Is Valorant Spyware?
ฝัง
- เผยแพร่เมื่อ 3 เม.ย. 2024
- Is Valorant Spyware or safe? Is Vanguard a malware rootkit, or just a reliable anticheat from Riot and Tencent? Does it connect to China? and how does it compare against counter strike anticheat software? Try the new Malwarebytes for free: mwb.link/4ay7nag (sponsor)
Do PC games spy on you? This video tries to answer these questions with cybersecurity tools, sysinternals, wireshark and EULA observations.
Buy the best antivirus: thepcsecuritychannel.com/best...
Join the discussion on Discord: discord.tpsc.tech/
Get your business endpoints tested by us: tpsc.tech/
Contact us for business: thepcsecuritychannel.com/contact - วิทยาศาสตร์และเทคโนโลยี
if anti cheat runs while the game is not even running that's a huge red flag and i will never touch it
Yes although that could be true, cheats can be ran at any time. There is a popular way for cheat devs to inject their cheats and that is before you even boot into windows. Valorant has the best anti-cheat hands down, but for it to be as good as it is they need it to be running 24/7. Face it is also good but not as good as vanguard
@@antivaxxtoaster8919Best anti cheat? I’ve played Valorant for a couple of months after release on my old machine and it was the game where I encountered the most cheaters ever in my life in any game lol, I even added a guy and he didn’t get banned for a shit ton of time, all of this while that garbage is perma on
Edit: forgot to add, the anti-cheat is so shit most of people had to do some weird shit to just have Valorant work in the first place, changing settings, booting a certain way and whatnot. What a great piece of software Vanguard has always been. Oh yeah let’s also add how shit it has been on League of Legends too (they are forcing it there too, weirdly) where they wanted to add it months ago yet it’s only active in the Philippine servers currently cause of the insanely high amount of bugs and issues it had on the PBE. For MONTHS now.
Best anti cheat tho💀
@@skiry_7207 nah i'd win
@@skiry_7207 Maybe you had a bad experience with vanguard, I'm not sure. Me personally I've been playing on and off for over 3 years and only ran into one rage cheater that got banned within 7 rounds, but thats besides the point.
I know first hand that vanguard has one of the hardest anti-cheats to reverse engineer, I haven't tried it myself but I know people who have so I can't really tell you if their spying on us or not. Vanguard were one of the first anti-cheats to really crack down on DMA devices, they are really the only companies that give a shit about cheaters, they are the only anti-cheat to my knowledge that has bug bounty program and will pay out if you find a bypass.
Riot games is owned by a Chinese company as he pointed out which does seem very bad, so take that as you will but they have the best anti-cheat hands down and they are the only anti-cheat who actually cares about getting rid of cheaters
also as a side note when you're reversing the anti-cheat they have a photo of their team and a invite to apply for a job to work for them if you're talented enough.
@@skiry_7207 stop with the Hollywood motherfuker , i have been playing the game since its 1month and i can confirm playing agianst 3 cheaters and i aint even lost no rr , game cancels 3/3..
Short answer, yes. Long answer, yes, it is.
I need a medium answer.
@@techaddictdudeis yes
@@CrushedCoaching71011it’s*
@@techaddictdudemhm
@@techaddictdude yh
I am from India and our government banned the pubg mobile game, tencent released another "Indian" version of the game and claimed the game will not communicate with Chinese servers again. But with a small network lookup i find out that the game is still sending data back n forth to Chinese servers.
Hey bro! You know what, you should publish your investigations and make people aware of this fact!
@@gigaheheboilol the thing already shared in most of telegram PUBG cheat channel
Let me know if you have published any articles on this.
Bring it to your authorities.
Yo man can we do a collab on this situation..we can both post it to our channel..
"bUt I dOnt HaVe anYthiNg tO hiDe, I doNt CaRe if I haVe maLware in mY coMpuTer"...
riot is not gonna be seeing my 5 terabytes of media
Cool bro, go gamble some money on cases while seeing cheaters every game in the most hacked game in the world.
Meanwhile i'll be queing valorant, with the best anticheat in the world currently.
Enjoy getting maphacked on every game at high mmr in CS.
@@mis8866 this is peak copium. "I'm so addicted that I'm willing to throw away personal security so I can get my cartoon shooting game dopamine hit"
@@joeybarela363 valorant players always defend their game with all their life
@@pixelsavant1 Honestly i can understand why people are angry about that but lets be honest 5 sec : Vanguard is not the only one to do that and we can't (valorant players ) do anything to correct this problem ,except unistall the game but that mean we won't play it anymore unless we like the game.
Quick correction - FACEiT is for Counterstrike 2, but it is a 3rd party Anti-Cheat. It is NOT run by Valve or required to play the game. Instead Valve uses a Server side Anti-Cheat
True,They use valve anti-cheat
@@marcelbromm2625 Oh yeah they banned for using stuff
But doesn't a server side anticheat suck?
@@NightRaven5568Not necessarily. It can actually be more effective than Kernel-level AC, but also requires the studio to hire a team whose job is to break the cheats down to their assembly code and write heuristics based on the Assembly..... but they'd rather pay less to build/buy kernel-level AC than to build server-side heuristics.
Also, Self-hosted servers with community admins are the best kind of AC, but it also takes away the ability of the publisher to end support and force players to the next game.
@@marcelbromm2625 As a CS2 cheater I must agree
Playing Valorant should already be unfortunate enough.
I'm glad I quit. Was hooked for 2 years and spent a lil over 500 euro's. I can't believe it myself.
@@Shouko91 LMAO
@@Shouko91 I'm still grateful that you finally quit it though.
@@Shouko91 you could have got a m9 bayonet
@@dinosharttt other trash game that is even worse, people that just play cuz of gamble addiction LOL
Funny thing, some cheats on other games doesn't work if vanguard is active
yeah, because vanguard is an anticheat.
