As far as I know, all of the following stores take a 30% cut:
* Steam
* GOG
* Microsoft store
* Xbox store
* PlayStation store
* Nintendo eShop
* App store
* Play store
* Kindle store
There's also stuff like Audible where Amazon takes a 75% cut unless you agree to exclusively sell your audiobook through them. And there was a lawsuit over that because it turned out Audible was actually only paying authors a 15% cut, while keeping 85% of sales for themselves.
The majority (Steam, Xbox, PlayStation, Nintento, App Store, Play Store, and Kindle Store) have a captive market of developers (with varying degrees of enforcement, from end users demanding it (Steam) to it being impossible to use anything else (App Store and the consoles)). This will absolutely put upward pressure on the cut that the market will bear.
A lot of Linux ports have serious issues, it's quite common to get better performance/fewer bugs by forcing a Linux native steam game to run the windows version through Proton instead.
Realistically a lot of devs aren't going to make Linux versions at all (or be able to spend time actually fixing issues with them) unless Linux users make up a bigger market share. Valve's efforts are helping to grow Linux market share, which is a necessary step before we can ever hope for most devs to focus on Linux compatibility.
Paypal is good as a consumer. You can buy stuff without giving random sites your card details, and paypal is willing to refund purchases if you have a legitimate issue and the seller refuses to cooperate with you.
My wife placed a large clothing order some months back, but the package got ripped in transit and we only received about a quarter of it. The seller company refused a refund because the tracking data said "delivered", even though I was able to get confirmation from USPS that the package weight in transit lost most of it's weight between two shipping centers. The fact that we placed the order through paypal ended up saving us, we were able to bring them in as a mediator and they got us a refund.
After waiting on the line with support for 4 hours and going through a phishing-tastic email flow, sure. (Maybe your credit card company has a better experience, but who wants to reach the point where you find that out?). With PayPal you just push the button.
My credit card company has a "dispute charge" button in the transaction history. It's one click. Sounds like you should look into a different provider.
I mean I try, but ease of chargeback is not a point I've seen on any comparison websites. And why bother going into the weeds when I can just use PayPal with all my cards and have peace of mind?
Paypal has a bad rep from the merchants side. But for the users, it's just more convenient to link paypal email as payment method instead of others. To the consumers there is no difference between paypal, google pay, or apple pay. Paypal is more universal
with Paypal I can link either debit or credit card, so I can choose whether or not I'm going into debt for a certain amount.
Chargebacks, at least where I live, are much harder if you paid with a debit card. Paypal refunds are just the same no matter if you used debit or credit.
I had PayPal side with a clear scammer for almost $5k. PayPal declined, and I also tried leaving negative BBB feedback which I heard can help. In the end I had to do credit card chargebacks, which thankfully succeeded.
Generally yes, although some cheats like aim assistance would work fine on online streamed games, since they can scan your screen and adjust your mouse input to aim.
To be fair kernel anticheat can't block this completely either, it can be run on external hardware that uses a capture card to analyze your video feed and alter your mouse inputs to the computer. Generally undetectable unless the game is able to identify unnatural mouse movements.
>it can be run on external hardware that uses a capture card to analyze your video feed and alter your mouse inputs to the computer.
I think at some point defeating this becomes impossible. This sort of cheating isn't much different conceptually from just having someone who's really good at the game play for you.
Valve have been trying by training a neural net that watches every competitive cs:go match played to detect aim bots since 2017 with training data sourced from players labelling demos as cheats or no cheats, but I don't think they've hit a big breakthrough yet
I also always hear a lot of people complain about cheaters in Valorant, so all of that compromised personal security doesn't actually stop cheaters.
Honestly I feel like you should only use kernel anticheat on a dedicated machine that's kept 100% separate from any of your personal data. That's a lot to ask of people, but you really shouldn't have anything you don't consider public data on the same hardware.
> you should only use kernel anticheat on a dedicated machine that's kept 100% separate from any of your personal data.
