So you’re telling me that this could disrupt the anti-cheat industry, which is currently responsible for a lot of the Windows platform lock in the gaming industry and is tied to a lot of potential security vulnerabilities because it goes to a much higher level of privilege than a reasonable user would expect a game to need? I already wish I was in the right geographic area to sign, you don’t need to sell me on it twice!
Anti-cheat is a necessary evil for competitive online games. No one wants to play a game against cheaters since they typically have an unfair advantage. If you can’t combat cheating then you might as well not make the game since no one will want to play it. Fine by me since I don’t care for such games but I could imagine people who like playing them might prefer to play against as few cheaters as possible. What are the alternatives?
Battlefield and cod have cheaters running rampant in their official servers despite using anti cheats. They could employ a team to monitor cheating reported by players. But clearly they just don’t want to expend resources to combat that.
EvE Online doesn’t use root access anticheat software. I know it doesn’t because it runs on Linux just fine. That particular player base is the worst hive of scum and villainy that you’ll find outside of government. Clearly the anticheat software isn’t as essential as game studios would have you believe. The only major cheating I’m aware of in EvE was the BoB scandal, and that involved Devs cheating because they were Devs.
Anti-cheat is a necessary evil for competitive online games
Client-side anti-cheat is useless. It’s not a necessary evil, it’s just evil. The minute the cheater/hacker has direct access to the system, you’ve already lost.
Much like every form of security measure, the intention is not to completely eliminate the possibility of an attack (which is impossible in most cases). Instead, the intention is to increase the amount of effort that’s required to make an attack.
What you’re referring to is deterrence, and it doesn’t apply to online gaming the way it does to theft of property. One cheater doesn’t ruin the game for one other person, they ruin the game for dozens or hundreds of other players.
And the efficacy being so bad is the reason why client-side anti-cheat keeps getting more and more invasive to the point of being literally, by definition, a type of malware and system rootkit. And yet it’s still not enough to defeat cheaters, because the cheaters have full access to the system itself.
And the guys writing the cheat software just have to put in the effort once to defeat the anti-cheat and then they sell it to people who install it like any other software. The cheaters who use the cheats have it easy.
What you’re referring to is deterrence, and it doesn’t apply to online gaming the way it does to theft of property. One cheater doesn’t ruin the game for one other person, they ruin the game for dozens or hundreds of other players.
Why are you comparing theft to game hacking out of nowhere? Did you accidentally reply to the wrong person?
And the efficacy being so bad…
Source?
full access to the system itself.
What do you mean by system in “full access to the system”? Too vague to even say anything about.
And the guys writing the cheat software just have to put in the effort once to defeat the anti-cheat and then they sell it to people who install it like any other software. The cheaters who use the cheats have it easy.
The potential guys that can write the cheat software and how quickly it can be developed is the part that matters. Much like when it’s easy to use an exploit once it’s already discovered. Someone still has to discover the exploit.
Why are you comparing theft to game hacking out of nowhere?
You made the comparison: “Much like every security system”
Source?
It’s out there, my dude. It’s a constant complaint in literally every competitive online game. If people are complaining about it, then it’s not working well enough. This isn’t an esoteric thought either. You ask anyone if cheating is a big issue in online gaming and anyone with knowledge about it will tell you it’s a constant problem that’s getting worse.
What do you mean by system in “full access to the system”?
If you own the hardware and have admin/root access to the OS. Then it’s yours and you have “full access” to everything. And I do mean everything. You can modify the OS. You can read the values of protected parts of memory. And so on.
If you don’t understand what I mean by “full access to the system” in the context of anti-cheat running on your own hardware, then there’s nothing I can say in a short comment to get you up to speed.
Someone still has to discover the exploit.
The cheat and anti-cheat battle is a constant cat and mouse game. The advantage is always with the cheaters because they outnumber the developers 100:1 at the least. Plus they have the will and determination to find ways around anti-cheats. In fact, building security against exploits is by far way harder than finding exploits.
