I also use, on Arch, btw, a TPM, and self-sign my own UKIs in order to use secure boot.
The majority of cheats which effectively evade kernel anti-cheat won’t be affected. This will prevent efi cheats (cheats that load before Windows), but that’s about it.
It won’t prevent DMA access to memory and, unless they force using signed drivers (which, I think is a feature limited to Server packages) and only whitelisting specific hardware, something not really feasible if they want their game to run on a wide variety of computers, it’s trivial to hide these cards as a NIC or other innocuous hardware.
It also doesn’t prevent the aimbots that use computer vision running on external hardware because all they need to have out of the PC is display and they mimic being a mouse (another unwhitelistable piece of hardware).
What’s more is that this still requires them to make kernel anti-cheat. One of the easiest ways to get access to memory is to make and install a driver. The driver isn’t affected by secure boot (absent enforced driver signing, see above) and runs in ring0. The only way a game can detect that is to ALSO have software running in the kernel.
Though, to be fairrr, efi cheats are relatively simple and cheap, as they don’t require extra hardware. So, it may be that this is the most common kind of undetectable cheat and worth enforcing secure boot in order to prevent. But the “best” cheats, DMA are unaffected. AI aimbots require cheaper hardware so they’ll probably become the next most popular cheat.
I am one of those nerds.
I also use, on Arch, btw, a TPM, and self-sign my own UKIs in order to use secure boot.
The majority of cheats which effectively evade kernel anti-cheat won’t be affected. This will prevent efi cheats (cheats that load before Windows), but that’s about it.
It won’t prevent DMA access to memory and, unless they force using signed drivers (which, I think is a feature limited to Server packages) and only whitelisting specific hardware, something not really feasible if they want their game to run on a wide variety of computers, it’s trivial to hide these cards as a NIC or other innocuous hardware.
It also doesn’t prevent the aimbots that use computer vision running on external hardware because all they need to have out of the PC is display and they mimic being a mouse (another unwhitelistable piece of hardware).
What’s more is that this still requires them to make kernel anti-cheat. One of the easiest ways to get access to memory is to make and install a driver. The driver isn’t affected by secure boot (absent enforced driver signing, see above) and runs in ring0. The only way a game can detect that is to ALSO have software running in the kernel.
Though, to be fairrr, efi cheats are relatively simple and cheap, as they don’t require extra hardware. So, it may be that this is the most common kind of undetectable cheat and worth enforcing secure boot in order to prevent. But the “best” cheats, DMA are unaffected. AI aimbots require cheaper hardware so they’ll probably become the next most popular cheat.