techrio expertly shits the bed again, from the linked article:

"This is hardly the first time that kernel level anti-cheat has been a security concern for the games industry."

• Concern is a concern. It's not an automatically remotely exploitable vulnerability cause given the number of players who have kernel anti cheats, way more than 50 million, we'd have had a massive amount of hacked systems and again no data at all, just a concern, i.e. possibility. Well, using a complex os is already a possibility of getting hacked without any of that.
• This doesn't mean the system suddenly gets open wan ports for anyone to hack into.
• The article conveniently fails to mention how many systems have been hacked into. Again not a single data point.
• The article implies that in order to exploit this vulnerability one must actively download and run malware. LOL, what? If you run random software from the net you're fucked regardless. Malware may simply exist indefinitely under your user account.

And then there's this gem: "But kernel level anti-cheat technology is generally effective, and for some gamers who are sick of dealing with cheaters, that makes the risk worthwhile."

Luckily he at least admitted that UAC is a thing.

Snap and Flatpak are widely considered a light weight form of virtualization, so called OS level virtualization: https://en.wikipedia.org/wiki/OS-level_virtualization

Of course the dude doesn't know that and expertly publicly errs again.

Lastly here's the staples of an actual OS:

• Long term backward and forward user space API/ABI compatibility. Linux doesn't have it. A program compiled for fedora 39 doesn't even work on fedora 38 (try upx - glibc symbol resolve error). Don't get me started on no compatibility between distros.
• The same applies to device drivers. The Linux kernel breaks compatibility pretty much each release, every three months.
• A way to distribute software with a gui installer. Loki did that 25 years ago, alas nothing like that exists in 2024. And what they did didn't always work because of point one above. Snap and flatpak could almost work as that except for some reasons a large swathe of Linux ISVs ignoring them. And then they are lightweight virtualization which is just LOL.
• Software assurance (QA/QC). Linux has too many regressions including those leading to data loss. Windows is not perfect but miles better considering 2 billion installations running a wild assortment of software and drivers.
• Software integrity. Windows allows to verify that the system is in a pristine state and all the binaries are trusted (signed). In Linux? Full reinstallation is the only warranty. There's no signature verification for user space.

An expert programmer who got almost everything wrong, can't provide relevant data or proofs and keeps asking for someone's rank as of it means anything.

Once again amateur levels of denial, only thing you can do.

And of course you dive into semantics whenever it is convenient for your completely ignoring the malware makes use of the anticheat in the first place. Yes you need to first come into contact with malware but in this case the malware can circumvent your precious Windows Defender and UAC because of the anticheat.
And it was found by a cyber security firm because the malware was on people's PC.Its funny how first you constantly ignore it and now suddenly care more about how it got there and how many were affected (which come on we don't even know how many people play Genshin Impact on PC so we don't even know how many people were at risk when this exploit was still usable in the first place, doesn't change it happened, funny how you shifted the bar from 0 evidence too "wE dOnT kNoW hOw MaNy", enough for multiple tech journalist to write about it) and not that it can do privilege escalation due to the anticheat, what am I saying you don't even know what that is.

It is insane how hard you can dive into semantics when it benefits you (you even ignore the "gem" part which still says it is a risk), almost as if you are a zealot trying to justify your way of doing things when it conveniences you (because you are), the point remains that it created another hole in the security of the system (and are you really saying Genshin Impact players are complaining about cheaters? The singleplayer/co-op game?!), if the anticheat did not exist, the malware would not be able to execute, true or not?

And the wannacry ransomware was a possibility until it became a reality (and here it was also a matter of if, until it happened) and even there all we have are estimates and some people weren't affected by it at all (but got scared into upping security), sane people want to limit the possibilities on problems that is why we have antiviruses and firewalls in the first place. That is why in large company environments they work with their own software centers even on Windows.
Or why companies use VPNs so you can for instance only access the SQL port of the database if you are on it instead of relying on a strong password or passkeys and opening that port to the entire internet. But you don't know any of this common knowledge because all you do is play games, do you even work? Probably not, nobody would hire you and if they did they would lament their mistake.

I also never said UAC wasn't a thing, man they really should stop giving you milk before bed, you keep dreaming stuff up that was never said.

