> That's totally ok if the anticheat admins are providing a computer to run the software on and not attacking one the player owns. Again "almost everyone else does it" doesn't make it ok, I don't know why people keep repeating that.
What do you mean by this? You realize almost every competitive ranked game right now has a kernel driver constantly running and monitoring in the background while you play right? Anti-cheats serve a purpose to detect cheats, just like an anti-virus serves a purpose to detect viruses.
You seem oblivious to the fact that there is no extra security risk from a client sided scan versus (like with Echo) having a client side anti cheat running while you play (like every game). What point are you trying to make?
You keep saying it's a terrible idea but haven't said what's wrong with it...
It doesn't copy tons of data out the machine through ring0 and it doesn't expose anyone to anything whatsoever, its almost all on machine and the same goes for most anti-cheats.
I completely understand your concerns, however I have a few points that might change your thoughts on this:
- Almost all competitive games nowadays have a powerful client side anticheat which is constantly monitoring processes on a kernel level to combat kernel cheats. They use a lot of the same functionalities that Echo does, such as protecting memory. What makes our trusted company different from another trusted company such as Epic Games and their "easy anti-cheat"? The only difference is we're doing these checks using a scanner interface, with absolutely no extra functionality which could be used maliciously by the staff member.
When you install Valorant, using this logic, they are "essentially installing rootkits". But they're not rootkits, since it's authorized and an automatic process.
- Once the 30 second scan has completed, there is absolutely nothing left on the computer whatsoever. Echo is a single binary, on launch it extracts the .sys kernel driver, creates a service. It then uses that kernel driver throughout the scan. Then on exit, it deletes the service, deletes the .sys and all that is left is the original binary you downloaded. It leaves absolutely nothing left behind, and it does this automatically. With client side anti-cheats which large game companies use, they often require it to be launched on start-up (it may say "you need to restart your computer before playing), this has even more malicious potential.
- Everything has malicious potential as soon as you click "Yes" on the UAC menu, trust in the companies is a huge huge part of keeping yourself safe. What if Facebook shares all your personal data randomly? They won't. What if Valorant starts doing malicious stuff with their kernel capabilities? They won't, and neither will we.
A computer forensic analysis of memory to look for cheats after they've been deleted is not as effective as a client side anti-cheat would be, however for Minecraft it's much easier because it's difficult to make cheats for it without leaving traces behind. But, it's the same level as risk being asked to use a client side anti-cheat to play on a server than being asked to scan with Echo if the server side anti-cheats show indications.
Hi swily, I own Echo. This is a common misconception about our software, we're an established and still growing company. There are indeed some bad eggs in the community, however we are trusted and our tool has absolutely no malicious capabilities from the server staff on the player. Every mainstream game has a powerful anti cheat performing kernel functionality just like ours. If someone is asked to download and scan with Echo, firstly since we're established and it's better than being asked to download "Swiley Tool", secondly they always have the option to say no and it's absolutely not forced.
I agree with your point, even chrome has the power to destroy your PC if they really wanted to (??).