Games publishers have been bad actors in this space for a long time now. The genshin impact anticheat was used in a malware campaign. Rockstar was very misleading trying to imply their kernel driver not being compatible with the steam deck was valves fault.
One could argue that a game isn't critical but one could say it's critical to stop hackers.
If you were to take the stance that gaming isn't critical than with that logic you're then claiming multiplayer hacking is a feature of the game.
Doesn't do well for the community or the company. But nor do the rootkits do good for the consumer.
Look at what Apple has done in recent years. kexts (kernel-level drivers) are basically all but unsupported today, and both DriverKit and IOKit are fully userland.
But nowdays the Valorant community complains about hackers almost as the CS community.
Some cheats are getting rather sophisticated now. There's an ever-increasing number of Pi-devices where the cheating is done externally.
FaceIT only sells one thing, matchmaking, so they have people manually reviewing games. A thing that Valve will never do.
https://www.resetera.com/threads/irdeto-backtracks-on-plans-...
Both the anti-tamper and anti-cheat affect performance and it's incredibly noticeable to anyone who isn't building a new bleeding-edge hardware PC every year or two.
It's never critical to stop hackers in a videogame IMO. We need to stop being so damn serious about gaming.
(I’d still lean towards expecting game houses to find another way, kernel drivers are still client side trust mechanisms).
One user is on a connection with 10ms latency, the other user is on 50 ms latency. Now, if first user does something, and second user can either do something to evade or can do something that actually prevents the first user from acting, how do you consolidate that?
The actual timestamp of when exactly what happened helps immensely, but you have to trust the timestamp. And how can you know that is not manipulated?
But... that's just the surface. Consider: one client uses a rendering that takes 25ms longer to show up and another client does not render textures/shadows etc. That client is faster and the sender can even send "official" response times, but would still give an advantage.
So, I am not sure this can be solved serverside. But... I don't play these games anymore and would never opt for a rootkit to be installed just so I can play. I can imagine plenty of people, though, who would.
You don't have to trust the timestamp - and you shouldn't. You can use a bunch of methods to go from untrusted to grudgingly accepted: requiring monotonicity means cheating clients have to be permanently slower rather than selectively slower. Having tolerances for out of order packet rates or accepted deltas before discarding player actions will have some false positives for players on terrible networks, but will also reduce the impact of any possible timestamp-related cheats.
It can't be fully solved server side, not without sacrificing acceptable performance. I reckon it can probably be dealt with enough on server side to keep cheating to a tolerably low level. It's probably cheaper to just license a windows rootkit though.
Valve added vote kicks to CS to help keep cheating (and other antisocial behaviours) under control - it seems pretty important to them.
Well, this problem simply can't be solved server-side only. Client-side can't be validated without rootkit (and even then it's not enough, but enough to deter majority of cheaters).
Is it fun to be a non-cheater, and join a multi-player game where there are other players using software cheats that let them easily beat you every single time?
I'm pretty sure I would quickly stop playing that game, and demand the publisher refund my money. That's just not fun.
And that's just as a casual gamer. For people who compete and win prizes, endorsements, etc., the stakes are a bit higher.
I'm not saying kernel-level rootkits installed on everyone's machine is the answer, but letting people cheat isn't going to work either.
Far more would have accepted a RAT and been deprived money than expressed genuine interest. Some did... not many. Most wanted the acclaim without the effort.
Fine, they'll gladly eat shit
Security theorists are always ready to tell us about the horrifying risks of installing kernel-level code from a vendor, but can they actually quantify the likelihood times damage those billions of installations have inflicted on Joe Random's life?
And contrast them to other risks that we regularly take in the name of comfort and convenience?
If you want to participate in a lot of these multiplayer games that place cheating far too highly, you can't use a hypervisor. You must have gaming device and computing device. They cannot be the same.
That's fine for most, but I consider it shit. VFIO makes it possible for a big computer to make a smaller gaming one. Ask me how I know.
My greater point is I don't care if I get cheated out of a finals match. I can actually speak from experience. I prefer autonomy over my devices. I kind of want to eat poop with them. A little.
Is it more or less likely than them dying from the 'Rona because they didn't wear an N95 24/7?
Can we stop with the nationalistic hyperbole already, and discuss acute issues, instead of vague fingerwaving at the foreign boogieman?
Sorry to offend your motherland. You deserve all the social credit coming to you.
The driver is just what the developers say it is (as with all other anti-cheat). It provides an untempered interface for the userland anti-cheat to use to get info from the kernel. Because modern cheats tend to alter the output of kernel syscalls by running in the kernel themselves.
I really don't see why anyone needs to think it's anything more than that.
If Tencent needed to spy on you so badly there's no reason kernel anti-cheats need anything to do with it...
Did the crowdstrike driver get the same audit?
Are you sure about that?
If they audit properly, they should not let the Asus AuraSync driver certified at the first time. (basically opens PORT instruction to every userland app, unristricted)
They expose a kernel API to allow games to verify the state of the system, and they're knowingly installed by the user.
Can you give examples of games where you do that?
Here's a recent blog post by riot detailing their recent deployment of the system for league of legends, the biggest online multiplayer game in the world
https://www.leagueoflegends.com/en-gb/news/dev/dev-vanguard-...
towards the end it talks about how and why it works
And that API has root access... thus it's a rootkit.
I really hate "it's a rootkit!" posts like this because it diminishes the severity of actual rootkits.
The real solution, and not the hack Riot uses, is for Kernel to provide an API for anticheats, like it does for everything useland.
How does the anticheat then work? Corewars. It's a cat and mouse game between the cheat provider and the game developer.
One would need a secure base layer, where also the MS anti-cheat lives, and all drivers can only run in a layer between this base layer and userland. I think that's already done for most of the graphics stack.
On the other hand, I am not convinced I want a system where I cannot load arbitrary kernel mode code if I choose to do so.
I can't play certain games, because they don't run on Linux and even if they did, I am not gonna install a rootkit to run them.
/nitpick ;-)
Back then I migrated to Archlinux and in all these years I only had problems with nvidia. Since then they are dead to me :)
Most people that use Nvidia. I specifically don't buy Nvidia graphics cards or laptops that use them in my Linux computers because they're not in-tree.
Installing some random anti-cheat kernel driver is not the same thing, at all.
User space applications can't access hardware or physical memory. They can't bypass permissions enforced by the OS. None of that applies to hardware or kernel drivers.
When you install a hardware device you are trusting the manufacturer with full access to your machine, so installing a driver does not give them any more powers. You have already "unlocked the door".
When you install a game that runs on user space you are not trusting the vendor nearly as much as you are trusting a hardware manufacturer. Installing a kernel anti cheat is granting them a level of trust and access to your machine that they didn't have before.
I'm not sure where this trust comes from. I absolutely do not trust any hardware vendor. I just have no choice here.
> This isn’t giving us any surveillance capability we didn’t already have. If we cared about grandma’s secret recipe for the perfect Christmas casserole, we’d find no issue in obtaining it strictly from user-mode and then selling it to The Food Network. The purpose of this upgrade is to monitor system state for integrity (so we can trust our data) and to make it harder for cheaters to tamper with our games (so you can’t blame aimbots for personal failure).
- This is an abnormal case. Most hardware will work with in-tree drivers. Indeed, few vendors provide out-of-tree drivers for Linux.
- Nvidia is an established and reputable source. We aren't talking about some small hardware developer who doesn't have the resources to create secure drivers.
- Most Nvidia cards have in-tree drivers. There is a loss in performance, but the option usually exists.
Could I run windows as a VM guest under Linux and play Fortnite in that (with good GPU performance)? I don’t mind their rootkit running on some dedicated VM - I’ll just consider it my Fortnite unikernel.
(I’m also ok with the host OS being Windows or MacOS).
In practice, I'd settle for a peer Windows OS, like the WSL2 kernel, with the rootkit seperate from my main work one. Can I run two copies of Windows simultaneously as peers?
You basically let your guest OS use your GPU instead of the host.
The sibling comment makes a point about anonymity, I find these discussions interesting in comparison with the only online competitive game I play these days. It's Tekken, and neither the current rendition nor the previous one had any real form of anti-cheat. For the current Tekken 8, supposedly some players have been banned after manual review from the company of replay data, which of course doesn't scale. But at the same time it doesn't really matter. Cheaters don't seem to be that prevalent, their ability to spoil the experience of a match is limited by the fact that matches are short, and people can spoil the experience in non-cheating ways like plugging, lag switching, using a weak computer, and for some sensitive players they'll get unreasonably upset by ki charging/teabagging/taunting/continuing an attack after KO. The status of the highest rank is also not that much -- the most status comes from performing well at the big in-person tournaments, where it's going to be harder to cheat and players are somewhat de-anonymized. If the positive incentives to cheat are minimized in the first place, you don't need so many negative incentives like rootkits.
(It always amazes me how custom controllers and even keyboards are allowed in fighting game tournaments, officially certain macros are banned and at least for Street Fighter certain modes of leverless controllers got banned, but it'd be hard to perfectly enforce. And it's been hilarious to see the increasing use of fake buttons or controller-hiding covers/jackets because it was assumed some players were able to see inputs out of their peripheral vision before they were registered in-game and adjust.)
Nah. Consoles were a decade late to the online gaming party, and online gaming on consoles (counting Xbox Live as the first concerted attempt) has only been around half as long as consoles as a product segment have existed.
Early first-person shooter games had this figured out (small servers with 20-30 regular players, the server admin could choose to ban you), RTS games have this figured out, many MMOs have this figured out (interact with non-friends sometimes, but they have to 'join your party', etc.)
Playing with random strangers on the internet who may want to grief/destroy your game, be incredibly toxic, or cheat against you in general.. that's the cost of playing with random people in a completely public forum.
The solution is to build trusted spaces again IMO.
For video games assume that each user is trusted by default. As soon as they violate that trust by cheating, they are banned permanently for that copy of the game. If they want to be trusted again they have to buy another copy of the game to get another license. Make it hard to become a member of a trusted community and easy to be kicked out of a trusted community for violating trust. This would eliminate the vast majority of cheating and bots because most gamers are kids and having to buy a fresh copy will hit hard. If they abuse it enough, make them jump through more hoops like ip bans and computer fingerprint bans.
It’s only a problem when you game with strangers.
Half the battle is detection though. If you don't detect cheaters quick enough they ruin enough games that genuine players start getting frustrated and leave. Anti cheats help with this detection.
