• CalcProgrammer1@lemmy.ml
    link
    fedilink
    arrow-up
    130
    ·
    13 days ago

    Honestly, not even mad. Sucks for the victims, but we need hackers poking holes in kernel anticheats. Show the game companies that kernel anticheat is a waste of effort and maybe this horrific plague of gaming will die off.

    • GetOffMyLan@programming.dev
      link
      fedilink
      arrow-up
      3
      ·
      12 days ago

      The issue is that without it cheating is so much easier in many games. So then people just get pissed at all the hackers.

      • dontgooglefinderscult@lemmings.world
        link
        fedilink
        arrow-up
        23
        ·
        12 days ago

        No, not really. That’s the point. Kernel level anticheat has no real advantages and is easily bypassed. It’s the laziest possible solution that only detects and blocks the laziest possible implementations of cheats.

        Good game design eliminates the possibility of cheating. Cheats are only ever possible if you take enough stupid and lazy shortcuts that it’s easy to take advantage.

        • lorty@lemmy.ml
          link
          fedilink
          arrow-up
          3
          ·
          12 days ago

          So what are these easy anti-cheat solutions that can detect aim-hacking?

          • dontgooglefinderscult@lemmings.world
            link
            fedilink
            arrow-up
            8
            ·
            12 days ago

            That’s super easy. Aim hacks hit the same point. Record the event with the exact point aimed at to cause the guy (assuming hit scan system instead of projectile), and compare the last x number of hits. If the last x hits are all the same location(s), suspend or flag for human review depending on resources.

            Alternatively, track last x seconds before the fire button was pressed, compare to last several shots.

            Scripts do not behave like humans, they aim predictably. After x number of shots, you can always programmatically detect them.

            • untimed@lemm.ee
              link
              fedilink
              arrow-up
              8
              ·
              12 days ago

              First of all, I‘m not a fan of kernel level anti cheats either. I think your point shows the never ending cat and mouse game that game developers have to deal with. Implement what you described, catch a few cheaters. Now cheats developers add pseudo random deviations within the hitbox to their aim hack. From what I understood, the kernel level anti cheats aimed to abstract and attack at the single point that all cheats have in common. I am not up to date but I believe that single point is code, that is being injected into the game process, or another program messing with the allocated memory of the game process. At least that would make sense to me as to why such an intrusive implementation of anti cheat is necessary.

              Anyway, in my opinion the gains do not justify it.

              • dontgooglefinderscult@lemmings.world
                link
                fedilink
                arrow-up
                4
                ·
                12 days ago

                To your first point pseudorandom variations don’t actually change the method of detection or it’s effectiveness. Heuristic pattern matching as described will work until the movement and shots are no longer accurate enough or fast enough to matter.

                To your second point, all anticheats do that. Kernel level anticheat looks at the running memory of all other programs. That’s the difference. It can detect and scan anything that is open on your machine. Got a Firefox tab open with your bank details? Kernel level anti cheat knows it. Running obs and streaming? Hope obs has active encryption for your stream key in memory, because the anti cheat can grab it otherwise.

                If it just looked at the memory of the affected game literally no one would have a problem with it, that’s all anticheats.

                Kernel level anticheat means you trust the entirety of your computer and everything running on it to at least the game publisher, if not an additional anticheat company.

                • Sas [she/her]@beehaw.org
                  link
                  fedilink
                  arrow-up
                  5
                  ·
                  12 days ago

                  Interestingly enough valve has tried your method of catching cheaters your way by pattern matching with a neutral network in csgo. Sadly they never got to the confidence level where they made it automatically ban people because they didn’t want to catch really good players in the crossfire. Instead they send them to overwatch, a system where sufficiently good players could judge the case and determine if the person is cheating.

                  But also there’s many different types of cheats and that will only gets you so far. Information plays a big role in cs so wall hacks can go undetected if the player masks then which they do since they know they’re probably watched. There’s also subtle aim bot for that reason that doesn’t snap your aim to your enemy precisely but corrects your manual aim by just correcting it a tiny bit.

                  As the other user described, it is an arms race and so far the cheaters keep finding ways to trick the algorithm after each ban wave. I still admire valve for not going kernel level with their anti cheat and trying the complicated and interesting route instead. However i think that is because valve tried kernel level when it was still resisted by gamers so they got big backlash at the time and went back to regular anti cheat.

