Community Manager
Sabather wrote:
But please..... explain to me how requiring a feature in ones BIOS to be enabled, whose ONLY PURPOSE is to prevent potentially malicious code from being executed during the BOOT process of a computer, is going to somehow prevent a cheat from functioning? It is a startup process protection.
Secure Boot attempts to harden the Windows operating system by allowing only certain software approved by Microsoft to run. Software such as bootloaders, firmware, drivers, and kernels.
Cheat developers can use a driver to gain access to system memory so they can read Battlefield game data such as player location. Once they know every player's location they can create wallhacks for example.
Secure Boot prevents apps from installing drivers unless they're signed by a Microsoft approved cryptographic key. That said, anyone with a few hundred dollars can probably submit their driver to Microsoft for approval.
Secure Boot on gaming consoles such as Xbox and PlayStation is much more secure than on PC. Gaming consoles have much more control over which software is allowed to run. Sony and Microsoft have complete control over which drivers and apps are allowed to run on consoles.
Secure Boot on PC is better than nothing, but there's still a lot of attack vectors since Secure Boot allows any app to be installed and drivers can still be submitted to Microsoft for signing with a few hundred dollars.
I'm not against Secure Boot and understand it's causing frustrating issues for people. I think it's good EA anticheat team are trying to remove cheaters from the game. It's an impossible task on PC due to the open nature of the platform. Which is why I prefer to game on console with PC crossplay disabled.
Yes... I get the whole idea of stopping drivers that aren't signed by Microsoft from being installed. But again.... SecureBoot is only involved with preventing malicious code from being executed during the boot sequence.... Which I'm pretty sure is well before any sort of driver initialization would make it remotely useful. It's not a Windows-based security measure, but more of a hardware one (seeing as it's a BIOS setting, not a "feature" of Windows that needs to be installed or anything)
Sabather I've read that if cheat developers can get the Windows kernel to load their driver first during the boot process. Then their driver gets control over all the other drivers that load after it, including anti-cheat drivers.
It's basically a race to see who can get their driver to load first during the boot process. The cheat driver or the anticheat driver.
Whichever driver loads first wins and has control over all the drivers that load after it.