Probably every anti cheat idea you can think of, in terms of detection, prevention and punishment, has probably already been tried by a large online multiplayer game. It is an extremely difficult problem to solve, a constant arms race.
High level chess players (GMs) can win with just a few bits of information transmitted to them by a cheating accomplice (a cough if it's a critical position to spend extra time on, etc). Similarly, high level gamers only need the slightest of edges to win, and therefore only need the slightest of cheating.
That's why I think trusted user bases are the way to go. My initial ideas were naive, but I think the core idea is solid. If you had to pay $1000 to enter a "trusted club" which uses your hardware fingerprint, and all of your online interactions in a game were guaranteed to be with other people who paid $1000 to be in the club, would that not be a large deterrent to cheating?
It would also massively reduce the number of players. Competitive multiplayer games rely on large active playerbases for fast and fair matchmaking. That's why free to play has become the dominant model for these games. If you have to pay $1000 to play one of these games, they have no chance vs. the competition.
Obviously you can't completely solve this problem, but you can minimize it as much as possible.
Also these sorts of "trusted clubs" do exist for certain games (e.g. FaceIt for CounterStrike) but ultimately it still just relies on anti-cheat to establish that trust.
If you create a new account, you'll be peered with other new accounts (low trust). Still possible to cheat, but the cost is very high (years of effort to get accepted in the best trust clubs)
(in theory, GTA online has had / still has huge problems with bots and cheats but still earns the publisher hundreds of millions a year)
Personally I find both unacceptable: I won't play a game that requires me to install a rootkit, and I won't play a game where cheaters and bots run rampant, ruining the fun for everyone.
So hopefully there's a solution to this that doesn't require a rootkit.
If admins allow cheating - people that want to play would leave the server
If live in a non-metro area, you probably have a handful of server your latency allows you to play on - getting banned would be a big suck
Now you just click "play game" and you get match with some strangers you might never play ever again with. Financially, those privately hosted servers no longer make economical sense for game publishers.
With competitive matchmaking cheaters can hold players hostage until the end of the match, as leaving incurs penalties and cooldowns that temporarily ban you from playing.
I mean, nothing of this is new. ESEA, one of the most influential esports leagues, was caught using its anticheat to mine Bitcoin in 2013. [1] This is long out of control, probably since the days BattlEye switched to ring0 in 2012 due to chronic cheating in the DayZ mod, or maybe earlier. Modern anticheats are full-fledged rootkits with extremely complex and targeted payloads siphoning customer data and hijacking all sorts of stuff, and that's not a theory, they actively abuse players' trust and indifference.
If you care about your data and the control of your devices, you should probably avoid them entirely, or at least use them on dedicated gaming PCs on a clean identity, and keep them separate from your LAN and your non-gaming digital life.
For most gamers you'd have to invoke Cloud Strike, to explain whats happening. They play games not study CS.
A rootkit is something that gives other users the power of root.
You have a closed source rootkit designed for finding data in raw memory (like passwords from an unlocked password manager), loaded into many gamer's machines, which many software engineers are. Some anti cheat explicitly support's arbitrary remote code execution by design. Many people mix their personal password vaults with their company's, which means that if you successfully hack an anticheat company and you can read the raw memory of an opened password manager with a program that is already designed to scan all processes memory, you now potentially have extremely valuable credentials. A small portion will even do things like add their 2fac keys into their vaults.
Here is Gabe Newell's thoughts on AntiCheat that are very relevant to this thread: https://www.reddit.com/r/gaming/comments/1y70ej/valve_vac_an...
Of course the other problem is the 23andMe problem and enshitification. Even if the data uploaded by anti-cheat isn't used right now, the storage of data alone creates incentive for abuse.
I suspect GTA VI may improve on these things and have centralised/dedicated/anti-cheat-guaranteed servers. Then again, it never impacted their profit margins so idk.
Evolutionary pressures on cheaters drives them to get better.
Eventually someone finds a stable chink in the server armor and it is exploited en masse.
The goal is to make it inconvenient to cheat on average.
There’s probably some ratio of games with cheaters to games without cheaters that players can tolerate that governs this.
VAC is a joke until they ban players and all start to cry on reddit/discord.
So I think it is fair to say the there haven't been billions of dollars of research spent on this problem.
[1] https://www.dexerto.com/gaming/anti-cheat-study-reveals-chea...
There are also the costs of the opportunities that cheating prevents from happening. Development would be much faster and more types of games could be made.
[1] https://www.scmp.com/tech/apps-social/article/3099893/chinas...
Edit: I missed that you are the same commenter that I replied. sorry about that
Serial cheaters cheat just enough to give themselves an edge without making it obvious to the people watching them. By just looking at their stats, it can become very difficult (though not impossible) to differentiate a cheater from a pro player. This difficulty increases the odds of getting a false positive, necessitating a higher detection threshhold to avoid banning innocent players.
They try to make own matchmaking for possible statistical outliers so cheaters end up playing against each other. Of course, real good players can still get there and there are (at least used to) real humans on reviewing on those games to see if someone is actually a cheater. It is not a simple task, since you can cheat to be just slightly better than others and that is enough to be good.
And realistically, some real non-cheating players will by chance just have similar statistics to bots, especially since the bots will start doing their best to mimic real players.
Also many players don't need to cheat all the time; just in that critical moment when it really matters. Didn't Magnus Carlsen say he only needs a single move from a chess computer in the right moment to be virtually guaranteed win? Something like that probably applies to a many people and fields. This is even harder to detect with just statistics.
Also also reminds me of the "you can't respond in less than 100ms, and if start the sprint faster than that after the starting pistol then you're disqualified"-type stuff they have in the Olympics – some people can consistently respond faster and there's a bunch of false positives. Not great.
The difference is that IRL chess and a typical FPS game have very different availability of datasets. IRL chess has both fewer moves per game, and fewer games played in short succession than typical FPS games. Also, with FPS games there is a single metric to evaluate -- the shot landed or missed -- compared with chess where moves are ranked on a scale.
So I'd argue that it would be much easier to do a statistical model to predict a cheating aimbot than it would a cheating IRL chess player. I don't believe Magnus's proposition holds for prolific online chess players when they do dozens or more blitz/bullet games in a single day.
That's because he's an elite chess player. Him cheating once per game could make the difference between being number 1 or number 10 but either way he's up there.
But for you or me, cheating once per game wouldn't make a difference. We'd still be ranked as nobody plebs. To get ranked high enough for people to know our names we would have to cheat dozens of times a game, and experienced players would easily peg us as cheaters.
Try cheating on chess.com, if you cheat enough to make a meaningful difference their servers will automatically nail you with statistics.
Didn't Magnus Carlsen say he only needs a single move from a chess computer in the right moment to be virtually guaranteed win
Because if you force all the cheaters to hide well enough to look like "normal" players, no one will know, and the game feel will not be negatively impacted. Outside of the tippy top of competition where money becomes involved, it's kind of irrelevant if the game is technically fair, as long as it feels fair to everyone.
At the end of the day someone could be using hardware "cheats" but you can get down to a pretty good spot to stop or disincentivize cheaters without running rootkits on their devices.
At the very least, this is less capable than wallhacks from reading memory.
I would say that it takes few years still before people have good enough hardware before AI can be used in real-time. You can use OpenCV and train things against specific game to get a decent performance with image recognition, but it is not that reliable.
The average player isn't a developer and doesn't need such things, so some game devs defer to the side of caution. The false positives are a miniscule and acceptable fraction of players.
I think they intentionally have the knob turned all the way up to 0.1 initially, for PR and lube reasons.
They even claim to be able to fingerprint players according their playstyle, thwarting all methods of ban evasion. Skepticism should be abundant here, but this one of the oldest tricks in ML: categorization/clustering. I'm cautiously hopeful.
This would be server-side by nature.
Also if your guns aren't _perfectly_ accurate then the aimbot can't actually predict much of anything.
Now I'll ask: how do you detect someone wall hacking automatically? No human review and no false flags. Go!
If you think it's statistically likely that someone might be cheating, but you're not sure, you can matchmake them with other people who might be cheating.
You don't tell the client the location of anything they can't see.
* Play sounds from their actions * Actually be able to render them when either player comes around the corner without them obviously materializing out of thin air.
The problem of cheating in games does not weigh more than the users ultimate ownership of and control over their own property.
No one has a right to a business model.
They can do plenty enough server-side. It's not a blocking problem at all, it's just easier to take over all control of the users pc for your own convenience.
Everything, including all valid goals, is easier if you could just have the power to control whatever you want instead of having to cooperate and respect others and respect boundaries. It's no more valid than saying "Everything would be so much better if everyone would just do what I say.". Using that argument is invalid even if supposedly applied in service to some otherwise valid goal.
There are infinite ways to attack any problem, and it's not a requirement but a choice to persue only certain ideas vs others.
For instance, these approaches are based on removing agency from all users for the supposed goal of dealing with the bad users.
But there is no law of physics that says that is the only way to do that.
You could go the opposite direction and empower all users to deal with bad actors themselves just like in real life where anbasshole simply gets avoided or punched in the nose, which works by the simple math that the bad actors are outnumbered by everyone else. They still always exist but they are relegated to operating in the corners and shadows.
But their low level presence is a fact of life no matter what. Oppressive regimes don't get rid of them either. The sales pitch is we'll protect you but in fact they don't any better than you could have yoirself.
A company that has an easier option and has no other value meter than money divorced from any consideration of how it is attained, simply has no incentive to bother doing anything but the easiest thing. That's the only reason they want the keys to your house, because you stupidly give them, not because they need them or have the tiniest right to demand them to protect their entertainment business.
But skill based matchmaking type games where you're matched with random people is fundamentally incompatible with this model, that is why the person you responded to you said that you're suggesting that these games should cease to exist.
It is if you want to be allowed to play with other people because...
> The problem of cheating in games does not weigh more than the users ultimate ownership of and control over their own property
...when you play a multiplayer game what happens on your property affects what happens on the property of the other players and often also on the property of the game company. If you want to be allowed to do that you might have to agree to do some things on your property because...
> No one has a right to a business model
...no one has a right to play any particular multiplayer game.
What the users want to use their ultimate ownership and control over their own property for is preventing cheating.
It's not like Riot is forcing this on people against their will, people just don't like playing against cheaters.
The only place I ever hear complaints about kernel anti cheats are people complaining because they want to use Linux and it isn't supported or forums like Hacker News, where people paradoxically care so much about peoples computing rights that they are perfectly happy to limit what gamers are allowed to do with their computers.