Correct. Unfortunately, what you've just described is a gaming console rather than a PC. This problem fundamentally undermines the appeal of PC gaming in a significant way, imo.
> This problem fundamentally undermines the appeal of PC gaming in a significant way, imo.
Yes, game publishers are trying to turn PCs into a gaming console, which IMO will always be a futile effort, and is quite frankly annoying. I don't game on PC to have a locked down console-like experience.
Just embrace the PC for what it is and stop trying to turn it into a trusted execution platform with spyware and rootkits.
Look at BF6 - for all the secure boot and TPM required anti-cheat they stuffed it with, there were cheaters day 1, so why abuse your users when it's clearly ineffective anyway.
That's what gets me! If these rootkit anti-cheat systems actually stopped cheating then maybe, just maybe, I'd accept them as a necessary evil. But every game that has these things... still has cheaters! So as a user, you're consenting to ripping a security hole through your system, and in return you are still playing games with cheaters.
The game companies keep saying these things are necessary, yet they don't fully do the very thing they claim to do on the label.
Can't help but ask myself sometimes... why would users want to pay in the first place, for the content of someone who invests more money and leverage that some people see in their entire lives, in delivering user-hostile technical countermeasures that most of the time are ultimately futile?
What is the so valuable thing that one is supposed to get out of the work of someone who treats their audience this way, awesomely as their stuff might've been made? That's what doesn't make the most sense to me. But then I remember how most people aren't very intentional about most of their preferences and will accept whatever as long as it's served by an unaccountable industry into everyone's lives at the same time in a predictable manner, and I despair.
Funnily enough, there is also the exact opposite discurse in the US regarding firearms; where one side says: that firearms need to somehow be restricted and and it needs more checks to buy a gun.
But then the Industry tells the story that in that case only the 'good guys' get restricted, since the 'bad guys' don't really follow the law anyways.
Where with Anti-cheat and DRM only the 'good guys' get hit, since the 'bad guys' don't follow "the law" anyways.
Yeah. Anticheat systems are the "think of the children" of DRM. It's the one scenario where you can sell users the hostile takeover of their own computer as actually beneficial for them - because cheaters in multiplayer are a genuine annoyance - while ignoring anything else.
Of course the argument falls flat on multiple levels: It ignores other ways to prevent cheaters, like server-side detection or maybe developing a gameplay that is not based on channeling masses of anonymous strangers through the game world. It ignores that it doesn't actually solve the problem of cheaters. And it ignores that many games use anticheat for reasons that don't have to do with multiplayer at all, e.g. to keep players from bypassing in-game purchases.
The amount of effort, time, and money people put into cheating is honestly insane.
A 14 year old who installs an autoclicker to mess with friends or randoms online I can get. But there are fully grown adults who dedicate their time and substantial amounts of money (whole second computer) just to win in online video games?
What's the motivation/justification for spending hundreds or even thousands of dollars on cheating hardware and software? Are these just super-rich people who have more money than sense?
I haven't paid much attention to any of it, as I don't really like multiplayer games anyway, but I always just assumed many people figure out how to cheat simply as a meta-game. I mean, how can you ask what the motivation to cheat is without asking what the motivation to even play the game in the first place is? Barring professional competition, both playing and cheating are largely meaningless activities outside the simple enjoyment.
A bit of both. Some very clever people, often in Russia or Philippines or Venezuela etc where incomes and legal risks are low make the cheats, and sell them to idiots in the west.
No doubt there are various reasons, some more understandable than others. There are some fascinating historical cases, like the one explored in "The King of Kong" :
You don't neeed DMA hardware btw. Just find a signed driver that's vulnerable to run whatever you want... Also, not hard at all. I guarantee you have a driver you could re-purpose on your windows machine right now.
Developing a cheat does not ruin anyone's fun. The same goes for guns, knives, anything that could be used as a weapon. It's all about how you use a tool, and in this case creating the tool is fun. Unless you think that everyone who fires a gun for fun, or creates a knife or even just a baseball bat, is a murderer?
