Like many online shooters, Valorant uses anti-cheat technology to help minimize problems caused by unscrupulous players. It is called Vanguard and, as described on the Riot support; It consists of a client that runs while the game is active and a kernel-mode driver that is always enabled. This seems to be making some players nervous: as noted in this reddit topic, for example; The kernel has full administrator rights on Windows, and the only way to prevent it from loading is to rename the file so that it cannot be loaded. or uninstall it completely.
Also check out: Desperados III: Collector's version announced
The idea of a program with this level of access, totally unknown to the user, seems potentially risky and; Initially, there was some confusion about whether it should be loaded automatically. Over the weekend, however, Riot's anti-fraud leader, Paul “RiotArkem” Chamberlain, confirmed in Valorant's subreddit that this was his intention, in order to more effectively prevent evasion efforts: cheaters generally ignore anti-fraud systems loading their fraud software first, having the driver always running “makes it significantly more difficult”.
“We try to be very careful about driver safety. We had several external security research teams reviewing it for flaws (we don't want to accidentally decrease computer security, like other anti-fraud drivers done in the past), ”explained Chamberlain. “We’re also taking an approach of least privileges for the driver, where the driver component does the least possible, preferring to let the non-driver component do most of the work (also the non-driver component doesn’t run unless the game is running)."
If Valorant is anti-cheat, LoL…?
The driver does not collect or send any information about his system to Riot, he added; And checks will only be performed when the game is running. Obviously, the Riot Vanguard driver can be uninstalled from the Windows Add / Remove Programs menu, but that means you won't be able to play.
Riot delved into the details of the kernel driver at leagueoflegends.com - the system being used by Valorant anti-cheat is also targeting LoL at some point. The post is quite technical, but it shares concepts about privilege levels and how the tricks work in a clear and accessible way, in addition to providing several reasons why players, in Riot's view, need not worry about any of this.
“This is not giving us any surveillance capabilities that we didn't have yet. If we were to worry about Grandma's secret recipe for the perfect Christmas casserole, we would have no problem getting it strictly in user mode and then selling it to the food chain. The purpose of this update is to monitor the state of the system for integrity (so that we can trust our data) and make it difficult for cheaters to tamper with our games (so that you can’t blame aimbots for personal failures) “, page says.
“This isn't even new. Several third-party anti-cheat systems - such as EasyAntiCheat, BattlEye and Xigncode3 - are already using a kernel driver to protect their favorite AAA games. We are just installing our own sous-chef in the Windows kitchen, so that when we find them with 'where the meat is', we know that we are getting an honest answer ”. EAC is used by Fortnite, Apex Legends and The Division 2. BattleEye is used by Rainbow Six Siege, PUBG and ARK.
“We think this is an important tool in our fight against cheaters, but the important thing is that we are here so that players can have a good experience with Valorant and, if our security tools do more harm than good, we will remove them (and we'll try something else) “, he wrote. "For now, we think a boot time driver is the right choice."
Riot has yet to announce specific figures; But the system seems to be working: Chamberlain said on Twitter shortly after the start of Valorant's closed beta that the cheats were already happening.