Anti-cheat software is designed to own your machine, take away your control and monitor you. They are indistinguishable from malware. Valve should be taken to task for not only allowing this malicious software in their platform but also for actively distributing it to users.
Thank you for citing this. I favorited it as yet another example to cite whenever the topic comes up.
Seems to be a trend with japanese companies. Check out the wonderful consequences of allowing these corporations access to your computer:
Especially since Valve already has anti-cheat malware. The reality is that the only way to combat cheating is to stream it to the client but as we've seen with Stadia, it's just not quite there yet. Instead, they turn your machine into an internet-cafe appliance and prevent you from undoing it. To find cheaters, simply look at stats and behavior. You don't need to lock down a PC. You need to lock down your logs server-side.
It's also pretty scary that it's open sourced so more developers can use it. I cringe at having to fight root kits with every game uninstall. I'm a huge fan of games that detect cheaters in subtle ways and direct them to unintended outcomes. Like being stuck in the elevator unable to escape. Or what COD is doing with cheaters, taking away their senses and ability to see people or objectives. Kids will complain it's a bug or what not on the support forums only to expose themselves and get banned.
> Instead, they turn your machine into an internet-cafe appliance and prevent you from undoing it.
Exactly. It disgusts me to my core, the audacity of these corporations.
> To find cheaters, simply look at stats and behavior.
Partially agree. This is especially relevant in skill-based games but I assume such statistics can be poisoned by cheaters over time, increasing false negatives. There are also game designs where bots are literally indistinguishable from sufficiently addicted players. Think anything with a reward schedule in the game design: MMORPGs with timed spawns, mobile games with timed rate limited gameplay. Especially the latter.
In the end, Linus Torvalds is right about security: if the word "trust" isn't involved, it's not security, it's masturbation. We should be playing games with friends who we trust instead of randoms from the internet.
At an individual level, if a player goes from 1.3K/D avg over a sample and then it jumps to 8K/D over the same sample duration later, it’s pretty obvious.
Wall hacking and aim bot can be caught with behavior and statistics. Not in real-time but damn near.
Not quite. I understand that's a piece but if you've ever tried to solve this problem it's not even close to being as easy as you make it out to be.
1. The stats you cited (k/d) is well within normal variance
2. It's not super common for cheaters to run around spinbotting/blatant wallhacking. I would actually say that's the minority.
3. Depending on the game, that would never happen because MMR just matches you up with people based on your new "skill" i.e. 2 games with 8K/d puts me in harder games and I go back down to something reasonable. Again, most cheaters don't continue to just dominate, those are the minority and get caught easily.
So it’s not as trivial as I make it sound, yes, but that’s not to say it’s impossible. People are working on just that. These things wouldn’t get you banned, but these are “early warnings” that you’re cheating and warrants further review of game footage (which most games store in the cloud now). It’s not trivial, but it’s not rocket science. AI behavior patterns combined with game footage review combined with a judiciary would cause one to be banned. The future of esports though is in closed edge networks with dedicated hosts. Provide them with the Internet cafe appliance. I just want to play some Counter-Strike. If I were to average my K/D over 1000 games I would get a pretty good statistical spread of how I play on certain maps. Granted theres a degree of variability depending on my mental state, but still a good enough sample to get an idea of how I play Dust II. Sudden and consistent outliers above norms would flag me for review. 2,3 kill cams and footage review would tell you that I’m cheating. Someone in Burma or Thailand could do that job until the AI is trained to spot aimbots, cough I’m sorry, “flick shots”.
Damn smurfs, good point. I would be defenseless. In reality you would go with a multiple angle approach but you are certainly correct. Behavior modeling would suggest you’re the GOAT. 100% of the time.
My own stats in games have fluctuations more extreme than your example.
Some days I’m multitasking while I play games. Some days my mouse battery dies mid game. Some days I’m really sharp and I’m up against people who aren’t as good. Some days I’m not as good and I’m up against people who are really sharp.
Wild fluctuations are normal for a human casually playing games.
