I love the Battlefield series but I’m not turning on Secure Boot for them. If it remains a hard requirement, I’ll simply be passing altogether.
I was able to get around secure boot by installing the beta on my PS5. From then, I had the pleasure of being unable to enter due to broken menus! Can’t complain for having spent nothing and having little trust in the franchise.
There’s nothing wrong with Secure Boot and enabling it can prevent a small subset of attack vectors with no real downsides. That being said, the things Secure Boot does protect against aren’t likely to be an issue for most users but it’s nothing to be afraid of.
If you want to install Linux, secure boot limits the distributions you can use. If you don’t then it’s whatever.
Zero issues on the mighty gecko distro. Not sure why’d you use anything else /s
I’ve tested the beta yesterday and only had to enable SB and leave it in custom mode - no need to sign & enroll the linux kernel(s) too
beautiful. fuck secureboot.
Why?
- some people run more than 1 OS
- some people actually program and need to load unsigned shit all the time
- some people have legacy hardware that doesn’t run with secureboot
- it is my decision and my decision alone how i boot my operating systems. not EA’s.
Im fairly certain any legacy hardware that doesn’t have secure boot as an option is going to struggle loading BF6 regardless.
The first two points are not related to secure boot at all.
you think loading my own kernel modules is not related to secure boot? i guess you don’t work in IT then.
Most people who work IT don’t even know what a kernel is, tbf
I recently had an rfid scanner immediately rma-d back that had just been returned to us. The new issue was caused by a setting and not by a defect. I asked our IT/help desk if it WAS a setting that could be changed
“I don’t know. I get the thing, I check these settings, I check those settings, that’s all I know”
😑😑😑
So me and another person are out of our equipment for another couple weeks while the scanner is sent back for “repairs” and the repair people will go “😑 tap tap tap idiots”
(Edit: I know it’s a setting because I talked with the other person who uses it and I explained the issue and he let me know it is something he changes)
It doesn’t matter which kernel modules are used, as long as you have signed those changes before rebooting.
You can’t install most linux distributions with secure boot enabled.
This is outdated information. Linux has supported secure boot for quite a while now.
And Microsoft is shutting out most third parties in the near future because of Crowdstrike, so Linux likely won’t be supporting Secure Boot in the future, even if someone did want to enable it for some odd reason.
Microsoft can’t stop you from signing images with your own keys.
That’s what I do, and it’s almost entirely automated on Linux these days.
Microsoft’s kicking third parties out of the kernel because of crowdstrike. Secure boot is a completely different thing Microsoft can’t kick people out of.
Really? Which would those be? So far I haven’t come upon one.
most Linux distributions
Yeah that simply isn’t true. I use Secure Boot on all my Linux installs - both in the deb and rpm ecosystem system.
- You can run more than one OS with secure boot enabled. It’s just a pain in the ass.
- you can run unsigned code on a secure boot enabled system.
- its 2025, what the fuck do you have that can’t secure boot by now?
- THIS is your winning argument.
(1) Yeah, well the secure boot keys needed for Linux distributions expire in September (https://www.tomshardware.com/tech-industry/cyber-security/microsoft-signing-key-required-for-secure-boot-uefi-bootloader-expires-in-september-which-could-be-problematic-for-linux-users), so that seems like a sustainable solution, sure buddy.
(3) What’s your income? What region of the world do you live in and what hardware is available to you? I’m still using an am4 platform PC as my daily driver because I can’t burn money. One of my buddies has an AM3 PC. Many people use modified surplus office PCs (especially in developing nations like South America or SEA), which don’t have secure boot as an option. Check your privilege, and maybe donate some of your spare hardware to those who need it, if you want to make this “a non issue” for everyone.
(4) Yeah. I own my hardware, I configure my software. I gut Windows like a fish and keep it on a leash for these games, and use Linux for my work and for the games that respect the ecosystem.
- New keys have already been released and you can always just create and enroll your own damn keys. This is sensationalist nonsense.
- “Check my privilege” over secure boot? Calm down, Karen.
- I think gaming on PC is going to get interesting in the coming decade as Microsoft kicks third parties out of the kernel (thanks crowdstrike!) and more and more people just stop putting up with windows. Enterprise in the US is hooked but everyone else? Na, they are gonna drop it.
Edit: these are listed as 1,3,and 4 in my post in voyager but lemmy shows 123. Interesting.
On the list thing, it seems that adding numbers with periods in a list seems to auto configure it to ascending numbers. That’s why I used (1) (3) (4). Weird, but I guess that’s the work around.
Enrolling your keys doesn’t work btw, because battlefield checks which keys you enroll, only accepting the default MS keys. Also on the hardware front, it is a big problem for gamers on a sub-300 USD budget these days - the best deals are on legacy hardware or surplus office equipment, mainly AM3-AM4 era.
