I'm a gamer, and games are the only reason I'm still on Windows. I use a Mac for most of my day-to-day work, my servers have used Linux for years, and I frequently use WSL even on Windows when doing development work or interacting with my servers. Years and years ago, I'd tried to switch to Linux, but most of the games I played simply weren't playable. Now, though, things are different, and fantastic devices like the Steam Deck prove that Linux is viable as a gaming platform these days.

I wish I could switch to Linux, but the sad truth is that I can't. Proton is great; there are plenty of native games now built for Linux too, but the problem isn't the catalog anymore. No, the problem is that most of the games that I play won't run on Linux, thanks to anti-cheat requirements.

Anti-cheat is the final hurdle when it comes to switching to Linux

And yes, I tried dual-booting

I have a few gamer friends who also work in tech and are in quite a similar situation to me. They use Linux on their laptop or they have a MacBook, and their gaming PC runs Windows out of necessity to play games like Counter-Strike 2 or Valorant. The more frustrating thing about Counter-Strike is that the game itself is playable on Linux, but the variety of third-party services (which most players switch to once they achieve a certain skill level) all require a kernel-level, third-party anti-cheat that integrates with the game. These don't run on anything but Windows, and it's unlikely that they ever will.

The same goes for Valorant, except that game uses the Vanguard anti-cheat, an anti-cheat made by Riot that makes it so you can't even play the game at all unless you're on Windows. It's not required for any third-party matchmaking services; it's just required for the game in general. I could, theoretically, at least play Counter-Strike on regular Valve servers if I switched to Linux, but I'd have to stop playing Valorant entirely if I were to make the switch. The even more frustrating thing about it is that there are games today removing Linux support, such as in the case of Grand Theft Auto V Online and Apex Legends, which both supported online play on Linux once upon a time, only to remove that support later on.

For me, anti-cheat is the final hurdle that keeps me on Windows. I've tried dual-booting, but it's simply not convenient to switch between different applications on different operating systems. If I'm working on something in the background while playing Valorant, for example, I can just tab out when I die and continue doing what I was doing until the next round starts. I wouldn't be able to do that if I were to dual-boot. Plus, sometimes I just want to take a break from working and play a game. I'm not finished up with work; I'm just taking a break, but I'd have to reboot just to play a game for 45 minutes and then boot back into Linux again after. It simply didn't work for me, which is a real shame.

Why doesn't anti-cheat software support Linux?

It's all about the Linux kernel

First and foremost, for the record, I don't like the fact that the industry is moving towards kernel-level anti-cheat in general. It feels invasive, and the potential for damage is quite high, especially after what happened with CrowdStrike. However, as someone who plays those titles, it's not really a solution to simply say, "Well, don't play those games, then." These are games I play with my friends. I run local community events in both games, and they're still my favorite games that I play. The choice I have made to play those games means that I am choosing to forgo Linux, but I'm aware that's the choice that I made.

With that said, I understand that the mechanism to execute a similarly equipped anti-cheat on Linux is nonexistent. Windows is fairly homogenous in that all installations of it will look more or less identical, and anything that looks unusual can be blocked with ease. Even if anti-cheat software were specifically developed for Debian-based distributions, drivers are still an entirely different beast on Linux. On Windows, an obscure piece of hardware with a driver signed by Microsoft can still be trusted by the anti-cheat because Microsoft approved it, whereas there isn't a similar system on Linux that would flag a driver as instantly trustworthy in the same way.

Plus, if an anti-cheat software were built for generalized Linux installations, and it could somehow discern a cheat-related driver from a hardware-related driver, it's not impossible to compile your own kernel with modifications that can give you an advantage. Even if a developer were to implement their own kernel-level anti-cheat for Linux, too, it would require complying with the GPL and open-sourcing their code... or, alternatively, being very selective about the kernel symbols used to enforce those strict measures.

For context, a change made in version 6.6 of the Linux kernel was implemented primarily to combat Nvidia. The Linux kernel lets drivers share functions (“symbols”) with each other, but it labels some of those functions “GPL-only.” GPL-only symbols are meant to be used only by drivers whose own code is published under the GNU GPL, meaning drivers whose source is open and whose license is compatible with the kernel’s. Proprietary (closed-source) drivers can still be loaded, but when they do, the kernel marks itself “tainted” with the flag TAINT_PROPRIETARY_MODULE so that bugs can be ignored by upstream if they turn out to be caused by closed code.

