spawndog

Originally posted by jonojr

I appreciate that riot are working on more in depth communication and would like to humbly suggest/request that a third party security audit is conducted and posted for Vanguard along with a checksum which could be used to validate that the version of vanguard on users PCs has not been tampered with since said audit.

I think that actions like this could really show a commitment to security and transparency around this which might provide players with a little more than a "trust us!" and go a good way to earning said trust.

Originally posted by Padouch1038

I have dual boot with Linux and Windows. I dont need secure boot nor TPM. With this I will be unable to play League after almost 14 years?
This should, please take it as such, be a call for help from the loyal playerbase. We have very important security questions of our privacy when it comes to something that runs in the background even when League isnt played. This should NEVER happen. If something is trying to run in the background there is a huge backdoor for keylogging and other stuff that Vanguard can be getting from us.

You also need to take into account that in EU the regulatory services mandate you cannot send data to the outside of EU, you are under the same thing that Meta and others got hit by.

With all this said please provide us with information what is going to be done on the backend of our systems and how will you plan to solve issues above like TPM and dual boot.

Originally posted by JuIi0

Security through obscurity? are you nuts? You're inviting trouble.
Those who can exploit Vanguard can now hide in the shadows because there's no accountability for Vanguard's codebase.

If you want security, open-source the damn driver, security through obscurity invites nothing but trouble, not just on the security front, but the trust that users have in your driver as well.

Originally posted by -LemonJuice-

It's sounding a lot like this primarily affects ranked games, and considering the implications in alienating certain players (especially with how vanguard requires secure boot and TPM 2.0 if I understand correctly) wouldn't it make sense to make vanguard a requirement only for ranked games and not normals? Understandably this does complicate implementation, but likely not to an unreasonable extent. There are also a lot of unranked players, who barely ever encounter cheaters and even less often bots, so having vanguard mandatory there would only bring in the negatives with trust and such.

What I'm mostly wondering is if this is being considered at all? I think it would majorly reduce the friction here and also allow for limited accessibility for linux players.

Originally posted by waterbed87

Thank you for your response. Indeed I'm sure it's very effective at stopping bots and other methods of cheating and will improve game quality and those aspects are something I can look forward to, I don't get to play much these days but appreciate high quality games.

I think if you're going to ask the community to install a kernel level anti-cheat it would at least be good faith to open source the effort so it can be peer reviewed, you guys can offer all the reassurance under the sun in videos like these but Riot is still owned by a Chinese organization and anyone with any kind of technical background and familiarity with some of China's other practices are right to ask questions and be skeptical.

When it comes to macOS, I presume there probably isn't any cheating software out there to begin with since Windows is a much more accessible platform for that kind of thing but since kernel access level is restricted would I be correct to assume cheat detection can be done...

Read more

Originally posted by FlyingWaffleArt

I call BS on that statement. Linux protects the user from invasive surveillance and elevated permissions from untrusted parties. This does not constitute a "security hole". If you require kernel level surveillance (like on Windows) just for anti-cheat, then I don't trust you either.

Originally posted by tiritto

You say that, and then you don't require Vanguard on Mac.

Is that 200 years of security experience in Riot?

Originally posted by That_Cripple

mac users are not required to have vanguard so they can keep playing

Originally posted by StevieCGaming

True, but it's still very annoying, like obviously they give no guarantees for making it work but purposefully breaking it with no chance of fixing it seems too hostile

Originally posted by begota98

And what about playing on Linux with WINE? Will there be any option for us?

Originally posted by Tormentula

I’m guessing skins and shit just won’t work at all and be blocked off until third parties figure out a way around it, but depending how sensitive vanguard is I’d be afraid of a hardware ban because it detected a skin editor or even cheat engine installed lol.

Originally posted by Tormentula

In regards to vanguard, now that hardware bans are a thing how much risk are players using custom skins, maps, lines, etc?

ATM I'm pretty sure riot just couldn't detect players using that stuff nor did riot care that much about it, but with the updated system should there be a warning for them?

Originally posted by waterbed87

The day I have to install a closed source kernel level anticheat to play League is the day I never play it again.

I'd rather deal with a few cheaters here and there then deal with the security implications introduced by that in this day and age. If Vanguard was ever exploited it would have complete and total control of the system that's not only obviously bad for the users but will be devastating for the company if it happens and has the capability to spread.

You should reconsider kernel level anti cheat altogether. It's not worth it. There are excellent well researched reasons Apple doesn't allow it and hopefully Microsoft follows suit to shut these kernel level anti-cheats (and the cheats themselves that use them) down.

Originally posted by garlicjuice

i'm in a senior tech role lol

Originally posted by mikael22

Are the plans to have changes around this scale every year now, or will it be a big change like this followed by a few years of relatively smaller changes and tweaks with big changes of this scale a few years apart?

Originally posted by Fertuyo

Yep, there is all the money investment riot promised at the start of the year lmao

Originally posted by 63-75-6D

Seems like this season will have the biggest overhaul ever in league.

Originally posted by Need-Help123456777

hi spawndog what projects did you work on today?

Originally posted by TGKodama

Most folks write off Vel'Koz as "Funny geometry squid" but his E is such an awkward ability to use that it's amazing when you do manage to get the self peel off and not die instantly on him.