Background informationGamingSecurity

Bungie vs. cheaters: Destiny 2 won’t come to Steam Deck, unless…

Dominik Bärlocher
Dominik Bärlocher
Zurich, on 24.03.2022
Translation: Patrik Stainbrook

The Destiny 2 Steam Deck ban reveals an interesting security mechanism. And also what obstacles open source technology brings with it.

Gamers are angry: Destiny 2 won’t be coming to Steam Deck. It gets worse: the studio behind the shooter is enacting rather draconian regulations.

«Destiny 2 is not supported for play on the Steam Deck or on any system utilising Steam Play’s Proton unless Windows is installed and running. Players who attempt to launch Destiny 2 on the Steam Deck through SteamOS or Proton will be unable to enter the game and will be returned to their game library after a short time. Players who are not accessing Destiny 2 through Windows and attempt to bypass the SteamOS/Proton incompatibility will be met with a game ban.»
Destiny 2 Support Page, 2 March 2022

Initial reactions from gamers can be summarised as follows: everyone at Bungie is pure evil. You’ve got the hottest console since the release of the Switch, and their favourite game won’t be on it.

First reactions from the Linux community: valid move.

The two sides are engaged in heated discussions across the web. Only one party hasn’t yet commented: Bungie. We’re left to speculate why the studio reacted so harshly. The current most common theory revolves around cheating. This would make the whole affair not a gaming or greed, but a security story issue.

Gamers: Windows and Linux

For Bungie’s scheme to make sense, we need to understand the machines and software spotlighted in this controversy. There’s Windows, the only operating system allowed, Proton the intermediary, Steam Deck the villain, and Bungie’s server as the target of a possible break-in.

Steam Deck: the villain of the story

Bungie’s point of contention is Steam Deck. Valve’s console will put «your Steam library, everywhere».

Valve’s Steam Deck
Valve’s Steam Deck

Every piece of hardware needs an operating system. On Steam Deck this is SteamOS, a Linux distribution based on Arch Linux. SteamOS has only a few tasks. It handles connections, data transfer, and handles the Steam Launcher so you can access your games.

Here’s the problem: SteamOS is also open source. Anyone can grab the Steam Deck operating system and manipulate it.

Linux: backbone of the gaming world

Linux is open source. This means that anyone can modify and publish the software. Currently, over 300 Linux distributions – commonly called «Distros» – are in active development, including Ubuntu, SteamOS, Red Hat Enterprise Linux and Debian.

Ubuntu 20.04
Ubuntu 20.04

Virtually every major server infrastructure in the world runs on a Linux distro. After all, Linux is extremely configurable in a specific way. Windows and macOS, on the other hand, are universal all-purpose weapons. They need to give every user easy access for every conceivable use.

Linux, on the other hand, can be modified for specific purposes. Superfluous features can be removed from the distro. Thus, they don’t eat memory, keeping the operating system light.

Windows: the hero of the day

Windows is the operating system of office workers and gamers. It’s the only OS that Bungie allows as a platform for its games. Windows isn’t open source. Therefore, it’s subject to the dictates of manufacturer Microsoft. What Microsoft says goes.

Windows 11
Windows 11

Windows is difficult to manipulate. The source code is closed, and therefore not only difficult to access, but even trickier to edit and change. It isn’t impossible. Probably the most famous case of Windows tampering is Windows XP Black Edition, illegal and contaminated with malware depending on the download.

Windows usually starts in secure boot mode. Meaning the system is booted as confirmed and intended by the manufacturer. Thus, Bungie can assume that the Windows operating system is and will remain unchanged. This makes cheating based on Windows at the very least difficult and at best impossible.

A Bungie server: the Fortress of Justice

When you game online, the studio’s servers are a hub for your game. There, your moves are transmitted to other gamers, your inventory is logged, and servers also know how much ammo is in the magazine of your Ace of Spades. Nothing works without a connection to the server.

The server as a gaming centre is the perfect place for anti-cheating measures. If a server detects that you have 99 rounds in a magazine on your Ace of Spades, but only 13 rounds are allowed, then the server-side anti-cheating solution BattlEye can issue a ban. You as a cheater have no way to turn off BattlEye, as the system doesn’t run on your PC.

Proton: stuck in the middle

Most servers in this world run on a Linux distro. Both Valve and Bungie servers do. Therefore, there needs to be an element between the Linux server and a Windows PC providing compatibility between both platforms. Enter Proton, an open source project just waiting to be manipulated by anyone.

In the grand scheme of things, Proton is only tangentially important to this story. After all, here’s how the connection between you and Bungie looks:

Chain of Trust: the inventory against cheaters

Bungie has a responsibility to gamers. You pay the studio and Steam to play the game. With this, you finance the development effort and the operating costs of the servers. In return, Bungie is committed to providing you with a flawless and fair game. The connection must be fast, cheaters must be detected and banned. And operating and development costs must be as low as possible.

For that to even begin to work, Bungie needs to establish a chain of trust. This means that every element in the connection between you and Bungie’s server must be trusted. To do this, Bungie needs to identify the areas where gamers could potentially manipulate game saves.