For Riot their Games, not for Tarkov as example
So… you are trying to say that vanguard is affecting the binary code of cheats… ??? I think you don't know how anti cheats works…
Well I know enough to acknowledge that it's weird that the Anti Cheat of Valorant is so strong that it kills of cheats for other Games.
@@imhyouka8101 bro you said nothing in a whole sentence, you cannot inject cheats into other games if you have vanguard on because it flags them, i guess you never had vanguard on your pc
And people say that Linux is worse for not running some anticheat games like Valorant, but in reality it's protecting people's privacy.
Shit games btw
Which means if you are running windows you are fucked before even downloading valorant lol.
Just imagine Tim Sweeney telling you that the attack surface on Linux is just too big.
When you can easily defeat their kernel mode anticheat by halting and resuming the initiating process when the driver is loaded.
@@MrDT2012we already knew that.
@@sjoervanderploeg4340 that’s the point LOLOL
I blocked vanguard on my firewall when I wasn’t playing and it would blue screen my pc when I restarted lol. Had to uninstall riot games completely.
sounds like rootkit sypware to me. like why does it need to run 24/7 or else it bricks your system.
It's a rootkit, windows firewall wont help here, only if you setup firewall on your router it will have any sense.
@@kidnamedfinger.productionsreflash bios or run rkhunter with lynux is an option i mean
I remember this vividly but, I heard that even after uninstalling Valorant, it's anticheat (rootkit) still remains on your system.
@@Sunrise-d819i2Fr
spying on your wallet
MOOD
spying on your soul to see what skins you'll buy
Truer than the absolute truth itself
Fr,The skins will hit headshots much more and are expensive
if you're way too weak and somewhat rich, lol
It's _something_ ! I called Razer for a failure of a pretty new headset - instead of asking if I'd turned it off and on again, they asked if I had installed Valorant.
Holy shit I’m having a problem like that. When you uninstalled Valorant was it fine?
Riot responded to this issue saying the drivers that Razer devices require were so bad that cheaters could trivially inject cheats into the driver and circumvent Vanguard so Vanguard just blacklists that driver from functioning properly.
Razer also is a non-US company that requires you to run software 24/7 to get basic features of your devices working, but let's ignore that.
@@Nors2Ka GPU drivers allow the same thing.
@@Nors2Ka I don't like SteelSeries GG but at least I am not forced to keep it open 24/7
My boyfriend used to close vanguard after he was done playing but it messed up his game. Now his game freezes more often, takes time to load him into the lobby and gives him a warning for ban after every game even though he doesn't seem to break any rules. He had no choice but to uninstall
Cause he closed the anti cheat. Most games won't work if you turn off anti-cheat, because you know.. it's an anti cheat.
@@untitledmisouthere’s this thing called ‘reading’ and ‘understanding the text’. It’s a hard skill to learn and im sure you’ll manage to do so
@@untitledmisou cmon bro valorant fan base cannot defend this one, its crazy how it rus while your pc is off!
your boyfriends pc is just shit
there's is no bf here opsie woopsie 🤭
Something that was not mentioned was that Tencent is legally required to send information to the Chinese government. Have fun playing Valorant!
I mean, that is how every game both in US and China has to do business, by ‘sending information’. You are going to have to be more specific in motive for maliciousness.
@@twenty-fifth420factually incorrect. Do you have to submit your data to the US government everytime you log into COD? No you don’t because that’s ridiculous, however all Chinese games MUST send their data to the CCP. Learn about the topic before distributing misinformation
Does that mean the chinese government knows all of my lose streak?
damn china knows alot about me
@@twenty-fifth420the US government needs a proper warrant to receive information from companies relevant to criminal cases. The Chinese government just needs to tell them to fork everything over. Naturally the US government could also buy information from companies, but that isn’t a forced transaction.
Spookiest thing is that kernel drivers have the ability to read memory of other processes meaning they can monitor absolutely everything you do, decrypt your connections to websites, decrypt your crypto wallet and many more.
You forgot the part where they don't care, their game having no cheaters is more important than user security
If more companies will be install more anti-cheats like this. Aftertimes begin approached peoples which liked you full cash on card or you own computer. I think need block like this programs
You need a agency to be allowed to run debug versions and review code at this level problem solved
@@shroomer3867 No cheaters? Valorant has more cheaters than any other game beside CS:GO probably.
@@kidnamedfinger.productions I meant it as in what they want. I know there are cheaters in Valorant, sorry for not clarifying.
bro I had no clue about any of this. Thank you for the video and explanation.
Bro the trainer from OG literally told people about it like 2 years ago, thats the only reason why I uninstall entirely Riot Games.
Nice pfp lol
@@PedroHenrique-wo6pn hello handsome
I think it's important to note that FaceIt is a community project and does not come directly from Valve, the company behind CS2, and they have nothing to do with the FaceIt project. The official anti-cheat of CS2 is VAC (Valve Anti-Cheat).
Valve doing anything is funny (VAC is pretty dogshit), but shoutouts to the community
So CS fanboys will say it's cool if community made kernel anti cheat collects all the data and sells it but not RIOT? lol Riot doesn't even collect data.
@@deivytrajanmore like massive indifference since most people can and will just play on the official client, avoiding kernel level AC entirely.
If you don’t want kernel level AC to play Valorant? Tough shit, you can’t even launch the game.
@@deivytrajan I don't play CS2 nor Valorant, but I think no game should have kernel-level access to your machine. Also, I don't know if Riot or FACEIT collect data.
also another thing to mention, with FACEIT they have far less motives to monitor your PC, with it being just an esports platform and the company was found in London. Riot however, is technically owned by the Chinese Goverment, who would benefit from having everyone's data from all over the world.
I remember a friend begged me to hop on Valorant, jumped through all the hoops of recovering my user, installing the game, installing the anticheat, enabling and disabling windows features that the game wanted me to... and as soon as I launched the game I blue screened with kernel security error :D (i9-12900k, rtx3080, msi z690)
Uninstalled everything, re-setup how I liked my machine and never looked back
Smoking gun lmao
Skill issue I think
Hey! Had that same issue, just had to leave a pc off for a while, came back and it worked.