The number list is how markdown works. You can enter all 1’s and it will automatically create ordered list.
Handy when you may need to edit list items, as you dont need to renumber even in plain text.
Markdown spec should allow for explicit number by using a bracket ‘)’ instead of a dot, but it may not work everywhere.
Let’s give it a go3) start from 3 1. Then 1. Continue- start from 3
- Then
- Continue
I don’t think he needs a winning argument. I think EA needs to justify this kernel level AC, not the other way around.
I’m agreeing with point 4.
You can run more than one OS with secure boot enabled. It’s just a pain in the ass.
Weird, for me it was just flicking the switch in UEFI and now Grub and through it Windows 10 and Fedora 43 boot in Secure Boot.
Needlessly intrusive. Can obviously be circumvented by cheaters anyway, so quite possibly superfluous. Apart from that it protects against the kinds of attacks that typically require physical access to the computer. If you have physical access you have full access anyway. Etc.
If you have physical access you have full access anyway. Etc.
You know secure boot was specifically made to protect users for this exact use case. Any tampering of the system will prevent the system from booting.
I get your pc, “tamper” it, then i install a fake bios that tells you all is well and that your tpm and secureboot and whatever else bullcrap they invent is still happy.
See the problem?
It won’t boot though, because the keys to decrypt the system are stored in the TPM.
Sure you could replace the whole OS, but that’s going to be very obvious and won’t allow you access to the data.
Isnt it possible to have a recovery key? Isnt that technically a backdoor? Maybe the terms are not correct but there is a way in physically.
A person with physical access can tamper with the OS, then tamper with the signing keys. Most secure boot systems allow you to install keys.
Secure boot can’t detect a USB keylogger. Nothing can.
The signature checks will immediately fail if ANY tampering has occurred.
Adding a USB keylogger that has not been signed will cause a signature verification failure during boot.
A USB keylogger is not detectable by the computer, not in firmware nor operating system. It passively sniffs the traffic between the USB keyboard and the computer, to be dumped out later.
If your keys are stored in the TPM for use during the secure boot phase, there will be nothing for it to log.
If you have physical access you have full access anyway
No, encrypt your drives.
It fucks with Linux. I literally just disabled it to resolve a driver install issue before this announcement was made.
Linux can run with secure boot just fine though. Use your distros documentation to set it up.
Secureboot doesn’t “fuck with Linux”. It does protect you from malware trying to install unsigned kernel modules.
Apparently that driver is unsigned, which is not the normal case nowadays.
Good to know, thanks
I was trying to install an Nvidia driver on Linux Mint, so I think I am safe.
Is that a realistic attack scenario that end users need to be concerned about?
Yes. That’s how you get undetectable rootkits.
This happens to roughly 1/3rd of all pc’s. But if you put secureboot ON and the FBI cant touch your pc
This type of attack has been seen in the wild for quite some time. Ultimately it’s a security vs convenience decision.
So I can’t play battlefield without TPM? I hate tech these days. My Ryzen board doesnt have it. Hence why I’m not on windows 11
I just refuse to enable it. It makes changing things a hassle.
Same. Keeps things simple with Linux, and Windows doesn’t even complain about it being disabled, so long as it’s present. I’ll never understand why it’s even required if you don’t even have to enable it.
So they can have an excuse to force you to upgrade to Windows 11 beyond “whoops, turns out making an operating system as a ‘buy once’ product is a bad idea.”
Joke’s on them; I already upgraded to Windows 11. I was among the first. It’s actually a solid OS once you disable all the ads and telemetry with O&O Shut Up 10.
Yeah I did the same using WinUtil. Still, I only fire up windows when I need to use software without native Linux support.
You can still get win 11 without TPM by using Rufus and bypassing TPM which will have to be done for a lot of old PCs and we will have to do it by October this year.
Didn’t Microsoft stop this in a recent-ish update? I remember trying it on a machine without TPM and it just didn’t work.
Bazzite worked fine though (after some headaches setting it up).
Does this disable updates though? My wife somehow had Win11 installed on her pc without enabling secure boot, and her updates got so far behind that now it refuses to update and needs to be reinstalled.
No it doesn’t, but I’ll try putting it on one of my older PCs again and report back I only use Linux
you will own nothing and be happy
Your anti-cheat doesn’t work anyway so let me play in linux you cowards.
Anyone with half a brain could see this coming from a mile away. My conspiracy brain almost thinks this is some concerted and calculated effort by Microsoft to artificially lock games to Windows through anti cheat. It’s disgusting, isn’t needed, and just plain isn’t effective. They can spew all the metrics out of their ass, we all know that it’s just not effective.
