Just to be clear, I'm not arguing against 3rd party ac entirely, JUST the heavy handed kernel access ac solutions. I believe that if the less insane options were the only ones, the overhead on developers would be present, certainly, but not insurmountable, even for small indie studios.

To slightly exaggerate my earlier example: If you give the gardener access to your security cameras, there's no reason for them to walk around the back and check if the sprinklers are on. It might be easier, but that does NOT mean your gardener needs access to the security cameras.

The way things are now, developers lean on that insane system as a crutch, and build their games without any regard for client integrity whatsoever. Because why should they? THAT is the laziness I'm complaining about.

there probably should be a middle ground where the layer of security that is now being offloaded to a third party service having kernel-level access should instead be handled by the OS

I don't believe kernel access should be required at all. 3rd party, OS, whatever! It's NOT necessary.

Having said that, If you're arguing for a system service that can verify client integrity and pass that back to user space, sure, I could live with that. In that case though:

you're at best going to get from Microsoft. Linux being what it is that isn't an option

I grant you that Microsoft at least acknowledge the problem, but they are dragging their feet on a solution, and they've said they're not going to enforce it, once it becomes an option.

Linux being what is is, and Valve investing what they have, I'd be surprised if something like this wasn't already in the works