Yes. Obviously what happened is that the player is away - on holidays, in hospital, etc. - and their younger sibling uses the opportunity to play the game on their older sibling's machine. And the younger one is much better at this class of games.
That, or any other of many scenarios that go against the idea that an account is used by one and only one person.
Funny, that's exactly the kind of profound lack of empathy and awareness my ex-wife had. "Do anything you want to prisoners; there's absolutely NO WAY I can possibly imagine being in that position myself" (I find this particularly amusing since she did far more actually illegal stuff like drugs etc in college than I ever dreamed of; but these emotions are always outwardly oriented:).
The whole point of this thread is that these systems are not installed on cheaters in a targeted way. They are installed on everybody's computer. They make far far far more innocent gamers suffer than they punish cheaters. And we've seen time and again that these systems misidentify cheaters badly. Think of all the times your Norton of McAfee misidentified your bit torrent client or your open source utility or your own crypto mining software for malware, and multiply it by a thousand.
Hilarious. They're just people exercising their freedom. It's their computer, they can hook into the game's code if they want. I bet many of them are themselves hackers, worthy of respect. I bet many of them post here. When I was a kid I remember seeing people in forums who hacked games to make them harder because they played the shit out of it and were bored already.
These corporations? They are merely guests on our systems. Every single thing they think they can do? It's because we allow it. We allow their game to run at all. We refrain from modifying it. Everything they do, it's a privilege and we can revoke it. Ruin their PC? Good luck with that. If people care enough they'll reverse engineer your game and make their own version without all your bullshit.
"Hackers"? No. You are being "hilariously" ignorant about the current state of cheating in online games. The vast, vast majority of cheaters could be described most charitably as script kiddies, and even that is a stretch. They pay monthly subscription fees to cheat makers to get the ability to exercise their "freedom" to grief other players.
Whatever. I guess I never lurked in those circles. The real hackers used to shame them and run them out of forums. Maybe you shouldn't be playing with these skids at all instead of aksing for non-solutions that do nothing but normalize intrusive corporate malware.
I don't fault the skids either. As far as I'm concerned they have as much computer freedom as I do. The only solution is to whitelist the people you play with.
It’s a multi-million dollar business now. Make a cheat, add a paywall, charge people. Lookup “The Wiggle That Killed Tarkov” on YT [1] (nvm, here is link). This is an epidemic not some leet hacker proving he’s master over his domain. It’s kids and young adults paying Mr.X $9.99/mo to see thru walls and auto shoot your dome.
If you compare the Valorant and CS:GO communities, the Valorant community has a much easier time onboarding people and a much smaller cheating problem. That's all because of Vanguard, their much more intrusive anti-cheat that uses an early mode kernel driver.
VAC (user-mode) is easily broken for the most part so players willingly navigate to external platforms for CSGO like ESEA and FaceIt which use their own hand-rolled intrusive kernel mode anti-cheat.
Maybe it's best if Microsoft just baked this into Windows. It's intrusive, but clearly players demand it for competitive games. Streaming isn't a solution to that, the latency is unacceptable in shooters.
Notably, these kernel drivers work because the cheat makers are not able to create their own kernel drivers. Microsoft requires drivers to be code signed, and Microsoft will not code sign cheating software.
Unfortunately, that also means you and I can't run our own driver code, on our own purchased machines! I find this really crappy for reasons which have nothing to do with anti-cheat. For example, I can't install modified nVidia drivers.
You can temporarily but it needs to be manually re-enabled again before every single boot. Also kernel anticheats will detect that test-signing is enabled and refuse to let you play.
The people who want to tinker with unsigned drivers is many orders of magnitude smaller than the people who would accidentally install a malicious driver and ruin their PC.
They had to make a choice for UX sake, they chose the bigger group of people and are happy to let the tinkers go to Linux
> Streaming isn't a solution to that, the latency is unacceptable in shooters.
I avoid streaming for that reason, but it's not unthinkable to play shooters with high latency. For years in the late 90s we played Quake 1 with a 150ms ping and had a blast. If non-streamers were disallowed that might actually be a good platform for fair competition.
