Irenes (many)2d ago

when Intel introduced a cpuid instruction, around 1998 or so

there was a debate on the Linux kernel mailing list as to whether Linux should provide a way to call that instruction

you know, because of its potential uses for surveillance and how that was sharply at odds with the idea of computers being owned by their users

Show threadIrenes (many)2d ago
the resolution, at least for a while, was that Linux would implement an interface for programs to invoke the instruction, but would also add an interface that allows the user to instruct the kernel to lie and return a user-specified identifier instead
Show threadgaytabase
@ireneista that's kind of funny. i'm glad we can use cpuid though, a lot of my performance gaming relies on it.
Mar 19 at 9:15pmWeb
Show threadIrenes (many)2d ago
@dysfun sure, but you understand it relies on it in the sense that DRM and anticheat look at it, right? it's not a feature that helps with graphics or anything like that
Show threadIrenes (many)2d ago
@dysfun like notionally there was a possible world in which a harder line was taken, and game studios were forced to accept that selling on Linux means not being able to do those things. we don't live in that world, because the kernel did eventually sell out wrt DRM.
Show threadJosh Simmons2d ago
@ireneista @dysfun cpuid isn't something which anticheats will rely on the veracity of either fwiw, it's not a security feature and it's spoofable.
Show threadvriska, thief of light 2d ago
@dotstdy @ireneista @dysfun i have heard that there are games that check cpuid to only support the steam deck and not other hardware. this is trivially bypassable but they do it anyway
Show threadJosh Simmons2d ago
@leo @ireneista @dysfun stuff like that is not unheard of, just because they only test on steam deck and don't officially support anything else. It's a bit silly but not really hard to work around. But that's nothing to do with surveillance or performance. (It can just check the CPU model says aerith)
Show threadIrenes (many)2d ago

@dotstdy @leo @dysfun mm. similar stories have played out with browser user-agents, but it would be strange to claim that user-agents have nothing to do with surveillance... if anything, having innocuous uses for it widely-deployed makes the surveillance stronger because it means turning it off comes at a compatibility cost.

we agree of course that the intention is not to surveil, but good intentions don't even count in Horseshoes

Show threadJosh Simmons2d ago
@ireneista @leo @dysfun that's not the problem though, cpuid lets you enumerate feature support, which lets you fingerprint, but even without an instruction to enumerate features you can still just try to use them and fingerprint the CPU from that. So you make the non malicious use cases harder, and the malicious folks can keep doing what they already were doing.
Show threadgaytabase2d ago
@dotstdy @ireneista @leo yes that's technically possible, but it is not as easy as you think. there are ABI changes with some instruction sets and you can only tell you can't execute something by getting a trap trying.
Show threadJosh Simmons2d ago
@dysfun @ireneista @leo you can also time instructions, check exact behavior. Because cpuid is so trivially spoofed, this is what vm detection does anyway, it's far more sophisticated than just checking cpuid. I'm just saying because the indication is that games or anticheats are enabled by cpuid, and I'm just saying that era of sophistication is loooooong past.
Show threadIrenes (many)2d ago
@dotstdy @dysfun @leo we do agree that that sort of technique is widely deployed, at this point. alas.
Show threadgaytabase2d ago
@ireneista of course i understand, it's just there's quite a downside to saying no.
Show threadIrenes (many)2d ago
@dysfun yes, that makes sense. thanks - we weren't actually sure what level of understanding people had about that, so it's good to know.
Show threadgaytabase2d ago
@ireneista well i don't know that i qualify as average for these purposes...
Show threadIrenes (many)2d ago
@dysfun fair fair 💜
Show threadJosh Simmons2d ago
@ireneista @dysfun that's not what cpuid is used for, cpuid is used for feature detection, e.g. "if the CPU supports avx2 enable avx2" or "on this specific microcode version work around this bug". It's not literally giving you a serial number for the CPU.
Show threadgaytabase2d ago
@dotstdy @ireneista it can do that too. although they don't put in serial numbers any more i don't think.
Show threadPhilippa Cowderoy2d ago
@dysfun @dotstdy @ireneista data protection legislation seems likely to interfere there, yeah
Show threadIrenes (many)2d ago
@dotstdy @dysfun please see the other replies, we've had this explained to us at length. we agree that the cpuid instruction did a lot of things and apparently the serial-number feature in the Pentium 3 was very short-lived, and was an addition to the cpuid instruction not the entirety of what it did.
Show threadIrenes (many)2d ago
@dotstdy @dysfun our intent is only to report on a specific controversy from the 90s (we're told that specifically, this played out in 1999), we think we were pretty open about the fact we haven't followed everything that's happened around cpuid since then
Show threadJosh Simmons2d ago

@ireneista @dysfun Yeah i'm just saying that

> but you understand it relies on it in the sense that DRM and anticheat look at it, right? it's not a feature that helps with graphics or anything like that

Is very misleading, it's not what games use it for legitimately (which is actually something that "helps with graphics"), and it's also not the full story of how anti-cheats and malware detect tampering / fingerprint either. That's largely a whole other can of worms.

Show threadIrenes (many)2d ago

@dotstdy @dysfun apologies, we had started to respond to this and then our computer overheated....

anyway, our apologies for making a stronger statement than warranted. we do see your point and you're right to raise it.

