Don't want to see articles from a certain category? When logged in, go to your User Settings and adjust your feed in the Content Preferences section where you can block tags!
We do often include affiliate links to earn us some pennies. See more here.

Tim Sweeney has a point about Fortnite EAC support

By -

One of the big topics of discourse in the Linux gaming sphere recently has been Tim Sweeney's statement on porting Fortnite to the Steam Deck, where Sweeney argues that Linux would be too difficult of a target and the market not big enough to warrant the amount of resources it would take to bring all of Fortnite on the platform.

The central crux of the issue, from Sweeney's point of view, is that making Easy Anti-Cheat, with all of its capabilities, run on Steam Deck (and thus on Linux) would be extremely difficult. He argues, that for a game of Fortnite's size this would open the flood-gates to significant influx of cheaters.

There have been some responses to this from the Linux side, with some accusing Sweeney of exaggerating the difficulty of such a port or that his statements are conflicting, because he simultaneously believes the Linux market is too small to be worthwhile but also would provide a way for too many cheaters. I will address some of these aspects a bit later, but for now let's focus on the main technical blocker, which is Easy Anti-Cheat.

Easy Anti-Cheat, or EAC, is an anti-cheat solution which apparently comes in a few configurations. We know that it can be run in a configuration where it is compatible with Linux/Proton apparently with just a relatively simple toggle. However, this mode of operation is seemingly a comparatively high-trust configuration, where only part of the anti-tampering protections of EAC are active. This may prevent some cheats but fail to detect others, which can be perfectly reasonable for games, where the number of cheaters and potential cheaters are fairly low or other systems complement the anti-cheat solution. There are plenty of games, even some popular free-to-play titles, which at best have this level of anti-tamper protection and they don't seem to have a major cheating epidemic, so clearly in many cases this should be enough. We also don't know the scope of cheats that are detected by EAC in this configuration, so this system by itself may already be fairly comprehensive.

EAC also contains a kernel-level component, which on Windows is installed as a kernel driver. This allows EAC code to run at a very privileged level and inspect essentially any and all parts of the system in order to detect tampering. This provides a very broad level of monitoring, which is also harder to bypass. Based on Sweeney's comments, this is the mode of operation used by Fortnite. It is also a mode of operation that is technically incompatible with the Linux way of doing things.

In Linux, the standard way of delivering drivers is by submitting the driver into the kernel source code tree, which naturally requires that the driver be open source. Most drivers are delivered this way, where the driver gets tightly integrated into the kernel and the drivers are updated when the kernel is updated. There are of course some notable exceptions to this rule, the largest of which is the Nvidia driver. The Nvidia driver is instead loaded as a separate kernel module, which allows Nvidia to keep its source code hidden, but also allows the driver to be updated separately from the kernel. So, EAC could surely use this approach as well, right?

The separate kernel module approach comes with some gotchas. Firstly, the kernel is licensed under GPLv2 and many of the parts in the kernel require the calling code to also be GPLv2 due to the "viral" quality of GPL. This means that, legally speaking, if Epic were to turn EAC into a kernel module and started poking around the kernel APIs, they'd have to open source EAC or they'd be in a legal grey area. The first approach is obviously not possible due to their business model and the second is at least not a great look.

Another problem with separate kernel modules is that the Linux kernel only guarantees a stable user-facing interface. This means that almost anything is allowed to change inside the kernel as long as user-level programs continue functioning. This is also the reason why sometimes the Nvidia driver stops working when you upgrade from one kernel to the next without installing an up-to-date Nvidia driver as well. So, when Sweeney is complaining about the multitude of kernel configurations, he's not wrong. EAC would need to maintain a compatibility shim similar to that of the Nvidia driver, which ensures that the EAC kernel module functions with each kernel version out there. Every time the kernel updates, an EAC engineer would need to go over the changes and update the compatibility shim every time there's a breaking change while still maintaining the compatibility with older kernel versions.