I am not sure about this conspiracy theory of yours: Microsoft does not want third party applications in the kernel space anymore.
https://www.theverge.com/news/692637/microsoft-windows-kernel-antivirus-changes
Not entirely;
https://github.com/microsoft/ebpf-for-windows
Microsoft just want that 3rd party code to interact in a more predictable way with the kernel
a year ago on Mastodon when EA started locking out games like Apex Legends, BF1, V, 2042, etc from Linux I said “I bet you Microsoft is about to launch a handheld and since they have a deal with EA and Gamepass they want EA Exclusivity on their handheld and to lockout Steamdeck/Valve” sure enough a few months later Microsoft announces their Xbox handheld with Asus.
And what’s the one thing they are getting fucking torched over even by Xbox loyalists? The price (Steam Deck has a cheaper SKU)
So you got the spyware without the benefits, that’s a hell of a surprise isn’t it?
But thank you for your money suckers!
This is where we need dedicated servers and self moderation
DayZ, Rust, TF2 and Minecraft were the model all along. Nice that it’s vindicated.
CS 1.6
This is where we need dedicated servers and self moderation
My knowledge towards battlefield games ends at BF4 but I’m pretty sure people pay to host custom servers, EA refuses to open source it and only supply a handful of third parties with the actual code for them to charge hosting fees.
I’m sure there is an NDA involved.
I only found out about this today from someone whose computer got bricked from trying to enable secure boot.
My machine went into a boot loop and I had to clear CMOS to boot again.
I wonder how many people without the resources to fix a problem like that easily are going to end up without computers for an extended period of time because of this.
Just clear the CMOS.
I had issues aswell where I couldn’t boot, and you wanna know why? Because I didn’t follow the step by step instructions EA tells you to follow. Follow those instructions, and it’ll work just fine.
I’m glad I didn’t enable Tivoization (Secure Boot) and TPM. Those suck, and actually froze our machines. It’s literally useless at this point.
Secure Boot isn’t Tivoization because you can enroll your own keys.
From my research, while I could see that being the case, “Secure Boot” is classified by the Free Software Foundation and the GNU Project as Tivoization, and GPL-3 was made to fix that. That’s how I saw it, at least.
The standard thing people refer to as “Secure Boot” allows users to enroll their own keys and thus is not TiVo. The ability to enroll your own keys is the distinguishing feature here - TiVo devices don’t let you do that, so you can’t sign your own thing and run it.
The FSF has various pearl clutching articles from the days of Windows 8 fretting about whether or not users would be able to install their own keys on Secure Boot devices, but here in 2025, most devices allow this. (I’m sure there’s a handful of bizarre laptops or whatever that don’t, but the vast majority of hardware I’ve seen is fine.)
Having Anti-Cheat of any kind outside of the game is laziness or lack of resources.
I believe just have physical limitations of the character or objects and verify the movement every once in a while to make sure that their movement is not super human (ie, aim bots).
You don’t need a kernal level anti-cheat.
The best thing is back when Battlefield was Battlefield, it would self-regulate because most people played on self-hosted servers, so cheaters and bad actors were taken care of swiftly. But now they want their own control to put shitty bots and SBMM in the game, so here we are.
This whole game is a case of the devs making bad decisions and then instead of changing them decisions, they apply the quickest bandaid fixes they can.
I don’t think the devs have much to do with these decisions
Overall scope was set by EA, they wanted a more mainstream shooter to compete with the likes of Call of Duty, so they could jump into the seasonal content/battle pass grind. But the devs made all these little individual decisions that add up.
Kernel anti-cheat does absolutely nothing to prevent aimbots/triggerbots, as most are run using 2 separate machines, anyway. The first machine runs the game in a totally clean and legitimate environment, but sends its video output (either using standard streaming tools like OBS or by using special hardware) to the 2nd machine. The 2nd machine runs the cheat and processes the video to detect where to aim and/or when to shoot, and sends mouse input back to the 1st machine.
I would have thought this would introduce enough latency to make an aimbot ineffective, but I know nothing about the cheating scene
Colorbots are extremely efficient and can be run on just a raspberry pi.
Human reaction time is ~200-250ms, while the cheat will be introducing easily less than 10ms of latency.
I’ve never used cheats in a video game because I don’t see the point and it would spoil the fun of playing, but as a software developer, it is interesting to learn about how they work and are implemented
that’s super impressive to me, and I guess explains why any client side anticheat is ineffective vs a determined cheater, rootkit or not.
thanks for the explanation! I miss when anti-cheating measures involved actual human beings administrating servers
It takes more work and resources to do what they’re doing. They already do server side anti cheat. And realistically, this is more effective than not doing it, though it definitely still gets defeated anyway. I would say the things that it asks of the customer are not worth the trade even if they were 100% effective, but they are more effective.
That doesn’t cover wallhacks.