Honestly, if consoles were willing to accept KB+M (and gyro aiming for that matter), I’d be completely proposing that competitive live service titles mostly abandon PC, except for a small “probably infested with cheaters” base.
b) should’ve specified this is the bigger problem. glad to see from the other comment bf6 is coming on-board, but VALORANT doesn’t and that’s probably the quintessential title for this.
Somehow Xonotic manages to be both completely free/open software and not have cheating problems like this. It's never been clear to me how they've done that although client-side stuff like these kernel anti-cheat things were obviously never going to work.
Combination of niche/low user base, community servers encouraging user-based enforcement of norms, and the lack of a unified ranking system. People don't cheat if it doesn't psychologically reward them. (at least en masse)
We could have a better discussion around this if we recognize that failing to stop 100% of something isn't a prerequisite to rigorously evaluating the tradeoffs.
Doesn't actually stop all cheat developers. If even one person develops and sells a cheat that the kernel-level anticheat doesn't catch, then it stops 0% of cheaters from buying and using the cheat.
It's much harder to sell a cheat that requires the user to significantly alter their computers boot process. Anti-cheat just exists to inconvenience cheaters enough so that the cheats lose their value.
It makes the cheats more valuable on the black market. I'm fairly sure the only people cheating in the major competitive games with anticheat are whales and extremely unethical pro players.
I think the problem with this line of reasoning is that it's one-sided. Essentially you are saying "Just trust me bro" on behalf of a self-evaluating company.
I'd argue the potential for abuse is a perfectly reasonable discussion to have, and doesn't have much bearing on the effectiveness of anticheat, but I understand that's not the point you are trying to make.
Sorry, my writing should have been clearer, I put one too many negatives in. :-)
I didn't claim we should trust the company. Whether we can trust the anticheat maker is certainly part of the rigorous evaluation of the tradeoffs I mentioned. My point was that saying "it doesn't stop cheaters" is both incorrect and stifling to a more productive conversation, because it implies anticheat has no value and is therefore worth no risk.
As for me, if Gabe said "now you can opt your Steam Deck in to a trusted kernel we ship with anticheat and play PUBG," I'd probably do it. But that's because I, for better or worse, tend to trust Gabe. If Tencent were shipping it, I'd probably feel differently.
Compare: "I still get spam, therefore all these anti-spam measures are worthless"
It is absolutely the case that there would be more cheating if we turned off the only partially effective systems. We know this because they are regularly stopping and banning people!
People are going to to be upset when it happens but it is absolutely inevitable at some point Steam ships a Steam Deck with hardware based attestation of the OS being a signed version of SteamOS, feeding back to a Steam API, that can be used as the basis of an anti-cheat solution.
Because anti cheat want's to verify that the highest levels of the system are not being tampered with. When contained within a VM it's impossible to tell if some cheating script on the host OS is reading or tampering with the game memory.
Probably the only workable solution is for windows to provide some kind of secure game mode where the game and only the game runs and can have windows attest nothing else is running. But that anti cheat has no access to the data in the real work OS which is currently not running. Ruins multi tasking, but assuming you can switch over fast enough it might not be too bad.
How does it know it is in a VM? Couldn't the host system make it look enough like real hardware, possibly with hardware passthroughs that the AC can't tell it is a VM?
It’s pretty complex. To start with, off the shelf VMs make absolutely no attempt to hide the fact that they are VMs but even if you do, there are tons of tricks you can do to work it out. Things like timing api response times, finding quirks in the emulation, boot chain attestations from the hardware, etc.
It can work on a vm, but for Valorant specifically it seems that detecting a vm triggers the anticheat and gets you banned. I believe this is the case for most anticheats except VAC. You can try to evade the detection, but then you just enter the same cat & mouse game as a cheater. Whether allowing/disallowing VMs actually cuts down on cheaters? I don't know.
About halfway in the article, there's a brief nod to CS:GO. It uses a tick system and the server controls what is possible, such as physics or awarding kills. Fighting genre games use the same server-based game logic.
