The developers of Apex Legends have announced that they're going to be blocking the game completely on Linux platforms including Steam Deck.
Writing in a post on X / Twitter I'll copy it below:
Hey Legends,
We’re sharing today that Linux (and Steam Deck using Linux) will no longer be able to access Apex Legends.
Our dev team wanted to provide a bit more context into this and share some of the decision-making process that happened along the way. As mentioned in our prior anti-cheat dev blog, competitive integrity is a top priority for our team and there are many ways in which we’re battling cheaters—this is one to add to the list. We remain committed to more regular updates on topics like this and appreciate your continued reports.
Read on to hear from our Anti-Cheat Team.
---
What’s happening?
In our efforts to combat cheating in Apex, we've identified Linux OS as being a path for a variety of impactful exploits and cheats. As a result, we've decided to block Linux OS access to the game. While this will impact a small number of Apex players, we believe the decision will meaningfully reduce instances of cheating in our game.
Linux is used by default on the Steam Deck. There is currently no reliable way for us to differentiate a legitimate Steam Deck from a malicious cheat claiming to be a Steam Deck (via Linux).
Decision making process
The openness of the Linux operating systems makes it an attractive one for cheaters and cheat developers. Linux cheats are indeed harder to detect and the data shows that they are growing at a rate that requires an outsized level of focus and attention from the team for a relatively small platform. There are also cases in which cheats for the Windows OS get emulated as if it’s on Linux in order to increase the difficulty of detection and prevention.
We had to weigh the decision on the number of players who were legitimately playing on Linux/the Steam Deck versus the greater health of the population of players for Apex. While the population of Linux users is small, their impact infected a fair amount of players’ games. This ultimately brought us to our decision today.
Next steps
To eliminate this cheat vector, we have made the decision to prevent access to the game for Linux users. This means that Apex Legends will be unplayable immediately for those running this operating system. Playing on handhelds, such as the Steam Deck, is still possible if the user opts to install Windows.
To clarify, this will not impact users who play Apex via Steam on Windows (or other supported platforms).
Thanks for everyone’s continual support and we look forward to sharing future anti-cheat updates!
---
This is only a part of our ongoing efforts towards Apex’s anti-cheat. We are continually expanding and refining our detection and banning capabilities globally. Keep an eye out for more news to come in the future. Please continue to report cheaters using the designated tools and channels. Your reports are helpful and matter to us and anti-cheat continues to be a top priority for us.
For future updates and the latest info, continue to follow us here or check out the Apex Tracker Trello for bugs or concerns we’re investigating.
Valve are really going to need to do something more about the anti-cheat situation on Linux. We only recently had GTA Online in GTA V blocked (single-player still works). EA also broke the likes of Battlefield 1 and various other multiplayer games as well on Linux / Steam Deck, and I did say it was likely only a matter of time until EA messed with Apex. The list of blocked titles just keeps going like Roblox too — it's just a repeating problem that seems to have no end in sight.
Soon then the official Steam Deck rating from Valve will drop from Playable to Unsupported. Update 18:16 UTC - Valve have now marked it as Unsupported on Steam Deck.
When you try to play on a Linux platform now, you're just given an anti-cheat message. So this is the end of Apex Legends on Linux and Steam Deck.
How much of a loss is it? Well, for Apex fans on Linux platforms it will of course be a big one. However, looking at Valve's own stats, Apex isn't actually in the Top 100 for the last month of most played games on Steam Deck. The past year though? It's number #48 overall.
Oh, and before you suddenly go "but…but Microsoft are banning kernel-level anti-cheat!" — no they're not. Various YouTube videos and other media made headlines about it, but they're wrong which I wrote about before. Even if in some far-away future Microsoft managed to do so, companies will still block Linux directly if they wanted to (and they already do like Roblox!).
In related news, Valve only announced yesterday that Steam store pages will need to properly note what kernel-level anti-cheat they use.
