I write code and occasionally blog posts.

Anti-cheat Software Sucks

This week, Riot Games announced they are bringing their Vanguard anti-cheat software to League of Legends🔗. Previously introduced with the release of Valorant, Vanguard is a pretty typical kernel-level anti-cheat software, which is to say, a security nightmare. It runs at the highest level of permissions possible on your system.

A lot of people seem concerned that, because Riot is owned by Tencent, Vanguard serves as a backdoor for the Chinese government. Honestly that seems ridiculous. Not that it necessarily can’t be used for nefarious purposes by the Chinese government, but Chinese spying has a much lower possible material impact on U.S. players than American spying. In the video🔗, Riot said that Vanguard “does not collect or process any personal information differently from our current Anti-Cheat software,” which I guess is something, but that can change at any moment. The bigger concern, in my view, is if Riot suffers from a security breach (again) and hackers are able to deploy malicious code through Vanguard. Truthfully, I’m not totally sure how feasible it is for that to happen, but it is certainly possible, which is worrying enough.

Aside from the privacy and security issues, the introduction of Vanguard to League is annoying to me personally because I play on Linux with WINE. While this was never officially supported, it works pretty well, outside of a few rare occassions where it has been broken for weeks at a time. So I have two options: stop playing, or play on Windows. If I decide to keep playing on Windows, then I can either make Windows my primary OS (yucky) or dual-boot. The problem with using Windows as my primary OS is that I am a software developer and I use virtualization all the time to test my code or to experiment with other OSes. What does that have to do with any of this? Well, Vanguard requires Windows’s virtualization features, Hyper-V, to be disabled🔗 in order to run, unless you’ve got a modern CPU with TPM 2.0 (just like Windows 11 requires). Which means I can also say goodbye to running Windows Subsystem for Linux, another useful dev tool.

The thing is, cheating in League is way less of a problem than it is for FPS games like Valorant. In my decade of playing, I’ve encountered an obvious scripter maybe five times, if that. Riot conducts somewhat frequent ban waves, so the problem clearly exists, but overall it’s had minimal impact on my personal playtime. That’s anecdotal data, of course, but even among discussion online the amount of encounters with actual cheaters seems minimal. The much larger problem is accounts controlled by bots, usually for the purpose of leveling up an account enough to unlock ranked play, then selling it for a couple dollars. People buy these accounts to evade bans or to “smurf” in games with players of much lower rank than them, both contributing to League’s reputation for being a toxic hellhole.

I’ve encountered botting accounts probably between 100 and 200 times overall. It sucks when it happens, but at least they’re not going to be toxic in chat while ruining the game, unlike most human players. I’ve encountered brand-new smurf accounts bought from a botting site an order of magnitude more times. It is a huge problem, every League player has encountered these players. Even worse, the people who will buy a League account are the worst people imaginable to be stuck in a 30+ minute exercise in teamwork with, since 99% of them have either been banned or feel stuck at their current rank and feel the need to dunk on worse players.

I can respect Riot trying to tackle this problem, but I think kernel-level anti-cheat is the wrong approach. The smurf problem, while pervasive, is entirely propped up by the botting problem. Accounts that are being leveled by bots are extremely obvious, they move weird, they only use targeted abilities, they avoid contact with the enemy team, and they even take the same builds every game, regardless of champion or role assignment. And none of this behavior has changed over the last decade because up until now, Riot has done virtually nothing to detect and ban these accounts, so nothing has forced them to improve. Instead, the strategy is to play the harder of the cat-and-mouse games and detect the software doing this.

What is frustrating about this (and anti-cheat in general) is the same thing that is frustrating about DRM: It punishes the good users while maybe sometimes inconveniencing the bad users. Botters and scripters will continue to advance their cheats, and Riot will catch them, a cycle that will repeat ad nauseum, while everyone else will still have to suffer from the occassional cheater or smurf in their game. The only difference from before being that you have Vanguard installed, software that in any other situation would be considered malware.