> They can do plenty enough server-side.
No, they can't. The amount of responses in these threads by people who have no idea what they're talking about is... well, probably not surprising, unfortunately.
This is the same (correct) argument against the effectiveness of DRM: if you put things in the hands of a user and client you don't control, then it is a cat-and-mouse game to try to maintain control of those things.
Sure, a naive cheat program of 20 years ago will today obviously look like a cheater. But if you have a cheat that statistically makes you look like a skilled non-cheating player (these things exist today!), the server isn't going to be able to catch you.
I'm not saying that justifies letting another party install what is effectively a rootkit on your hardware. I personally won't do it; I just live without games that require it, and that's fine. Maybe there is some middle ground where some form of client-side anti-cheat can reliably run without kernel-level permissions. But it's a lazy, ignorant argument to just say that game companies haven't come up with it yet because it's "easier" to write a kernel-level system.
Would I prefer a world where kernel-space anticheat is not needed for the games I like to play? Yes. Is that realistic? Probably no.
Would it be reasonable to only sell this kind of game on console like hardware? Sure, but people have and use PCs and will have to make this choice themselves. And its not like user space software is not bad for privacy as any process your user runs can read all your files and even memory of other processes.
Then we've achieved our goal.
I used to play Quake-likes, and there are people who are just that good out there, but it assuages the ego so much more to call them cheaters. I saw this all the time on CS - as soon as someone even halfway good joined, everyone called them a cheater and the game dissolved. I eventually realised that this is not an anti-cheating problem, but a community/personality problem with the people that like playing these games. So I stopped.
Why should I ever trust a gaming company to take security seriously? There was a story a few years ago about how one guy at home debugged GTA5’s atrocious loading times without any resources. Loading times which were notoriously bad and surely had a negative impact on revenue, yet nobody in the company could be bothered.
*Never verified it, but I recall the new owners of Kernel Space Program were accused of reporting personal data files to the cloud.
If you want games that you can re-sell, you will have to keep buying them on physical media (or on appstores that don't have DRM like GOG)
Note that I wouldn't very much welcome such a law but I wouldn't bet on it happening any time soon
If you're running under proton, it can't work. Proton/wine are not virtualizing a windows kernel, they are intercepting syscalls/library calls and running the equivalent linux code.
I don't really like the status quo of installing random kernel-mode crap either, but nobody has a compelling answer for how to not make cheating absolutely trivial without it. Usermode anticheat barely does anything, serverside anticheat can only do so much, and the only other alternative is switching to console platforms which prevent cheating by giving the user zero freedom.
I was going to say games on Linux should require secure boot so cheat kernels and modules can't run, but then the kernel could just lie about it being enabled.
I suspect the only way that might balance everyone's interests would be to set up a separate OS installation for competitive games. This could be done via bare-metal dual boot, via a hypervisor, or just by having a completely different computer for playing games on (what I have). At least in that world you still have a lot more freedom than you do on console, such as the ability to mod games that don't need anti-cheat (which is almost all of them).
Before overwatch they had years of experience catching cheaters in wow.
Have anyone seen games that request root privileges?
EDIT: I'm gathering from this[1] and the fact that no wine-related package have kernel modules included and no executable from any of those packages have setuid nor capabilities set, that this isn't really a problem in Linux, just in Windows.
[1] https://www.reddit.com/r/linux_gaming/comments/gjzkzk/will_w...
They do this because Steam was originally designed in the XP era when you could write whatever you want to Program Files without escalating to admin, and instead of refactoring where they put their files when Vista made the permissions more strict they started installing that backdoor service which lets them keep putting everything in Program Files without triggering UAC prompts all the time. It's a pretty gross and unnecessary hack, but I doubt they're ever going to fix it at this point.
https://www.sciencedirect.com/science/article/abs/pii/S18759...
And if that means more companies choose to avoid kernel anti-cheat, so much the better. I'm still mad that I can't play Helldivers 2 - a freaking co-op game where cheaters can't pose a problem - because of this nonsense.
Winning doesn't give you any permanent rewards?
This whole thing anti-cheat thing is just a separate problem entirely, but it's so painfully exacerbated by the first.
I'm just hoping this entire business model dies, along with the anti-cheat and everything else with it.
Does not mean:
Using anti-cheat -> poor networking
Ops comment is absolutely true. Engineers in games who are good have high incentive to 5x their salary and lifestyle by doing anything else.
This was not true in 1997. The industry also just attracts a different crowd, more adjacent to film and entertainment than it used to.
Your developers have just built and demonstrated a functioning multiplayer prototype. They want to spend 3 months to rewrite some of it for better security, and 3 months to implement the missing features and make it fully functioning. You just got off a call from a sales person for an anticheat vendor who gave you a strong pitch, so you say no to the first 3 months because it's cheaper to just add anticheat than to pay 3 months of salary on this.
Valve knows this, kernel-level anti-cheat is simply not practical for use with Linux as a consideration. Most game companies care zero for Linux in the first place, which means for us, we just end up inadvertently boycotting those games and bad-mouthing them regardless, but hey, it's only 1%.
It's an arms race, and no api will ever be good enough to keep a miscreant from working against logical choices. If I have to play a game that I have to assume someone is cheating, I really don't want to play that game, or at least with others of dubious reputation. This is why I run my own server for games I like to play with others I trust.
If someone wants to play competitively publicly with anti-cheats, they should opt-in to do so, but I'd like the option to not, and simply play local or private instances with my own general TOS. If diplomacy fails, a ban option for the server.
* GUI
* managing installations, including things like Proton to run Win32 games on Linux, and Fossilize to precompile shaders
* bandwidth-saving stuff like being able to transfer games locally
* being able to play remotely in a variety of configurations: LAN, WAN, or having a friend connect to your local session ("Remote Play Together")
* pretty good support for mapping any controller you have to any controller inputs a game wants
* cloud saves
* a bunch of community features like forums and broadcasting
* family sharing
* a VR runtime
* marketing for devs (regular sales, algorithmic recommendations etc)
* an API for devs with various services
* the backend infrastructure for all of the above
It's been around for a long time so it's quite feature-rich at this point. Lots of things that generally make sense to have.
The secondary effect is that business will stop using processes and chemicals which require them to carry this warning. You've effectively created a new market segment.
Are the labels annoying to the point of comedy? Sure, but it's not /your/ behavior we were trying to modify.
https://youtube.com/watch?v=x-EbjGSRyKA
There’s a lot of other stuff in the video but if you skip the robot building parts at the beginning he talks about an anti cheat system he developed with another person.
Nobody's using complicated stuff like this in practice though, as there are easier methods. But of course this path can be taken, and it's not possible to block easily.
https://github.com/Babyhamsta/Aimmy
And it's likely that most detection systems can be trivially fooled by me ChatGPTing the code around the way mouse movements are implemented to act slightly different / use a different compiler or something to get different file hashes on the core tool.
Do you have some examples of good anti-cheats that are not kernel-level? Do you have any that are as good as Riot's Vanguard? I'd prefer examples of FPS games since these are the most mechanically skill based compared to other genres that have more strategy, but would like to hear any examples you are thinking of. Lastly, if you say server-side, that may work, but many companies don't seem interested in it due to the cost, at least IIUC.
Vanguard hasn't been effective for a while now. The cheating situation is a lot worse than CS in my experience, but every discussion gets shutdown because... well... it's Vanguard.
With CS2 I have talked to many players about this and everyone says the same thing: "There's a very noticeable decline in cheaters above 10k Elo."... personally I have pushed beyond 15k and briefly above 20k Elo and the amount of cheaters have steadily declined (although less obvious cheats, eg. wallhack, are probably more common at that level) - for Valorant it has pretty much stayed at a constant amount of "cheatiness" across the ranks.
CS actually has a rich history of features, functions, services?... that aren't strictly anti-cheat...
Overwatch gave players the option to "police" others players replays - this wasn't only against cheating, but also griefing.
Prime? Is it still even a thing? It was great when CSGO went F2P... all the cheaters just annoyed the non-prime players (F2P).
The ominous Trust factor which is probably the single most effective piece in making my personal experience great. But there's no real way to tell?
Also, VacNet - which is running? is AI based? banning players? lowering their trust factor?... with Valve there's no real way to tell most of the time, but it's probably existent in some shape, way or form.
Not to say that CS2 has solved cheating, it's far from it - but neither has Valorant.
I think the point about wallhack being more common in higher elo is more likely. I would add that some forms of trigger botting and recoil control cheats are actually more difficult to tell than wallhacking. Spinbotters don't get very high elo because they get mass reported because of how blatant they are, likely not due to VAC. I would need some real evidence to believe that claim (although as I said I similarly have no evidence myself to convince you to accept my claim).
One thing I can say is that I do frequently meet cheaters in CS these days, and the issue has gotten so bad in my experience that many cheaters even announce at the start of the game that they eg. have wallhack. Or one team member will turn on cheats if a game is getting close towards the end of the game. Also, the main reason FACEIT exists is for its anti-cheat, and on FACEIT there are almost no reports of cheating, and it's a big deal when it happens. If VAC was really working now we would see more people leaving FACEIT. I must ask when you started playing CS? Because the only way your post makes sense to me is if you started playing around the time when CS2 came out, which indeed did have more cheaters then it does now, but that was truly an exceptional level of cheating and I don't think that is a fair point of comparison, especially as a comparison to Vanguard.
I admit to taking claims about Vanguard at face value and I've never played Valorant (in part due to Vanguard, as I don't want to install a rootkit). But what you say about Vanguard also completely goes against what I have heard about it.
Regarding cheaters announcing they're cheating - I haven't encountered that in a long time, but I have heard of it often enough from new players... so it might be an issue with trust factor, but who knows?
I have actually been playing CS off and on since around 2017 - at least in my experience the current cheating situation isn't worse than it was back then, but it's also not better. The only time it was meaningfully better was when prime released around 2021.
However, it's also true that I started playing more after the release of CS2... and the aforementioned 10k Elo mark was a real pain point for me and my friends. Every time we were due to pass it we ran into cheaters, smurfs and even a server crash once (incredible luck?). After over 3 months we made it past 10k and climbed above 15k Elo within 2 weeks. - This is my experience and I have heard similar stories from other players. (Although ranks have been massively imbalanced at that time as well, which partly explains this?)
