You’re suggesting people not be able to run software in kernel mode on their own systems.
I would never run kernel mode anti-cheat, but going down this road will lead to hardware attestation and the end of open computing for anything with online services.
I’m advocating for installing malware (literally anything with kernel access in literally all cases) as part of a game install being the obvious criminal offense it should be, personally.
Users aren’t able to get kernel access with windows. They’re only able to install software from a small handful of sources, almost all of which are malicious.
Doesn’t really matter, it was the EU regulators that ultimately nixed the API approach saying it would be anticompetitive. I mostly blame the EU for why crowd strike could happen in the first place and why there’s kernel level anti cheat.
That’s bullshit. Microsoft wanted to force others to use an API, while keep using kernel level access for Defender (which for enterprise use is a paid product). That’s text book anti competitive. Nobody ever had a problem of Microsoft rolling out and enforcing an API for that if they restrict their own security products to that API as well.
At this point I don’t want anything to have kernel level access other than the OS and some necessary hardware drivers. I’m not super familiar with MacOS, but do you know if Gatekeeper or XProtect run at ring 0? If they do run at ring 0, would you consider that anticompetitive? I’m almost certain Apple will move or did move to depreciate kernel extensions. Which means it would be the same situation Microsoft wanted to force as you described.
The other argument with Defender is you could at least have a choice to use it or not.