Is Valorant's Anticheat Spyware?
Since I enjoy playing competitive multiplayer FPS games, many times I have been asked why I don’t play Valorant. I know my reasons very well but explaining them is always uncomfortable since I know most people don’t care for that type of details or they think that someone having such knowledge might be suspicious. I totally disagree with them but I also don’t care enough to have an extensive argument with them so I just say anything to brush the questioning.
Today I stumbled upon a video in my subscription feed by The PC Security Channel where they analyze and exemplify the concerning reasons why many technology and security enthusiast don’t get close to this game.
For those not in the gaming space, Valorant is a popular game made by Chinese owned game developer Riot Games. It’s one of the most popular tactical first person shooter games, specially between the younger sector of video game enjoyers. However, the game’s kernel-level anti-cheat software called Vanguard has always raised concerns over potential privacy and security risks.
So what’s the problem?
Like many anti-cheat tools, Vanguard operates at the kernel level to monitor system activity and detect cheating methods like modifying game code or using aim-bots. This low-level access is necessary to effectively catch sophisticated cheats. But Vanguard goes a step further than competitors like Counter-Strike’s FaceIT anti-cheat. Those tools only load the kernel driver when you run the game, while Vanguard loads at system startup and runs 24/7 in the background, even when you’re not playing Valorant.
This “always-on” behavior is very invasive and seems unnecessary for an anti-cheat limited to one game. Other concerning aspects include:
- Vanguard cannot be easily fully disabled since after manually quitting the process, a system reboot will be required to be able to open Valorant again.
- The EULA prevents any legal recourse against Riot Games.
- Valorant/Vanguard sends encrypted data to Riot. Which is Chinese owned by a giant corporation called Tencent.
Potential Privacy Risks
While Riot states Vanguard only monitors system activity related to Valorant, the 24/7 kernel access opens risks. All your computer usage potentially gets sent (encrypted) to Tencent, a company obligated to follow Chinese data laws. Now, this is unfortunately not unique to Chinese corporations, since Microsoft, the creators of Windows, the most used operative system also send all types of data to their US government sanctioned facilities.
Recommendations
If you play Valorant, consider manually exiting the Vanguard processes when not actively playing the game. This adds friction but keeps the invasive software inactive.
Ultimately, gamers should advocate for anti-cheat restricted only to active gameplay sessions. Given the risks, ‘always-on’ behavior seems an overstep unless there’s real technical necessity proven. And in my personal opinion, kernel level anti-cheats might not be worth the window for mishappens or misbehavior if they are ineffective for stopping most cheaters. Someone could claim that they reduce the amount of cheating but what I have seen in my years of gaming is that the people who want to cheat, will find ways to do it even if the anti cheat requires them to have a more complex system.