Love how you link to OS-Level-virtualization as if that somehow clears you from using the word "small VM" to describe Snap and Flatpak but of course you didn't actually read the Wikipedia article, especially since Flatpak and Snap aren't even listed in the implementations but in the see also section since neither actually uses Virtualization for their Sandboxing (nor will you find the word virtualization or VM on either WIkipedia articles for the two). So where are you getting this "widely considered" from? Oh right, your imagination. It amazes me how you even linked a wikipedia article that proves absolutely nothing you said, considering how much text that wikipedia article has you probably CTRL+F, saw you could find snap and called it a day making you once again look like the fool that you are.

Also tell me you don't know anything about hacking or networks without saying you know nothing of hacking or networks:
I would dive into how you probably confused WAN port (physical port) with ports/port numbers in transport protocols but educating you is something your parents and caretakers also gave up on so why should I care.
Let alone you probably don't know what UPnP is or how some see it as a security risk but it is kind of vital for multiplayer games (unless you know what you are doing which I doubt with you since you made that statement without mentioning your UPnP being off and already mentioning the wrong type of Port lol).
Or how port scanning in public networks is a common thing and why you should configure your firewall on a laptop to block almost anything for public networks (and the kernel modules can disable the firewall for their ports if they want too, as we already established they have the privileges to get around UAC).

The point of our argument was never about Windows VS Linux but the danger of kernel level run software regardless of OS (of course now that you finally admit that the Genshin Impact malware happened you immediately pivot your point how it isn't a big deal, going from "0 EvIdEnCe" to "jUsT a CoNcErN", so is pregnancy and look what happened when your parents didn't use protection) so IDK why you are pulling these arguments out of your ass (they aren't even related to cyber security, just proving further you are a Windows Zealot trying to make no point and spouting nonsense).

You are probably wrong about most of what you wrote (first one is wrong already, Appimages, Flatpak and Snap's entire point is that it is distribution agnostic and it is also solved by the literal OS-Level virtualization you mentioned, meaning obviously you don't know how to work with Docker, probably don't even know you can use X11 programs with it , just do a "docker pull fedora:39" on Fedora 38 you noob). But I can't be bothered to prove you wrong on points that never mattered in the first place as unlike you I would like to go play games with friends that really exist.

This is very rare: most people don't build their own kernel configuration so they get the drivers are part of their kernel's binary distribution.
Even those building these packages are rarely by any such incompatibility as they are usually already found during development.

This is of course possible, just rarely used due to the existence of superior solutions such as the system's software center, just like on macOS or Windows.
While the latter platforms have been a bit late to the party they recommend DMG and MSI respectively.

Some vendors on Windows are still using 90s approaches like "Setup.exe" but they are probably just scared that their customers are so stuck in the past that they can't possibly cope with double clicking on a package instead.

Luckily mobile devices have made centralized software distribution so popular that even desktop platforms have followed Linux in providing those as well.

The vendors currently stuck with obsolete GUI installers will switch to either centrally handled packages or distribution services sooner or later.

Device drivers: Linux has a ton of them including i.e. VirtualBox and the only way to run them currently (barring VBox KVM which has been announced recently and which no distro includes yet) is to disable Secure Boot or meddle with MOK certificates which most users never do, and instead resort to no Secure Boot.

Speaking of App Stores: we've already seen with Apple and Google what it leads to. Centralization is horribly bad, leads to all kind of limitations/roadblocks/control/censorship, so installers/self-contained packages are an absolute necessity to preserve freedom that Linux users cherish so much.

I don't want to neither depend, nor use App Stores even if they are "open". And yes, I happily use exe installers under Windows. I see exactly zero issues with that.

Again?
truth about mojang and microsoft users.png

I've added you to my BL. Won't see notifications about inane posts containing neither counter arguments, nor solid facts. BTW, you've forgotten to ask me about my rank (which has been ad hominem but who cares?). And the last article you expertly cited proved my PoV, nice. Again, please continue to expertly shit the bed with stupid childish images, only not for me.

App store technology itself does not prevent alternative sources.
Neither Windows nor Linux prevent different app stores to be use in parallel.

