I’ve seen many instances of some software having DRM that significantly degrades the performance of the software, or worse, the performance of the entire OS due to heavy background tasks. Prime examples include Denuvo and all those Adobe background processes. Why can’t they just simply use the TPM or the other 5 security chips embedded into the CPU so that they don’t bloat the system?

  • litchralee
    link
    fedilink
    English
    arrow-up
    1
    ·
    6 months ago

    Perhaps this is a matter of nomenclature, but I wouldn’t have thought that enforcing a ban is part of what anti-cheat software is meant to do. Sure, the anti-cheat is what alerts the game server, and then the server bans either the account or the actual machine. But the OP’s question was about anti-cheat and DRM software that impacts system performance. Someone that’s been banned from a game will not have in-game performance issues, because they’re not able to play the game at all.

    I don’t think my omission of a TPM-based ban makes my answer “not entirely true”. I stand by my statement that TPMs are not suitable for the anti-cheat or DRM functionality when a game is running, and would not solve any performance issues if they were.

    With that out of the way, yes you’re right that the TPM can be used for other, ancillary purposes. The typical use is to securely store certificates uniquely issued to a machine, such that the bearer of the certificate must be the certificate’s rightful owner. This is sometimes used to authenticate to corporate VPNs or Windows AD domains. But these certificates can be replaced, which makes them useless for enforcing a ban on a particular machine.

    But TPMs also have a built-in, static certificate from when they were manufactured, which can only be challenged/responded using tokens from that manufacturer. If a game maker wants to coordinate with various TPM or mobo manufacturers to achieve that level of security, they’re certainly welcome to do so. But it also alienates users who don’t have or refuse to own such hardware, exactly as you’ve described. It’s a business decision, what they choose to do. Expedited manual review for broken TPM users is still fraught with issues, since there’s now an incentive to brick your own TPM and get a second chance at cheating.

    There’s no free lunch in building secure systems, and that’s why anti-cheat makers will always face the uphill battle.