The reality is that client-side anti-cheat is a losing battle.
So you’re telling me that this could disrupt the anti-cheat industry, which is currently responsible for a lot of the Windows platform lock in the gaming industry and is tied to a lot of potential security vulnerabilities because it goes to a much higher level of privilege than a reasonable user would expect a game to need? I already wish I was in the right geographic area to sign, you don’t need to sell me on it twice!
Anti-cheat is a necessary evil for competitive online games. No one wants to play a game against cheaters since they typically have an unfair advantage. If you can’t combat cheating then you might as well not make the game since no one will want to play it. Fine by me since I don’t care for such games but I could imagine people who like playing them might prefer to play against as few cheaters as possible. What are the alternatives?
Battlefield and cod have cheaters running rampant in their official servers despite using anti cheats. They could employ a team to monitor cheating reported by players. But clearly they just don’t want to expend resources to combat that.
EvE Online doesn’t use root access anticheat software. I know it doesn’t because it runs on Linux just fine. That particular player base is the worst hive of scum and villainy that you’ll find outside of government. Clearly the anticheat software isn’t as essential as game studios would have you believe. The only major cheating I’m aware of in EvE was the BoB scandal, and that involved Devs cheating because they were Devs.
Can the EvE online method be applied to dissimilar games like e.g. fps games?
No clue, I just know that it exists and seems to work with the scammiest scammers that ever scammed
Client-side anti-cheat is useless. It’s not a necessary evil, it’s just evil. The minute the cheater/hacker has direct access to the system, you’ve already lost.
Much like every form of security measure, the intention is not to completely eliminate the possibility of an attack (which is impossible in most cases). Instead, the intention is to increase the amount of effort that’s required to make an attack.
What you’re referring to is deterrence, and it doesn’t apply to online gaming the way it does to theft of property. One cheater doesn’t ruin the game for one other person, they ruin the game for dozens or hundreds of other players.
And the efficacy being so bad is the reason why client-side anti-cheat keeps getting more and more invasive to the point of being literally, by definition, a type of malware and system rootkit. And yet it’s still not enough to defeat cheaters, because the cheaters have full access to the system itself.
And the guys writing the cheat software just have to put in the effort once to defeat the anti-cheat and then they sell it to people who install it like any other software. The cheaters who use the cheats have it easy.
Why are you comparing theft to game hacking out of nowhere? Did you accidentally reply to the wrong person?
Source?
What do you mean by system in “full access to the system”? Too vague to even say anything about.
The potential guys that can write the cheat software and how quickly it can be developed is the part that matters. Much like when it’s easy to use an exploit once it’s already discovered. Someone still has to discover the exploit.
You made the comparison: “Much like every security system”
It’s out there, my dude. It’s a constant complaint in literally every competitive online game. If people are complaining about it, then it’s not working well enough. This isn’t an esoteric thought either. You ask anyone if cheating is a big issue in online gaming and anyone with knowledge about it will tell you it’s a constant problem that’s getting worse.
If you own the hardware and have admin/root access to the OS. Then it’s yours and you have “full access” to everything. And I do mean everything. You can modify the OS. You can read the values of protected parts of memory. And so on.
If you don’t understand what I mean by “full access to the system” in the context of anti-cheat running on your own hardware, then there’s nothing I can say in a short comment to get you up to speed.
The cheat and anti-cheat battle is a constant cat and mouse game. The advantage is always with the cheaters because they outnumber the developers 100:1 at the least. Plus they have the will and determination to find ways around anti-cheats. In fact, building security against exploits is by far way harder than finding exploits.
The reality is that client-side anti-cheat is a losing battle.
So just don’t let them join/kick them from your server?
Before you can do that, you need to determine whether someone is cheating. This is the purpose of anti-cheat software.
Do you have spies behind you when playing cards too?