Cheating is a big draw to Windows for semi-pro gamers and mid streamers. What else is there to do except grind? Windows gives the illusion of "kernel level anti-cheat," which filters out the simplest ones, and fools most people some of the time.
Fighting games do not use server-mediated simulation, in general. Cheating is actually a huge problem in popular games. And in fact, even running a server-mediated simulation wouldn't help with any of the common cheating in fighting games.
For instance, a common cheat in Street Fighter 6 is to trigger a drive impact in response to the startup of a move that is unsafe to a drive impact. That is recognizing the opponent's animation and triggering an input. There's no part of that which cares where the game simulation is being done. In fact, this kind of cheating can only be detected statistically. And the cheats have tools to combat that by adding random triggering chances and delays. It's pretty easy to tune a cheat to be approximately as effective as a high-level player.
Kernel-level anticheat isn't a perfect solution, but there are people asking for it. It would make cheating a lot harder, at least.
> About halfway in the article, there's a brief nod to CS:GO. It uses a tick system and the server controls what is possible,
As does Valorant and virtually every other first person shooter. The cheats aren't people flying around or nocliping, it's wallhacks and aim assists/bots.
You will find that competitive games already attempt's this, but it's impossible to eliminate entirely.
I can move and reveal what's behind a corner a lot faster than a network roundtrip, so either the server needs to give some advance warning or you're going to see enemies pop into existence suddenly.
And computing if somebody is almost visible isn't trivial either. Level geometry can have narrow openings such as holes in a wall. Or what if somebody jumps?
And that's before getting into non visual information. It's not perfect, but you could still add a significant advantage by drawing the exact location of footsteps.
So yeah, (some) games try, but network latency means the client needs some information a wallhack can use, and the alternative: being killed by an enemy that was invisible is at least as frustrating as being killed by a cheater so the visibility estimate has to be generous.
Additionally these games usually have dynamic shadows, and some even fully dynamic lighting. Good luck predicting where those could end up within a network round trip.
Admittedly, Valorant still has a cheating problem. But cheating is already less successful due to server side sim. Next gen games will have improved cheat detection, eventually leading to cheating drying up.
But anti-cheat hasn't been about blocking every possible way of cheating for some time now. It's been about making it as in convenient as possible, thus reducing the amount of cheaters.
Is the current fad of using kernel level anti-cheats what we want? hell nah.
The responsibility of keeping a multi-player session clean of cheaters, was previously shared between the developers and server owners. While today this responsibility has fallen mostly on developers (or rather game studios) since they want to own the whole experience.
> Honestly I feel like you should only use kernel anticheat on a dedicated machine that's kept 100% separate from any of your personal data. That's a lot to ask of people, but you really shouldn't have anything you don't consider public data on the same hardware.
Wouldn't it be sufficient to simply have a minimal system installed on a separate partition or on a separate drive (internal or external). Boot that for gaming, and never give it the password for the encryption of your non-gaming volumes.
This is why (even though everybody hates my for saying this) - the only way to do security is by enforcing root of trust - which is why Windows 11 forcing secure boot and TPM is a necessary change.
The idea that we should allow arbitrary code execution at some point, then we claw back security by running mass surveillance on your PC is clearly insane.
The only way to go forward is what BF6 has done - ensure the PC is in a pristine state, and nothing bad was loaded in the kernel - which is ironically why their anticheats conflicted - they don't allow loading random crap in the kernel.
Not to mention, people who develop these invasive security modules don't have the expertise, resources or testing culture to muck about in the kernel to the degree they do.
As to how dangerous this actually got actually showcased by Crowdstrike last year.
Sounds great! Guess who I trust? Me. The root of trust should be a key I generate. I do not trust this to any government, any private company or really any 3rd party, except perhaps a member of my family or my lawyer. It can just be me and maybe someone I grant a digital equivalent of power of attorney to. For a company like Microsoft to try and get involved is in my view a form of aggression.
> Honestly I feel like you should only use kernel anticheat on a dedicated machine that's kept 100% separate from any of your personal data. That's a lot to ask of people, but you really shouldn't have anything you don't consider public data on the same hardware.
