• 0 Posts
  • 45 Comments
Joined 1 year ago
cake
Cake day: June 6th, 2023

help-circle




  • On the Steam Deck, while using SteamOS (or other Linux distros), EAC (and a few others like Battleye) run in userspace, not as kernel level.

    The intention of Anti-Cheat and DRM is to hide what they’re doing, in an attempt to prevent people from cheating or pirating. Malware often uses similar techniques to hide what it’s doing.

    Kernel level Anti-Cheat runs with the highest level of permission on your system, meaning it has access to everything happening on your PC, and all your hardware.

    That means kernel level Anti-Cheat can do whatever it wants on your computer, and it’s intentionally hard to figure out what it’s doing. Even though it’s probably not harmful, it shares a lot of similarities with actual malware, and we can’t be fully sure whether it is harmful or not. This is why a lot of people are against kernel level Anti-Cheat.

    EAC, afaik, has acted as just an anti cheat, and is therefore likely not harmful to your system. However, like other Anti-Cheats, it is harmful with the standards being set.


  • That’s, very odd. Just watched the bit about TP2 in the video, and I’m getting nowhere near that on my Steam Deck (non-oled).

    Setting everything to low, and FSR performance, it looks awful. There’s very obvious upscaling artifacting, especially during motion. Performance is playable at about 30-40 fps, except in the “starting hub” of the game, where performance can dip to 10fps at times (although no real gameplay occurs there).

    With everything being set so low, LODs are clearly visible, even on the small screen. Gaps in signs, thin walls, and stairs are visible from ~5 in game meters away.

    On the settings they show in the video, with a fresh save, I get similar numbers in the first couple minutes of the game, but FPS tanks after that. On a save further into the game, I’m getting maybe 20fps (50 when staring at the floor).

    The game is still very playable on the lowest settings, and if you’re into puzzle games like The Talos Principle, it’s still a good experience. I’m not normally one to stream my games from my PC, but The Talos Principle 2 is just a better experience with more powerful hardware.







  • This isn’t about “making the game work”, or “adding Linux support”. This is about toggling a checkbox to stop explicitly preventing Linux from working.

    The games that already did never faced a massive cheater problem because of it. The games that have stopped development long ago or “don’t care about Linux” (without preventing it with anti cheat) were still made playable by Wine and Proton.

    If the developer wants, they can add system info to their ticket system and filter out any Linux tickets. It costs a game developer barely anything to decide to allow Linux users. Linux support costs a lot, but valve, wine, and the community has been putting a lot of effort in so game developers don’t have to change anything about their game.


  • The times I calculated were indeed going over every possible combination, it would take half as long to crack a password on average. Considering reducing the time to 1/1000000 still leaves you with an incomprehensibly large estimated timespan, dividing that by 2 doesn’t do that much for making it brute-forceable.

    I did note it was specifically for 8 emojis, not 8 characters or bytes.

    And yes, it’s very impractical and likely to break things. It’s better and much easier to add extra letters, numbers, and symbols to your password rather than using emojis. Using a password manager is even better.

    As you stated, a single unicode character would mean your password wouldn’t be included with the potential options in almost all brute forcing tools. Whether you use 8 emojis or 1, your password likely won’t get brute forced.

    All of my “emoji password” numbers are if the attacker knows it’s a password containing exactly 8 emojis, and nothing more. Adding a regular symbols+upper+lower+numbers 16 character password would make it even more impossible to brute force.


  • For somewhat more realistic numbers:

    According to minerstat.com, an NVidia RTX 4090 has a hashrate of 118.07MH/s. This is 118.07 Megahashes per second, or 118.070.000 hashes per second. For a password with only 8 lowercase letters (208.827.064.576 combinations), it would take an RTX 4090 approximately 1769 seconds (or ~30 minutes) to go through all possible combinations. For an 8 character upper+lower+numbers password (218340105584896 combinations) it would take 1849243 seconds, or 21.4 days.

