Dive into the controversial start of "Battlefield 6" with this eye-opening video! As the early access beta kicks off, reports of cheating have surfaced, rais...
You can, but most everything that would let you run your own boot-time code is supposed to end up in the TPM event log, which the TPM is happy to attest to with its unique/uniquely bannable attestation key. Not too difficult to set it up so that no attestation = no access.
This type of attestation is far from perfect for a lot of different reasons, and it would be really impractical to automate bans with it, but I guess it’s a tool they see value in.
Can’t you load your own keys into your BIOS, letting you sign whatever you want anyway?
You can, but most everything that would let you run your own boot-time code is supposed to end up in the TPM event log, which the TPM is happy to attest to with its unique/uniquely bannable attestation key. Not too difficult to set it up so that no attestation = no access.
This type of attestation is far from perfect for a lot of different reasons, and it would be really impractical to automate bans with it, but I guess it’s a tool they see value in.
So long story short, the anti-cheat software can detect if you’re using a different signing key?
Yep. It would be incredibly bad if they did automatic bans for any key they don’t recognize, but it’s technically possible.
Edit: from what I’m reading it apparently just refuses to let you in with unrecognized/non-MS keys. Yeah that makes a lot more sense.