Theoretically you could overcome this problem somewhat by only targeting the Steam Deck and its SteamOS. This would give you a single kernel version to target, although Epic would need to negotiate with Valve in order to ensure their driver is somehow shipped with SteamOS.

But the problems don't end there. Since Linux is a fully open platform, there is technically nothing that would prevent a determined cheater from cracking open the Linux source code and making some tactical changes to how the kernel behaves, building the kernel and then making the EAC kernel module blind. On Windows the EAC developers can assume that the black box that is the NT kernel is at least somewhat difficult to modify by users. This means that in kernel-space they can assume some level of security through obscurity. On Linux this assumption does not hold. The only way for Epic to overcome that problem would be to negotiate with Valve to lock down the Steam Deck, which Valve has already decided not to do.

So, from EAC's point of view the Linux platform can never be quite fully trusted, which is entirely fair, because from the user's point of view EAC can never be quite fully trusted.

But surely Epic could still somehow bring Fortnite to the Steam Deck, right? Surely they could ship a version of Fortnite without the kernel-level component, right?

That they could, which brings us to the points about market share and the viability of cheating. Sweeney argues that the Linux market is too small, which initially sounds a bit odd because he then goes on to worry about the large numbers of cheaters. The kicker is here that the small Linux market doesn't necessarily guarantee a low number of cheaters. If it turns out that certain cheats are possible via a Linux version of Fortnite, this will attract some cheaters to use the platform in order to bypass EAC. It won't be all of the cheaters, many casual cheaters would likely not bother to learn Linux in order to cheat in a video game, but there is no doubt a group of cheaters that would take the opportunity. So, Fortnite would see some increase in cheating, but without good data it is hard to determine how big that effect would be. However, considering the popularity and free-to-play nature of Fortnite, it could very well be that it would be an attractive enough target for cheaters to attack even if there is a slightly higher initial investment. Cheat makers on the other hand would probably eventually find ways to package their offerings in an accessible enough format, like boot-to-cheat USBs or pre-configured VM images.

Some solutions to this problem have been proposed. For example, they could silo Steam Deck/Linux users in such a way that they will never come into contact with the rest of the playerbase. This would contain cheating, but it's also a hard-handed measure that would likely be unpopular. It would also require some amount of work to accomplish and I think it's fair for Epic to discount options that would cause extra work on them.

So, what's the solution to the problem? Here's the thing: I don't think there is one. My personal opinion is that client-side anti-cheat is fundamentally limited and taking it into the kernel is a bandaid that comes with excessive cost and is simply incompatible with the Linux platform. So, as long as Epic insists on maintaining its current anti-cheat approach with Fortnite, I just don't think there's going to be Fortnite on Linux.

And that doesn't mean Tim Sweeney is wrong or lying about the difficulties of adapting that approach to Linux. It just means that a new or different approach is needed in the future.

Article taken from GamingOnLinux.com.
54 Likes
About the author -
author picture
I'm a Linux gamer from Finland. I like reading, long walks on the beach, dying repeatedly in roguelikes and ripping and tearing in FPS games. I also sometimes write code and sometimes that includes hobbyist game development.
See more from me
The comments on this article are closed.
All posts need to follow our rules. For users logged in: please hit the Report Flag icon on any post that breaks the rules or contains illegal / harmful content. Guest readers can email us for any issues.
141 comments
Page: «3/8»
  Go to:

Nic264 Feb 9, 2022
The decision not to enable EAC/Proton for Fortnite makes sense, since it apparently doesn't have anything better than that kernel-level black-box to fight cheaters… (importantly, people have nothing to loose for cheating)

But what's irritating is how vocal Sweeney can be about “open platforms” in his position against Apple, eg. excerpt from a recent Tweet:
Having a truly open platform is best!
…and at the same time he rejects one of the most open platforms there is, because it actually gives complete control to the end user.