                  I think what worked best for me was trust factor, which rates the trustworthiness of your steam account and since i have a legit account I’ve not played against cheaters since they implemented it and until i stopped playing. It sucks for new players with new steam accounts tho as they get matched with a lot of cheaters.

            • GetOffMyLan@programming.dev
              link
              fedilink
              arrow-up
              3
              ·
              12 days ago

              Bots just get around that by adding random amounts. We learnt this with RuneScape lol

              Also in a fast paced FPS they aren’t going to hit the same spot from the same position repeatedly.

              • dontgooglefinderscult@lemmings.world
                link
                fedilink
                arrow-up
                1
                ·
                12 days ago

                I covered that, there is no real RNG. It will always be able to be programmatically detected over enough shots.

                To your second part, yes, they will. They aim at the same point. Even if there’s variance in the points there won’t be enough variance in moving to the points that they’ll be able hide the unnatural movement.

                • GetOffMyLan@programming.dev
                  link
                  fedilink
                  arrow-up
                  4
                  ·
                  11 days ago

                  Again this happened in RuneScape with the auto clickers. Every time they get better at detecting them the hackers get better at hiding them. You just start throwing on a few miss fires and they’re back to square one. It really isn’t as simple as you describe or they would do it.

      • Avatar_of_Self@lemmy.world
        link
        fedilink
        arrow-up
        8
        ·
        12 days ago

        Yes, if they offload all of the compute for anti-cheat to the customer’s hardware, then you are right for current operating systems.

        Client side anti-cheat is not the only way but it is the cheapest way for the game industry.

  • Gamma@beehaw.org
    link
    fedilink
    arrow-up
    71
    ·
    edit-2
    13 days ago

    Vizor explained that Ricochet uses a list of hardcoded strings of text to detect cheaters and that they then exploited this to ban innocent players by simply sending one of these strings via an in-game whisper. To test the exploit the day they found it, they sent an in-game message containing one of these strings to themselves and promptly got banned.

    Vizor elaborates, “I realized that Ricochet anti-cheat was likely scanning players’ devices for strings to determine who was a cheater or not. This is fairly normal to do but scanning this much memory space with just an ASCII string and banning off of that is extremely prone to false positives.”

    This is insane, they had an automatic script to connect to games and ban random people on loop so they could do it while away

    • renegadespork
      link
      fedilink
      arrow-up
      27
      ·
      13 days ago

      a list of hardcoded strings

      Violating a core programming tenet right off the bat. I wonder how much money Activision payed for this software…

      • ramjambamalam@lemmy.ca
        link
        fedilink
        arrow-up
        14
        ·
        12 days ago

        We and the hacker have no idea if this list is config driven or truly “hard coded” i.e. a const in the source code. It’s hardly an indicator of violating a core programming tenet.

  • I Cast Fist@programming.dev
    link
    fedilink
    arrow-up
    61
    ·
    12 days ago

    So, simply receiving “aim bot” as a whisper (private) message was enough to get permabanned. FUCKING JEE-NIUS ANTICHEAT, GREAT JOB, GUYS!!!

    • jerkface@lemmy.ca
      link
      fedilink
      arrow-up
      13
      ·
      12 days ago

      When I was at my peak effectiveness in Urban Terror, I could hold my own against them…

      • Heh. GTA V used to be fun even when a cheater would show up and because you could just use a rocket launcher on them to keep them ragdolled forever so they couldn’t use their cheat menu (or any menu). They’d have to alt-F4 to quit since being ragdolled closes any open menus.

    • TheDorkfromYork@lemm.ee
      link
      fedilink
      arrow-up
      5
      ·
      12 days ago

      Yes, but not through standard methods. Even AI aimbot can be filtered, but the amount of RND required is likely to much for a single studio to bear alone. I believe we are more likely to see neural network trained bots largly replacing real players using an off the shielf model. Just a guess, not an expert.

      • Doomsider@lemmy.world
        link
        fedilink
        arrow-up
        8
        ·
        12 days ago

        There is already a solution using relatively simple analytics and building a profile of the player. It becomes very easy to find cheaters because it is easy to analyze how fast and directionally they aim. It is obvious when someone is using macros for instance or a aimbot.

        The problem is this does not require intrusive programs that are essentially spyware for your OS. This is what attracts the big studios to these solutions not their effectiveness.