Nevertheless, it's good to have a discussion about cheating - in CS2's case the experience can be so different depending on the region, ELO, trust factor, ... with Valorant the discussion simply gets shutdown way to often because of "Vanguard" and without a replay system you're just left to your own devices.
but yeah I can agree, my friends say CS2 is full of cheaters, I have played 7-12k rating and I got only a few cheaters throughout this whole year of CS2.
and they say they keep playing Valorant because there's way less cheaters than CS2.
This doesn't protect you against trigger bots (shoot automatically when you put your mouse on a target), aim bots (snap to targets, ranging from obvious hacks to very minute adjustments), and others.
That's already done entirely server side. It could only be. If you mean predictive positioning from the client side you can do that with far less state than gets transmitted today, and you could factor in the other players momentum on the server side to see if prediction would even be necessary in a given frame or not.
The server could also send lots of phantom updates so the player client has no idea which objects are real and which aren't. The hacks could work around this but it would take a lot of power to do so. There's room for asymmetric counterhacks here.
As for the other types of bots those are far less useful and more detectable by naked eye without wallhacks, which ironically, is because lag compensation is server side, these hacks do not have a deterministic outcome when used.
When you look at a video of what a wallhack enables and how much state data gets transmitted that shouldn't be, I would be embarrassed to have such unworthy netcode in the 2020s. They've had 20 years and have done next to nothing.
Also, there's hardware cheats, so I don't need a rootkit on my machine, but a server side thing that properly weeds bad players out through reports/trust and automated bans.
No. No no no.
Automated bans via the report system is very well-known to be abused.
Even if you implement a "trust" system where initially, all your reports are manually verified by game staff until its determined your reports are correct until your reports are acted on automatically, all it takes is a player to just be "good" until their trust is high enough, then start reporting people who don't actually deserve it.
And I'm not convinced that server-side anti-cheat can be effective. You have to rely entirely on heuristics. Sure, a simple aim-bot that instantly snaps someone's aim right on someone's head might be detectable, but one that simply lets you see through walls certainly won't be if the player doesn't make it stupidly obvious by pre-aiming around every corner.
They worked pretty well for pub matches back in CSS and 1.6, where it was pretty trivial for anyone to cheat or bot for free with minimal effort. I wonder what changed.
If you're "not sure if someones cheating or just good", maybe that's a mental problem with you? Put differently, if all cheaters were perfectly hidden (aka looked exactly like a real player of that skill level), would you still care? If yes, you seem more interested in a morality than actually enjoying the game.
faceit for the longest time has had their own way around this. so did esea, before they ruined the trust forever (https://news.ycombinator.com/item?id=5636233). some highly-motivated players still found ways around it (https://news.ycombinator.com/item?id=39352331).
- you are a tiny minority and not the target customer
- online multiplayer games are an absurdly big business (i.e. there are huge incentives here)
- no, you can't completely solve this server side
- elite players are insanely good - they are by definition outliers, so looking for statistical outliers is not in itself a solution
- game companies are highly incentivized to work with (or at least not antagonize) the elite players (so just throwing them in matches with cheaters is not a solution)
- the stakes are high both for the devs and their users, so "pretty good" anti-cheat is usually insufficient
I hope to see more discussion on possible solutions and tradeoffs - this is a challenging technical problem whose solution (if there is one) is fairly valuable.
[edit: hopefully fixed the tone, per feedback]
Any specific examples? I hear this said all the time and it's almost never true.
Movement, for example: many decide to just let clients be fully authoritative over their positions and then act shocked when teleport hacks drop. Just keep track of the player's max move speed server-side, continually validate, and flag if they consistently move faster than is possible according to the server. No one is ever saying you have to validate inputs server-side in lock step with zero client-side prediction whatsoever and enforce 200ms of input lag for all players.
Also, constantly flying around and teleporting is easy to catch, but using it in small bursts is very powerful and harder to catch.
That seems like something that would be solvable with location-style differential privacy. Report a number of plausible locations to the client small enough that it can efficiently anticipate them all, but large enough to prevent being able to auto-aim or wall hack. Run some bots or actual player movements recorded from other matches, originating from roughly the same point where you last saw the real opponent.
>constantly flying around and teleporting is easy to catch, but using it in small bursts is very powerful and harder to catch
Even small violations of continuity seem like they'd be observable server-side, no? I've not studied this, but presumably clients must be constantly phoning home with their position.
Has already been done in COD: Warzone. Varying levels of success, cheat developers end up heuristically eliminating fake players.
> Even small violations of continuity seem like they'd be observable server-side, no? I've not studied this, but presumably clients must be constantly phoning home with their position.
This issue usually is game/game-engine dependent and is achieved either by exploiting bugs or manipulating lag compensation. Not exactly a very common thing.
Jumps in position are not always illegal: network issues, quirks from physics-based forces, glitches in the game, are all very common and can all cause unexpected positions. Differentiating from bannable offenses is not easy. Yes, there's always heuristics you can use to narrow down possible issues, but you have a limited CPU budget: You need to be running multiple instances per machine, each updating 60 times a second, serving dozens of players, sending and receiving constant updates to and from all players 30-60 times a second, while simulating physics, large worlds, complex player states, and synchronizing the states of thousands of objects. It's tricky to get everything right and performant. And people will get extremely mad if you make a false positive.
> That seems like something that would be solvable with location-style differential privacy. Report a number of plausible locations to the client small enough that it can efficiently anticipate them all, but large enough to prevent being able to auto-aim or wall hack. Run some bots or actual player movements recorded from other matches, originating from roughly the same point where you last saw the real opponent.
But what is the client suppose to do when actually seeing the real position? At someone the waveform needs to collapse and reveal the real location. The only way to make the fake locations indistinguishable from the real ones is to make them a real enemy player from the client's point of view. But then you stumble across all these fake enemies that don't do anything? You could place them in unreachable positions so normal players wouldn't ever find them. But then the heuristics for checking if a client "knows" about the position is still quite fuzzy. Also, visuals aren't the only giveaway of an enemy location. Audio is also location based. Playing fake audio would be detrimental to normal players' experiences.
Having said that, the unreachable-fake-player technique is not bad, it can cut out some low hanging fruit. But it's only part of the equation of a robust anti-cheat solution. It's complex to implement and only gets you some cheaters.
If I remember right an anecdote from someone in the trenches was along these lines for a more complicated real time game, though I think the peer comments have the more typical types of problems. I looked for the thread I was reading this in but came up dry, sorry!
You also need active human involvement, both as moderators and evolving the anti-cheat technology over time.
Esps are purely client side, they read actors from game's memory and draw a client side overlay. It's impossible to protect against these on the server. Even if you had perfect culling from the server (didn't send players behind walls for example) you'd still have semitransparent surfaces like foliage and smoke. There are people making good money in PUBG just making enemy textures that are easier to see. You need kernel anticheat to prevent the cheat reading the memory. Also you want to take screenshots periodically and detect overlays.
Aimbots in the olden days could be detected on the server because their movements were instant, precise, unnatural snaps. But these days cheat developers have wisened up. Again the best protection is to prevent the cheat from reading the games memory in the first place, some anticheats go as far as to try to prevent input from any artificial device (so the cheat can't create mouse movement)
There are also movement hacks, but I don't think that these are really common these days. You can detect protect against these on the server side
There's also DMA based cheats that will read memory with another computer which can then output an ESP overlay to a HDMI or DP merge box that will show both the game and overlay on your monitor. They can also do aimbot by adding mouse inputs to a device you connect your mouse.
Websites sell DMA cards and these other devices together.
I'd love to see more curiosity from developers - the disappointment is mutual. Instead of attempting to systematically stop all forms of cheating through innovative or competitive methods, it would appear the industry is converging on dangerous half-measures and excusing it with evidence from a clearly failing system.
What should we, the users, expect? Perfect, cheat-free software that surveils us endlessly, or "good enough" security that lets users decide for themselves which servers are suitable? Let me cast my vote, and I know which ideal I consider realistic and attainable.
Developers spent millions on Anti-Cheat. It's why entire products like EasyAntiCheat and BattleEye exists.
Valve spent a LOT of time and effort on VACNet, a server side machine learning based Anti-Cheat primarily trained only on CS:GO verdicts and it was awful still.
Developers know the common methods used by cheaters. That includes exploiting known vulnerable kernel drivers to run code in the kernel. The only way to monitor for this is to utilize a kernel module loaded before that of the cheater. That's why the current state of Anti-Cheat is the way it is.
The developers of various anti-cheats like Vanguard have been very transparent about this.[1]
[1]: https://www.leagueoflegends.com/en-us/news/dev/dev-null-anti...
And yes, servers would often kick out people who were too outside of the general skill level, even if they weren't cheating. As (say) a p80 player, playing against a p99 player feels roughly as bad as playing against a cheater. (But of course the p99 player is doing so honestly.)
Yes and no.
I lived through that era too, and there are serious scaling problems: at some point, trying to banhammer griefers with rotating IPs becomes a full time job, and then the public servers turn into a dumpster fire.
Versus everyone rolling their own or using smaller / cheaper solutions.
The games that have the most cheating either:
1. don't do account bans
2. don't limit account creation
You can trivially limit account creation by just charging money for the games.
I get it, though, I kind of stopped playing competitive games after it became all about the F2P grind. Even cosmetics-only F2P hits a part of my brain that I try keeping in check. I just play single-player and cooperative games now.
I say consteval was caught cheating on the server I run, and that account should be banned.
Am I, my server's admin, lying?
Yes this is more effort but from the company's perspective they outsource most of the effort to free labor. It can probably be abused if enough admins from different servers band together though.
* Microsoft makes piles of money from Gaming * Microsoft got involved with Gaming to damage Linux adoption and corporate support (Sony/Linux/Playstation) * Microsoft spends massive amounts of attention on gaming to lock in the general public to Windows * Microsoft continues to lose to Linux * Microsoft uses cheating to lie about open source being 'something something' cheaters
The fact of the matter is that Microsoft has absolutely no interest in an open source solution to these problems and are using these issues to lie, mislead and spread FUD in some absurd fantasy world where only some superior microsoft driven closed source solution is the only possible way this can be solved. All of that is a complete lie. Nothing more.
A smart linux and free software lawyer would be wise to file a class action lawsuit for discovery documents inside Microsoft where one would undoubtedly find piles of emails between the executives hell bent on doing everything to damage Linux adoption have stupidly wielded this unidentified axe which is actually a -4 cursed boat anchor.
Anyone that tells you that computer security or trust can only be done with proprietary software is lying to you for their own benefit.