@@slawnyfivemowiec dont worry :D I'm not coming back to it. Just wanted to share my experience. But thank you for the heads up :)
I've never had to do any of that lol
what are all the software you used in this other than tcpview? I'm learning and i'd love to try all these tools :))
He didn’t use anything fancy, just regular Wireshark and Microsoft’s Process Explorer
I think he uses porcess explorer and TCPview and maybe some NirSoft utilities.
Where is that mountain range from your desktop background? Very inormative video by the way.
Cinque Terre
I sure hope you didn't think I was Iran😅
That flag is Italian
There was a dude who said Cinque Terre, but I can't see his comment anymore. I wanted to thank him for being a goated user of this platofrm
if it acts like malware...... it is
acts like malware, uses ring0 rootkit techniques, runs the entire time your pc is running, owned operated and used by the chinese communist party.
Nah i think its just an anti cheat to ban cheaters 🤓🤓🤓
so every AV ever is a virus? logitechs software is a virus? all of nvidia's drivers are a virus? Vanguards not doing much different than any of those
This is the best mindset when it comes to security.
I've had valor ant installed on and off for 4 years and nothing has happened, why worry so much, I guarantee the Chinese has sold you're data already regardless of having the anti cheat or not
@@wlockuz4467 The problem is that the average person on TH-cam has no clue what malware is and that's why they watch a video of some random guy hoping he's gonna say what they're already thinking
I honestly never watned to play Valorant simply because I don't have any trust for Tencent at all. I would rather not take that risk.
same.
FAANG are just as bad as tencent...
e-e
you can play valorant through a VM, OrdinaryGamers has a video about it
Your data is already out there. At least you know this devil.
The big question is do Valorant players deserve this for playing the game? Yes
Nice video!
I would have some follow-up questions based on this observation:
- How much data does Valorant send when the game is not running? Are we in the kilobytes, megabytes, hundreds of megabytes per hour?
- Does this value increase significantly when the game is running?
- Are there other events that cause an increase in the amount of data sent? Such as filling in a password/credit card in an online form, typing China or Taiwan on the keyboard, etc.?
These could help us understand more about what it does :)
Thanks!
china actually wants access to the 5 dollars in your bank
valorant sends everything about your config to tencent in the TB range from advertising data to last windows install date, if the game is running it doesn't send anything and functions purely as an anticheat, if you make online payments specifically for riot skins it's reported, other transactions are logged but are disregarded, it also sends more data if it suspects you are using a vpn, riot also keeps a log of if you're browsing their secret list of account selling websites with an IP kept, some of it is security through obfuscation
source: nothing, this is just baseless speculation I was hoping someone else could contribute
@@trektncome on I read your message hoping to get a source and its just nonsense
Forget those "pro-active detection" tests between Bitdefender and Kaspersky, the real winner is whoever blocks Vanguard
i remember BD had issues with Valo when it first came out lol
@@LynKazoyuu Lol
Windows itself blocks the Vanguard driver if you have "hardware-enforced stack protection" turned on, and this is supposed to be a security feature.
@@mosti72 Oh you mean the same anti-tamper protection that also stopped EAC and Battleye from working? Or let me guess, you didn't do enough research to know that most major AC's were affected?
@@unearthlynarratives_ Did I ever say that it only exclusively blocks Vanguard? FYI, I've had similar experiences with other anti-cheat software, and I'd say the worse I had experienced so far is nProtect. My point is that the Windows anti-tampering mechanisms itself doesn't like these anti-cheat software.
Honestly you should rename this to "Is Vanguard Spyware?" or "Is Riot Game's programs Spyware?" because I literally linked this to a friend who begs me to play League (which also uses Vanguard now by the way) and he simply responded with "Don't play Valorant so doesn't matter" and won't even watch the video...
He might not be the target audience but simply asking if Valorant is spyware isn't really accurate anymore now that they're forcing it onto players for all Riot games now.
so ture, most of the people is not smart enough to understand this...
i have a friend too and he does not even care about it, he literally saying "everyone is stealing the data".
🤓 actually vanguard is currently only on the philippines server so if your friend is not playing on that server he does not need vanguard to be installed to play league
league does not use vanguard
@@COLAdg for now...
Funny thing, Vanguard has been announced to be in League of Legends also in the next month, 14.19 update being exactly.
It's a very sad thing.
We need to make the clear demand "lay out openly the cryptic untraceable connections and what data it sends and where"
and direct the debate as a community in such a direction
Forgot to mention the part where it's difficult to uninstall it also
Just uninstall the game xd
@@sx1805 Uninstalling the game unsurprisingly does not uninstall vgc.
@@sx1805 the only way to uninstall it is go into settings and then apps. the thing is the game doesnt uninstall at all even after a reboot.
the true way of uninstalling is deleting the game folder, uninstalling vanguard and then riot client itself
go to control panel, uninstall valorant and then it will ask you to uninstall vanguard aswell, do so, then delete the riot client alongside with any other games.
use revouninstaller to remove it completely
This is something i never knew the anti cheat even did, really informative in less than 10 minutes! Props to the PC Security channel for being this informative!
This is something everyone already knew, but as he pointed out it's important to make the distinction in behaviour: while faceit installs a kernel driver you can shut it down and turn it back on at your whim, as opposed to valorant which really strongly nudges you into having it on 24/7 and making it extremely inconvenient to not have it on.
@@xFluing ah I see, I never personally played valorant or any other shooter games on pc, and I don't face myself towards the gaming industry too much so this is new information to me, but I am glad people were already aware of such thing.
@@xFluing
Everyone minus many that didn’t know, isn’t everyone.
It is similar to “never except…”.
@@antman7673☝️🤓
@@xFluing Except that you got it the wrong way round, when you disable vanguard, it unloads the driver, FACEIT driver runs 24/7 regardless if you have the anti-cheat on or off. Not being able to just unload and load drivers is extremely important for a kernel AC.
