have marked the best Star Wars films. Abrams frames every major player on their own separate journey, instead of letting us take our time to see each hero’s progress since the last film and how their individual progress has affected the others. We see a brief in-fighting outburst that hints to this sort of dynamic, but it’s quickly interrupted by a forced Leia-nization of the plot.

This “essential piece of computing history” just sold for $43,750

This Jacquard-driven loom, circa 1850, is considered an early predecessor of the first computers.

Enlarge / This Jacquard-driven loom, circa 1850, is considered an early predecessor of the first computers.

Charles Babbage is widely recognized as a pioneer of the programable computer due to his ingenious designs for steam-driven calculating machines in the 19th century. But Babbage drew inspiration from a number of earlier inventions, including a device invented in 1804 by French weaver and merchant Joseph Marie Jacquard. The device attached to a weaving loom and used printed punch cards to “program” intricate patterns in the woven fabric. One of these devices, circa 1850, just sold for $43,750 at Sotheby’s annual History of Science and Technology auction.

“Technically, the term ‘Jacquard loom’ is a misnomer,” said Cassandra Hatton, a senior specialist with Sotheby’s. “There’s no such thing as a Jacquard loom—there’s a Jacquard mechanism that hooks onto a loom.” It’s sometimes called a Jacquard-driven loom for that reason.

There were a handful of earlier attempts to automate the weaving process, most notably Basile Bouchon’s 1725 invention of a loom attachment using a broad strip of punched paper and a row of hooks to manipulate the threads. Jacquard brought his own innovations to the concept.

Per Sotheby’s auction website:

Jacquard… conceived of developing a semi-automatic tone-selection device, which would be integrated onto the loom, resulting in quicker production and more intricate patterns. Jacquard’s punch-card system worked much in the same way as a fax machine: each punch in the card directed a black or a white thread into the headstock of the loom, pinpointing the desired thread into place.

The invention was not popular with loom operators, many of whom lost their jobs and took to smashing Jacquard looms in protest.

The mechanism just sold at auction belonged to one of Hatton’s former clients, now deceased. The collector had been trying to establish a museum on the history of computing, grounding his vision in the early attempts to mechanize computation by Jacquard, Babbage, and others. The loom “was his pride and joy,” said Hatton. “He bought the original mechanism and then commissioned somebody to make the loom and a second [mechanism] so he could use it. So the loom is fully operational.”

The piece comes with a large box of accessories, including the original 19th-century punch cards—everything one would need to operate the machine.

Jacquard’s machine was capable of programming patterns with such precision, it was even used in 1886 to create a prayer book woven entirely in silk, using black and gray thread. Only around 50 copies were made. The Sotheby’s auction didn’t offer any rare prayer books this year, but there was a portrait of Jacquard—woven in silk on a Jacquard loom—with a mini-loom and punch card on his desk, as well as another woven silk portrait showing several men in front of a loom holding the aforementioned portrait (so very meta). Those portraits sold for $10,625 and $11,875, respectively.

Video: To make 1997’s Blade Runner, Westwood first had to create the universe

[embedded content]
Shot by Sean Dacanay and edited by Justin Wolfson. VFX by John Cappello. Click here for transcript. And if you want a close-up peek at the awesome Ladd-style logo Aurich cooked up for this video, you can get that right here.

Welcome back to “War Stories,” an ongoing video series where we get game designers to open up about development challenges that almost—but not quite—derailed their games. In this edition, we focus on a genre particularly near and dear to my dead, black Gen-X heart: the adventure game.

And not just any adventure game—we were lucky enough to be able to sit down with Louis Castle, co-founder of legendary game developer Westwood Studios. Castle’s hands were on some of the most famous titles of the 1990s, including Dune II, the Legend of Kyrandia series, and, most famously, the Command & Conquer franchise. But as wonderful as those games are—and as many hours as I spent lost in the woods of Kyrandia as a teenager—none of those mean as much to me as Westwood’s 1997 cinematic adventure game, Blade Runner.

You know the score, pal

Adventure games were one of the two ur-genres of true computer games (with the other being the arcade-style shooter), and as a child of the ’80s, adventure games were what got me into gaming. The genre reached its peak in the early to mid 1990s, with some of the best-remembered LucasArts and Sierra titles making their appearance thereabouts. But by the end of the decade the wheels had come off the cart, and it was clear that the genre was being eclipsed by the rise of the first-person shooter.

With the economic realities of the adventure game market in the mid-’90s becoming apparent, Castle’s pitch to create an adventure game set in the Blade Runner universe that would look and feel almost indistinguishable from the film itself might have seemed a little barmy. Worse, in order for the game to justify the amount of time and money required to meet that level of fidelity, the title wouldn’t just need to sell well—it would need to become one of the best-selling adventure games of all time (a difficult thing to do when your target genre has clearly aged past its prime).

Flipping the tortoise

Castle’s team faced a considerable number of challenges in bringing the cinematic world of Blade Runner to life using the technologies of the day, most of which stemmed from having to invent, from whole cloth, a way to seamlessly mesh their pre-rendered world with animated voxel characters (it turned out to be vastly more complicated than simply sticking a sprite in front of the background). Tackling this issue introduced an entire interconnected tapestry of difficult problems to solve, very few of which are faced by modern developers who can pick from ready-made game engines to license and use.