Wall hacks could be defeated by the server only reporting the positional information about enemy players to game clients when it detects that the client player’s camera should be able to see some part of the other player’s silhouette. This is possible, albeit computationally expensive, but the main functional issue is latency. Nobody wants enemies magically popping into view when their view changes quickly because their ping was more than 6ms lol
And they should just make good games too, right?
The issue with “just analyze the players” is that it is VERY expensive computationally. And it causes issues with non-official servers as it drastically increases the cost of a dedicated server and makes a listen server nigh unusable.
To be clear: I do not think the kernel level anti-cheats are a consumer friendly solution. But it takes a special kind of arrogance to insist you know better than decades worth of research and work in trying to stop hacking.
Hm, yeah, it’s something every developer should know; client-side validation of input still needs server-side validation, because client-side is not reliable, no mather what you force on them.
Why are people like this. How does this make gaming enjoyable?
Honestly, if I had the skills I’d be doing that as an explicit fuck you to the draconian anticheat bullshit they force on everyone, because what better fuck you than showing all that effort was for naught, especially close to launch.
EA can go fuck themselves with the world’s biggest cactus.
I prefer “fuck you with an anchor”
I love that track, but have to skip it regularly with my kid in the car lol
There’s a kid friendly version. Flipped with a sausage.
And one for dogs as well.
I have ‘for dogs’ on my radio already, but I might put the sausage one on too, that’s great
A lot of hacking in valorant is about this tbf (and to more efficiently sell boosts)
For some people the only things that brings them joy are 1) winning 2) making other people suffer
Or developing cheats. It sounds really fun and you get to grow by keeping on top of the anticheat.
It’s fun to cheat in games, that’s why we have cheat codes.
Also there’s the competitive side of it where not getting caught is a skill and glitching is just game knowledge.
They’re gonna kill this game aren’t they.
It’s already dead mate. Hop on the finals, we got linux support.
Nah. Everyone wants tpm 2.0 Ask Microsoft
Game is generic enough, so it’ll keep a playerbase.
There aren’t exactly a wealth of games doing what Battlefield does outside of Battlefield itself.
Battlebit is fantastic. The only reason it hasn’t taken off is because of gamerbros that can’t handle anything besides realistic graphics
It did take off for a time, and now it looks like it’s an early access game that hasn’t had an update in 19 months. And I can tell you that if they don’t let me host the server myself and play via LAN, they’re not solving any problems for me over Battlefield.
I love Battlebit and its a fun time, but it already did take off, sold literally millions of copies (nearly 2 million in its first 2 weeks), and then was effectively abandoned by the developers.
The developers recently made a Steam post that they are coming back with a big update so… Here’s hoping
I can handle the graphics, I just suck too much at the game
Yeah well too bad that ship has sailed as well. Such a shame, BF2, BC2 and BF3 were quality games, just needed a modern take of one of those instead of whatever this is we got.
That hardly makes it generic though.
If you’ve played any triple A shooters, you’ve played them all.
Very untrue, but okay.
I have a feeling they are
Pretty much the same as all the other modern BFs. They all had cheats in the Beta/early release versions. I’ve played and own literally every BF game since the original release of 1942. Cheats have always been present more or less.
More proof that anti-cheat and bans just isn’t a working approach.
Almost every cheater I’ve talked to or seen interviewed has said they do it because they like winning. If thats the case, pushing them away isnt getting rid of them, its making them try to win harder, and they are literally spending money to make that happen.
This means, there is a market for cheaters, one that publishers and devs simply assault instead of realizing they could replace it entirely.
Create a marketplace in your game for cheats. When a player buys a cheat in game, they can turn it on but only in a specific playlist that cheaters get to play in. You dont need to own or turn on cheats to play in that playlist, in case you feel like challenging yourself, but cheaters can use them as much as they want in that playlist. If a cheater wants to go into cheat free playlist, their cheats get turned off by the game and they have to play like everyone else. Cheat free playlists can have cheat detection, and if you are caught cheating then you get banned from cheat free playlists permanently, but you arent banned from the game or the cheat playlist.
This deters cheaters from paying third parties for cheats, gives them a space to experiment in, makes money for the company running the game, and reduces the amount of cheaters in regular public lobbies. It also creates a space of challenge for people who don’t cheat, sorta like how people will do no death runs in souls games.
Sure, it isnt a perfect solution, but its far better than punishing every player with invasive tech, while simultaneously letting a market of cheat sellers thrive. For a bunch of capitalists, its wild they haven’t realized they are missing out on money with cheats.
I suspect that if you’re now playing where everyone else gets the same advantages, that ruins the fun of having cheats
If not and the cheats themselves are just that fun to use, sure, add it in as another gamemode
…alternatively just shadow ban all the cheaters into cheater only lobbies.
Nullsec