Whenever I installed Valorant and had Vanguard running in the background, I often experienced blue screens, occurring once a day when playing other games or sometimes crashing when browsing random stuff on the internet.
Question: If you exit vanguard, can it still process what you are doing on your pc? I used to love valorant before I came across concerns about vanguard and noped out, I always exited vanguard when I was not playing but was still very suspicions that especially if they want to collect your data, they are just going to let you turn off their data collection that easily. Is it safe to have on my pc if I turn it off when not using it? Or does it still have kernel drives running and collecting information about what im doing?
Same question
It does turn off when you click exit, as far as I know. Most people are to lazy to exit every time they turn on their pcs
Dont forget that kernel level games and apps make you more vulnerable
the genshin impact scandal
@@il_panda1979 whats that
Yeaaa and then i play 2games of cs and rb6 and i get insta spinboting in cs and obvious walls in rb 6 oh and dont get me even started about tarkov 😂😂 i have never encountered a cheater in valorant in 2 years of playing.
@@callmenik1298 And what has that to do with what he said?
@@callmenik1298 the reason theres no cheaters is cuz everyone is fucking scared of the anticheat actually just bricking their computer. one day we will decompile the anticheat and its just gonna have a dedicated function to just wipe your hard drive
They claim it needs to run 24/7 so you can’t inject cheats before u open the game. So when you’re injecting before joining the game, you essentially get tagged and you’re banned. My question however is, how do cheat developers still get around it? What’s the point of having kernel rootkit on your computer when you can still cheat? Then it all adds up. Tencent.
How many blatant cheaters do you encounter in your games though?
I encountered only one in more than 400h of playtime, and the cheater was actually banned mid-game. Nobody complains about cheats in ranked, that's how trusted Vanguard is regarding banning cheaters.
Maybe it's spyware idk, but regarding banning cheaters, it does a good fucking job.
@@namufoxy LOL most ppls cheat with simple AHK scripts that aren't even recognized by anticheat. That is a sad fact. They just want you to believe it god tier anticheat when in reality it's just there to farm your data. Don't be stupid my guy, who wanna cheat will find a way.
@@namufoxymaybe because some people closet cheat or arent as oblivious to cheating, closet cheating is ALWAYS seen and is really easy to do when you have experience actually
@@user-zd3iz3xx6k Nope in Vanguard most (if not all) memory injection cheats are detected quite easily. The cheats that people use usually involve a PCI device and a second computer to read the data, for less serious cheats like radar cheats. The aimbots most Valorant cheaters use are Machine learning image recognition HID-based cheats, that provide mouse inputs based on where the enemies are on the screen.
I am NOT justifying vanguard's level 0 previleges, I'm just writing some facts for clarification
@@asldfkhjaslk all that yappin but the only blatant cheat in there is aimbot, everything else is used for closet cheating
So can’t there be an option to not have it running except when trying to run the game and only restarting the pc then and there with the Vanguard in the startup list? Kinda how some very old games/programs worked where you’d insert your disk and restart to boot it
Having to manually close it or even uninstall it because you don’t play every day or week seems tedious.
I mean you can manually make it not start like every other application
Good video. A measured response, not coddling Riot nor being hyperbolic
It's also about trusting the integrity of the driver. All it takes is an upstream backdoor to get pushed out to millions of people with ring 0 kernel access and it's gg
Is it just me thinks there's an alternate earth where all softwares want ring 0 kernel access to avoid being cheated / 🏴☠
If all softwares are ring 0 kernel access, no one is.
@@MangaGamify iirc back in the DOS days a lot of programs get to access the hardware directly (aka ring-0)
@@MangaGamify also if everyone have access to ring-0, the next goal would probably be ring -3 lmao
@@MangaGamify that's why TempleOS exists
Same can be said for Microsoft drivers, AMD, Nvidia?
Something I'd like to add simply as food for thought is that vanguard, from a anticheat perspective, runs before user mode is initialized due to the fact that cheating drivers are able to be launched before user mode initializes as well. This way the anti cheat can catch cheat drivers that inject into the host pc to then uninitialize before VGC can run. I think their are much better work arounds for this rather than making your AC run as a kernel driver 24/7 on your pc but it does make sense as an argument as to why it needs to be initialized at boot.
Someone with critical thinking skills in the comments? You can't be here lol
You're completely right. It makes perfect sense that it works and runs the way it does. Most people just use the word rootkit as a buzzword because you can farm clicks from people who wouldn't change their opinion even if the AC was found to be safe.
Riot would be stupid as hell to use this to steal anything from its users. Their reputation would not just go out the window but they would also be in trouble legally.
its a good excuse but there are surely other workarounds. also the anticheat doesnt work properly and people are still cheating so there is that...
@@uros7320 I mean no defensive system is going to ever be bulletproof. Anti cheat development is a game of cat and mouse. Also, i agree with you on their being other methods, just playing devils advocate for the purpose of providing food for thought
@@Kosaii- ye i understand that completely but then why be so invasive when even that much isnt goign to bring you back to where you were a few years ago + a lot of peopel wont play the game just because of that. and now the same is going to happen for league. in my 8 years of playing league i have never met someone who was scripting but now they are supposedly all over high elo so that is why everyone in low elo is forced to have this invasive anticheat on 24/7. makes no sense. they should do something similar to how valve treated csgo. you were allowed to type in a launch command that dissables some parts of the anticheat so you could have programs like discord, faceit and nvidia overlays on during the game, but beacuse of that there are slightly bigger chances of you meeting cheaters, like you are put in sepparate queues from people who dont have that command on, but then again most people prefer to put on filters while playing cs so everyone would have that command on and there was no purpose for the change to make game more clear of cheaters, when its quite clear what the playerbase values more, and i feel like the same woudl go for league. the only peolpe that have problems with cheaters are people in the top 1000 in each reason so a total of less than 10k people, and because of that dozens of millions will have to have invasive anticheat on...
@@uros7320 that's just dishonest. No one has ever claimed that valorant is cheater free and riot never claimed vanguard would do that. How about not making a bad faith argument because you're too uneducated to actually think of something that makes sense.
