From the article

Microsoft has officially announced its intent to move security measures out of the kernel, following the Crowdstrike disaster a few short months ago. The removal of kernel access for security solutions would likely revolutionise running Windows games on the Steam Deck and other Linux systems.

  • Bookmeat@lemmy.world
    link
    fedilink
    arrow-up
    59
    arrow-down
    1
    ·
    edit-2
    3 months ago

    It’s probably going to move to hardware attestation similar to what Android and iOS are doing. This may or may not be a good thing.

    • teawrecks@sopuli.xyz
      link
      fedilink
      arrow-up
      34
      arrow-down
      1
      ·
      3 months ago

      Yeah, idk why everyone seems to legitimately think devs are going to just quietly revert back to usermode anticheat. I could see Riot patching an actual root kit before that happens.

      But yeah, more likely MSFT will lobby for hw that is more annoying than secure boot or TPM to get working with linux, every windows app after that point will rely on it “because turnkey security!”, and if you ever manage to disable it none of those apps will work on your machine in any OS (if they even worked through proton at all).

    • phar@lemmy.ml
      link
      fedilink
      arrow-up
      6
      ·
      3 months ago

      Can anyone give an ELI5 on how hardware attestation works or is implemented on current OSes?

    • Andromxda 🇺🇦🇵🇸🇹🇼@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      3
      ·
      3 months ago

      If it works on Linux, I’m fine with it, since I’m not cheating. Just like hardware attestation works on GrapheneOS, because it doesn’t decrease the security of Android, in fact, it greatly improves it.

      • Bookmeat@lemmy.world
        link
        fedilink
        arrow-up
        13
        arrow-down
        2
        ·
        3 months ago

        It’s about control. And monopolies love control (governments, too). If we let them, they’ll take it and then we’re screwed.

        • Andromxda 🇺🇦🇵🇸🇹🇼@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          4
          arrow-down
          4
          ·
          3 months ago

          Could you elaborate? I don’t really see how a hardware attestation feature would take away any of your control? Android phones have had it for a long time, and even Google still allows you to install alternative operating systems on their Pixel phones. GrapheneOS even uses the hardware attestation feature to your benefit, by including the Auditor app, which you can use to verify the integrity of your device.