    For an 8 emoji password (32482071647592311234920185856 combinations), it would take 275.108.593.610.504.896.512 seconds, or 8.723.636.276.335 years.

    Lets say a magic prediction algorithm reduces the number of possible combinations in each password to 1 out of every 1 million previously possible combinations. 8 lowercase letters would be cracked instantly, while an 8 emoji password would still take 8.723.636 years.


  • NordPass is completely incorrect on the "it makes a password easier to “crack” thing.

    I absolutely don’t recommend using emojis in your password, as it is far too easy to get locked out. However, a password containing an emoji is significantly harder to crack.

    Hashing is a process used to calculate a large number based on some input data. If the input is the same, the output is the same. If the input differs just slightly, the output is completely different. This process is mathematically irreversible. Since this (and other techniques) is often used for passwords, to “crack”/bruteforce a password, the attacker has to go through every possible combination of input data, calculate the hash, and check if the hash is the same as the password hash.

    To make the process of bruteforcing a hash quicker, an attacker often makes assumptions about the input data. If they know a password contains 8 characters, and only lowercase letters, this massively narrows down the amount of passwords that need to be hashed and checked. If they know the password contains someones birth year, that too reduces the time to bruteforce a password.

    The more possible characters you have per position in your password, the longer it will take to bruteforce. An 8 character password with just lowercase letters has 208.827.064.576 possible combinations. This sounds like a lot, but it’s often bruteforced rather quickly. Adding uppercase letters and numbers to that, we’re already at 218.340.105.584.896 possible combinations. That’s ~1000x more combinations, and that’s for 8 characters. It’s the difference between bruteforcing taking a day, and taking 1000 days. (Do note an 8 characters lowercase password probably only takes like a few seconds to minutes, not a full day.)

    According to https://emojipedia.org/stats there are 3664 different emojis. Lets say we create an 8 emoji password. (some emojis aren’t one character internally, the same principle still applies.) Just 8 completely randomly chosen emojis. That password would have 32.482.071.647.592.311.234.920.185.856 different possible combinations. That is about 148.768.232.755.857 times more combinations than an 8 character uppercase+lowercase+numbers password. That is the difference between bruteforcing taking a day or taking 407584199331 years.

    The same things as non-emoji passwords still apply, you can make assumptions about which emojis are used. People aren’t entirely random, so chances are higher they used some of the more common emojis. However, that is similar to prioritizing the letter “e” because it is more common. Yes, it’ll probably reduce the time taken to bruteforce a bunch of passwords, but it’s not set in stone that every password will even contain the letter “e”.

    Again, due to the potential of breaking things, locking yourself out, etc. I DO NOT recommend using emojis. Use a password manager with longer passwords.

    However, including an emoji in your password makes it significantly more difficult to bruteforce. As the assumption that the characters in your password are letters, numbers, and symbols no longer holds, which drastically increases the possible number of combinations.




  • deadcade@lemmy.deadca.detoLinux@lemmy.mlHyprland is a toxic community
    link
    fedilink
    arrow-up
    74
    arrow-down
    3
    ·
    10 months ago

    I can personally vouch for how toxic the Discord server and its moderators/admins are. Went there for support (Hyprland was crashing on startup on AMD, sway worked fine), and was told something along the lines of “if you can’t figure this out you’re stupid and you should stop using Linux”. Figured out the issue on my own and stopped using and recommending Hyprland after that.


  • You either have broken permissions, or a broken drive.

    Try going into a terminal as your user, not root, and try creating a file in the directory you want to use for your Steam games. touch filename can be used to create files. If it spits back an error about permissions, you likely need to change ownership of the directory to your user. This would be sudo chown -R username:username /path/to/games/directory Make sure to only run this on a directory that’s not used for anything else, as it can break system components if you run it on the wrong files.

    If, when creating a file, you instead get a “Read only filesystem” or similar error, your external drive might be broken. This would be a whole separate thing to troubleshoot, and you’ll have to look up your specific error for further actions.