These kinds of sweeping comments are as frequent as they are tiring. There are other comments like yours in this thread and yours is currently at the top. It has nothing to do with a lack of curiosity, you’re simply seeing the contrarian dynamic at play.
Thought: If they expect a console level of lockdown, why do they bother writing for the PC? If I wanted a $game_console, I’d buy the console.
Actually, this is generally untrue. Companies BELIEVE this but often times, these players are a vocal minority put on pedastal and they often end up making the game worse for the general player base.
It's not uncommon now for popular professional streamers to get early access to new features/modes because the game companies know that those players can help build or retain the player base.
I wouldn't discount those mediocre (or even outright bad) at the game, but moving huge audiences...
This is what every dev who can't be bothered to implement relevancy filters says when their server broadcasts the locations of every hidden player to every other player every tick and wallhacks drop a week later
Exactly what can't be fixed server side? Are you just talking about aimbots and other situations where script kiddies can trivially author bots that generate optimal inputs? Because at a certain point that's more a problem with shitty, boring game design that got stale 20 years ago; if the top of your game's execution ceiling is "can the player click on heads perfectly" you have bigger problems
But taking a step back, for fast games (like an FPS), the latency requirements drive you to send semi-secret info to the client (like the positions of other players), and so that's where things start to break down. But the traffic in the other direction is a problem too, as you have all of the scenarios in which the messages to the server (e.g. aim info, timing of weapon of firing) can be spoofed or engineered.
The motivation for the client-side anti-cheat systems is to extend as far as possible the envelope of what is considered trustworthy - i.e. if they can't solve the latency problem, then they try to make the client more trusted.
It's impossible to completely solve the problem, so it's about finding a solution that solves as much of the problem as possible. Unfortunately the main thing going for kernel anti-cheat is that most users don't care that they have to let someone root their machines to play a game, though the tide would likely turn if there were a high publicity exploit.
They had the balls to add a mandatory kernel extension into a game that I've bought 10 years ago and that I wish to play in single player only.
I find it utterly ridiculous. As usual, piracy would have been the superior experience.
AFAIK, there's fewer cheaters on PlayStation current-gen than on PC, and I don't have to worry about anti-cheat kludges corrupting my "rig".
Then again, we all trust our "smart" devices even if we really don't.
I suppose a separate network would be the safe option (if you trust your router).
That said, have there been rotten meat attacks using "temporarily above temperature" fridges?
Are vegans just applying a defensive strategy against those?
When I grew up, I had one PC to do everything: Homework, gaming, learning to program, storing the single copy of treasured family photos, gaining painful experience in why to make backups before modifying the MBR to dual-boot Linux...
Especially with iPads and Chromebooks becoming more prevalent in an education context, a "gaming PC" might well be the only computer that gives the user full control over it that many children have access to these days.
Nowadays for 50€ you can have a decent second hand computer with an older gen core i5 and 8 to 16GB of memory. That is plenty enough to run qubesOS.
On the one hand, buying a console and a reasonably spec'd laptop is clearly the better value. I did this during college, and both my laptop, and my console both lasted about a decade without requiring any upgrades. I did this again with the PS4. You wind up spending far less than you otherwise would trying to keep a gaming pc reasonably up to date, and both devices are optimized for their usage.
On the other hand? At some point most of us will realize that we've been successful enough that we don't have to optimize for value, and we can choose 'all of the above'. I now have a PS5 AND a stupidly overspec'd AI / gaming desktop. I've enjoyed having both.
Super valuable stuff.
(Rockstar really should’ve made this a separate launch option like other games do)
This is what happens when a producer's/product manager's cherished KPIs come before UX.
In their mind, adding a toggle in the launcher would lead to lower engagement and player acquisition.
We, the players, fail to recognize how our gaming experience can be enhanced by using social features like leader boards, guilds, or in game chat. We are not enlightened.
Think about all the fun and exciting connections you'd miss out on if all the social crap was off by default or in an easily accessible place.
I'm honestly surprised it's a command line option. My guess is that the requirement originated externally.
> In their mind, adding a toggle in the launcher would lead to lower engagement and player acquisition.
Not "in their mind". It does and they have the data to show it. Very frustrating situation.
I don’t really enjoy those games either any more. Too big, too long, and the gameplay feels more like running errands and checking off a todo list than having fun.
Release cycles in the 90s and early 2000s were pretty tight, slowly getting longer as storage and graphical firepower increased. 3D was totally new and studios were trying out all kinds of crazy ideas for games. These days you can basically expect 90% of mainstream releases to follow the same playbook.
I acknowledge what the analytics show, but always allude to the hypothetical casual loner segment who we lack data on because we pushed them away or we don't measure things relevant to them.
I'm a boomer millenial, or whatever we're called now, and never took to online gaming, so I'm part of this segment.
Casual loners are irrelevant to the monetization and in game economy people, resulting in relegation to second class status.
Until someone figures out a way to milk this segment for that juicy recurring revenue, consumable$, $kins, etc..., we must accept our fate, largely an afterthought.
Not because you're wrong.
But because I'm in this picture and I don't like it, and I just found out that "boomer millennial" is a fitting descriptor.
Goddamit.
And you are not alone - apparently 53% of gamers (total) prefer single-player games, [although this falls to only 30% in the 16-19 years age-group]. https://www.midiaresearch.com/blog/most-gamers-prefer-single...
I wonder how much of this is familiarity (i.e. I play games in the style I did when I was sixteen) versus people in older age-groups having less sustained time for gaming (i.e. grabbing twenty minutes while the baby sleeps) and single-player being inherently better for that use-case.
As time goes on I've gotten more and more into single player games, especially games that let me build stuff.
I have wanted to see a game like that for years and years. I think this is why chess.com is huge with the youths, as it fits my description and is fairly unique -- I just don't personally care for chess.
> Think about all the fun and exciting connections you'd miss out on if all the social crap was off by default or in an easily accessible place.
Were you being sarcastic with these lines?
Option 1: subscribe to 7 streaming services which each have some unpredictable subset of games
Option 2: go to some website that has all the games
The other part of this is that MLS is significantly smaller (~$275m in non-team-sponsorship revenue in 2023) than other North American leagues (the NHL, the next-largest league, had ~$6.75b in non-team-sponsorship revenue in 2023), so I don't know how reasonable it is for other leagues to follow the MLS's path.
Surely this is foreshadowing the future of GTA VI and will have the same problems of being unplayable.
Using a pirate copy now might avoid the rootkit, but it would not send a message to the publisher as they'll not see a difference between not getting any money for this new install and not getting any money for this new install. Any difference in a numbers-playing stat, if the pirate version doesn't call home to be counted in those, is likely not significant.
I did get GTA V for playstation, and indeed you can play single player without the rockstar account. Probably Sony forcing them to allow that, I don't think they did it out of the goodness of their hearts.
However, every time you start the game you get a screen pushing you towards multiplayer. And the single time I did click on some multiplayer related options, they spammed my playstation system notifications with 'there are new events in GTA online' even in weeks I didn't start their title at all.
So... good bye, rockstar. Your games are getting too big for their own good anyway.
> These companies are all run by CEOs who got their MBAs at Darth Vader University, where the first lesson is “I have altered the deal, pray I don’t alter it further.”
(At least while they stay indie… Not long ago I was reinstalling Minecraft after a long break and found out that Microsoft has the balls to demand that I verify a phone number to play a game I bought more than 10 years ago. Like with GTA V’s rootkit, they don’t care if you want to play single-player—once you’re locked out of the loader, you’re locked out and no human will help you.)
Would a Windows10-11 user be able to tell there are "rootkits" embedded in installations, without looking at the (optional) disclosures made available now on steam ?
In other words, what guarantee is there that if i'm buying a game from Steam, or say GOG, that there's no quasi-malware riding along with the game install ?
if you're worried about hidden stuff I'm not sure how you could tell
Related to this it may be worth installing something that does checksum snapshots of the filesystems to see if a game has tampered with system files. OSSEC, chkrootkit or even a cron job that just does this manually and runs diffs. While some package managers have this functionality they will usually ignore files outside of the package manifest that may get picked up by the system. Immutable off-system backups are of course good too.
# do not put in /etc/sysctl.conf, instead use a startup script or a script that is run prior to starting Steam.
sysctl -w "kernel.modules_disabled=1"
sysctl -w "kernel.kexec_load_disabled=1"
1. More games are trying to cut costs with ad-hoc P2P servers, meaning that sometimes important logic is occurring on a not-so-trusted machine.
2. More games are using a revenue model which may be threatened by consumer-side tinkering.
For example, imagine a cooperative game that uses a P2P server, and the host has done something to make it much easier for the squad to get a drop of the Super Special Loot (#1) and the rarity of the loot through gameplay drives many players to purchase it though an in-game store.
And that reasonable range isn't that small. It is enough to make every bullet that was supposed to shoot on air shoot on the enemies' heads.
I'm familiar with FPS networking, however I'm talking about a trend where a customer-machine is designated to act as a game-server, so that the company can avoid paying to host one in a dedicated but more-secure fashion.
If that machines happens to be the attacker's, then their scope for chicanery is so much greater than just wallhacks or aimbots.
For example, they might temporarily or permanently grant everyone equipment that is otherwise locked behind some grind-wall, where the company hopes to make money selling a "level boost". While not totally malicious, it's definitely a "hack" the company will oppose.
client inputs have to be trusted, and there is no provenance. the kernel has no visibility of inputs.
i’m shipping a 100 player matchmaking game now. clients tick at 360hz, server ticks at 120hz. fair up to 60 ping, which covers entire continents. servers are metal, not vms. epyc 4244p with 2Gbps egress, 1 server per 15 minute game. mitigations=off and nosmt on all clients and the server.
i love steam, but won’t be releasing this there.
it’s reboot-to-play, a modified archlinux iso that boots directly into the game from a usb drive.
i control not only the kernel, but the os, and every running program. you don’t get cortana. you don’t get discord. you don’t get spotify. you get the game. for the duration of play, your pc becomes an arcade machine.
still, this is not enough.
to play ranked, you’re going to have to get a handcam over your left shoulder. it will see head orientation, both hands, full mousepad, and screen. you’re also going to use fixed mouse speed, mousepad size, and monitor size. reviewing any players inputs will look familiar, since everyone is playing with identical settings and setup.
kernel anticheat is not enough. we need a reproducible full os setup, down to running programs and network connections.
even that is not enough. we need provenance of user inputs hooked right up to the game replay system, so you or anyone can review engagements from any parties perspective.
obviously this should all be opt in. not everyone wants to play ranked, and whole-os anticheat should help even without input provenance.
have you ever wondered if you died to a cheater or a god? do you wish you could never wonder again? i do. soon, i won’t.
if this is a challenge, consider it accepted.
link in bio.
i sympathize with their pain, and i have the solution.