Fortunately for all of us, Westwood stuck with the challenge, even though finishing the game required more money than originally planned. The company built a title that isn’t just an homage or reflection of the original Blade Runner—it’s a legitimate companion to the movie, fleshing out the world in complementary ways and answering some key questions about the fictional 2019 described in the film. Although it’s somewhat difficult to play on modern PCs and suffers from an unfortunate lack of legitimate buying options, it remains a game worth finding and playing—the branching story makes for a high degree of replayability (something absent from a lot of adventure games), and it still looks and plays pretty darn good.

And that budgetary goal of needing to be the best-selling adventure game to date in order to make a profit? Blade Runner managed that, too.

I’ll tell you about my mother

This isn’t the only thing we were able to film with Castle, either—he was also kind enough to spend some additional hours with us talking about Command & Conquer, which had its own surprising number of challenges (like figuring out how to do hundreds of units’ worth of pathfinding on a minimum-spec machine). Castle was happy to go pretty deep into the weeds on the technical issues faced, and we were happy to let him. Stay tuned for that video in a week or two!

Reminder: Donate to win swag in our annual Charity Drive sweepstakes

Just some of the prizes you could win by entering our Charity Drive sweepstakes.

Enlarge / Just some of the prizes you could win by entering our Charity Drive sweepstakes.

Here in the season of giving, hundreds of Ars readers have already given nearly $15,000 to the EFF and/or Child’s Play in this year’s Ars Technica Charity Drive Sweepstakes.

That doesn’t quite match the more than $20,000 we raised last year, but there’s still plenty of time for our readers to dig deep and set a new giving record for the site. That also means you still have time to get an entry in for a chance to win a piece of our massive pile o’ swag, which we can’t keep anyway (no purchase necessary for entry).

If you haven’t had a chance to give yet, follow the instructions below to get your donation counted and your entry logged for the sweepstakes. If you have given already, our deepest thanks from everyone here at Ars.

How it works

Donating is easy. Simply donate to Child’s Play using PayPal or donate to the EFF using PayPal, credit card, or Bitcoin. You can also support Child’s Play directly by picking an item from the Amazon wish list of a specific hospital on its donation page. Donate as much or as little as you feel comfortable with—every little bit helps.

Once that’s done, it’s time to register your entry in our sweepstakes. Just grab a digital copy of your receipt (a forwarded email, a screenshot, or simply a cut-and-paste of the text) and send it to [email protected] with your name, postal address, daytime telephone number, and email address by 11:59pm ET Monday, January 6, 2020. (One entry per person, and each person can only win up to one prize. US residents only. NO PURCHASE NECESSARY. See official rules for more information, including how to enter without making a donation. Also refer to the Ars Technica privacy policy.)

We’ll then contact the winners and have them choose their prize by January 31 (choosing takes place in the order the winners are drawn).

Remember to check out the sweepstakes launch post for a list of all the potential prizes, and thanks in advance for your donation!

New Top Gun: Maverick trailer shows that other old star—the F-14

Do you remember where you were when the first official trailer for Top Gun: Maverick showed up on the Internet in July? I do. I was on a plane, about to take off, and while I had a lot of feelings about it I valiantly swallowed them as Tech Culture Editor Sam Machkovech had all the fun. Well, Slack tells me that Sam is still asleep, and there’s a new trailer out for the return of Top Gun, so this time he can be my wingman.

This summer’s trailer raised plenty of questions. Why was Pete “Maverick” Mitchell still in the Navy, decades after we saw him in the first movie? And what was that weird pressure suit he was wearing at one point? And can an entire movie about naval aviation still be cool if all the planes are F/A-18 Super Hornets with their goofy looking (and drag-inducing) canted pylons?

This new trailer clears up some of those questions, and obviously there will be spoilers to a degree, so stop reading now if that’s something you want to avoid before you see the film next year.

An admiral, played by Charles Parnell, has the answer to the first question: “they’re called orders, Maverick.” That weird pressure suit goes with a weird-looking stealth plane that Maverick gets to fly for reasons that remain unexplained. The final one was a trick question, because there are at least two F-14 Tomcats (albeit one is a gate guard) and a P-51 Mustang that get air time alongside the US Navy’s current workhorse.

There’s some new stuff to see—air-to-ground counts as diversity compared to the first movie, but we also get to see women fly fighter jets and also play beach volleyball. But as has become the way with Hollywood and its inability to deviate from what worked the first time around, there is plenty of fan service on display. Maverick riding his bike as the sun sets. Maverick and a special lady friend riding his bike as the sun sets. Dudes playing ball sports on the beach. Air combat maneuver training in the desert. It’s all there and looks predictably gorgeous.

There’s also a character who at first glance looks like a CGI’d Anthony Edwards, but it’s not Goose, it’s his son Brad Bradshaw, played by Miles Teller. Upon hearing the news this morning, “his daddy bequeathed his mustache to his son before he died” was all Senior Technology Editor Lee Hutchinson had to say.

[embedded content]

Listing image by Paramount/Skydance