Another big issue is the fact that Vanguard is a prime target for people who want to steal data. So many people play Valorant, now they’re forcing it on LoL as well. How many people play those games? Breaking into Vanguard gives you kernel level access to the player base’s data which is completely insane.
thanks for always being so thorough in your explanations!
Yes, any DRM that runs with kernel level permissions can be considered spyware turning into malware category, Windows is already a data harvesting center, no need to add more vulnerabilities to it.
wish to see network activity when the game is not running. May be very definitive red flag.
With a half comprehensive firewall, you can set up logging and rules to do just that. The dream machine pro is a pretty good one if you like Unifi products.
@@ahabsbane this is a good suggestion, but it still can accumulate data when there's no internet access and send it right after you start playing the game, essentially unblocking the firewall.
I mean, you just saw those connections in wireshark, the game was not running.
@@pcsecuritychannel well... It definitely means it's totally not a spyware =)
@@anispinner this is not about blocking it from spying - but about clues if it actually does that. If it sends something when the game is not even running - does that mean something?
Yes it is, the difference is that they're forced by law not to sell the data they collect, but by the other aspects it is, in fact you would be scared if could see the amount of data they collect per day.
kind of a wierd thing, when i unistalled valorant its still in the task manager start up with power on programs as a file that can be turned on or be disabled and the icon is a deaflot icon for txt files. Is it still spying on me , idk but im a little bit concerned.
Edit: the file name in task manager is "Riot"
prob riot client
dude riot is not fucking spying on you. you uninstalled valorant, not riot client, just uninstall riot.
@@omniyx7837 that's the thing, I don't have riot installed
An excellent topic since it involves so many games nowadays.
It would be great if you could do more reporting on similar software, so that people can make more informed choices.
Also not to mention that it REQUIRES you to have Secure Boot enabled in bios 💀
Meaning that if I want to run linux based distros and play valorant on Windows, I gotta non stop switch bios settings
Oh! Didn't know that! Thanks
That sucks but as a Linux User I'm sure you're skilled enough to make your OS secure boot compatible ;)
You can just install windows 10 and ditch the trash that is windows 11, i dualboot arch+win 10 and no secure boot is required.
fedora, ubuntu, debian and linux mint all have secure boot support, but it can get dicey if you use the nvidia drivers that arent part of the main OS.
This is why you use open suse.
I don't really know if Riot/Tencent is actually doing this, full-on dystopian style:
Vanguard roll-out, and it does two things: act as a kernel-level anti-cheat AND collect all sorts of (personal) data, that either goes straight to Tencent or is passed on to them by Riot Games. Two birds with one stone, disguise the whole thing as a big anti-cheat and off you go.
Wouldn't that be super risky for either Tecent and/or Riot Games? The second half comes to light and makes big headlines, worst-case it costs them a huge amount of money, at least most of what they got from it: Data - for which there's not really a cash prize, but you know what I mean.
Isn't there a way to monitor your traffic of packets coming in/out? Like just have a computer running Vanguard, do normal everyday internet stuff, but not play Valorant, and monitor how many packets are going to those servers?
You can use another device that acts as a hardware proxy that monitors the connections. Did that a few years back when Vanguard was new, and it still made those connections *after* it was "uninstalled". Those requests did not appear when trying to monitor the network on the infected device itself, meaning Vanguard hides itself, but is still there.
isnt this just wireshark? which he is showing in the vid, the problem is that Vanguard is running 24/7 regardless of whether you play the game, and it has Kernel level access. Tencent is notably a massive internet technology company in China, and in order for such a company to exist, they need to have deep ties with the Chinese Communist Party. This is what had gotten TikTok into a lot of trouble causing a reshuffle in management. And even now the US government believes Tiktok’s parent company is monitoring and storing user data.
i literally deleted valorant and youtube recommenced me this
your data has been sold to the youtube 😂
theyre in your walls. u nder your skin. ... inside your brain .. . . . wake up . . . . . . . john google is onto you..
@@EfeDursun125data is being sold everywhere, i mean idgaf if youtube sells my name or password, f*** tencent its just personal hate
get a fresh install of windows you still have the backdoor
delete vanguard too if possible
This is why I love this channel. Keep up the great work!
Please can you also do Naraka Baldepoint? It's also free2play and has been rumoured to also contain Spyware and requires you to disable windows security settings just for it to run.
Thank you! 😀
Wait, if riot vanguard is turned off as startup, it should not run 24/7, right? The icon symbol does not appear. When launching the game you need to give admin permissions to launch it
Yup, you can disable it so it doesnt boot on startup, and its off untill you turn it back on.
Yea, that is exactly why I don't like this anti cheat, not because it's kernel but the behavior
Unless you have value in your pc doesent matter at all I
@@corpingtons in every situation you have something value in your pc)
@@yrmuqif i had a pc for gaming i would specifically make it so theres nothing of value on it and i would have it on a separate network because video games are chalk full of malware and online games open yourself to network attacks from easily angry gamer script kiddies.
@@ricerice245you are just hating on video games 😂 and spitting random accusations around
@@ricerice245just say you don't like to play games
Really love this Format! Would love to also check other games with anticheat if possible!
I know it sucks having it running 24/7 all the time but in my 3 years of playing I've only encountered couple of cheaters, the rest claiming there are tons of them either saw the tiktok vids where they showcase cheats that are already detected and will get you banned immediately or skill issue. And people still use Faceit despite it being with around the same access
And the biggest problem is with vanguard running in the background is not even that it could be considered "spyware", BUT that it also slows down your pc aswell. From my experience i have seen a whopping 30-40% performance decrease and way more stuttering on other games while valorant was installed then when it wasnt installed.
What? That literally doesn’t make sense, are you just running out of space on your computer?