Yes there's a discord for this.
anyone playing fortnite ranked already has the needed hardware, and the motivation.
if you haven’t won a solo build game on 1440p 360hz, you haven’t ever actually played a video game.
I think this is the most insane thing you've written here today, the one thing I truly disagree with. I'm not sure you even agree with it, given you seem to already understand well the difference between casual, competitive, and hardcore competitive play. But are you aware of solo play?
it’s not about casual vs competitive. it’s about how the game feels to play, and how the adrenaline hits your blood stream.
Kudos to your insane game plan. Gonna be hard to get any marketing from Twitch streamers though.
ps5 can’t play 360hz and can’t use performance mode graphics. consoles are great, but esports will always be on pc.
input cheats are common on pc and console, there isn’t a difference anymore.
dual pc streaming will work fine. maybe we include obs in the iso at some point, but probably not.
also, this game is mnk only. next game will be controller only. gotta keep inputs standardized or fair play isn’t possible.
This is the only reason you need to keep going.
> ps5 can’t play 360hz and can’t use performance mode graphics. This [0] is your game. Without running it (because I'm not installing your OS on my machine, no offence) there's no reason that wouldn't run at 360Hz on a PS5. A PS5 is an 8 core machine with a dedicated GPU; it's going to be vastly more powerful (and has the advantage of being standardised hardware) than the random beater laptops your players are going to run. If you're talking about rendering at 360Hz - How many people realistically have that sort of monitor? And if they need to splash out £250 for it, we're getting close to the price of a console _anyway_ where you can play other games too.
> consoles are great, but esports will always be on pc.
Except for fighting games, sports games, and most importantly CoD.
> input cheats are common on pc and console, there isn’t a difference anymore.
Theoretically, yes. Practically speaking, input cheats are widespread on PC, and non-existant on console. (that's not to say XIM and co don't exist, but they're nowhere near the adoption level that's seen on PC).
i can't tell users to go into bios and turn off smt. i can tell them to boot an iso, and have it preset to do that via kernel cmdline. owning the os means i can tune the network stack, the os, the kernel, anything that helps performance. the game itself has minimal config, only keybinds.
i'm really targeting one player base: fortnite ranked/competitive players.
fortnite competitive does exist on console, but barely. it's an after thought, and the game can barely run, even on ps5. most importantly, it doesn't let you set graphics to the settings every pro uses. on console you have default high graphics. all serious players migrate to pc.
the game will run on beater laptops, but it's not a great experience. the players i'm targeting all have desktop pcs and 1080p240 monitors already. if i can get 1% of 1% of fortnite ranked players to try, that would be inglorious. if it's just me haning out with 99 aws servers, that's fine too.
i want there to be an on ramp for new players, but optimizing for low end spec is not a goal. especially with 100 players all standing next to each other, low end hardware falls over. will probably have to limit to 50 or even fewer players depending on how much low end hardware shows up to play.
input cheats are common on console for fortnite, i'm not sure about other games. reads video from hdmi, mitm controller outputs. multiple generations of that, some of it works on pc too, and then pc has a whole new host of similar tech.
input provenance is the only real solution that i can see. the rest is shadows on a cave wall.
I think this is an interesting idea. Lots of things we do are done the way they are because they've always been done like that. "Turn off Antivirus" has been common advice for PC players for as long as I can remember, this is a neat way to handle all of that stuff by default (nobody needs windows search indexing a scratch folder for a video game).
> most importantly, it doesn't let you set graphics to the settings every pro uses. on console you have default high graphics. all serious players migrate to pc.
One of the reasons people migrate to PC is _because_ of the customization that you're locking down.
> reads video from hdmi, mitm controller outputs. multiple generations of that, some of it works on pc too, and then pc has a whole new host of similar tech.
How does your system defend against a HDMI capture device and a USB device that pretends to be a keyboard?
handcam anti-cheat and the replay system is how we deal with non-human inputs. ranked only.
in pubs, you may encounter a cheater. hopefully owning the whole os makes that easier to detect, but i’m not sure it will.
I would like to try your game, sir. But my problem is the people trying to take over my computer. I am not going to solve that by letting you take over my computer.
Let's talk system requirements- could I get away with running it on an old junker laptop?
spite was definitely a part of it. at a certain point while playing and watching fortnite solo build, i wondered why there are so many bugs and if i could fix them. i wanted to understand why ping advantage and storm surge have to exist. this game was my journey to find out. it has been a privilege and a joy every single day.
as far as security, you’re asking the right questions. the typical gamer showing up in my discord doesn’t, so i guide them to them.
if you boot my game, you’ve booted an archlinux iso. what could i do? i could read/wipe your disks, so you should make sure they are encrypted/backedup. i could probe your network. i could maybe even install bios level persistent malware. i could do anything a userspace app with admin can do.
none of this is different from a windows app as soon as you click yes on the admin popup thingy which every multiplayer game needs.
reboot-to-play is better, because assuming you use bitlocker, i can't read every file on you c drive, unlike every game you've installed from steam. i also can't mess up your windows registry, or any other os config.
the reboot-to-play build process is not yet open, but soon will be. even then, the game binary it will download and run is not open.
this and more is explored in the faq on the games site, let me know if you want more answers up there!
the purpose of reboot-to-play is not to corrupt your disks. its purpose is to get all players into an identical state, for fairness, and to avoid finicky windows tweaking for performance. everyone’s pc is a special snowflake. what we want for multiplayer is identical arcade machines. every time you boot, you're in the correct state.
running software is ultimately about trust. you can trust epic, or riot. you can trust steam or apple to vet user provide apps. you can trust me.
do you want to trust me? that's up to you. i would say, wait for launch, watch some streams and videos, and see if it looks fun!
launching soon. working through final matchmaking issues now.
[x670e][~/repos/WickedEngine/Protoverse/reboot-to-play][better-game][us-west-2][-][master]
>> bash flash.sh /dev/sda 1224736768 bytes (1.2 GB, 1.1 GiB) copied, 52 s, 23.3 MB/s
maybe a generic steamos image with console-level isolation, and make the game steamos-only perhaps?
no offense, but there might be a sliver of the pie that don't like cheaters but also don't mind running something as invasive.
the goal is to be minimally invasive. you don’t have to install anything!
i don’t fight your misconfigured pc, you don’t worry about me scanning your c drive.
nothing to install, configure, save, or lose.
Can you stop them from using DMA hacks?
Can I boot the image in a VM?
handcam anti-cheat and replays will handle provenance of inputs. non-human inputs are cheating.
you could try to boot in vm, but performance will suffer. the server moved off vms for the same reason.
the only thing i really care about is non-human inputs. if you get really creative with booting the game, and aren’t nefarious, i’ll set phasers to stun.
That said, you can win that arms race for a while by doing something sufficiently innovative, different and specialized and you may have that here. I doubt this approach offers a permanent solution though.
Edit: I do think there is a lot to the idea of not trying to put all players through the same level of anti-cheat security. The anti-cheat needs of competitive players is very different from casuals and offering different levels of anti-cheat based on those levels. How amazing would it be if other games did the same and let players choose the level of anti-cheat to use and to require.
handcam-anticheat is ranked only. pubs has good old fashioned try-our-best anti-cheat. aka thoughts-and-prayers anti-cheat.
very well, ranked will then require specific hardware. i’m gonna have to build more test pcs. 9800x3d 7700xt b650m looking pretty clean.
People generally hate this though because for one it makes most games into way too serious sweat fest with everyone so closely matched. And for two it doesn’t even stop the entire reason it was built which was to protect the noobs. The elite players can just tank like an nfl team for a few rounds and go back to stomping noobs.
what does fix this is handcam anti-cheat, which makes it trivial to identify the operator by their hand movement patterns, arm size, etc.
you can review not only the match you are in, but all previous matches. full fidelity replays + handcam = a brave new world.
account sharing is not allowed in ranked. in pubs, go crazy.
I will not be playing games that make me feel like a prisoner. The experience taking standardized tests is enough for one life.
there are however legions of fortnite players who would mortgage their lives for a better game. a handcam without audio during gameplay seems a more reasonable and low price to pay. time will tell what gamers think! very exciting.
But to be really honest: it's impossible to prevent cheaters. The only way is to play with friends, or to change the incentives of the game where it becomes less interesting to cheat.
For example, a game like counter strike will have a lot of cheaters because you can earn skins and sell them. There are also a lot of players who will buy cheats, because the game is just so popular.
The game design and engine design can also help to prevent cheating.
Honestly, you cannot solve corruption, you need to change the game or the players.
In my view, the Counter strike community is quite toxic, but very profitable for valve, which is why they don't care if their players behave poorly. CS is a nice game but human nature is what it is. You don't find recommendable people playing CS, most gamers play something else because that community is just so terrible to interact with.
yet cheaters will still cheat.
non-human inputs IS cheating. period. there is no information cheating possible in this game.
input provenance is the only anti cheat that has a chance.
full fidelity 120hz server replays with handcam seems a good place to start.
we’ll see how it goes!
then you will be banned from ranked, unless you have a clever way to synthesize perfect handcam video.
in which case, you get the entire bounty pool and 10% profit for 6 months.
then you will be banned from ranked.
the bugs won’t discover themselves. i salute you.
I feel if this were the case literally anything I install on my PC would be suspect. Installing ssh would be a much more scary thing than a random steam game.
Kerbal Space Program comes to mind, I recall it had adware that did this.
https://unity.com/legal/game-player-and-app-user-privacy-pol...
https://unity.com/legal/game-player-and-app-user-privacy-faq
https://www.bleepingcomputer.com/news/security/steam-game-mo...
"Downfall, a fan expansion for the popular Slay the Spire indie strategy game, was breached on Christmas Day to push Epsilon information stealer malware using the Steam update system.
Once installed on a compromised computer, the malware will collect cookies and saved passwords and credit cards from web browsers (Google Chrome, Yandex, Microsoft Edge, Mozilla Firefox, Brave, Vivaldi), as well as Steam and Discord info.
It will also look for documents containing 'password' in the filenames and for more credentials, including the local Windows login and Telegram."