        There is a workable solution but let’s be honest. Cheaters are often whales and spend a lot of time and money on the game. It is bad engagement to send them away.

        Big studios already recognize this. So to be blunt they allow a certain amount of cheating because they don’t want to really solve the problem.

        • TheDorkfromYork@lemm.ee
          link
          fedilink
          arrow-up
          3
          ·
          12 days ago

          I was speaking to the long term, 5-10 year in.the future. Analytics is a current solution and as far as I know works well. I was just talking vaguely about long term problems and solutions.

          • CleoTheWizard@lemmy.world
            link
            fedilink
            arrow-up
            5
            ·
            12 days ago

            I think the best thing I’ve heard for long term solutions is to fix a lot of the cheating using server side solutions. In a game like CoD, that means the server doesn’t send you player positions unless you absolutely need to know them.

            The other thing honestly is just increasing the investment required to cheat. That could mean that in order to play competitive game modes, you need to have signed in at least once for 4 weeks straight and played the game. Or you need to be a certain level. Issue hardware bans and IP bans to people. Require phone number verification.

            What those things do as barriers is actually increase the potency of current detection methods. This should also carry over to accounts. I’m not sure why steams VAC ban system isn’t more popular. As in accounts need to be flagged as a whole when cheating in just one game is found.

            There are many solutions but it’s just not a big deal for companies as the prior person said. Plenty could be done to at least make cheating harder and cost more time/money. But that won’t happen

            • jerkface@lemmy.ca
              link
              fedilink
              arrow-up
              2
              ·
              11 days ago

              I’m not sure why steams VAC ban system isn’t more popular. As in accounts need to be flagged as a whole when cheating in just one game is found.

              Presumably because this opens players to significantly damaging abuse from server operators. Players aren’t the only ones who fuck around.

              • CleoTheWizard@lemmy.world
                link
                fedilink
                arrow-up
                1
                ·
                11 days ago

                I don’t mean individual servers. What I more meant was let’s say a game uses a standardized anti-cheat. Like EasyAntiCheat or Battleye or similar. And whoever runs your game service (Steam, PSN, Xbox) can vet these anti cheat programs and allow them to create a record on your account of cheating.

                And obviously these things get false flags so you can account for that, give people strikes and allow appeals. And games would have the option of banning you for: having too many strikes total, violating only a specific anti-cheat X times, or ignoring this system except to place extra suspicion and resources on those already having strikes.

                Also having an account tied to hardware is a no brainer and I’m surprised that this doesn’t get employed often. I know IDs can be spoofed but that’s another barrier potentially.

              • CleoTheWizard@lemmy.world
                link
                fedilink
                arrow-up
                1
                ·
                11 days ago

                They use a hybrid system now and only use peer to peer when dedicated servers aren’t enough, so they could just swap to purely dedicated servers.

                However ignoring that, even a peer to peer system can do similar tricks if you don’t isolate the host peer to just one machine. That can even be done by spot checking with a company owned server. You use the server as a verification peer and have it as a backup host to the assigned peer. If your verification peer gets different ram values or what not, you shut the server down at the very least and place that peer on a suspicion list.

                But even if they went the cheap route, just distribute the peer network. Let’s say that you have a game of 12 people. You could make it so that each peer is only assigned a certain part of the simulation and players (with overlap on assignments) and cannot track the entire simulation. It’s more complicated than a single server hiding info from you, but they could at least make it to where you’d need multiple infected peers to take over a lobby.

          • Doomsider@lemmy.world
            link
            fedilink
            arrow-up
            2
            ·
            12 days ago

            I think you were spot on about training a neural network with player data. It is already happening without a doubt.

    • Evotech@lemmy.world
      link
      fedilink
      arrow-up
      3
      ·
      edit-2
      11 days ago

      It requires the server to verify all inputs. It’s doable, path of exile does that and most arpgs. But it leaves them very open to lag and desync issues, most games will prioritize a smooth experience.

      Cod is peer to peer I think, clients host the server, very cheap for the company. But obviously you need to give the client a lot more information.

  • Defaced@lemmy.world
    link
    fedilink
    arrow-up
    5
    ·
    11 days ago

    But you know, according to EA Linux is worse than guys like this deliberately causing disruptions in service to legit players.