> For years in the late 90s we played Quake 1 with a 150ms ping and had a blast
Yes, that's right. But it's also a completely different sort of lag, you can't compare network lag to input lag. With net lag in a game like quake you had to deal with players not really being where they seemed, but at least the game still resonded to commands when you issued them. It didn't take 150ms for your character to start jumping after you hit the jump key. That's unplayable. Also we had mods for dealing with net lag, the "unlagged" mod that let you shoot players where you saw them, not where you really are. It worked well if you were playing with people who didn't cheat.
Incidentally, I remember something else about playing Quake in those days: I didn't need anticheat, and nor did any of my friends. We ran private servers and did our own matchmaking. We didn't need anticheat because we chose not to play with cheaters in the first place. If any of us were secretly cheating, it wasn't severe enough to be noticed and therefore wasn't a problem. Anticheat only becomes "necessary" when matchmaking is taken over by the company, you're made to play with strangers instead of friends, and when everybody is encouraged to take it suuper seriously with global ranking nonsense that encourages people to treat the game like a career, not like a game. I really hate this trend in modern games. I'm sure it drives "engagement" but it encourages players to develop unhealthy attitudes and obsessive behaviors.
The ability for gamers to run their own servers on their own networks is sadly the reason we are where we are. I understand the business model of why, but from a common sense perspective it’s better for the game if you let people police their own groups/matches/membership like we used to.
Instead, only “authorized providers” are allowed in most cases, that charge you a lot of money for the privilege of having a dedicated host, if at all. Worse is when the game company themselves provide the servers without the ability to choose.
When we could host our own, at home or at school or in the work IT closet as a “storage controller”, we could control the experience. This is why Minecraft because so popular, mods yes, Twitch Personalities, probably also, but the ability to host your own world with friends and hold them accountable for blowing up your house at school the next day was why it became a phenomenon with kids.
Sure, you'd still have video capture and hardware controlled cheats but those can be mitigated as well. No FPS that I know of has a "max turn rate" due to the twitchiness of the mouse. Want to look behind you and then back in front in 2ms? Crank your mouse sensitivity all the way up. I've seen some hardware mouse controller cheats in the wild. They aren't that good. There was one that used a video feed and AI to "software control" the mouse but that can be detected as well by reading from the hardware directly. Mouse input is pretty standard USBHID shit.
> No FPS that I know of has a "max turn rate" due to the twitchiness of the mouse.
Descent did, famously different max rates for vertical and horizontal, so if you want to master fast turning, you've also got to master rolling so you can turn in the direction you want at the faster rate.
I don’t categorize Descent as an FPS. It’s more a space-shooter. It was one of my favorite games growing up, that, and TIE-Fighter. Descent was very much in the realm of Wing Commander and TIE-Fighter but inside Doom Levels. Space-sims have always had weird physics as part of the charm (much to the hatred of the developers). Wall Running (strafe running), Rocket Jumps, Roll-Turns, things that are side-effects of non-uniform physics or physics effects that added to the gameplay so it was left in.
My current mouse is one of those little RF dongles, The protocol is surely not complicated if there was an aimbot on the other end and would be completely invisible to any anticheat malware on the machine. Or just plug it in and have it emulate it directly if you want to eliminate any latency...
Find cvcheat with a quick Google. Looks like the site is not in English though. Curious to learn more, it’s fascinating problem and rat race. Wonder how this tech would fair against csgo over watch.
Yes, but those are external anyway so a kernel-based anti-cheat system wouldn't be able to catch them anyway. The point is to be better than the invasive stuff we have now.
> but as we've seen with Stadia, it's just not quite there yet.
.... if you are using Stadia as an example of the capabilities of this technology, it is a mistake. Stadia was always the least capable of all the game streaming services.
As someone who games exclusively on the cloud, including competitive online multi-player games, using services like ShadowPC, GeForce Now, and XCloud - I contend it is quite closer than you think
I recall many years ago one of the Command and Conquer games decided I had a pirate installation and blew up all my units in an on-line game. No, I had a perfectly legitimate copy that thought it was pirate because I had done an over-the-top installation of Windows because it was corrupted. Most everything worked fine and didn't need reinstallation.
