zlacker

These things do not prevent cheating at all. They are merely a remote control system that they can send instructions to look for known cheats. Cheating still exists and will always exist in online games.

You can be clever and build a random memory allocator. You can get clever and watch for frozen struct members after a known set operation, what you can’t do is prevent all cheating. There’s device layer, driver layer, MITM, emulation, and even now AI mouse control.

The only thing you can do is watch for it and send the ban hammer. Valve has a wonderful write up about client-side prediction recording so as to verify killcam shots were indeed, kill shots, and not aim bots (but this method is great for seeing those in action as well!)

>>reacto+(OP)
Cheating still exists and will always exist in online games.

Sure, but you still have to make a serious attempt or the experience will be terrible for any non-cheaters. Or you just make your game bad enough that no one cares. That's an option too.

>>reacto+(OP)
That sounds like it does prevent cheating? But maybe doesn’t prevent ALL cheats. Or do you mean they work so poorly that it doesn’t make any difference at all?

>>reacto+(OP)
> These things do not prevent cheating at all.

Yes they do. They don't stop all cheating, but they raise the barrier to entry which means fewer cheaters.

I don't like arguments that sound like "well you can't stop all crime so you may as well not even try"

>>plufz+K
I mean it works by someone saying look for DotaCheat4.exe and it searches for it. That’s basically it. Also if your engine has the ability to be hooked into (ahem, gta) it will detect that a process has been attached. It may do some memory scanning if they implemented the allocator from the sdk. What I’m saying is, it’s a crap shoot out there whether the devs did or not. Executives use it as a blanket as to not get sued. “We have anti-cheat”. They can claim it was “circumvented” or whatever. They are all garbage. BattleEye, EasyAntiCheat, Vanguard. If you don’t know, here LL giving a run down.

https://m.youtube.com/watch?v=VtHlMTc8lR4&t=49s

>>babypu+E1
Ok, they prevent known cheats that the company has found online behind some subscription site run in the basement in Jersey. True. They do raise the bar, but they aren’t the barrier.

>>Goronm+u
Other options exist but it’s not an option for these real-time games like FPS’s. I get it.

If you don’t need real-time packets and can deal with the old school architecture of pulses, there’s things you can do on the network to ensure security.

You do this too on real-time UDP it’s just a bit trickier. Prediction and analysis pattern discovery is really the only options thus far.

But I could be blowing smoke and know nothing about the layers of kernel integration these malware have developed.

>>reacto+v2
> But I could be blowing smoke and know nothing about the layers of kernel integration these malware have developed.

Kernel level? The SOTA cheats use custom hardware that uses DMA to spy on the game state. There are now also purely external cheating devices that use video capture and mouse emulation to fully simulate a human.

>>plufz+K
It makes cheating harder and the timeline to a cheat product gets longer than the iteration speed of anticheat. Kind of like fancy locks don't prevent break ins, just take longer to pick and require more specialised tools.

>>virapt+Mg
As they say, locks only stop honest people.

>>reacto+(OP)
They do prevent some cheating methods on Window, like blocking other processes from reading/writing game process memory.

>>cybera+Xb
> The SOTA cheats use custom hardware that uses DMA to spy on the game state.

And the SOTA anti-cheats now use IOMMU shenanigans to keep DMA devices from seeing the game state. The arms race continues.

>>reacto+(OP)
> These things do not prevent cheating at all.

I feel like this is the same as saying "seatbelts don't prevent car accident deaths at all", just because people still die in car accidents while wearing seat belts.

Just because something isn't 100% effective doesn't mean it doesn't provide value. There is a LOT less cheating in games with good anti-cheat, and it is much more pleasant to play those games because of it. There is a benefit to making it harder to cheat, even if it doesn't make it impossible.

>>cybera+Xb
You'll never stop the arms race, but requiring specialized hardware to cheat is as close as you'll get to a decisive victory against cheats.

The vast majority of cheaters in most games are not sophisticated users. Ease of access and use is the biggest issue.

>>cortes+vy
I don't think that analogy holds because the environment isn't actively in an arms race against seatbelts.

The qualifier "good" for "good anti-cheat" is doing a lot of heavy lifting. What was once good enough is now laughably inadequate. We have followed that thread to its logical conclusion with the introduction of kernel-level anti-cheat. That has proven to be insufficient, unsurprisingly, and, given enough time, the act of bypassing kernel-level anti-cheat will become commoditized just like every other anti-cheat prior.

>>SeanAn+PO
> the environment isn't actively in an arms race against seatbelts.