Tencent is a huge 🚩
yeaahh but so is like every big corporation
yea racist
@@johnli7818 wtf
@@ingohregg688 yeah, but difference being Tencent is from China, and lets not fking pretend that China goverment isnt way worse than some others big corporations (unless we are talking about the US)
And screw anyone that thinks that this is somehow ""racist""
@@johnli7818 what?....
An anti-cheat needs kernel access (which means full root access). So it can hide itself even in wireshark and there’s no way for you to see suspicious traffic
Why does tencent get this much hate for something that pretty much every non-Chinese tech company does too? Like what exactly does tencent do that google or microsoft don't
@pcsecuritychannel can you also cover the anti cheat from helldivers 2? Some people say it shuts down programs by force, others that it doesn't but no one specifies what problems it caused, what it shuts down and how bad it is to ever run that thing?
havent had anything shut down and havent heard a word about the ac causing issues might just be a hardware issue on their end
I would suggest looking at a rampant development of "cheating" software, where things go up to having a separate system running video analysis and sending commands to a mechanical mouse controller connected to a gaming station. Or "mouse assist" software. What I think AV companies are missing is a gaming solution. Most of the AVs have ELAM drivers so you are already up in the filters list anyways, you just make a product game companies can all on a machine and after a success reply progress into a game menu.
I want to complement here that Valorant also doesn't works in windows 11, Cause Windows 11 needs the TPM technology in order to protect your computer;
I mean the The Vanguard application needs the tpm shift in order to work also the w11 in the first versions.
but idk what to think, cause I once make the valorant works in a windows 11 computer that doesn't have the TPM chip, by manipulating the Vanguard application
The non-conspiracy answer for why Vanguard is running the whole time is:
1) Because it is a bootkit and initializes on boot so you can't circumvent it with your own bootkit cheat
2) Because people are lazy and don't want to reboot the computer every time they click to play the game
However, if I were to install a bootkit level anti cheat I would probably have a separate OS just for playing the game or games in general and have my sensitive information with a different OS on my other encrypted drive. Looking at the cheating situation in other games vs what you hear about Valorant I might actually prefer an intrusive anti cheat, as long as I can play the game cheater free and keep my personal data on a separate encrypted drive. It may not be practical for a lot of people but seeing how bad cheating has become it seems there is hardly an alternative unless AI anti cheat can show that it can work. But since that hasn't come through by now I'm sceptical, to say the least.
Wou, thanks so much. I have waited so long for this kind of video: Video-games + Cybersecurity.
Please, the next video could be EA/Respawn Apex Legends? Recently this video-game had a scandal related with cheats and it's anti-cheat in online competition.
Thanks!
Tencent owns EA therefore they also own apex/Respawn...
From what I've heard from the vanguard developers the main reason for the need to have it launch on boot is to prevent tampering with it prior to launch. So to summarize all of it's odd features:
- Anticheats are useless unless they are embedded within the kernel
- Vanguard is one of if not the best at detecting cheats
So the simple answer seems to be that these are just measures taken to secure the competitive integrity of the game. But I don't doubt that somewhere along the line someone at tencent has looked into this and seen a juicy juicy data collection opportunity. I believe the original reasons were honest, but that they might've been turned into something else along the way.
Well yeah Vanguard goes hard you are almost guaranteed to get banned from Valorant in the first 30 minutes-1 hour of using cheats a friend of mine was in a comp game that ended because someone turned on their cheats it is a necessary evil otherwise the ranked games would be filled with nothing but cheaters
Finally someone reasonable that doesn't parrot the same shit all these idiots do. I applaud you for having critical thinking skills dude
Vanguard is average at best, valorant has as many cheaters as pretty much any other game. Original reasons behind vanguard are irrelevant, point is that CCP can request data from tencent at anytime.
@@IWatchSecksTheres no way you say it's "Average at best" when high level CS players find cheaters to be a massive problem while high level valorant players basically never complained about cheaters.
@@IWatchSecks "average at best" why don't you list me all the competitive games and their respective AC that are better than vanguard. I've been playing for 3 years now CONSTANTLY duoing or stacking with my friends at diamond and WE have personally never seen the red screen during those sessions. Im curious what you think is better
Tldr of the main question: Probably, but we dont have concrete evidence.
Longer Tldr:
Tencent probably wants your data and is likely willing to resort to spyware.
Vanguard is basically like a "root kit" in that it has complete access to your pc.
The information being sent out is encrypted so we dont know what the hell is being sent out.
Vanguard needs to be turned on the whole time your computer is running to be able to run valorant. This is unlike its competitors like faceit which allows you to turn it on or off. Which is sussy.
I will never touch a game that forces kernel level access of any kind. I’ve gotten a switch and just play games casually. It’s a video game, not national security.
something to note about FACEIT: while you can stop it you cant play online just by turning it on again you have to restart your pc aswell idk why that wasnt mentioned
edit: should also be noted that one of the ways that csgo cheats bypassed vac for a LONG time was just shutting down vac/steam loading all the stuff needed and then turning it back on so its not like its completly pointless that vanguard is always running and wont let you play valorant if you've turned it off.
It was making my computer restart immediately after shutting down Vangard, so i couldnt use my computer at all unless I left it running, the games not good enough to deal with that, so its gone forever lol
you dont have to restart your pc for faceit AC to work you just have to load it up and restart your game
Simple redundancy check would solve the vac bypass issue which u mentioned in ur edit ? Dont u think ?
For it would be a very easy decision.. I would not even consider getting the game. I don't care if it can be disabled (but can it really)... It is a matter of principle.. And coming from a very questionable source makes it even more problematic.
Would be nice to see some traffic figures with the service actually activate while not ingame.. If it is still sending/receiving data or maintaining connections.
And as for malwarebytes.. I've tested 3 major antivirus/total security solutions in the last month.. Malwarebytes, ESET and Norton 360.... Malwarebytes was slowing my system down so much (it fealt like by more than 50%) it didn't pass the test.... ESET was the best performance wise. But finally settled on norton 360 deluxe because I could get it for a very affordable price. So far it does not dissapoint.
Performance impact seems a tad higher than ESET but overal great. Malwarebytes needs serious work (IMHO).