So what's his definition of “truly open platform” exactly? It can't be too open if you don't want to trust the end user…
rkido Feb 9, 2022
Games like Fortnite should be run exclusively from the cloud. Cloud exclusivity would make cheating a lot harder than it is now (at best you'd be limited to now-ancient techniques of using CV-based aimbots, etc.), would enable anyone with a web browser to play (including iOS and Steam Deck users), would keep client devices free of malware, and would reduce overall game development costs by limiting it to just one OS/platform.

Normally I despise cloud gaming because I want to be able to run my collection of games in 40 years and have the exact same experience as I would have with them today. But making massively multiplayer games cloud-exclusive is a sensible exception; these games live or die not with the ability to run the game's binary, but with their large communities of players. Of course I would still want the binaries released once the game shuts down so that enthusiasts can still play on private servers.
1xok Feb 9, 2022
Let's stop wasting our time thinking about this negative nonsense that Sweeney has once again put out into the world.

Valve releases Portal 1+2 on the Switch. :D

No joke: https://www.youtube.com/watch?v=wMQASUA_1Do

EDIT: The point is simply this: If the Steam Deck becomes a success like the Switch, then Fortnite will come for it too. If not, then it won't. In the end, it's not a technical question.


Last edited by 1xok on 9 February 2022 at 11:22 pm UTC
Lofty Feb 9, 2022
He looks at Tim Sweeney saying X, and at many people saying hostile things about Tim Sweeney saying X, and considers that many of those hostile things are not well informed, and that after all Sweeney is an important man at the top of a large company. Plus, frankly, honourable people tend to just imagine certain basic levels of conduct in others. So his instincts tell him that he shouldn't react in a knee-jerk fashion like the hostile people, and that he should give some benefit of the doubt to Sweeney because come on, surely an important person in a public role wouldn't just be lying through their teeth. And so, he starts thinking about ways in which Sweeney's claims could be true, and comes up with some.

It's human nature and though some humans cannot be as easily fooled, when those who are honorable (or perhaps at worst immature / gullible) place a blind projection of trust to authority thing tend to go bad pretty quick. Many people throughout history have been taken advantage of by such people.


Last edited by Lofty on 10 February 2022 at 1:32 am UTC
STiAT Feb 10, 2022
NVidia manages pretty well with a binary driber and akmod though. It's not as if there could be no EAC module, but it's certainly out of scope for steam to provide it, that would be on the disto level.

And that's probably not hard on Steam Deck, but it may be hard getting distros to support it.
slaapliedje Feb 10, 2022
Wouldn't the much greater marker on Android make it that much more susceptible to cheaters and thus much more profitable for a cheat-dev to write an exploit for?

A quick google shows that cheats for Fortnite on Android is just a simple APK that you can sideload, what those do is apparently to replace the Fortnite launcher with one patched to load the cheats.
It might be, if there is demand for exploits and cheats. Hell, maybe there even is a Fortnite cheating problem on Android. But clearly Epic's calculus says that it's worth the money to compromise. Otherwise they'd pull the plug on Android, right?

My whole argument hinges on the simple fact that Epic does not want to compromise with the Linux/Deck market. If Epic was willing to compromise we could hand-wave literally all the technical hurdles, because if Epic really really wanted the game to be available on the Deck then they could obviously make that happen. They aren't interested in compromising and at least claim to want to run their full-blown EAC on Linux and my argument is that it's never going to be a viable approach.

Getting Fortnite to run on Linux is not what I am claiming to be impossible here. It's the set of demands Epic is putting on Fortnite running on Linux that I am claiming as at least highly impractical.
Here is what it comes down to;
Fortnite is a money printing machine for them.
If you had a money printing machine, would you want to share that money?

I don't think Sweeney really ultimately cares if people cheat, as long as he gets that $$. But Linux still has that 'it's for hackers' reputation. So him saying some sound bites that Linux is too hackable so there isn't a way to prevent cheating, he can feel happy knowing that he'll still just be printing money.

