Linux does support Secure Boot, and I believe Red Hat offers RHEL with signed bootloaders, kernels and kernel modules. However, I don't know how secure the secure boot environment is in practice, and I'm pretty sure Secure Boot support on most distros is stubbed to be good enough to boot with Secure Boot enabled, but not good enough to meaningfully verify the integrity of your environment.

I wouldn't be surprised if Valve started making serious innards into improving Secure Boot support on Linux for the sake of Steam Deck compatibility. However, I'm not sure that would work with the lack of stable driver ABI on other platforms that aren't a known quantity.

The mainstream GNU/Linux/whatever software stacks fully support secure boot on a technical level.

> not good enough to meaningfully verify the integrity of your environment

That depends entirely on whose perspective you take. There are tools to do pretty much anything you can think of and you always have the freedom to extend them yourself. So for the end user it's significantly better at that task than proprietary competitors because the end user has full control over the process.

From the perspective of an entity like Riot it doesn't offer anything of value because (AFAIK) none of the distros choose to provide releases that verify the environment binaries match official releases built by the maintainers. I imagine the majority of maintainers would consider providing such a thing to be an anti-feature.

Valve could easily provide an attested system if they wanted to. I'm glad they choose not to (at least so far). If a studio is turning to kernel level anti-cheat they screwed something up to arrive there.

> If a studio is turning to kernel level anti-cheat they screwed something up to arrive there.

How do you prevent cheating in online multiplayer games without kernel-level anticheat?

The answers and broader philosophy are all over this comments section so I'm not sure there's much point to my answering you but why not.

The tl;dr is that you largely don't. It's a fools errand.

First you need to recognize the general behavioral pattern and motivations behind it. Once you do that you'll realize that the same people snooping on RAM right now are going to turn to ML botting if they can't do that. Those bots are usually already superhuman, are only going to get better, and the hardware to run them is quite cheap (a video camera and a fake keyboard and mouse).

It's the same problem online chess has. Snooping RAM doesn't help you in online chess but that doesn't mean there aren't cheaters.

Remember catbot? That certainly managed to ruin people's day.

A workable solution has to be end-to-end. Identification based on behavior, competent moderation to review those cases, a model that ensures the moderation efforts are sustainable in the long term, and some way to make sure that bans are sufficiently sticky so that there's actually a point to the whole thing.

Score based methods like Valve employs are a reasonable alternate approach. If cheaters all get thrown in the same pool then who cares if they cheat? Let them have their fun!

Community servers instead of centralized matchmaking are another option. Those once again group the cheaters together, shift moderation costs away from the publisher, and give you a stronger community.