I also absolutely dispise Malwarebytes big android like interface.... Like I'm running it on a phone or console. I haven't seen any comparison videos testen several antivirus back to back for years now I think.. Aside from your ransomware 200+ script tests which you seem to like doing but in my opinion the way you are testing it is far from optimal.
i play the game but i feel like these are one of the things everyone should be aware of with such a delicate topic as data collecting
Any plans to make the Video about Wuthering Waves AntiCheat when its Released at 23th may? that would be very interssing.
This should bring your eyes towards Discord as well.
It could be interesting to set up a Pi hole DNS and use it to monitor the DNS lookups over a longer period. Plus trying to block some of the domains to see if the game is still playable.
apparently, anything you do to it gives you a BSOD. certainly wise to have such unstable software in your kernel.
@@guguigugu Ah yes, totally not a rootkit
@@shroomer3867 You're so delusional, drivers are specifically made to BSOD you if you tamper with them. They will have hooks on debugging flags and any changes made to the driver will cause a BSOD. That's how every single AC driver works, they BSOD you to prevent cheaters from reverse engineering it further.
@@guguiguguYou don't test software stability by disabling shit it needs.
@@ehqwk thats exactly how you do it
I really like these types of videos, I wish you would bring more of this content. You can include R6, Cs2 or some games with Easy Anti Cheat, and then compare them
cs' anticheat is a joke
yea none of them works lmao thats why you need vanguard
@@johnli7818 huh
@@ze_diddle_v3 have you played those games? I invest thousands hours in Cs, hundred hours in cs2 and thousand hours in apex. They are flooded with cheater. Imagine the pro league of Apex legend NA tournament got hack mid game literally! That tells you what EAC is capable of nothing.
@@johnli7818 always been like that all you goota do is pray god not to have cheaters in your game we ll been there i have 5k hours in cs and 2k in apex i play them a lot
Systemcare can off the background vanguard if open the valorant. vanguard not opening but you need to optimize use systemcare after open valorant
I used to get blue screened when trying to uninstall vanguard. Had to delete registry keys to fully remove it
I've been playing League of Legends for more than a decade and this is exactly the reason why I purged it out of my life like a month ago, because they're about to implement Vanguard to it too just like with Valorant. This was my limit and they crossed it.
In all these years, I haven't found a single cheater in my matches.
I won't miss that game anyway and by the way, Vanguard won't stop cheaters completely, only reduce them a bit.
it would be funny if you say you wont miss it and end up going to dota
of course it can't stop them completely, that's just a marketing/reason they give people. it's functioning like any other anti cheat
@@Wanderer3639 I never tried Dota and I'm not interested in it, honestly. The only online game that I play now is Tekken 8.
@@JohnDoe-wl8zk You never found a cheater? Were you looking? Were you playing with only people you absolutely knew, beyond the shadow of a doubt, weren't cheating? Highly suspect comment.
@@dyanosis You're free to believe what you want, I'm not gonna try to convince you.
Have a good day.
Beautiful wallpaper, where did you get it?
Liked the video but it woule've been better if you went a bit more technically deeper into the content also I remember valorant devs were open about this anti cheat system and they even wrote a article on how they tackle the cheats software, so it would've been great if you had given more info about those articles in this context. Thanks!
When i wanted to try Valorant on release, as soon as i finished installing, Vanguard had disabled my audio drivers... Instantly deleted, formated,and never looked back, and as soon as i heard League of Legends was gonna have it too, i unistalled it without a second thought
I don't trust tencent with a 10 foot pole
Riot games is located in California not china they have stake also riot employees are us citizens it’s not a virus
its called tencent cuz every person that uses its product gets its personal data stolen and sold for ten cents
I don't trust anything that's under the CCP's control, not even chinese citizens abroad. Look up chinese civilian-military merge laws, there are NO chinese civilians, everyone is required to act as a soldier or spy whenever the CCP requests it.
@@PartlyXenonfool go be a teacher at some high school or something homie. Dont waist yo time being up in them comment on TH-cam
I assume you don't play any unreal engine based games, you don't use discord, you don't play any games on your phone being made by studios where tencent has stakes in them etc. Or else this is just a lie you tell yourself at night to sleep well.
I agree with everything except the focus on it being "chinese" as if any Microsoft/Google crap or any other big corp software wasn't collecting your data, even tho they aren't chinese.
You can use Portmaster and block most of those requests without being kicked of Valorant's servers. Or just run Linux and play other games.
Having a democratic country spy on you is bad, but a tyranny is worse.
Exactly, my thoughts are the same, it doesn't matter if it's chinese lol, the US will gladly take the info and stick a backdoor in it. Feels a bit fearmonger-y
how would I block the requests with portmaster? is there any guide?
you can make rules to block ip address@@phoneywheeze9959
There's a big difference. I'd rather have western big corp data collection and backdoors than chinese. The same reason the US doesn't put chinese microchips in their military technology.
There's just one thing to add regarding the Valorant anti-cheat... you can't even have secure boot disabled... so not only is it a driver that controls the PC 24/7 but also the BIOS settings
there was something weird about the fact that Vanguard anti-cheat was announced on Riot's anniversary when they announced the game. they didn't spend a ton of time on the game overall, the beta wouldn't launch for a few months, and they decided to spend that time announcing... a new anti-cheat? they really wanted you to know it was a *really* good anti-cheat, and showcased how it would put a huge "game terminated" screen if it detected a cheater, and everyone was like why?
Its because most popular fps have tons of cheater and its annoying, so by announcing that its really good its selling the game has being more cheater free than others
Can't we somehow change the private key so that we can decrypt the data? Or maybe fetch the original key?
Read it off the memory or the dll
i would love to see a video about that if it's possible
No, you can't... How tls work is that you get the server's public key and use it to encrypt the connection and only the server's private key can decrypt that...
Look at it like a pair of padlock and key, the client and the server exchange their locks (public keys) during the handshake and then the server/client lock the message box with the other's padlock and only the server's key can unlock just like only your private key can unlock the server's response...