Due to the fact that Proton is open source and therefore comparatively easy to manipulate, Bungie doesn’t trust the software. This leaves the Bungie and Windows servers, to which gamers have only very limited and strictly regulated access.

Bungie has obviously taken the stance that all open source software must be classified as untrustworthy when it comes to fending off cheaters. By making changes to code, cheaters could easily incorporate mechanisms to overcharge their Ace of Spades and gain unfair advantages. The same applies to in-game currencies or energy levels.

Shim: a possible cheat

One of the near-infinite ways to cheat are so-called shims. A shim is a program library that intercepts and modifies commands from an API. Shims are used to create compatibility between old program environments and new APIs. But they can also be used to manipulate scores.

Like many things in Linux, shims are relatively easy to make. With this, your game in Linux would say something like «The Ace of Spades has 12 shots left». Your shim intercepts this and turns the 12 into a 99. The server receives «The Ace of Spades has 99 shots left». Or 100 credits suddenly become 1000. The shim then shoots its command to the API on Bungie’s server, which accepts the input because it looks valid and comes from a familiar device.

For a game that’s in active development, shims aren’t necessary.

Whitelist: the reasonable approach to bans

Cheaters will be banned. And that’s a good thing. This process is called blacklisting. A blacklist contains all accounts that have cheated in a game. Blacklists operate on a «Everything is allowed, unless it is explicitly forbidden» basis. This works well because the vast majority of gamers play fair, and with Windows any possible entry point is quite small.

In other words, the whole gaming environment is «trusted and secure» by Bungie’s standards. Individual cheaters are banned and all other players have a fair game.

But if Linux is allowed, then there’s a big open gateway, allowing at least 300 more configurations that are easy to manipulate. A blacklist isn’t very useful. That’s where a whitelist comes into play.

A whitelist is the opposite of a blacklist. Its motto is «Everything is forbidden unless expressly permitted».

BattlEye: the DLC of this story

To make sure cheaters have as hard a game as possible, both Valve and Bungie have mechanisms in place to crack down on cheaters. How exactly this is done is usually kept secret or only very vaguely referenced. After all, the more cheaters know about anti-cheating software, the easier it is for them to bypass it.

In addition to whatever Valve has in place, Bungie relies on the BattlEye anti-cheating solution for Destiny 2. Valve, of course, recognises that BattlEye is a reasonable thing to do and makes integration easy. Developers just need to write an email and everything runs smoothly. As a result, it is significant that Bungie did not write this email.

Your only hope: Windows on Deck

The Steam Deck as a console is actually quite open source. Meaning that Windows can be installed on a Steam Deck, at least theoretically. With this, the connection from you to Bungie is reestablished in its only allowed form.

Windows can already be installed on Steam Deck. Drivers for Wi-Fi modules, Bluetooth and the graphics card have been released by Valve. Only the audio driver is still missing. Therefore, if you install Windows on the Steam Deck today, its speakers and headphone jack will not be functional. But Bluetooth or USB-C headphones will work flawlessly.

Since Windows is closed source and therefore subject to strict economic regulations, Valve isn’t able to officially support «Windows on Deck». Nevertheless, AMD and other partners are working on the drivers. Valve can’t tell you how to get Windows on your Steam deck. If Bungie obtains more telemetry data from gamers and their machines, it’s at least theoretically possible that Windows Steam Decks will be locked down by Bungie if the company decides to do so.

Bungie is right

Naturally, Bungie is also interested in Destiny 2 having as many players as possible. More money and all that. But the players who are there must have a fair game. If it was simply an email that Bungie had to send to Valve, Bungie would have done it by now.

Instead, Bungie has opted for a whitelist, which means that a large part of possible system configurations are blocked for security reasons against cheaters. Apparently, the protections BattlEye provides against Linux weren’t sufficient, or BattlEye isn’t able to respond quickly enough to new threats.

But let’s assume that Bungie had decided to blacklist. The studio would need to invest far more in anti-cheat. More investment means higher costs. These costs must be covered somehow. The only source of revenue for a game studio is the playerbase. Bungie would either have to make its games or its DLC more expensive. The latest expansion, The Witch Queen costs 89.90 francs. On top of this, in-game currency costs about 0.011 francs per silver coin. That’s quite a lot, and if this ever grows, players could leave. That would then spoil Bungie’s business in the grand scheme of things.

Therefore, Bungie is validated in enacting such a drastic rule. Bungie didn’t do this out of laziness or greed. They did this to help gamers around the world.

In this story, Bungie isn’t the hero we gamers want, but the hero we deserve.

18 people like this article

User Avatar
User Avatar
Dominik Bärlocher

Journalist. Author. Hacker. A storyteller searching for boundaries, secrets and taboos – putting the world to paper. Not because I can but because I can’t not.

These articles might also interest you

  • Skeleton Loader

    Skeleton Loader

  • Skeleton Loader

    Skeleton Loader

  • Skeleton Loader

    Skeleton Loader