This is no different to downloading a random binary off the internet and being surprised it's malicious.
you can buy these games in their unpatched state today, and download a poc for them from github too: https://nvd.nist.gov/vuln/detail/CVE-2018-10718 https://nvd.nist.gov/vuln/detail/CVE-2018-20817
frankly playing video games on a dedicated device and network is the reasonable response to reading this shit
Then that has to be balanced against the freedom aspect where people want flexibility to build a workstation how they want and do what they want on it, and expecting it all to work (windows games being supported on non-windows is a more common issue now). PC casts the broadest net and catches a lot of different desires, similar with how high-end and low-end seem to be splitting over the past ~5 years rather than being a continuous spectrum I wonder if there will be distinct types of PC for gaming (eg set models like the old Commodore Amiga) or if trying to resist splits does more harm than good.
If I was really concerned about security I'd sooner dual boot into a second OS that had nothing on it, than buy a second box just to game on.
Yes. I truly believe some janky random anti-cheat kernel module could very well capture telemetry about my keystrokes to a log and then send that log off to a server.
At the very least I don't trust that it's secure enough to be in the kernel of a machine for which I require any degree of trust in its integrity.
See: https://www.trendmicro.com/en_us/research/22/h/ransomware-ac...
This won’t provide all the same capabilities as cheats that hook into the game process, such as wall hacks, but it would be possible to build a super human aimbot with such an approach.
We already have external “radar” cheats that use the game stereo sound to give the direction that a certain sound(such as footsteps) came from.
Nobody really cares because most players are honest and play to have fun.
Far easier to do a MiTM on the network traffic and recreate state in another process.
Still easier to clone memory pages used by the target app, or use hardware that allows dma.
This already exists. You can stream your screen to another machine running image recognition and pass your mouse input through a controller that injects auxiliary input (there are off-the-shelf products like kmbox, you can make your own as well).
However, it is very important to understand that only a tiny percentage of cheaters in games end up being determined enough to go through hoops to purchase hardware for it (it's much more expensive and not as simple as getting instant gratification by double clicking on an executable). It's basically considered a win to push people into needing go to such lengths to cheat without getting banned.
Yes. But, it's a game of cat and mouse. Anticheat always is. There's not been a need go to the level of "there are X players who report having a Razer deathadder, which we've validated as having a DPI range of Y-Z. With your OS settings, it's not possible to have achieved that with that mouse therefore we suspect you of cheating". But we're probably there now.
> More likely they work with heuristics that try to detect super-human mouse movements, precision/speed-wise.
It's heurestics all the way down. You're unlikely to be banned for AHK+OBS, but a heurestic on what you're doing with the combo might ban you.
The card then sends memory data to a second computer (dirty) which has the cheat software installed but no rootkit anticheat. The dirty computer can then read all the memory it wants, look through walls, shows enemy health, etc. but on a second computer and monitor. Pretty sure there’s hardware to blend both monitor outputs, though most people do two monitors I believe.
Cheap DMA cards go for couple hundred dollars which isn't all that much. Although unlike what most people tend to believe, the DMA cards do end up getting detected quite often.
> Pretty sure there’s hardware to blend both monitor outputs, though most people do two monitors I believe.
It's called a "fuser".
I thought about something like this before, but its non-trivial to train an image recognition system to do this, let alone the commands to mimic it through hardware, its quite an engineering feat in itself.
Today. That will change when it's a cheap off-the-shelf product sold on Amazon. I almost wish we were there already to get rid of this KLA nonsense.
Not to mention, every KLA game I've played has had cheaters regardless. Circumventing the software seems to become a game unto itself for those people.
Did you just imply my headphones are a cheating device?
More seriously, I've heard these type of devices already exist.
They hushed me all the time because "someone's coming". Still a fun experience - to win for a change. Don't have to add that my role was more as a decoy then anything else.
Why anti-cheat software utilizes kernel drivers (2020) - https://news.ycombinator.com/item?id=42001030 - Oct 2024 (50 comments)
This is the war. It's always been the war. It will always be the war. Digital changed the medium but war, war never changes.
The war in unwinnable in any real sense of the word win. However, security does not need to be impenetrable security only needs to dissuade the attacker.
Kernel level, blah-blah-blah, doesn't dissuade cheaters. Those things dissuade legitimate users. It's never the ideology that dissuades those users though as they don't know or care. What dissuades these users are the difficulties that these systems present to the uninformed user.
The typical end user doesn't know how to 'fix-it' when things go wrong. PC vendors won't support the issue. The game publisher won't support the issue. The game developer rarely supports the issue. Kernel level blah-blah-blah causes a blah-blah-blah. Nobody wants to hear it. Nobody wants to fix it.
And, to top off this defecation-confection, the user is left with software that they paid for and cannot use or access. No refunds. Sorry. And, and, and!!! There are still cheaters on the platform. Every platform. There's your f'n cherry.
This is bad for the entire industry.
This is Microsoft continuing to demonize free software and Linux. If they actually cared, they would support an open source solution to the problem. SOMETHING THEY ABSOLUTELY OPPOSE. That is the core issue. Say it over and over, Microsoft _DOES NOT WANT A SOLUTION TO THESE PROBLEMS_.
Add UEFI on your PC and DRM in your browser.
And next, your governement will ask you to add its anti pedo-pornography tools.
And then we have a new episode of Black Mirror...
Wishful thinking. That government hasn't asked anyone yet (at least in public information) is a miracle in itself.
Second step?
Ban games with kernel-level anti-cheat.
It is not acceptable on Linux. Apple will also not accept that shit further, that said Apple lost relevance in gaming with Mantle and the M-Processors (both mean a lot of incompatibility). And Microsoft is regretting every choice in this regard:
https://www.theverge.com/2024/9/12/24242947/microsoft-window...
But that is a usual pattern. Microsoft makes bad decisions and everyone suffers. Even Linux. Their is a reason why closed-source kernel modules mark Linux as tainted, the system is not trustworthy.
It is the duty of game developers to secure their games themselves. Not manipulating user devices. Forcefully doing stupid and dangerous things because you cannot achieve your task in a safe why is not a reason.
While KLA is fundamentally flawed (DMA and even CV based cheats are becoming more popular as a result of KLA and they still give cheaters a significant (but now even harder to detect) advantage) it solves the problem of obvious and even most kinds of subtle cheating.
Attempting to detect cheating once inputs are being sent to your server (which is within your domain of control and on which you can implement non-intrusive anti-cheat) is very difficult to do reliably. An inexperienced player will make slow, delayed inputs. A highly experienced player will have reactions which are an order of magnitude faster (and in many cases faster than the speed of thought because of muscle memory). If you want to make a working but no longer detectable cheat, all you need to do is spend a bit of time and effort programming in human limits of reaction time into all your code and making sure all inputs look realistic (again, more limits).
At the end of the day, you can make a cheat which gives you a significant advantage without it being actually detectable by any statistical methods on the server.
At this point you might attempt to reach for AI but undoubtedly that will require human oversight or you will get false positives.
So, in summary, even if you were to design your game around server-side rendering and server-side input processing, forcing your players to effectively play over a remote desktop connection (which is impractical for any fast paced competitive multiplayer game due to latency issues but let's pretend those don't exist for a minute), you will still get cheaters with snap-to-head or recoil compensation or auto-fire making a significant impact on games. Heck, there's even the idea of using sounds (which need to be pretty accurate so human players can utilise them to determine where enemy players are) to implement a rudimentary wallhack.
This is just the nature of FPS games and why games companies end up implementing KLA for these games. The way to make an FPS game un-cheatable is to make a different game where cheating is more difficult or impossible just by nature of the format.
Want FPS without cheaters? Encourage people to do DIY matchmaking again, DIY server hosting and DIY administration. Except that "this doesn't scale". Neither does human review. Neither does server side rendering. The core reasons why game companies do KLA is that players will pay for games with KLA but won't pay for games without it. As much as I think Microsoft is one of the worst companies in existence, in this case I don't think they or KLA developers are to blame. KLA developers are simply doing what players want them to do and Microsoft is only allowing what their end-users want them to allow. If Microsoft removes KLA, it will be by replacing it with userspace code with hardware attestation support, it won't be by killing the concept of intrusive anti-cheat. All Microsoft is doing is trying to re-design the tools to cover their own ass.
Fundamentally, KLA has pushed cheating further into DMA and CV territory. This means that more obvious and annoying forms of cheating, undetectable by KLA are probably going to soon become more common. At this point the options are to have these games be console-only with blessed hardware and hardware attestation. And even that has flaws (as described). Eventually it will just be impossible to play a game in a public server without cheating. Maybe this will force people away from these types of games, or towards private lobbies. I don't know what the future holds here.
Yes. This is the answer. There is no solution that relies only on technology that will fix human problems at scale. You can make it harder, but once one person figures it out, everyone has access to it. You need to break it into pieces and let people deal with it on the community level, where communities are small enough that people can deal with individuals.
The main issue is that 'at scale' you have the fact that a certain percentage of people are sociopaths, a certain percentage of people are really smart, and a certain percentage of people have the time and motivation to do something, and when they all cross you end up with a person who breaks your system.
The issue is that the players themselves seem to think that the convenience of KLA (over running your own community, paying for your own servers, etc) outweighs the privacy risks.
That's not true and there isn't data to show it.
The reasons why support for community run servers have fallen by the wayside are more complicated than "players chose one over the other and companies followed them".
Companies also recognized significant downsides for themselves of community run servers. When your online experience is in community run spaces, you expose your player base to experiences outside of your control. When you don't run your own server instances, you can't enforce the cheating rules you want. These, among many other reason, make it harder and more risky to monetize the online experience of your game. A such, the choice was generally taken away from players to protect companies. This wasn't at all a pure reaction to player preference.
Voting to kick/ban and sharing ban lists only works for ragehacking, but the most joy stealing form of cheating is people using hacks and cheats subtly enough to beat an average player, but not strongly enough to guarantee they'll be caught by the community.
If you've never been falsely accused of cheating in an online game by people who can't tell the difference between that and getting outplayed, chances are you haven't played any multiplayer games long enough to get any good at them.
A person who's good enough to know where you are for in-game reasons is something you supposed to learn to respond to: They aren't cheating so they're using heuristics and information that you're supposed to learn to counter play.
A person who has omniscience at the press of a button does not play similarly at all. Often times that's how they're even caught: since they're not bound by any sort of in game heuristics no counterplays work against them.