Yes, and at that point, you may as well use Windows for that machine.
The author cites fear mongering over kernel anticheat, but I don't think anyone reasonable should be ok with their personal computer having kernel anticheat installed.
Genshin's anticheat was used to install ransomware, ESEA's anticheat was used to install bitcoin miners on users machines, EA's anticheat was used to hack clients computers during a tournament, etc.
When not explicitly malicious, anticheat software is at best spyware that's spying on your computer use to identify cheating. People complain a ton about Microsoft recall storing screenshots of your computer locally being a security risk, and yet they're fine with a Chinese owned anticheat program taking screenshots of your computer and uploading them online. And even if the company isn't trying to use that info to spy on you, my understanding is that when you're a chinese company, you have to give full access of that data to the government.
With the ongoing/rising tensions between the US and China, I actually think there's a significant chance that we may see all Chinese owned anticheat programs banned in the US, which would be pretty significant since they own or partially own the majority (as far as I know).
> I don't think anyone reasonable should be ok with
Well, I don't think anyone reasonable should be telling others what they "should" be ok with, myself included (I made an exception this one time).
> Genshin's anticheat was used to install ransomware
You should tell the full story: Ransomware installed Genshin's anticheat because it was whitelisted by antivirus providers, it then used the anti-cheat to load itself deeper into the system. So not really a problem with Genshin's anticheat (indeed, users who had never played the game or even heard about it would be affected), but a problem with how antivirus providers dealt with it.
> ESEA's anticheat was used to install bitcoin miners
You should tell the full story: Someone compromised the supply-chain and snuck a miner into the anticheat binary. It was discovered immediately, and the fact that the miner was in the anticheat and not, say, a game loader, did nothing to hide it.
> People complain a ton about Microsoft recall storing screenshots of your computer locally being a security risk, and yet they're fine with a Chinese owned anticheat program taking screenshots of your computer and uploading them online
This is just a fallacy. Like saying "people voted for candidate A, but then they voted for candidate B!" Obviously, there can be multiple groups of people, and saying that "people" vaguely support X but not Y is usually a misunderstanding of the groupings involved.
The obvious explanation for this is"apparent" contradiction you point out is: Windows Recall is likely to be an on-by-default feature, and people don't really trust Microsoft not to "accidentally" enable it after an update. Also, Recall would likely be installed on all computers, not just gaming PCs. That's a big deal. A lot of people have multiple PCs, because they're cheap and ubiquitous these days. Maybe they're okay with recall and/or anticheat taking snapshots of their gaming PCs, but not the laptop they use to do their taxes, etc. The source of your confusion is likely the misunderstanding that most people, unlike the HN crowd, are practical, not ideological. They don't oppose anticheat on some abstract level, they care about the practical reality it brings to their life.
Another element is that most people, at least in the US, have "spy fatigue". They figure, hey, the US government spies on me, the five eyes spies on me, Russia and China spy on me, what does it matter?
> So not really a problem with Genshin's anticheat (indeed, users who had never played the game or even heard about it would be affected), but a problem with how antivirus providers dealt with it.
The distinction doesn't really matter. The claim wasn't that the ransomware authors exploited deficiencies in the anticheat design, just that the anticheat was used to install the ransomware, which it was.
> You should tell the full story: Someone compromised the supply-chain and snuck a miner into the anticheat binary. It was discovered immediately, and the fact that the miner was in the anticheat and not, say, a game loader, did nothing to hide it.
Software with that level of access having a supply chain compromise is not an argument in its defense.
See that's the thing, I'm not making an "argument in its defense", I'm just telling the truth (the whole truth). It might not be an important distinction to you, but it might be an important distinction to the next person, and glossing over points like this does everyone a disservice.
I remember when the first iPad was in development, there was a lot of speculation about how Apple would solve the "large touchscreen keyboard" problem. Typing on a large touchscreen was hard, just blowing up a iphone keyboard wouldn't cut it. It'd be too large for thumb typing, but you also couldn't type on it like a physical keyboard, it would be awkward hovering over the touchscreen and you couldn't hold it while you typed.