On my Linux system I have four (System, Flathub, Snap, Steam), on my Windows system three (win-get, Windows Store, Steam).

On both systems I only need to resort to manual installation if the vendor has not (yet?) added their product to such a store yet.
And on both systems I prefer manual installation through a package handled by the system's software center rather than being forced to click through some stupid "wizard" UI.

This is really the worst option and it has been good to see that vendors have moved to better methods over the last few years.

The transition takes a bit longer on Windows because vendors have been using this before better alternatives came around, while on Linux these were already established by the time vendors added it as a target platform.

LMAO imagine crying about it when you've been attacking ad hominem on people's hours first and I will quote:

​​
But the insecurity on your rank is just hilarious (guess it has to be really low lol), you never stated it. You then claimed you play Faceit and how its kernel anticheat is so much better but then complain about playing against cheaters in CS2 less than a weeks ago, can't even keep your story straight XD And I never actually cared but man is it funny to see you struggle with it.

Now you of course focus on this to play the victim (cry more) as clearly you are too stupid to read wikipedia articles and lack any form of an IT background to actually argue about Windows security like not understanding privilege escalation or how UAC and Windows defender have been bypassed before (note:bypass not turned off, I know you have a hard time understanding certain words as is obvious by your "quotes" and putting stuff in bold seems to confuse your brain more), I would link to various CVEs where this has been the case but you won't read them as you clearly already couldn't distinguish the different types of CVEs, their impact or if they were used by actual malware (as was the case with the Genshin Impact one which I had to link you more than once and the only time you acknowledged it was after I sent you a PCgamer article, LMAO, the one before that compiled both Proof of concepts and actual analysis of malware that used it and you kept saying "0 eViDeNcE", you needed a gamer article as the lack of pictures and hoards of text probably scared you on the CVE page) let alone you understand how they work as you somehow think every CVE can be used by malware (despite me even giving an example before with easy ant-cheat of CVEs whose exploits aren't malware specific existing). I mean:

​It would be quite awkward if at one point the hackers didn't even have to turn it off to execute malicious code due to a giant security flaw in Windows 21H2 (and yes it has been patched but come on it persisted for 8 years and into 21H2 and it was something so simple it was almost cheating, maybe we need a Windows Defender Anticheat lol).

And that is just one of the things you say that is so absolutely wrong but easy to disprove with a 5 second Google, problem is the more I link the more likely that the Phoronix autobot thinks I am trying to sneak in a malicious link, I always heard of Brandolini's law but man does it go hard when someone has to disprove the idiocy of your posts.

Hell even when I link something you will jump onto anything even if it doesn't actually validate your point like:
​First of it doesn't say anything like "compared to user space ant-cheat" and you understand generally isn't the same as highly or completely right? Or that the quote ends with "makes the risk worthwhile​" (risk being an important word there champ) and how it specifies this applies for some gamers (keywords being some and gamers, who aren't exactly cyber security experts or even novices and the word some meaning not all of them as well as an undisclosed amount which in other cases you have an extreme problem with). I would delve how further in the article it says " this kind of abuse is exactly what those who feared the spread of kernel-mode anti-cheat were warning of." but I know too much text is exhausting for you.

You jumped on it because in your delusional mind you think it somehow agrees with you. It doesn't. it clearly specifies the word risk while you keep pretending that no risk is involved at all. You keep making hyperboles of situations while not understanding anything at all, like how exploits must mean people are getting hacked left and right, risk does not mean guarantee (with you, there is even a need to link the dictionary definition of certain words). People used Windows XP SP1 with Internet Explorer 6 and might have never gotten malware or hacked, doesn't take away that it was and is one if not the worst secure combinations on the planet. If you ran it today it isn't necessarily a guarantee, but the risk is so high you have to be absolutely stupid to do it and any company with a competent IT department would label you a liability.

Want to know my favority quote of yours:
​
If only you did.

Here's special something for those who love to crap on Windows and kernel anticheats:



No word on how exactly it happened but it's hilarious. Is this common? No. Sh1t happens. Software has bugs.

And continue to deny how ineffective kernel anticheats are except they have conclusively proven that they are several orders of magnitude better than no such measures at all.