The fact that they have supporting EAC through proton... but specifically are not allowing Fortnite that uses it 'because it isn't worth it, and OMG cheaters!' is pretty weak. He should just say 'because money money money! I love GOLD!' And stop making an ass of himself :P

(Brought to you buy dontbeanass.org)


Last edited by slaapliedje on 10 February 2022 at 12:06 am UTC
oberjaeger Feb 10, 2022
I do believe a solution could be found, if it is really wanted. I believe creating a kind of trusted bubble should be technical possible, and it should be no problem for a program to check if the kernel (or the bubble) has be corrupted.
Beemer Feb 10, 2022
Ugh...this whole thing about anti-cheat "whatever" is moot. I forget who said this, but it was 10 or more years ago : "The client is the enemy". I've never understood the server/client anti-cheat design that puts the anti-cheat *on the client*. No matter what you install, you cannot trust that the client is not compromised.

All the metrics we can get today should let companies like Epic or Steam aggregate the data to pull out the cheaters. Why don't the servers aggregate data on kills per sec or min? Or player time to return fire? Is the player aimed in on an opposing player for x amount of time while obstacles block the view? It's all data that can show when someone displays a super-human statistic.

Honestly, you don't even need to ban those folks. Use the data and match-makem against each other - keep them out of games where they'll simply dominate. Data will show those that are just good vs those that are artificially good.

It's like all the bots buying up the graphics cards. They're not completing purchases like a human. They bypass store pages and complete transactions within seconds. Why are those being allowed priority over legitimate retail purchasers?

It would make all this hoopla over installing anti-cheat non-existant.
t3g Feb 10, 2022
To be honest, I'm sick of Epic in general. I hate that they don't support Linux and are trying to gain marketshare by throwing money at developers with these timed exclusives. Also not too happy that Tencent has a 40% stake in the company. Is all of our data going to China? Ugh.

This narcissistic attitude towards non Windows platforms by Sweeney makes me not want to support that company if I don't have to. Seeing as I never paid money for a game on Epic Games Store, I could care less.
Purple Library Guy Feb 10, 2022
Sweeney is wrong and I'm happy to explain why.

Anti-cheat systems for games exist for one and one reason only: It's a hack that allows game devs to write insecure implementations in which the data from the clients are trusted implicitly by the server because coding the server to properly validate all of the input is a hard and expensive (in terms of processor power) problem to solve.

If multiplayer games were written like proper web applications are, this would not be an issue. To be clear, web applications run inside a browser, virtually every one of which has an easy to access dev console that allows users to modify any part of the client side code and client side behavior of the application. Yet despite this it is possible to write a secure web application. That's because the server component of a properly written web application does not trust it's clients implicitly and double checks everything the client attempts to do against a set of rules.

Multiplayer games don't do this. To work around this, they implement anti-cheat systems which rely upon invasive kernel level hacks and monitoring to try and determine whether a user is actually playing or just cheating.

This entire approach is inherently flawed and until the game industry pulls its head out of its collective rear end, this will continue to be a major stumbling block. There is absolutely no good reason why a stupid game needs to be running kernel level code. None at all.
That may all be true on the broad scale, but it doesn't really relate to the specific issues the CEO of a firm publishing anti-cheat software has to deal with here and now. You could be right about the overall issue, and he could still be correct and above-board about whether he should be enabling EAC on Fortnite on the Steam Deck. I don't think he is, mind you--I'm just saying the two things don't address each other directly.
toor Feb 10, 2022
Ugh...this whole thing about anti-cheat "whatever" is moot. I forget who said this, but it was 10 or more years ago : "The client is the enemy". I've never understood the server/client anti-cheat design that puts the anti-cheat *on the client*. No matter what you install, you cannot trust that the client is not compromised.