Unless something like PlaysafeID actually takes off - and let's be real, how many of us really want to submit our ID to play games? I don't see the pathway to take. Server side anticheat is unfortunately a dream (Poor Counter Strike), and cheats only keep getting more sophisticated. Is this problem solvable?
Quoting: BeamboomWhat's the server-side difference between a player with great game sense, and one with wallhacks?You don't send the position of other players to someone when they're not in view.
Quoting: Liam DaweQuoting: BeemerThey should put up stats. I want to see:This type of comment *always* seems to appear, and I'm seeing a lot of it across social media in reply to this news. I'm really surprised people don't understand, so here's it in simple terms.
- Total Linux user count pre-block
- Total of Windows user count
- Pre-block count of users allegedly cheating
- Post-block count of users allegedly cheating
The statements of "we've identified Linux OS as being a path for a variety of impactful exploits and cheats" and "this will impact a small number of Apex players," seemed a bit at odds. If it's such a small number, how are the hacks "impactful".
They install a cheat into your system to prevent cheating. It honestly should be illegal to do that.
They have all the metrics they need on their end to kick users or ban them. This is exactly whatA.I.expert systems are for.
There's a difference between counted players, and cheaters when these situations appear.
The number of Linux players will be (in percentage terms) low. The statements aren't at odds at all. Even a small number of cheaters can cause huge problems for the whole of the player-base, of which is mostly not-Linux.
You could have 100 Linux players, 1000,000,000 Windows players and 2 people on Linux doing cheats that affect everyone. That's what they mean. We've seen this info repeated by various developers, that Linux enables the cheats because it's harder for devs to block.
Hope people get that now.
Sure. But that's going by the assumption that people on Windows don't cheat or that they can effectively block 100 percent of cheaters on Windows. Which they can't.
The argument of "People on Linux cheat so fuck them!" is completely bonkers, as that would mean they should also block people using Windows from playing, because they cheat.
Who cares if 2 of the cheaters use Linux? If they are that concerned they should release an Apex Machine and only allow playing the game with that.
It's just treating Linux users as second class citizens because they are a minority. Nothing more.
Quoting: TurkeysteaksGenuinely asking here, what is the path forwards for this situation? I do not see how it can be solved. I love linux and the fact it is completely open, but that of course means it's also undoubtedly going to be easier to be malicious in. I will never switch to windows as I haven't for the few decades I've been alive (and we never had many of these games working on linux without a headache back then, aside from ID software <3). I am wondering however if my playable library is going to keep dwindling when it comes to multiplayer games. I love PVP shooters; I have many hours in Titanfall 2, COD WWII, Urban Terror & Wolfenstein, Q3A, even a chunk in Apex and Battlefield 4/V/1 which of course is no longer possible to play.
Unless something like PlaysafeID actually takes off - and let's be real, how many of us really want to submit our ID to play games? I don't see the pathway to take. Server side anticheat is unfortunately a dream (Poor Counter Strike), and cheats only keep getting more sophisticated. Is this problem solvable?
I have several conflicting answers.
Theoretical and practical.
Theoretical:
In theory kernel side checking doesn't actually add much.
It can always be edited out in the binary and mathematically users with physical access have root.
In that sense Linux openness doesn't do much damage.
Techinical:
If you ask the anti-cheat makers like easy anti-cheat and battle eye. They will tell you. "No problem."
This hides a lot of complexity here's a small slice of the technical state of the matter:
There're ways to do anti-cheat in a system you don't have superior control over, but each of these ways work on Windows too.
Server side code.
Obfuscation.
Captcha's.
sgx
etc.
Some of these ways are currently in use and others aren't.
Yet Windows has a significant amount of cheaters, so apparently it doesn't work.
I currently suspect only one way of doing this that might be Linux specific and nobody has tried it yet in that sense.
