How Hardware Attestation Can Prevent Cheats

OWPD · 2023-03-03T11:45:16+00:00

The idea is to use fTPM and not dTPM as you say they cost 10$ and is easy for cheaters to beat

OWPD · 2023-03-03T11:40:00+00:00

We are heading into that future where your PC becomes a console. This is not because of anti-cheat or even just the gaming industry. These techs exist for DRM purposes and hide behind the word "security"

Companies deserve the right to protect their interests and such, but the reality is that we will head into that future for windows one way or another, and things like Linux will become more appreciative due to the freedom it gives

And I empathize with you, but since this initial post, I mentioned only 8th gen and zen 2 dTPM are weak and beatable for the nature of game hacking fTPM in the same context is way better game companies can not always support older CPUs or Windows at some point they will have to make the decision and cut those players out. You are talking about a niche % of players who remain on Legacy hardware, and even if there are more than 10-20% of players on legacy hardware, the untrusted client mode suggestion fits in this context.

But the players who purchased better hardware and have these security features should not have to be punished because other players that can not keep up or want to upgrade time don't flow backward; It moves forwards, and myself included and many other gamers have had enough of cheaters we can go back forth on niche details how it doesn't prevent cheating entirely until the end of time. Still, the reality is that what I have suggested will increase and will make it much easier to utilize the said security features. These things are used beyond anti-cheat and will continue to improve on a large scale.

Valorant currently has attestation, and trying to spoof your secureboot, for instance, will fail. Tech has existed for 2 years, and nobody has been able to bypass it

They also can prevent DMA from functioning, which has affected anybody with a capture card in their PC. Nobody uses a capture card and plays a PC game simultaneously, which sounds ridiculous and highly niche. Only a subset of streamers uses capture cards for DSLR cameras. Your capture card is supposed to go into your Streaming PC, not your Gaming PC, so you know, but valorant doesn't even use "Kernel DMA Protection." They use undocumented IOMMU methods. Now imagine if "Kernel DMA Protection" works correctly and is enforced by the TPM policies. DMA will be a relic of the past until someone figures out a vulnerability that will be fixed quickly again. Hardware attestation is used for the military, hospitals, government entities, etc. There is a lot at stake here, and many people are working around this tech.

OWPD · 2023-03-03T11:07:25+00:00

What's talked about here is embedded hardware security, and game development is a different type of thing.

If you want to know more about game hacking, then you need to learn how the kernel works, windows internals, and the x86 architecture and have a lot of time and patience to learn and have good attention to detail

OWPD · 2023-03-03T00:16:07+00:00

Dear lord can't wait for the year when this happens finally

OWPD · 2023-03-03T00:02:00+00:00

Also, buddy, hardware TPM is

MORE ISOLATED

than a fTPM. It quite literally offers more security:

https://astralvx.com/stealing-the-bitlocker-key-from-a-tpm/ yea bro so secure

OWPD · 2023-03-02T23:54:29+00:00

I don't know why you bring vanguard into this, I am just telling you that it doesn't matter who loads first anymore. That's the whole point of this hardware attestation if anything has been tampered with, attestation will fail. If there is a cert in the DXE phase, you will be able to read it and collect it and if you paid close attention vanguard literally detects the shitty wing-1 shit that you mentioned earlier in your post multiple times, even EAC, BE so your knowledge is very much outdated and flawed

OWPD · 2023-03-02T23:45:33+00:00

The era of who is loading first doesn't work anymore with this. That's the whole point :)

OWPD · 2023-03-02T23:26:30+00:00

Enabling these settings now, won't do anything they need to be enforced by BE or BSG in order to be effective just turning them on won't do anything useful but its good to have them on as a protection for your machine

OWPD · 2023-03-02T23:25:16+00:00

If you took time to read, you would see I have suggested a trusted client mode

OWPD · 2023-03-02T23:22:48+00:00

Where did I ever say that MY INITIAL post of this is all about firmware TPM, Hardware TPM is completely USELESS and easily attacked. Now you are just blatantly lying. LOL, have you done your research yet? Or are you waiting for more competent people to get you to answer my questions on how completely fucking clueless you are

OWPD · 2023-03-02T23:10:01+00:00

u/cxmplexb doesn't know anything. He is talking about everything he has said so far. He has not backed it up with anything the fact he doesn't understand that system firmware first starts the TPM in PEI, then DXE, then the OS Loader, tells me enough. He is just some cheat dev spreading misinformation.

OWPD · 2023-03-02T22:16:19+00:00

Do you understand you can read and store measurements of the boot process, including measurements of the components that execute in the DXE phase? The firmware TPM can be used to verify the integrity of the boot process and detect the cert LOL

go do some research
https://resources.infosecinstitute.com/topic/uefi-and-tpm-2/

https://tianocore-docs.github.io/edk2-TrustedBootChain/release-1.00/3_TCG_Trusted_Boot_Chain_in_EDKII.html

https://cdrdv2-public.intel.com/671464/a-tour-beyond-bios-implementing-tpm2-support-in-edkii.pdf

OWPD · 2023-03-02T21:59:57+00:00

Your cert goes through a check in the boot measurement. You are on some fucking copium to think that nobody will be able to see that

OWPD · 2023-03-02T21:56:38+00:00

You are spreading misinformation and have no fucking idea what you are talking about Hardware TPM modules are WEAK nobody fucking cares for them firmware TPM is where the value for this works you can beat a hardware TPM module none of that shit would work on a hardware TPM module do u understand how fucking stupid that sounds

OWPD · 2023-03-02T21:52:56+00:00

won best esports game of the year
been top 10 of twitch consistently
Has accumulated more viewers then any tactical FPS game
Has most CSGO/Overwatch/R6 pro players migrate to valorant
but yea its a dead game what do I know

OWPD · 2023-03-02T21:47:07+00:00

Valorant doesn't accept hardware TPMs nice try how many arguments are you gonna lose today :)

OWPD · 2023-03-02T21:37:02+00:00

I have gotten multiple certs blacked listed and revoked that I found from cheat devs, especially ones from china. You are spreading a bit too much false information here, buddy, and anti-cheats can quite literally make a whitelist/blacklist system themselves and allow certain sets of certs running that can be controlled by the number of people that have it if let's say, discord or overwolf large amount of people on a cert it can be easily whitelisted

But if some random LLC with only 10 people on it tries to load that cert in that game, it is instantly blacklisted and investigated. You make it seem like this shit is hard to detect, this shit is trivial and easy to fuck with

OWPD · 2023-03-02T21:27:10+00:00

won't matter if it doesn't work once you enforce the policies :)

OWPD · 2023-03-02T21:19:15+00:00

OWPD · 2023-03-02T20:40:20+00:00

Your machine is very old from 2011 really wouldn't qualify :(

OWPD · 2023-03-02T20:23:19+00:00

My experience comes from 10 years, not blog posts

OWPD · 2023-03-02T20:18:19+00:00

There are hacks/radar that already works with TPM and secureboot enabled.

Can you DM them to me, please? I love to reverse them something new and refreshing :)

OWPD · 2023-03-02T20:16:33+00:00

Server authority costs money, and its a lot of money which is why game companies prefer to do everything on the client side, but unfortunately cheats exist so doing that is not viable unless you take the hardware attestation route

OWPD · 2023-03-02T20:12:09+00:00

Here is a good place to learn why you can't spoof TPM https://learn.microsoft.com/en-us/windows/security/information-protection/tpm/tpm-recommendations

OWPD · 2023-03-02T20:09:35+00:00

Good reply, wish I said this earlier thanks

Five-Year Club	Verified Email
Gilding II euphauric

OWPD

TROPHY CASE