All the metrics we can get today should let companies like Epic or Steam aggregate the data to pull out the cheaters. Why don't the servers aggregate data on kills per sec or min? Or player time to return fire? Is the player aimed in on an opposing player for x amount of time while obstacles block the view? It's all data that can show when someone displays a super-human statistic.

Honestly, you don't even need to ban those folks. Use the data and match-makem against each other - keep them out of games where they'll simply dominate. Data will show those that are just good vs those that are artificially good.

It's like all the bots buying up the graphics cards. They're not completing purchases like a human. They bypass store pages and complete transactions within seconds. Why are those being allowed priority over legitimate retail purchasers?

It would make all this hoopla over installing anti-cheat non-existant.

I guess the difficulty comes from collecting and processing this data automatically.
Also that wouldn't help for certain games, like for instance, how do you tell if the player has a wallhack, or a aimbot? I mean you could hardcode some rules, but then the cheaters just have to find out those rules and try to act legit.
Furthermore it depends on what is processed on the client that isn't sent to the server.
The only way to ensure would be… Stadia or such. Then the only things that the clients can cheat on are the controller inputs.


Last edited by toor on 10 February 2022 at 12:56 am UTC
braiam Feb 10, 2022
building the kernel and then making the EAC kernel module blind

If I'm not mistaken, user space (and kernel ring) code can ask the kernel if it's in lockdown mode which makes sure that no non-signed module is loaded and ask for the sign key. The same utilities that are available for the would-be cheat developers are also available to the EAC module. It's costly? Yes. It's doable? Also yes. So, for now is just a chicken game, if many people buy the steam deck and those people ask why is their device not supported, the Epic would have to invest in developing.

What I hope is that they don't invest 0 until that time arrives (which would arrive).
denyasis Feb 10, 2022
Thank you for the article Samsai

It's nice to have a calm voice amidst the hyperbole.

I do wonder if a possible solution may appear: volume.

Technical concerns seem to amount to the possibility of an increase in the ratio of cheaters to players.

I can see that as being a very sensitive topic to Epic. If cheating is presumed inevitable, then the concern that anything come potentially upset that ratio and effect the "experience" is probably very real. I expect it forces them to be very conservative when looking at new platforms, especially one like the Steam Deck, where there are no usage statistics. They have nothing to really make an informed decision with and don't want to risk damage to the brand at all ( even if remote).

Now if the Deck is a huge success, I can see Epic re-evaluating. I just don't see them doing anything that could even remotely jeaopordize their cash cow.


Last edited by denyasis on 10 February 2022 at 1:19 am UTC
AussieEevee Feb 10, 2022
Other companies manage anti-cheat just fine. I've been playing World of Warcraft on Linux for a decade now, and Blizzard's anti-cheat has been notorious. Valve's anti-cheat works just fine too.

This is an excuse. If Sweeney doesn't like Linux, He should say so directly. Don't make excuses.
Chronarius Feb 10, 2022
Thanks for your article, but I have to disagree. Linux has several techniques to prevent your scenarios. for example "signed kernel modules", Secure Boot. GPL isn't a problem. Has anyone sued NVidia yet for their way?

We are talking here about Windows-Games are running with Wine/Proton on Linux. This is the problem. If Cheaters want they can use this combo already!!!

IMHO The real reason is that Tim Sweeney is not interested in supporting Valve and Linux, and throws a FUD smoke grenade, with lots of excuses why he can't support EAC on Linux Proton. Also there is a new version of EAC on the way. This new version EOS will require an Epic account even if you haven't bought the game from Epic!

In short: Tim Sweeney is a lying hypocrite!

BTW: What about the other Anti-Cheat-Tools which announce to support Linux and Wine/Proton-Environment?
Shmerl Feb 10, 2022
And that's probably not hard on Steam Deck, but it may be hard getting distros to support it.