-
In some games that even makes cheaters a liability when they're on your team. With any ranked game mode "soft cheating" will result in them climbing to a rank where non-cheaters have all sorts of great heuristics on how to play that they lack. So without ragehacking they're actually at a disadvantage and either need to get increasingly bold with cheats or lose.
In some games that's transformed into another way cheaters ruin modern competitive games: intentionally de-ranking so they'll play against less mechanically sound players who are easier to cheat against.
Cheating among your friends has the ultimate death penalty of losing those friendships. Most people don't want that.
This is why most cheating is not among close friends, but where there's an open buffet for the energy vampires; anodyne corporate "matchmaking" where the game corporation will place you with other customers of the game corporation at its choice. The cheater does not have to face a panel of their peers, they only have to slip past the inattentive corporation to be placed in a server with delicious innocent strangers who they will never see again once they've had their fun.
I'd love to see Colin Robinson play CS 1.6 with wallhack in his basement.
- hardware breakpoints on memory latch to logical, not physical addresses - one can map the same area of physical memory to different logical addresses thus allowing arbitrary memory reads - simulating inputs through the PnP stack can be made indetectible with polymorphic code doing the injections - detecting the aimbot's core code can be prevented via at least two methods: triggering (and capturing) page faults on memory hosting the bot or, again, with polymorphic code generation
One could create a fully open source cheat engine relying on memory reads and input injection via the pnp stavk and it would be undetectable deterministically (with heuristics, sure).
Games - unless streamed - need to know a bit more about the world they display than the player is allowed to see. Some engines I analysed (years ago) tried to limit propagating data to the local client to only a portion of the map and close proximity (the more recent battlefield games, if memory serves), while lots still have all enemy coordinates at all times in memory, some even with debug symbols to help the poor aimbot community reverse memory structures that more easily.
Its hopeless. The only winning move is not to play :-)
When in the non-PAE mode, I think one can still practically trigger page faults on attempted reads on the PDEs mapped by a kernel-level aimbot, force flushing of TLBs when anti-cheat tries to read the PT, and effectively conceal the cloning (although if the anti-cheat is doing this often enough, the performance impact might be too much?).
When in PAE mode, I do not know of a practical way to do it, but I haven't been researching such exploits for a few years now.
I think at this point, the most practical way to implement an open-source, undetectable aimbot proof-of-concept would be to perform static reversing of the game engine to get the network protocol, peform a MITM to listen in and recreate state on a separate process or machine, do a PnP input injection via a real or fake mouse/keyboard.
Reversing the code (as opposed to memory structures) is very hard these days, though, and not because of anti-cheat software, but because of the high-end anti-piracy runtimes and layers upon layers of abstractions which are annoying to analyze in assembly. (But sure, not impossible, and I am sure people are doing this considering the crazy amounts people are willing to pay for private aimbots).
For a system programming geek its all very interesting and intellectually stimulating, but boy does it ruin the fun of multiplayer gaming :-( I think the best way to protect against cheaters would be to run streaming-only servers where all the processing happens server-side.
> "Ban games with kernel-level anti-cheat."
> "It is the duty of game developers"
It's hilarious that people actually think the publishers will ever have two hoots to give about notions like that. FWIW I agree we'd all be better off without those things but the entitlement to believe private businesses should run on your personal whims and that developers have a "duty" to make things only as you prefer is gobsmacking. I am always left in wonder what commenters like this think about themselves.
I don't think, however, that "publishers would use disabled children slave labor if they could" is really an argument you ought to make.
Every publisher that's greedily taken their products off Steam in an attempt to recuperate Valve's fee has sooner or later come crawling back because they weren't able to make a half usable platform to sell their stuff on. Valve holds a really large influence over the industry.
Games companies don't turn to KLA out of laziness, it's out of absolute necessity, especially for games like FPS' where it's impossible to fully secure the game using pure server-side methods. Machine learning has been tried, it's too prone to false positives and misses more subtle cheats that still negativel impact the the player experience. Anti-Cheat used to exist purely in user mode and then, guess what?, cheats moved into the kernel where they couldn't be detected or stopped. Anti-cheat had to follow in order to remain effective.
The alternative was conceding the space to cheaters and watching games that players love, and that required massive resources to develop and maintain, degenerate into a hellscape of cheating that real players refuse to play.
I refuse to believe there is only one simple honorable objective when it comes to KLA. I simply do not care if companies can't figure out how to stop cheaters without it. What about our experience? You might complain about cheaters, but what if I can't even play the game because of KLA?
Played plenty of recent MP games on Linux just fine and cheating was never experience breaking.
Note that I like matchmaking, specifically skill based matchmaking, in some games and at some times but completely ending server browsers and community run dedicated servers was a mistake.
Another example: I was an anti-cheat admin in a major league about 20 years ago. I am quite confident a lower double digit percentage of banned players were innocent - it was simply too hard to get enough competent people for doing manual checks (you'd have to be really good at the game yourself to confidently tell what might be intuition and what cant while evaluating pro players with money-prizes on the line).
So while I appreciate that sentiment, and maybe you found THE one community where all that really worked out for you, but it was by no means the "best alternative" from where I am standing.
If hackers have to limit themselves to behaviour that looks like real skill, it's kind of unimportant to the games community if they're cheating. Cheaters only ruin the experience if they're obvious to the player.
Finally, something like Overwatch in CS, together with paid employees and PUBLIC bans of high paying cheater accounts (including hardware bans) would create a chilling effect, further forcing cheaters into hiding.
This was a key reason for Valorant's success. Anti-cheat is a necessary evil to make online games fair. I think if someone wants to suggest otherwise, they would need to demonstrate a superior solution. Companies truly do not want to be in the business of messing with your kernel, so if another solution exists—one that is actually superior in cheat detection and prevention—without a kernel extension, they'll do it.
I'll provide another example of why companies would rather not do it unless they have to. Kernel extensions usually require a system restart. Requiring a restart adds a huge drop off point to a conversion funnel and costs the game some amount of players who may have stuck around, and some players, like the ones here who are upset about it, won't even bother because they are outright opposed. Games would gobble up a solution that worked and didn't have that baggage.
It may be required for anonymous online matchmaking. That is only one possible type of online gaming model even if the gaming industry wants to pretend that community run servers were never a thing.
I wonder what is worth more: the median installation of a free-to-play multiplayer game, or access to everything they do on that PC?
I won't be the first one to wonder this.
So it's not exactly a reasonable place to put something like that.
I would love for Valve to prove it is possible but so far they haven't shown it can be done without leaving a bad experience for legit players (due to delayed ban waves, etc) despite the repeated claims.
Wanna hear my conspiracy theory?
Three letter agencies are using games as an intel gathering tool, and KLA is part of that. What if the CEOs are getting NSLs, etc?
What if online games track how well people do and sort them into tiers based on skill level? And then put people who are roughly evenly matched together. I am guessing that cheaters will naturally end up clumping together with each other, and maybe a smattering of elite players who are good enough that they can hold their own, and maybe even benefit from the added challenge. And also, casual and less-skilled players can play together and not get dominated so much.
I don't think it would end cheating. But perhaps it would mitigate it by reducing a lot of the potential upside. Assuming the upside for many cheaters is that they enjoy feeling like they can dominate a server full of non-cheaters.
Cheaters will also easily adapt to ranking systems by creating new accounts or intentionally de-ranking themselves.
If that's so, then do we typically only see KLA on games that are mostly funded by microtransactions or live service models?
In short, we typically see KLA on games with in-game currencies whose servers are controlled by the vendors.
Inasmuch as KLA is actually used as anti-cheat software, it's usually a proxy for actual moderation (i.e. labor). Community-hosted servers generally develop their own processes and customs for handling bad actors, but vendors generally don't want to hand that kind of power to internet strangers.
Ideally, this would lead to people having a 50% win rate which is just unacceptable to some. Those people resort to smurfing or cheating to get their fix--they don't really want a fair and equal match. Just look to the Call of Duty community crying about SBMM. Those people want to farm clips and play with those worse than them--not people at or above their skill level.
Additionally, many multiplayer games at all but the highest skill levels have most matches determined by the side that plays the fewest number of mistakes. This is especially true of team based games. At most skill levels, both teams will be making many obvious (and less obvious) mistakes. This can frustrate some who believe that they're held back by their team and just need to play with higher ranked teammates. So people will boost or buy accounts or resort to cheating.
> What if online games track how well people do and sort them into tiers based on skill level?
Games have been already doing this for at least a decade. Games that do this are exactly the games where cheating is rampant.
Cheating happens regardless.
Ultimately, I sympathize with game developers trying to create a good, _consistent_ experience for players across multiplayer titles. The reason players accept anticheat software in large mp games is because the alternative is worse.
Just one more client anti-cheat measure bro. Just one ring lower bro.
I'm not sure what I find more terrifying: the persistence of the NSA & Disney lobby for subverting root control in all devices, or that so many people mindlessly agree its the right direction to go and their world will be a better place for it.
I have a dedicated laptop for gaming that I do absolutely nothing else on, not even logging into email accounts. Just steam + games + whatever video software I might need. This is my sane compromise as someone who participates in a lot of competitive games. it sucks, but I see no better solution than to disclose it (insane this wasn't the standard already). Even that is hard, because if you disclose too much, cheaters can take advantage.
I never understood this.
As I mentioned in another thread, maybe I’m just old or something now, but I’ve never given a fuck if another player was cheating.
Back in the day it was pretty normal to run into someone using aimbot or wall hack or whatever shit.
You would just change server or join a different lobby or whatever if it was really bothering your enjoyment.
There's no concept of "server" or "Change lobby" on Apex or other Battle royales.
You just queue up for a game, which lasts ~20 minutes. As you are in a 3 player team if you disconnect from the game you get a temp ban penalty, since that also degrades other players experience. So there's no disconnecting freely once a game has started. Now imagine you're playing for 10-15 minutes just to die without really having any chance. That gets frustrating, really quickly, since winning is close to the only "reward" you get from playing the game.
It's not like a classic COD or Battlefield game, where you can feely leave or join any game/server. Once you're in you're somewhat committed, and you have no control over where or with whom you're playing against.
Behavior AI-driven anti-cheat system running on the server side.
Cheating is downstream of the trust problem with an anonymous global "community". Anti-cheat is just an arms race, but there are other avenues to addressing it (weak "KYC", like requiring a phone number to play ranked modes).
Deadlock is potentially doing something interesting with its invite-only EA system. They're essentially building a social graph of players, which could be leveraged to identify "cheating rings"/compromised accounts and seed some kind of social reputation system within the community.