Tech sites and bloggers talked about how Apple cared too much about the user experience to just release a big keyboard, and how we were about to see a revolutionary new keyboard design. There was speculation about split keyboards, radial keyboards, and more. People weren't sure how Apple was going to fix the keyboard issue, but it was going to be magical.
Finally the actual iPad reveal came, and it was just literally a giant iphone keyboard. Jobs showed how to type on it by balancing the ipad on his knees, and hover hand typing onto it.
Honestly that was the point where my opinion of Apple started to decline, it honestly wasn't even that big of a deal, but it changed them in my eyes from a revolutionary tech company into one that just wanted to appear revolutionary. I've never quite been able to separate that initial disappointment from the iPads, and that disappointment is still the first thing that comes to mind whenever I see one or read an article about them.
> it changed them in my eyes from a revolutionary tech company into one that just wanted to appear revolutionary
Doesn't your story imply the opposite? The blown-up keyboard works. It's not revolutionary. But it's also not performatively different in the way those bloggers' keyboard proposals were.
> I remember when the first iPad was in development, there was a lot of speculation about how Apple would solve the "large touchscreen keyboard" problem. Typing on a large touchscreen was hard, just blowing up a iphone keyboard wouldn't cut it. It'd be too large for thumb typing, but you also couldn't type on it like a physical keyboard, it would be awkward hovering over the touchscreen and you couldn't hold it while you typed.
I liked how Windows 8 did it on one of my laptops / touch devices, the keyboard would split in half and be on each edge of the screen, so if you truly wanted to type with your thumb, you could.
A lot of people did not like Windows 8, but I had fun with it on devices designed for it.
I do prefer whenever I find my Apple Pen (I have a knock off one from Logitech) that I can just write text over a text field, and the iPad will happily fill it in for me.
I'm not sure the iPad Pro would be a response to the Surface as much as the keyboards are, which are available on all iPads, including the ones that let you split the software keyboard.
> Finally the actual iPad reveal came, and it was just literally a giant iphone keyboard. Jobs showed how to type on it by balancing the ipad on his knees, and hover hand typing onto it.
> Honestly that was the point where my opinion of Apple started to decline, it honestly wasn't even that big of a deal, but it changed them in my eyes from a revolutionary tech company into one that just wanted to appear revolutionary.
Would a company that merely wanted to appear revolutionary have released some novel (but probably pointless) keyboard design?
Weird. I bought the first iPad and loved the big keyboard. I was much faster using it than I was on a phone. Particularly with the magnetic case, I found I could set it up like a physical keyboard and take notes in lectures, but unlike most keyboards it was silent. I made lots of mistakes, but autocorrect fixed most of them.
I don’t really get what the iPad is for either, but you should at least consider that Apple decided that “big keyboard” was the best option.
new cars would be far more than that for people who only buy new. Even if you bought 3 year old cars and replaced them in year 10 you are getting that costs.
i buy used cars because while I can fix things it time I don't have. I'm looking at a transmisson rebuild - it would take me 6 months to do myself. Or I can buy a newer car that works and get around now.
O3 has had some major price cuts since Gemini 2.5 Pro came out. At the time, o3 cost $10/Mtok in and $40/Mtok out. The big deal with Gemini 2.5 Pro was it had comparable quality to o3 at a fraction of the cost.
I'm not sure when they slashed the o3 pricing, but the GPT-5 pricing looks like they set it to be identical to Gemini 2.5 Pro.
As far as I know, all of the following stores take a 30% cut:
* Steam * GOG * Microsoft store * Xbox store * PlayStation store * Nintendo eShop * App store * Play store * Kindle store
There's also stuff like Audible where Amazon takes a 75% cut unless you agree to exclusively sell your audiobook through them. And there was a lawsuit over that because it turned out Audible was actually only paying authors a 15% cut, while keeping 85% of sales for themselves.