It didn't just stop there, as a loophole was found and utilized by Nvidia, prompting another Linux kernel change. When a proprietary module exports one of its own symbols, any module that uses that symbol automatically inherits the tainted flag. That stopped Nvidia at the time, but the company found another loophole. Their driver stack was changed to load a tiny stub that claims to be GPL-licensed, pulling in GPL-only symbols with the helper function symbol_get(), and then re-exporting them for the real proprietary blob to call. Because the first stub looks “GPL” compliant, the original guard never acts. This was the final protection implemented in version 6.6. The argument is that it violates the DMCA's anti-circumvention rules, and the response was to tighten the kernel's security rather than challenge Nvidia legally.

On Linux, drivers have a standardized interface so that proprietary drivers can still be written, but these proprietary drivers can not interface with all of the Linux kernel, which prevents these drivers from being too tightly coupled with the actual open-source kernel. This prevents proprietary drivers from becoming commonplace and protects the Linux ecosystem from being flooded with proprietary "drivers" that never needed to be drivers in the first place. This has pushed Nvidia forward when it comes to open-source GPU drivers on Linux, and brought it more in line with Intel and AMD's approach, where there's a fully open-source kernel module that utilizes a firmware blob.

What this means for anti-cheat software, though, is that it won't tightly couple with the kernel in the same way that a cheat developer could potentially achieve, unless the anti-cheat was also GPL compliant. A cheat developer could build their own Linux distribution as part of their offerings, with their cheat baked into the kernel. While that would technically violate the GPL as well, there would be no way to compel them to release their source code. Unlike Nvidia, which can't modify the Linux kernel on every machine that installs its drivers, a cheat developer could simply modify the Linux kernel to support their custom-made drivers and distribute a custom distro for their cheat to work with the included anti-cheat.

In other words, anti-cheat on Linux will simply be a mess. There's no real viable way forward on Linux for a company to enjoy the same level of control that they currently do over Windows machines to keep tabs on the processes interacting with their game. Every option carries massive downsides and obvious circumvention methods. Sure, the cheat community might be slow to figure things out at first, but once a Linux cheat is up and running, it can take years to be detected. In a fairly famous example, while Valve's own VAC is routinely ridiculed for its apparent ineffectiveness, the company has always been quick to flag free cheats distributed publicly on forums. However, AimTux, a Linux-based cheat that was open-source, took nearly two years to be detected and banned. The anti-cheat software that runs on Linux can, in most cases, simply be bypassed by running the cheat from the /root directory as the root user. Easy Anti-Cheat, for example, runs at the user level, so it can't see processes that run at that level, and that method was similar to the way cheaters worked in Apex Legends​​​​​​.

I wish I could make the switch

But WSL helps a bit

I wish I could make the switch, but if I want to continue to play the games that I like to play, I simply can't. WSL helps a bit so that I can still use Linux-based applications and interact with a Linux terminal, but it's just not the same. I want to switch to Linux, and the Steam Deck proves how viable it is, but it's a potentially unsolvable problem that prevents it from being possible. Games like Valorant and Counter-Strike pride themselves on their professional circuits, and with a couple of paths to playing professionally baked into Valorant's own rank system and Premier platform, it's not an option for Riot to relinquish that control for what is likely to be a small subset of users.

The same goes for Counter-Strike. While the base game itself doesn't require those anti-cheat systems, the third-party platforms like FaceIt are where the professionals play. There are also monthly leagues with actual prize money distributed to players, and again, relinquishing control would be seen as a step backward, not forward. There's a constant cat-and-mouse game when it comes to anti-cheat, and allowing Linux users the opportunity to play would give cheat developers a significant edge in that.

For now, I'll have to settle for WSL and using Linux on my servers to get my Linux fix. It's a shame, but the only other option is to stop playing the games I enjoy, work in, and have helped foster communities in. It's not something I'm particularly torn up about, but it's a real shame that there isn't a way around the problem.