Anti-Cheat, Privacy, and Fair Play: Clarifying the Facts

Being sarcasm or not, the way they avoid some of the main allegations with bland answers is definitely not reassuring.

Every day I go out to work to take care of my life and I don’t sit around believing that the Russians want to steal my data, and you?

Is hard to trust a company that have been anything but transparent or with the level of disrespect shown in the last Q&A.

I mean if you want our data fine… At least give me free GE for it? XD

Here is my opinion (10 years of IT security, DLP, damage control, etc. positions):

"It’s a bit of a shell game to highlight the ‘privacy’ of the Ring-3 Viking system while we are still required to run BattlEye. As long as BattlEye is active, the anti-cheat still has kernel-level access to our systems regardless of how ‘limited’ Viking is.

The server-authoritative model is great for stopping ‘God Mode’ or speed hacks, but it doesn’t address the elephant in the room: Aimbots and ESP. No amount of server-side physics can stop a client-side overlay from showing exactly where a player is the moment they become ‘visible’ to the server.

While citing GDPR compliance is a good step for transparency, the ‘indefinite’ storage of data for flagged accounts is a major privacy loophole. ‘Anonymized’ technical data can still often be tied back to a specific hardware ID, which remains a valid concern for many users.

Claims about manual reviews by ‘specialists’ feel more like PR fluff than a scalable solution for a game with millions of players. In reality, the vast majority of bans are likely automated signatures, and manual intervention is probably reserved only for high-profile cases or massive report volumes.

There have been other major issues, like hackers gaining access and manipulating game files, which proves the current perimeter isn’t airtight. I know Gaijin needs to address this now—it feels very much like PR damage control—but overall, we just won’t know the truth because they haven’t disclosed their internal security standards. If they were following ISO 27001/27002 or similar frameworks, they’d likely be touting those certifications to build trust, but I highly doubt they have them.

Ultimately, this post is very selective transparency designed to put out a fire rather than reveal the full scope of their data handling.

No sarcasm. Random guy more trustworthy than Gaijin. If war thunder was bigger they would easily take EAs award of worst company in the world

I don’t think it’s for the Kremlin and FSB, it’s for the same reason as any other company: profit. I don’t think it’s going to the FSB, I just don’t trust Gaijin to be secure at all.

You brought tons, but answered a gram.

Isn’t new that gaijin is totally disrespectful with the community, a company that put profits above all, which ignores and punish who tries to make the game better and fair.

The game core turns about spending money. This explains much about the behavior of what a company can do for money.

Guys please debate the topic not the user or move it to dm’s or leave each other alone.

What about consoles then? Does this mean there is no AC for those platforms?

Can it scan other applications running alongside game? Such as Google Chrome, Edge etc.
Also can it detect cheaters who utilize second device/screen and output cheat ui there?

More to this:

If these issues hadn’t been leaked or publicized, I believe no one would have ever known. I suspect that even within certain levels or departments at Gaijin, this information was news to them. This clearly demonstrates a lack of the very security practices and internal communication they are now claiming to follow.

The current statement is a classic “Yes, but no” deflection. You cannot claim there isn’t an issue when hackers have already successfully manipulated game files in the past. To the professional eye, this isn’t a security update—it’s PR damage control. We have zero visibility into your privacy handling or internal standards; I highly doubt you are following ISO 27001/27002 or similar frameworks, as you would be using those certifications to build actual trust instead of just using “GDPR” as a shield.

What Gaijin should actually do now:

• Own the Problem: Stop the “we don’t have an issue” narrative. Admit that the perimeter was breached and explain the specific remediation steps taken to prevent file manipulation.
• Third-Party Audits: Stop asking for “trust” and provide proof. Undergo an ISO 27001 or SOC 2 Type II audit. In IT security, an independent auditor’s report is the only thing that carries weight.
• Transparency on De-identification: Clarify exactly how “anonymized” data is handled. We know technical data is easily mapped back to specific users via Hardware IDs; explain the technical controls used to prevent this.
• External Security Testing: Launch a public Bug Bounty program. If your security layers are as robust as you claim, let the white-hat community test them.

Stop the PR talk

CoPilot is that you

wdym IT guys know this term:
“Own the problem” means taking full responsibility for resolving an issue, regardless of who is at fault, shifting from a blame-focused mindset to a solution-oriented one. It involves acknowledging the issue personally, managing reactions to prevent panic, and proactively driving changes. This approach boosts leadership, builds trust, and fosters effective action.

Consoles have their own anti cheat systems created and implemented by the companies who sell the consoles. Hardware and/or software based. Totally different situation when the exact hardware each player is using is known and can be utilized for anti cheat systems.

Yea no their not really good at doing that unless it benefits them…

Gaijin owning up to mistakes? Yea we must be dreaming.

Ran ai checks, quillbot said its human written. Besides that, text is “on the matter” without some weird yapping which ai bots do.

Yeah same I know a CoPilot output when I see one and all the technical buzzwords we’re not in a stand up the Jira master isn’t here you can speak like a real person.

Yea, i love you too, but that’s its not why we here.

The part I highlighted is one of the most know Copilot output when asked an IT based question/feedback

Who cares its not like gaijin is going to change anything, even if this comes out to be false all the same bugs, bias, and data stealing will still happen.

The point isnt if he has ai in his reply or not, but hey decent deflecting strategy.