• 0 Posts
  • 14 Comments
Joined 1 year ago
cake
Cake day: July 2nd, 2023

help-circle


  • damium@programming.devtoLinux@lemmy.mlUpgrade vs Reinstall
    link
    fedilink
    English
    arrow-up
    12
    ·
    10 months ago

    Your experience may depend on which distro you use and how you install things. If you use a distro with a stable upgrade path such as Debian and stick to system packages there should be almost no issues with upgrades. If you use external installers or install from source you may experience issues depending on how the installer works.

    For anything complex these days I’d recommend going with containers that way the application and the OS can be upgraded independently. It also makes producing a working copy of your production system for testing a trivial task.


  • I’n Windows it is not stored in a keyring but instead in the registry. This has basically the same security threat model as a local key file.

    The ssh-agent on Linux will do what you want with effectively the same security. The biggest difference being that it doesn’t run as a system service but instead runs in userspace which can make it easier to dump memory. There are some other agent services out there with additional security options but they don’t change the threat model much.










  • They fail because you can’t trust a machine that an adversary has in their physical possession.

    Software running on an untrusted computer can have code and memory injected or modified without modifying the executable files. Binary executable files are by necessity readable and someone with enough time can parse through them to fully deobfuscate and figure out what they are doing. Anti-anti-cheat systems basically perform the same code as the anti-cheat but slightly modify the result to hide the cheating. This can be done either by code swapping in the anti-cheat or at a higher level. If the anti-cheat system is looking at which processes are running then have the system feed it the real list of processes with the cheat processes removed… etc.

    Trusted computing requires hardware level monitoring, validated certificates, and zero vulnerabilities since the time the certificate was provisioned. In addition, current technology would also require those base certificates to be regularly rotated and device decertified if it didn’t rotate in time to prevent physical offline hardware attacks on the certificate data. Even game consoles don’t have this level of platform trust and are often physically modified to enable cheating/piracy.

    The only successful way to prevent most cheating is to run the simulation entirely server-side and then only send data to each client according to what they should know. Even then you won’t be able to prevent assisted cheating like aim-bots or texture replacements.