I doubt any distro will willingly offer support for malware level kernel module.
Mezron Feb 10, 2022
View PC info
  • Supporter
The one platform that would've ticked all the boxes is, of course, Stadia. Epic didn't want to go through Google's payment methods though, and Google wasn't about to give that up either, but it would've solved the cheating problem and given GNU/Linux users a way to pay play it.

I agree with this 100%. All online only games should be on the cloud if the cheating is such an issue. Take the client side problem out completely.
RCL Feb 10, 2022
To all people saying that not trusting the client or moving the game to the cloud is the solution - you seem to ignore the existence of network latency. This is a real issue for the fast-paced games that Fortnite is. Client-side prediction and control is essential to providing the smooth feeling of playing the game. So no, unfortunately there is no easy way around "client-side anticheat" problem. This is not about the laziness.

Also don't think that the cheaters are not going to be Linux-savvy. They are eager to learn any tool that gets their job done, and they aren't fanatical or ideological. Here's an example why we cannot have nice things: https://aixxe.net/2017/06/kernel-game-hacking
Hooly Feb 10, 2022
View PC info
  • Supporter
Thanks for the write-up! Interesting read. I still think that if Valve provided a measured boot facility where a user-program could verify that it is running on an un-modified kernel then EAC could assume that there are also no kernel-level cheats present and that all kernel-level introspection APIs present correct and unmodified results.

So I'm not sure that a kernel level component is actually required. Mind you that measured boot does not imply that the platform is locked down. It only implies that user programs can check that the system was booted in a known good configuration. You are still free to modify it, however a cheat detection program such as EAC could then refuse to run.
1. Measured boot uses the hardware-capabilities to ensure that the software you run is from a certain source (enrolled platform key) and hasn't been tampered with.
2. A software running on such a system cannot verify that the hardware did what it claims to have done. (Hardware always beats software)
3. There are ways to attest the integrity of the system at runtime, via a TPM or the upcoming Pluton chip in Zen3D CPUs.

The problem is that even a TPM or Pluton would be unsuited to combat cheaters.

A cheater could simply modify one system and keep another "legit" one. When something asks for a verification, you send that request to the legit machine, have it attest that everything is ok and send that back instead.

This is also why TPMs aren't used to enforce DRM, btw.
Shmerl Feb 10, 2022
So no, unfortunately there is no easy way around "client-side anticheat" problem. This is not about the laziness

It totally is about laziness, or more exactly about greed. You can develop AI to detect "cheating" by analyzing user's behavior on the server side and continue improving it to maintain a level that's "good enough". The elephant in the room is that there is no need for "perfect" anti-cheat. And their client one isn't perfect anyway. They simply don't want to spend on AI. It's much cheaper to force spyware on the user and pretend it's the right way to solve the problem.

Also, attitude of developers who push this trash is simply disgusting. Check this for example:

https://www.leagueoflegends.com/en-us/news/dev/dev-null-anti-cheat-kernel-driver/

This isn’t giving us any surveillance capability we didn’t already have. If we cared about grandma’s secret recipe for the perfect Christmas casserole, we’d find no issue in obtaining it strictly from user-mode and then selling it to The Food Network. The purpose of this upgrade is to monitor system state for integrity (so we can trust our data) and to make it harder for cheaters to tamper with our games (so you can’t blame aimbots for personal failure).

Hear that? These idiots are claiming that their increasing spying on your is OK because they already could spy on you. With this kind of garbage logic, there is no end to it.


Last edited by Shmerl on 10 February 2022 at 7:05 am UTC
While you're here, please consider supporting GamingOnLinux on:

Reward Tiers: Patreon. Plain Donations: PayPal.

This ensures all of our main content remains totally free for everyone! Patreon supporters can also remove all adverts and sponsors! Supporting us helps bring good, fresh content. Without your continued support, we simply could not continue!

You can find even more ways to support us on this dedicated page any time. If you already are, thank you!
The comments on this article are closed.