Which OSes are actually imposing DMA restrictions on internal cards? That feels like something that would impose noticeable overhead, but I guess I can imagine a special mode that enforces this for competitive gaming...

It's not a global on-off switch. With a proper IOMMU, the hypervisor/operating system can lock out specific devices from DMA access, or confine them to specific address ranges.

Allegedly some of the anticheats are configuring the IOMMU through Windows APIs (vanguard, faceit, and a smattering of chinese anticheats). It’s hard to find good public information though. They do some mix of blocking access and deliberately leaving some pages as bait (and monitoring iommu d-bits/faults)

Riot documents the need to have IOMMU support enabled for Vanguard: https://support-valorant.riotgames.com/hc/en-us/articles/222...

> will make cheating a lot harder.

It can never make it impossible.

> These are full of bugs, so that will work for a while, until it doesn’t.

You're forgetting that vendors have to implement this into a pretty complicated system already and that configuration space is constantly changing due to new CPUs and other hardware coming into existence. There will always be holes due to emergent configuration and implementation issues.

> but HVCI will make this a pain once ubiquitously required.

Then there will be new pressure to get at the underlying keys that protect the system. When you consider the size of the keys vs. the size of the reward for liberating them it's obvious how this is going to play out.

> And you have to do all of this while also not being detected for aberrant behavior

For tournaments I don't understand the problem. Every other modern non computer based sport has this issue. They understand they can't be perfect, and any attempts to do so would ruin the nature of the competition itself, so you're better off recording as much data, video and audio from the player as you possibly can. That way if there are any accusations later you have the data to consider them.

This is a race to a corporate controlled future for no particularly good reason.

>Then there will be new pressure to get at the underlying keys that protect the system.

just decap your CPU no big deal it just destroys it.

Unless you do something stupid and expose, for some reason, a function from the TPM to return the private key (something that basically noone has done in the past 15 years), you're not breaking those keys. It hasn't been broken on a PS5, on an Xbox One, on an iPhone, on the vast majority of Android phones.

>Every other modern non computer based sport has this issue. They understand they can't be perfect

In every single popular online game right now, hop in on a game, there is a very high chance that one of the players is cheating. From regular scripting in DotA, to aimbotting, to whing, to anything you can imagine. For players, this leads to a frustrating experience. And frustration leads to players leaving the game. Unlike someone cheating at football, which you can personally physically grab and beat the shit out of for ruining the game for others, the best you can do online is leave. For developers, players leaving and a reputation of having cheaters means that your future attempts at making any money through the online portion of your game is dead.

> you're not breaking those keys.

You inferred break but I meant leak. As the financial incentives increase so does the pressure on the physical part of the system. Which historically has always been the weakest and is often exploited.

> hop in on a game

Do you mean public lobby? And you're willing to completely sacrifice your control over your own computer to have a pleasant public gaming experience? Aren't there other ways to solve this problem? In particular by moving it away from the monopolized server/lobby model we currently have?

> And frustration leads to players leaving the game.

It sounds like the game lacks capabilities if this is what is happening. In previous eras I would have just left the server and told the client to ignore it forever. Then servers which allow cheating either intentionally or due to bad management do not get played on.

> Unlike someone cheating at football

Think F1 and Nascar. They have cheating problems. There's millions of dollars on the line. Of course they do. Yet.. they seem to manage just fine without resorting to violence. Which I think is the more apt comparison because the lead for this story is how it impacts tournaments and other scenarios where monetary rewards are up for grabs.

> at making any money through the online portion of your game is dead.

Then you need to provide a service that is worth the money. Punting on the problem and insisting that gamers submit to these types of hardware schemes that don't actually address the totality of the problem is ridiculous. I don't see how it's a problem for them not to profit. Why should they? What is their "stewardship" worth here exactly?

> you're not breaking those keys. It hasn't been broken on a PS5, on an Xbox One, on an iPhone, on the vast majority of Android phones.

Because NSO/Mossad has a different way to get into these phones. When finding software exploits will no longer be viable, we might see some new interesting attacks..

The different way is called a hammer and your hands. They don't have magic tools to break encryption.

We're barely finding out software ways to attack the Xbox360 and it requires rowhammer level of fuckery. Hardware attacks are in the vast majority of cases destructive or relying on some side effects. If you don't leave JTAG pins on your board, they're pretty much never reliable.

I think you're not up to date regarding what NSO/Cellebrite can do.. "different way" might mean exploits or even other more "humint" methods.

But these companies/agencies don't care about gaming though, so it's not relevant to cheating..

> When you consider the size of the keys vs. the size of the reward for liberating them it's obvious how this is going to play out.

It's not. The keys for XBox were kept safe for more than a decade now. And not for lack of trying.

> And not for lack of trying.

It depends on who tries.. I bet these were just not of interest to Mossad/NSO :)