Show threadPhilippa Cowderoy2d ago

@ireneista @dysfun cpu-specific optimisation is a thing and dysfun does it fwiw

(and I was playing games that took advantage of it in the late 90s)

Show threadPhilippa Cowderoy2d ago
@ireneista @dysfun (you're not wrong about the DRM, but games weren't doing it that way for a lot longer)
Show threadPhilippa Cowderoy2d ago
@ireneista @dysfun (see also: most gamers don't want to recompile with every patch released!)
Show thread0xC0DEC0DE07EA2d ago
@flippac @ireneista @dysfun distribute your games as source, you cowards!
Original thought was DKMS for games, but that’s just distribute as source with an extra wrapper to rebuild as needed.
Show threadPhilippa Cowderoy2d ago

@c0dec0dec0de @ireneista @dysfun this would legit take some of the FGC's fun away, but I appreciate that's specialist

build times though, especially if you've been away a while and several games got big updates

Show thread0xC0DEC0DE07EA2d ago
@flippac @ireneista @dysfun yeah, there are reasons why I like binary package managers even though I have the skills and (sometimes) the patience to build things from source.
Dependency resolution is a bad level 0 for a puzzle game.
Show threadPhilippa Cowderoy2d ago

@c0dec0dec0de @ireneista @dysfun giving lab monsters source is going to lead to players finding all kinds of ways your PvP game is broken faster than you can patch them, too

(fighting games always have execution and hopefully nontrivial strategy layers, but we'd like to avoid "everything is kusoge two days after launch")

Show thread0xC0DEC0DE07EA2d ago
@flippac @ireneista @dysfun I actually sorta forgot multiplayer games, mediated by a company-controlled server, were a thing…
Show thread0xC0DEC0DE07EA2d ago
@flippac @ireneista @dysfun I guess I need to turn in my Gamer label, huh
Show threadJosh Simmons2d ago
@c0dec0dec0de @flippac @ireneista @dysfun as an additional consideration, this would actually make it even easier to fingerprint users, since you'd have access to the build environment on their machine as well as the runtime environment. you can fingerprint the compiler :) and it still leaks the same information since you can just ask what features are enabled at compile time.
Show thread0xC0DEC0DE07EA2d ago
@dotstdy @flippac @ireneista @dysfun and in a competitive environment, those optimizations would just go to the people least in need of them.
Would be nice to try to decimate some meshes or reconfigure render pipelines to make things more potato-computer friendly
Show threadJosh Simmons2d ago
@c0dec0dec0de @flippac @ireneista @dysfun it doesn't quite work like that, even "old" CPUs still support modern instruction sets and SIMD. even something new-ish like avx2 has been around for a decade at this point, and if you're running something modern on a decade old CPU you're going to want to get all the advantage you can. You still don't want to *require* avx2, since there's a few parts around still functional that don't support it, and a few very low end skus that don't support it either.
Show threadJosh Simmons2d ago
@c0dec0dec0de @flippac @ireneista @dysfun For anything competitive the main barrier for low end is actually competitive advantage. Everyone playing the game competitively will almost always set their settings to the lowest, so it runs a bit better, and maybe things are more clear at low settings because extraneous detail is removed. But e.g. a bush you can hide in cannot be LODed to no longer hide you, or turning that setting down would break the game - everyone would be visible in bushes.
Show threadIrenes (many)2d ago
@dotstdy @c0dec0dec0de @flippac @dysfun right so like the thing to notice here is, this is no longer about CPU feature checks or any of that, it's more of a general topic around how capital interacts with performance
Show threadIrenes (many)2d ago
@dotstdy @c0dec0dec0de @flippac @dysfun we inadvertently burned through all our spoons for today with an extremely frustrating attempt to upgrade our laptop, so we're not really able to reply to... anything. sorry. feel free to continue.
Show thread0xC0DEC0DE07EA2d ago
@ireneista oh no, I hate that. Which basically fully explains why I’m still running Fedora.
Show threadJosh Simmons2d ago
@ireneista @c0dec0dec0de @flippac @dysfun it's not even about capital, these issues are exacerbated by access to capital (e.g. pay-to-win) but the general problem is that if you make something which is designed for X amount of computational power, then minimizing the impact of running with less or greater computational power is more or less required unless you're shipping the hardware and software together. there's just a fundamental problem about how large a window it is possible to cater to.
Show threadIrenes (many)2d ago

@dotstdy @c0dec0dec0de @flippac @dysfun well no, like, we do think the choice in what level of computing power to target is entirely made by reference to the needs of capital

once again, we don't have spoons for this right now

Show threadIrenes (many)2d ago
@dotstdy @c0dec0dec0de @flippac @dysfun we realize we're the ones who started the conversation, and normally we only do that when we'll be able to follow up, that just didn't work today. sorry.
Show thread0xC0DEC0DE07EA2d ago
@dotstdy @flippac @ireneista @dysfun sure, everyone will do a like better with binaries compiled with `-mnative` or equivalent, and I’m not really fully conversant with what game engines do for dynamic dispatch to differently optimized versions of the same function.
Show threadJosh Simmons2d ago
@dysfun @ireneista more importantly, hiding it wouldn't change how easy it is to fingerprint a computer that you have code execution on.
Show threadIrenes (many)2d ago
@dotstdy @dysfun that's certainly true, of course, fingerprinting is a highly effective strategy