Nah I can’t agree with this. I don’t think there are many games with anti-cheats solely on the server. Even Valve has its VAC.
I agree that Kernel anti-cheats are bullshit, I don’t want a rootkit on my system. But if you are already running a closed-source game, it’s not a stretch to run its local anti-cheat.
And local anti-cheats make sense in and of themselves since you can’t easily detect things like visual hacks from the server-side.
You misunderstand a few key things about the points I made, I think. In particular the bit about not being able to trust the client that it is running the code you think it is.
Not sure how or why MY cpu is supposed to do the work a company should do to provide a decent online experience. Especially when the server, where all the clients are coordinated, is the best place to analyze the data stream for anomalies. Not to mention you just cannot ever trust the client to be running the the code it says it is on the hardware it says it is. The server is where anti-cheat has always belonged. (And tbh just sending the right data to the right clients would win half the fucking battle.)
Not to mention you just cannot ever trust the client to be running the the code it says it is on the hardware it says it is.
And this is the problem. I really don’t think you’re aware of how fucking sophisticated cheats are. Anti-cheat software isn’t looking for people with high K:D’s or or snappy aimbots. The server can’t tell if you can see through the walls. The server has no way to know what’s also running on your computer.
Anti-cheat is looking for signs and signatures of those tools cheaters use. And, no, it’s not as easy as looking for a process called “TEH-HAX0RS.exe”. It’s borderline virus levels of sneaky, simulating regular processes. And, just like malware, there is business incentive for these people to be a step ahead of the anti-cheats because stupid kids still keep buying these fucking things. Antivirus and Anticheat are both fighting basically the same people.
I’m not going to disagree that it sucks and some games just make it too fucking easy to begin with by having poor code and structure, but by and large, if it was easy to detect cheaters in the server, it would have been done by now.
If privacy is your number one priority, abso-fucking-lutely don’t play the game. Or at least use a dedicated PC or game console. That said, ruining the enjoyment of the game for everyone else by letting cheaters have a field day will be less acceptable to the game buying public.
I do have some understanding of how both local and server-side cheat detection work.
How do you think processing of video output streams downstream from the output port with usb input assistance back into the PC should best be detected client-side, for example?
Cheats require hardware and setup time and probably more money
The number of people that will cheat is less at each tier right? What if we remove the risk of ban at each tier vs a higher risk of ban?
If a dev does fucking nothing at those mid tiers, more people will cheat. If they build a reputation and ban a bunch of people, it encourages more people to give it up. Stubborn ones persist and go down to the next tier but they will be fewer in number. Ideally we make it so the cheat doesn’t work at each tier but each one is also harder to prevent.
It’s about playing the numbers. 1 in 100 players cheating sucks. 1 in 1000 cheaters isn’t great. 1 in a million? That’s a lot better risk.
So what happens if devices become popular and common? Great question. I guess everyone that gives a shit quits playing games? Every game is locked down with stream fed into AI, wave our hands and “magically” a server is making the decision for us?
I don’t know.
Until we get to that point, I accept the tools that work for now.
Gonna skip most of your response because you fail to understand that barriers to entry in these area continue falling and are unstoppable. You will have to address this.
Thanks for the discussion, but I don’t think there is much more that you and I could discuss productively here.
Ha, this was no fucking discussion. You moved the goal posts, I pointed out why that new goal is still not a problem today, and you’re now trying to worm your way out by saying you didn’t read my response.
I will not waste more time. I am sorry you feel my response isn’t adequate. I didn’t move any goalposts, I asked how you would deal with an actual problem and you dismissed it. 🤷♂️
keep your anticheat code off my cpu and on the server where it belongs.
wtf.
why is this so fucking hard for developers to understand?
Nah I can’t agree with this. I don’t think there are many games with anti-cheats solely on the server. Even Valve has its VAC.
I agree that Kernel anti-cheats are bullshit, I don’t want a rootkit on my system. But if you are already running a closed-source game, it’s not a stretch to run its local anti-cheat.
And local anti-cheats make sense in and of themselves since you can’t easily detect things like visual hacks from the server-side.
You misunderstand a few key things about the points I made, I think. In particular the bit about not being able to trust the client that it is running the code you think it is.
Actually, it’s probably management who won’t right-size budgets.
Fuck.
Why is it so hard to understand that code on your CPU is far more effective?
Citation needed.
Not sure how or why MY cpu is supposed to do the work a company should do to provide a decent online experience. Especially when the server, where all the clients are coordinated, is the best place to analyze the data stream for anomalies. Not to mention you just cannot ever trust the client to be running the the code it says it is on the hardware it says it is. The server is where anti-cheat has always belonged. (And tbh just sending the right data to the right clients would win half the fucking battle.)
And this is the problem. I really don’t think you’re aware of how fucking sophisticated cheats are. Anti-cheat software isn’t looking for people with high K:D’s or or snappy aimbots. The server can’t tell if you can see through the walls. The server has no way to know what’s also running on your computer.
Anti-cheat is looking for signs and signatures of those tools cheaters use. And, no, it’s not as easy as looking for a process called “TEH-HAX0RS.exe”. It’s borderline virus levels of sneaky, simulating regular processes. And, just like malware, there is business incentive for these people to be a step ahead of the anti-cheats because stupid kids still keep buying these fucking things. Antivirus and Anticheat are both fighting basically the same people.
I’m not going to disagree that it sucks and some games just make it too fucking easy to begin with by having poor code and structure, but by and large, if it was easy to detect cheaters in the server, it would have been done by now.
If privacy is your number one priority, abso-fucking-lutely don’t play the game. Or at least use a dedicated PC or game console. That said, ruining the enjoyment of the game for everyone else by letting cheaters have a field day will be less acceptable to the game buying public.
I do have some understanding of how both local and server-side cheat detection work.
How do you think processing of video output streams downstream from the output port with usb input assistance back into the PC should best be detected client-side, for example?
Real fucking problem, yeah.
But think on this scale:
The number of people that will cheat is less at each tier right? What if we remove the risk of ban at each tier vs a higher risk of ban?
If a dev does fucking nothing at those mid tiers, more people will cheat. If they build a reputation and ban a bunch of people, it encourages more people to give it up. Stubborn ones persist and go down to the next tier but they will be fewer in number. Ideally we make it so the cheat doesn’t work at each tier but each one is also harder to prevent.
It’s about playing the numbers. 1 in 100 players cheating sucks. 1 in 1000 cheaters isn’t great. 1 in a million? That’s a lot better risk.
So what happens if devices become popular and common? Great question. I guess everyone that gives a shit quits playing games? Every game is locked down with stream fed into AI, wave our hands and “magically” a server is making the decision for us?
I don’t know.
Until we get to that point, I accept the tools that work for now.
Gonna skip most of your response because you fail to understand that barriers to entry in these area continue falling and are unstoppable. You will have to address this.
Thanks for the discussion, but I don’t think there is much more that you and I could discuss productively here.
Ha, this was no fucking discussion. You moved the goal posts, I pointed out why that new goal is still not a problem today, and you’re now trying to worm your way out by saying you didn’t read my response.
Classy. Fucking classy.
I will not waste more time. I am sorry you feel my response isn’t adequate. I didn’t move any goalposts, I asked how you would deal with an actual problem and you dismissed it. 🤷♂️
My citation is simply experience playing many different online multiplayer games and simple observation skills. If you had the same you’d understand.