this post was submitted on 07 Jul 2026
150 points (99.3% liked)

Games

49466 readers
976 users here now

Welcome to the largest gaming community on Lemmy! Discussion for all kinds of games. Video games, tabletop games, card games etc.

Rules

1. Submissions have to be related to games

Video games, tabletop, or otherwise. Posts not related to games will be deleted.

This community is focused on games, of all kinds. Any news item or discussion should be related to gaming in some way.

2. No bigotry or harassment, be civil

No bigotry, hardline stance. Try not to get too heated when entering into a discussion or debate.

We are here to talk and discuss about one of our passions, not fight or be exposed to hate. Posts or responses that are hateful will be deleted to keep the atmosphere good. If repeatedly violated, not only will the comment be deleted but a ban will be handed out as well. We judge each case individually.

3. No excessive self-promotion

Try to keep it to 10% self-promotion / 90% other stuff in your post history.

This is to prevent people from posting for the sole purpose of promoting their own website or social media account.

4. Stay on-topic; no memes, funny videos, giveaways, reposts, or low-effort posts

This community is mostly for discussion and news. Remember to search for the thing you're submitting before posting to see if it's already been posted.

We want to keep the quality of posts high. Therefore, memes, funny videos, low-effort posts and reposts are not allowed. We prohibit giveaways because we cannot be sure that the person holding the giveaway will actually do what they promise.

5. Mark Spoilers and NSFW

Make sure to mark your stuff or it may be removed.

No one wants to be spoiled. Therefore, always mark spoilers. Similarly mark NSFW, in case anyone is browsing in a public space or at work.

6. No linking to piracy

Don't share it here, there are other places to find it. Discussion of piracy is fine.

We don't want us moderators or the admins of lemmy.world to get in trouble for linking to piracy. Therefore, any link to piracy will be removed. Discussion of it is of course allowed.

Authorized Regular Threads

Related communities

PM a mod to add your own

Video games

Generic

Help and suggestions

By platform

By type

By games

Language specific

founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[โ€“] artwork@lemmy.world 12 points 1 day ago* (last edited 1 day ago) (1 children)

To understand why the requirements keep escalating, follow the arms race. Cheats started in user space, so anti-cheat moved into the kernel to see them. Cheats followed into the kernel, and then below it into hypervisors - so anti-cheat added hypervisor detection and began demanding a verified boot chain. Every time the cheat drops a layer deeper, the anti-cheat has to demand more privilege and more hardware trust to keep watching. That is what TPM 2.0, Secure Boot, remote attestation, IOMMU enforcement, and now forced firmware updates actually are: anti-cheat chasing cheats further down the stack.

Source

---

Wonderful day!

I've been into the subject a few times already, and just in case, if interested, in short, the TPM is a specific module with its own API in modern motherboards that has inside a key pair known as Endorsement Key (EK) which is a permanent unique identifier burned into the hardware. It's used to create signed EK certificates.

To clarify, similar to the asynchronous cryptographic we may see in the general TLS certificates in HTTP traffic ( "green" lock), the TPM , as mentioned, has API to create public keys from its private key inside.

The private key is burned-in by the manufacturer inside the module, which is also normally protected from physical damage to be self-destruct, by its standard requirements.

Systems like Denuvo may create and encrypt their own data using the public key, and send it to the TPM to decrypt, verify, and therefore identify the hardware on their servers as an identity.

The Endorsement Key (EK) is an asymmetric key pair consisting of a public and private key stored in a Shielded Location on the TPM.
The public part of the EK can be read from the TPM while the private part MUST never be exposed.
The public key of the EK is included in the EK certificate...
However, the EK provided by the manufacturer MUST be defined as a non-duplicable key.

Source: Credential_Profile_EK_V2.0_R14_published.pdf

Though, I believe, the TPM specifications were actually designed by Trusted Computing Group with privacy in mind to prevent the EK from being used as a "global tracking ID", some vendors or organizations may use it for undefined reason, and hence please do consider the opportunities your operating system and motherboard provide.

Also, if interested in experimenting, and haven't yet, in Linux, TPM is accessed via character devices (created by the Kernel module), and normally support different operations to read/write to, and located at /dev/tpm*, though these devices' permissions are set to root only in all the Kernels I've seen yet. There are CLI software packages as tpm2-tools for the protocol.

So I actually disabled TPM the other week because as it turns out it was preventing my pc from entering sleep a significant portion of the time, I think the GPU wasn't being allowed to save the framebuffer anywhere because the drivers weren't proprietary Nvidia ones.