Valorant is already a hugely popular shooter made by Riot, although it is still in very limited closed beta testing. But some players have expressed concerns about their Vanguard anti-fraud system. It is a two-part operation, consisting of a client that runs while Valorant is active and a kernel-mode driver that is always active than loaded at startup. It's quite technical (you can get a deeper idea here), but the short version is that the presence of the kernel has led to concerns about security and privacy risks.
Earlier this week, Riot posted an explanation of what Vanguard is and why people don't have to worry about it, in Riot's view. Today, that followed with a new message talking more about his approach to security in general and his “philosophy” in relation to Vanguard in particular, which says that “it will help us achieve the vision of competitive integrity, while we will continually adapt to our arsenal. the war against cheaters ”.
"Vanguard does not collect or process any personal information other than what the current League of Legends anti-fraud solution does," he said. "Riot doesn't want to know more about you or your machine than is necessary to maintain high integrity in your game."
He also provided an overview of how the Riot system works:
Vanguard consists of three components: client, driver and platform.
- The client (user mode) handles all anti-fraud detections while a game is running.
- Then, the customer needs to communicate with the platform to receive detections and so that a player can play.
- The customer does not consider a machine to be reliable unless it recognizes the driver; untrusted machines cannot play Valorant.
- The driver (kernel mode) is used by the client to validate the memory and the state of the system and to ensure that the client has not been tampered with.
- Driver runs at startup to prevent loading tricks before the client boots.
- The driver can be uninstalled at any time ("Riot Vanguard" in Add / Remove Programs), although Valorant will not run without it.
- Driver does not collect or send any information about your computer to us.
- The driver was signed by Riot's own EV certificate, which in turn was signed by Microsoft according to its code signing process.
About the rewards
Riot also put its money into it; announcing an expansion of its HackerOne Bug Bounty program. Riot, like Valve, Rockstar and Microsoft, offers cash rewards to those who discover and report security vulnerabilities in their services; And now it has expanded that program to include specific rewards for Vanguard.
“Together with our new Valorant game, we have deployed our new anti-fraud solution Vanguard, which uses a kernel driver to fight cheaters more efficiently,” says the HackerOne page. "To reinforce our commitment to the safety of our players, we offer special rewards of up to $ 100.000 for high-quality reports that demonstrate practical exploits that leverage the Vanguard kernel driver."
There are several eligibility requirements in place and the details of each reported security breach need to be resolved with Riot, but, as the reporting page says: “If Riot needs to implement a code change to correct the security error, it is likely will be qualified for a reward ". Riot's regular bug rewards program, which has been in operation for six years (and, Riot said, has distributed nearly $ 2 million in rewards) will continue as usual.
Riot also expanded the opportunities to enter the closed beta version of Valoran; announcing earlier this week that access keys will now be granted across all Valorant flows on the Twitch.