You'd have to actually hook the functions or read the memory to see the message before encryption
interesting video! if you could do another video on anti-cheats like faceit aswel would be great!
Agreed, vids on easy anti-cheat and BattlEye too would also be really helpful
The fact is; Non kernel anti-cheats just don't work anymore. Look at CS2, Cod etc. These games cannot effectively ban hackers anymore. Honestly, this is the only way forward to combat cheaters.
Le China spyware bad, American good.
If you have a bank card, drivers licence or insurance in 2024 you data isn't with you anymore. Thats just reality.
You so right @user-bg8nh2sr7u, great name by the way; did you create this account for this comment?
@@user-bg8nh2sr7uYou have the same wavelength as me.
This is a comment, well, my comment and thought about this issue: "Well, if they don't do this, then the cheater can start their cheat at kernel level and remain undetected?
I really didn't understand the technicality, but from my educated guess, they do this to prevent any loophole of their anti-cheat system. Someone who make a cheat program can take any loophole that available and use it to their advantage.
My suggestion is, well, don't play the game at all if you don't like the way they are doing their anti-cheat system."
Yeah, bye bye League of Legends, after 12 years I'm happy to give up on this crap. Finally a good reason. Thanks for laying this out so clearly.
Me watching this with Valorant running in the background
Lmao😂
💀💀💀💀💀💀💀💀
Bro silently closes valorant 😅😅😅😅
Dont let the video scare you, you’re data is already there, your phone, google, youtube and windows already sell your data.
Even if the game is good I'd definately wouldn't want this constantly running.
I dont think this is a "good" game if the fanbase is 99% meowing, uwuing, horny, weird.... "players"
@@namebutworsedepends on server tbh. Most Singapore server filled with the most authenthic SEA slurs
Game sucks ass
@@namebutworseDon't take your opinion based on famous clips in tiktok, Val community isn't like that, 2 and a half years playing val and never found som eboy/egirl or something like that (only a couple but they were chill)
@@alexhcf613 i dont watch tiktok, thats how my source is true and isnt chinese spyware
Have you tried proxying the HTTPS connections through Burp or similar? If they don't enforce HSTS then you could read most if not all the packets, although latelly a lot of endpoints are enabling this feature
You think anti-cheat will communicate with server using https lol? Anyway, even if you bring up a local DNS server, most likely the traffic will be encrypted, so the best solution is reverse-engineering and find encryption method before send and after recv.
@@partoftheworlD I doubt it uses plain HTTP…
what scares me the most is when i hadn't touched the game in like a year i wanted to try it out with some friends but i had gotten perma banned when i hadn't even played the game for "use of 3rd party programms" at first i though my account had gotten botted or something but it is deffinetly very weird to me still.
I have a SATA disk tray in one of my computers, which makes swapping HDD/SSD's quite easy.
I have a SSD disk that I use for stuff I don't trust, but I 'need' - and the system is ONLY used for that, and only when I need it.
Sadly there's plenty of questionable software, luckily there's something to be done so there's nothing of value if the system is compromised.
same but just with an isolated windows install, it has all the malware anticheat games
But it could still put your whole network at risk...
@@vianite2075 Possibly - but since I have no network devices connected.... ;ø)
If/when I need internet on the system I connect it through its own 'isolated' router, so I would say the risk is at - or very near - 0
Can you give examples what they can do with it? It was mentioned Vanguard is requiring high permissions. What exactly can they do with those permissions? mouseclicks? screenshots? keylog?
almost anything, the can even run a exe file, they can use your machine to ddos someone, or to run crypto, ecc, there is not that much of a limit
Anything on kernel 0 my man.
Everything that you mentioned and much more
- Modify kernel memory
- Inspect every process
- Change permissions
- Load new firmware (BIOS, vBIOS, ssd firmware...)
- Load new drivers
- Read and modify every file
And this list is not exhaustive lol
they could read all of your browser history and passwords from every user on the computer, download all your documents and pictures and analyze your data. They can do anything they want.
The same thing microsoft can do
You could reverse engineer the client to dump tls certs during the exchange, which would let you monitor the connections in wireguard. But i guess vanguard would probably kick in if its doing its job
I'm imagine this about on that HWID ban it is. If a player uses a main account that moves out to a new PC, and then, their account was banned for a new PC and will be gone forever.
literally 3 seconds before pressing the install button this video appears, thank you
Tbh this video is pure shit, go have fun on the game. Your phone, windows, google and TH-cam do has much has vanguard does
So i deleted valorant like last year i went and checked my process explorer and found that the kernel mode driver is actually still running, how do i quit out of the driver so i can delete it?
Open up command prompt as an administrator
type in "sc delete vgc" and then enter
then type in "sc delete vgk" then enter
reboot and then open up file explorer and go to C:\Program Files\
find "Riot Vanguard" right click it and delete it
viola
go to control pannel and delete valorant from there. it should give you the prompt of if you want to delete vanguard
Get yourself the free trial version of the REVO uninstaller since it uninstalls more than just the program itself but also everything else it at some point left in your system
@@eagleclaws1781Bruh. Settings has a uninstall button and worst case search the program in “This PC” of the files app. You don’t gotta install more software.
Excellent video, been suspecting Riot games, this time Valorant, just too good of opportunity for Tencent to miss on data collection. This is as close to evidence as possible considering encryption
Would you rather be spied on by a foreign government that has no jurisdiction over you, or your own government that has jurisdiction over you?
I regularly play valorant and I honestly didn't know anything about this. Great that you gave us awareness of it. Although, it's hard to convince myself to quit when I get a lot of joy playing the game. I'll take the warning and the potential risk I'm putting myself but until then, I'll continue playing Valorant with my friends.
Same. CS is just not beginner-friendly, and the amount of cheaters too. Tappy FPS are rare too.
clown
@@shulleon582 CS is literally the exact same shit.
@@randomvideoboy1...but filled with cheaters
most sane person here…