Money quote: “Essentially, [CAPCOM.SYS] provides ring-0 code execution as a service! Its only function is to take a userland pointer, disable SMEP [thus allowing the kernel to execute from userland-owned pages], execute code at the pointer address and re-enable SMEP.”
It's a "legitimate" corporation. The malware has a "legitimate" purpose. The user "technically" agreed to the abuse when they mashed next on the install wizard.
I seriously doubt any anti-malware software will block this.
Yep, this should be a solution... stop the malware from working, and if the game doesn't work, the users can refund it (since the gameplay time will be 0 hours anyway).
Let the developers (well... managers) deal with the refunds then.
I didn't mention them because while it was a DRM rootkit it had to do with anti-cheating software which is what this particular thread is about. I've indirectly mentioned them in other posts.
I'm not sure they should refuse to distribute it. But all those things on the comment should be actively disclaimed with high emphasis before you buy the game, and stay available for consultation indefinitely afterwards.
I mean, yeah you are right calling those out, but there is a plethora of vulnerable drivers from e.g. mainboard and GPU manufacturers, very often installed by default on new machines.
I would distinguish between an Anti-Cheat actively doing shady stuff (like it seems to be the case here) and companies simply shipping crappy software - because that's too often the case in many areas.
That's no excuse. I call those manufacturers out too. The truth is these hardware manufacturers treat software as a cost center, don't invest in it and make shitty software as a result. Honestly they shouldn't even be writing software at all, they should be publishing specs so that better people can write it and mainline it on Linux where it belongs.
At least they aren't literally in the business of making malware designed to own people's computers with the express purpose of denying them their computing freedom. That's ultimately what "cheating" is: an exercise in computer freedom. The game is running on my computer, of course I can modify it if I want. Any attempt to prevent me from doing so obviously requires that the computer not obey me anymore. The only thing that separates this crap from malware is some terms of service document nobody reads.
I've always been aware that all proprietary software is potential malware but I always gave these developers the benefit of the doubt until the actual vulnerabilities started surfacing.
I remember my very first comments on reddit years ago were on a news post about some flight simulator software exfiltrating your browser's saved username and passwords directly to the game company. Let me see if I can dig up that thread.
You hit it with "they shouldn't be writing software at all, they should be publishing spec". I've been wanting to roll my own board for a long time (not the hardware, the boot and os side) but haven't outside of a raspi or arduino. I'd LOVE to be able to write my own motherboard code to have a better boot experience (somewhere between Apple Mac's and uSplash Linux) that's fast to user-land.
There have been some companies that recently announced this kind of approach (at least with linux) but overall, we need our computer industry to be more open, we need more accountability of shady practices (exfiltrations!) and modern laws to allow people to protect themselves from these corporations that mean to steal our data.
It absolutely is an inherent problem of anti-cheat software. By definition, that software exists to deny you the freedom to cheat or otherwise modify the game. The only way they can possibly do that is to pwn your machine.
Don't generalize that to all software. Free software doesn't do that. GNU was literally founded on the principle of not doing that.
Plenty of software will kick you from servers or even kill the game process if they detect anything, including false positives like some suspicious string in a completely unrelated chat application.
Who cares though? Fine, you can say they monitor you. The point is: to monitor you, they gotta pwn your machine. If they don't you can just defeat their silly "monitoring" software. They own your machine by installing kernel mode malware into your OS. They literally rootkit your computer.
That’s not a “problem” with anti-cheat, it’s the entire point. It is a group of people who have chosen to give up their freedom to modify their games in exchange for the ability to play with other people who agree to the same.
It is okay for private clubs to have rules for the conduct of their consenting members.
FOSS is great for allowing individual freedom of software developers. It doesn’t provide functional solutions for all of the worlds problems, though.
Thank you for citing this. I favorited it as yet another example to cite whenever the topic comes up.
Seems to be a trend with japanese companies. Check out the wonderful consequences of allowing these corporations access to your computer:
https://github.com/FuzzySecurity/Capcom-Rootkit
https://fuzzysecurity.com/tutorials/28.html