I would beg to differ. In the US at least, there does seem to be a hidden arms race between safety features and the environment (in the form of car size growth)

>>reacto+(OP)
That's easy to say. But they do prevent some cheating. Don't believe me? Consider the simplest case: No anti-cheat whatsoever. You can just hook into the rendering engine and draw walls at 50% transparency. That's the worst case. Now, we add minimal anti-cheat that convolutes the binary with lots of extra jumps and loops at runtime. Now, someone needs to spend time figuring out the pattern. That effort isn't free. Now, people have to pay for cheats. Guess what? Visa doesn't want to handle payment processing for your hacks & cheats business. So now you're using sketchy payment processors based out of a third-world country. Guess what else? People will create fake hacks & cheats websites that use those same payment processors, and will just take people's money and never deliver the cheats. You get to try to differentiate yourself from literal scammers, how are you going to do that? You can't put the Visa logo on your website. Because you're legit, and you don't want to get sued. Then, the anti-cheat adds heuristic detection for cheat processes. The anti-cheat company BUYS the cheats and reverse-engineers them and improves the heuristics. then the game company makes everyone sign up with a phone number, and permabans that phone number when they're caught cheating. Now some gamers don't want to risk getting banned. Saying that these factors simply don't exist or are insignificant is certainly one of the opinions of all time.

>>phendr+SZ
100% agree. This is exactly the kind of big picture thinking that so many people often seem to miss. I did too, when I was young and thought the world was just filled with black and white, good vs evil dichotomies

>>reacto+(OP)
I don't know why you brought up VAC as an example. It is a horrible AC, so bad so that an entire service (FaceIT) was built to capitalize on that.

VAC is still a laughing joke in CS2, literally unplayable when you reached 15k+. Riot Vanguard is extremely invasive, but it's leaps and bounds a head of VAC.

And Valve's banning waves long after the fact doesn't improve the players experience at all. CS2 is F2P, alts are easy to get, cheating happens in alost every single high-ranked game, players experience is shit.

>>SeanAn+PO
No. The same way piracy has been diminished in the mainstream by years of lawsuits and jailtime against the loudest most available sources, the strongest anti-cheats have suppressed the easiest and cheapest paths to cheating on AAA games. Piracy hasn't gone away, but the number of people doing it peaked last decade.

Anti-cheat makers doesn't need to eliminate cheating completely, they just need to capture enough cheating (and ban unpredictably) that average people are mostly discouraged. As long as cheat-creators have to scurry around in secrecy and guard their implementations until the implementation is caught, the "good" cheats will never be a commodity on mainstream well-funded games with good anti-cheat.

Cheat-creators have to do the hard hacking and put their livelihoods on the line, they make kids pay up for that.

>>nialv7+2q
The honest people are a larger group than the dishonest people.

And being real, the zero-day cheats are closely guarded and trickled out and sold for high prices as other cheats get found out, so for AAA games, the good cheats are priced out of comfort zone and anyone who attempts the lazy/cheap cheats is banned pretty quickly. A significant portion of the dishonest becomes honest through laziness or self-preservation. Only a select few are truly committed to dishonesty enough to put money and their accounts on the line.

Same way there are fewer murderers and thieves than there are non-murderers and non-thieves (at least in western countries).

>>anvuon+6r1
> CS2 is F2P

Not anymore for the competitive gamemodes. This was reversed a while ago.

>>nialv7+2q
They are wrong, though. Locks also stop people who would happily commit an opportunistic theft but who lack the necessary tools or skills, people who would trespass if they could retain some plausible deniability ("oops, I didn't see the signs" vs. "oops, I didn't realise I wasn't supposed to cut that padlock"), and so on.

>>phendr+SZ
> You can just hook into the rendering engine and draw walls at 50% transparency

A properly designed game should not send the position of ennemies out of view

>>Kolmog+vW1
That is not always possible for genres with fast gameplay like most shooters. It's quite common for player movement to be able to put an enemy in view before the light could've round-tripped from the server.

This is generally the anti-cheat problem. Certain genres have gameplay that cannot be implemented without trusting the client at least some of the time.

>>dontla+8X1
This is correct, the correct amount of over-sharing by the server is non-zero, because otherwise you give a HUGE advantage for slight ping differences.

>>phendr+VY1
It's even worse, the lowest theoretical latency possible based on speed of light alone is not low enough for the speed of movement in many shooters, if the server hid all immediately invisible information.

>>raydev+hC1
Piracy didn’t go anywhere, it got corporate sponsorship.

Having some anti-cheat is better than no anti-cheat but my point is it’s not a shield. It’s a cheese grater.

>>Kolmog+vW1
What do you do with footsteps and other positional audio? On multiplayer shooter games that's very vital information to let you know an enemy is somewhere behind a wall but cheaters can use it to draw visual markers to pinpoint the enemy player.