Small writing on AC security

[Vintagedriver]

A lots of mods are generated for Assetto Corsa, made by very talented guys. But after reading some warnings about security issues with mods and on Assetto Corsa we need to defend our precious PC. I do hope this small .pdf writing will help the member who do have less knowledge on computer security.
edit: publishing V2

 

[RMi_wood]

A lots of mods are generated for Assetto Corsa, made by very talented guys. But after reading some warnings about security issues with mods and on Assetto Corsa we need to defend our precious PC. I do hope this small .pdf writing will help the member who do have less knowledge on computer security.

I like your witeup, but these details (while good adivice) will not detect/prevent the methods provided by the LUA flaw or the flaw that I discovered (which works without CSP/LUA). My opinion as of now is for exfiltration and remote connection detection.

note: I have been a security researcher, offensive security expert and penetration tester for 25+ years (former blackhat), found many 0day vulns in WebApps, MobileApps, IoT and Operating Systems
(the biggest public one you can read :: here :: and Microsofts own patch :: here :: where I am given credit)

 

[Vintagedriver]

Thanks for the compliment!
About some of the security problems, how severe they are, we as AC users are rather helpless because this has to be corrected by the responsible studio or publisher. We can only defend our selves at the download warfront and detecting strange activity like as being mentioned in my manual with the SISinternal software package.
Further if I went deeper into this subject and did publish the complete security package, like “step 62: update your bios blabla” then I’m afraid it would be complex, boring, too long 🥱

I’m btw always open to all the suggestions and corrections.