Ring 0- resource hogging(My hypothesis is that you might be able to hash check entire resource states in ways that would if subverted on the same system result in detectable longer load times. You're allowed to ask further I'm pretty proud of the trick.).
On Windows you can't do much you can't do on Linux as an anti-cheat writer, but you can feel safe knowing that you're one of the few with access to the kernel, while in Linux that number is potentially infinite.
By the way:
Kernel checks still work on Linux they're just slightly less effective.
Market-political:
Personally I suspect this is currently what we're encountering.
There're several players in the industry to which Linux gaming is not a profitable business anyway(not enough market share), but an interesting chess piece you can freely move.
EA has chosen to move against Valve who has incorporated the piece in their strategy, so breaking Linux is a good business move.
A comparable much bigger problem in this case is hardware attestation Android keyboxes:
Basically all android phones have hardware backed keys deep in the firmware(TEE).
These keys are the root of trust used for drm, custom Rom blocking, anti-cheat etc..
Each android phone Vendor has their own keys.
In the past Google(Seller of Pixel and Winedivine drm) has revoked several vendor keys(keyboxes), because the devices proved vulnerable to attack and the keys could be extracted out of the device, breaking all the functions reliant on these keys.
Not long ago someone pulled this on the beta version of the Pixel phone. At first Google revoked these key too, but that significantly angered their customers who want to be able to use a phone as such they reinstated the key and now there is a consistent crack for all these functions I mentioned before.
The same has happened before with all Qualcomm devices until 2013.
Google could revoke all these keys, but they would do too much collateral damage and as such they accept the damage.
For this problem I see two fixes(I'm a programmer not a marketer)
Positive reinforcement: grow the Linux userbase and general Linux gaming profit margin.
Negative reinforcement: Launch a fork of Proton/wine that specifically fixes detection attempts in blocked games.
My conclusion: the current primary obstacle for anti-cheat on Linux is market-political and the currently employed method against it is growing the Linux gamer userbase.
Last edited by LoudTechie on 1 November 2024 at 2:08 pm UTC
Quoting: TurkeysteaksGenuinely asking here, what is the path forwards for this situation? I do not see how it can be solved.The only way you can prevent cheating is by controlling (restricting) people’s actions. The only way you can catch cheaters in the act is by scrutinizing every action they take. This applies to everything outside simply video games. Sports competitions have blood tests to detect drug use. Exams have invigilators to spot concealed cheat sheets and other tricks. Card games have people watching for a literal card up your sleeve. Casinos only trust their own dice. Some methods are more invasive than others, but in each example they have the considerable advantage of holding the competition in person to visually keep everyone in check.
Online play lacks that last lever and is built on eminently fallible platforms with multiple points of vulnerability. User input must be sanitized to account for what’s humanly possible, but in real-time 3D games with freedom of movement, that’s a boggling amount of parameters to account for and since latency kills those games, you have very little time to make a decision when it comes to proactive processing (after-the-fact analysis and sanctions are another story of course). I imagine it’s a lot easier to validate a player’s actions in a turn-based game with a small set of well-defined possible moves.
So you have to restrict the player’s actions, and watch them closely in a way that you can trust what you are seeing. That’ll never happen if you don’t control the machine they use to interface with the game. And even if you do, there’s always things like having accomplices watch a competitor to gain illegitimate strategic knowledge in near-real-time. Remote competitions are a flawed concept altogether, as far as I see it. Rootkits are both necessary and still insufficient: you can’t spy on the player without them, but they still won’t catch everything either. So make your choice: accept that there will be cheaters and take reactive action to punish and disincentivize them, or don’t compete via the Internet. And since cheaters have no trouble evading bans in free-to-play games, the former is also a lost cause as long as you’re not playing in person.
Last edited by marcin1509 on 1 November 2024 at 3:33 pm UTC
Quoting: jensWhy don’t you just apply for the role to fix this?
I don't like corporations enough to want to work for one.
See more from me