I wrote a snarky response because of the final insulting comment in yours but then thought better of it, going to try to address a couple of your points legitimately even after the unnecessary personal attack.
It’s a lot cheaper to make your server dumb. It costs you less in programmers with deep multiplayer programming experience, it costs you less in ongoing hosting because of reduced CPU usage, and it makes the problem less “yours” as a developer.
I’m saying that’s shitty that the developers will try to save money that way rather than investing in actual effective, privacy-respecting cheat prevention.
Your argument seems to be that a quake-style predictive algorithm is the only solution possible for online games. I doubt that is the case, but even if it were, using some raycasts on the server for some basic sanity checks on what data to send to players is an example of where lots of developers just can’t be bothered.
If you want to dismiss machine learning as heuristics, I’m sorta ok with that, as I think they are just glorified heuristics, but even the most basic analysis isn’t done by most developers. Instead, they rely on the sales pitches of various anti-cheat software and don’t implement anything beyond it, even when there might be some low hanging fruit.
I am not saying developers are lazy, there’s tons of stuff to work on. I am mad that this problem gets repeatedly pushed onto the users rather than the developers, though, and I think it’s reasonable for me to offer some pushback when both my CPU cycles and my privacy are being abused.
I wrote a snarky response because of the final insulting comment in yours but then thought better of it, going to try to address a couple of your points legitimately even after the unnecessary personal attack.
Sorry, It’s not meant as an attack. I am simply calling it as I see it because I get a lot of gamers who think they’ve arm-chaired thought far more about my job as a networked gameplay engineer than I have. I’ve been doing this for a very long time and I know where developers cut costs. Anti-cheat isn’t just a slap-it-on and call it a good solution. There are a lot of reasons you want to trust the client and it makes the gameplay feel far better.
It’s a lot cheaper to make your server dumb. It costs you less in programmers with deep multiplayer programming experience, it costs you less in ongoing hosting because of reduced CPU usage, and it makes the problem less “yours” as a developer.
Typically, the server, especially in counter-strike’s case, isn’t dumb. In all games, the server still handles the dealing of damage which typically includes validations of that damage. In counter-strike’s case, very little data is calculated on the client. Most of it is raw data sent from input to the server.
Your argument seems to be that a quake-style predictive algorithm is the only solution possible for online games. I doubt that is the case, but even if it were, using some raycasts on the server for some basic sanity checks on what data to send to players is an example of where lots of developers just can’t be bothered.
Lots of game engines including source include and utilize ways to ensure the player is reporting sane inputs. Also, interpolation is different than extrapolation. Lastly, you don’t need to do raycasts to double-check this data. A lot of the time the raycasts are done on the server itself. In counter-strike’s case this is also true. Raycasts are done on the client typically for cosmetics only. You can see this with 3kliksphilip’s videos on sub-tick.
If you want to dismiss machine learning as heuristics, I’m sorta ok with that, as I think they are just glorified heuristics, but even the most basic analysis isn’t done by most developers. Instead, they rely on the sales pitches of various anti-cheat software and don’t implement anything beyond it, even when there might be some low hanging fruit.
Heuristics haven’t been done by developers in a long time. A lot of that is actually done in Valve’s case by Overwatch. Also, Valve makes it’s own anti-cheat called VAC. They aren’t getting sales pitches.
I am not saying developers are lazy, there’s tons of stuff to work on. I am mad that this problem gets repeatedly pushed onto the users rather than the developers, though, and I think it’s reasonable for me to offer some pushback when both my CPU cycles and my privacy are being abused.
Frankly, I feel like it’s wrong for you to say that the problem is pushed onto users when you don’t understand the code and effort the developers are writing to solve this issue specifically with counter-strike. VAC is probably the anti-cheat with the least amount of client code. It rests almost entirely on the server. One thing VAC does do is lock down the client on Windows to prevent modifications. One thing you can easily do is replace assets for walls with transparent textures to see through walls. That’s why things like the code and assets can’t be tampered with. Most game engines only send updates to the positions of actors in a network bubble. Maybe Counter-Strike’s network bubble is too large at the time but that’s not an argument you made.
Frankly, I feel like it’s wrong for you to say that the problem is pushed onto users when you don’t understand the code and effort the developers are writing to solve this issue specifically with counter-strike
You are the one who continues to make assumptions about what I do and do not understand about the code that makes this work in various games.
I don’t really feel like getting into the nitty gritty here in comments, but if your experience is what you say, I’m very surprised at some of your unqualified statements.
Your comments are enough to see where your knowledge of what a networked gameplay engineer does at Valve lies. Especially since you make assumptions that the developers aren’t doing things when very clearly there are proof and industry standards that say they do those things. If you are Andrew Burke who works at Valve as an Animator, I would recommend talking to the engineers there.
Edit: Who I am shouldn’t matter to you. Addressing the idea that you can shift some or all anti-cheat to the server is something you should try to engage with directly rather than appealing to authority. For what it’s worth, I’ve spent time as a programmer in the game industry in a handful of different roles and your search will eventually find me if you keep going down that road. My experience isn’t what I am arguing here, though.
It’s not really an assumption if I say “if”. I can agree with you that shifting as much data as possible on the server is best. Valve already does that pretty well for counter-strike. Far more than other competitive FPSs. They still keep shot registration on the server whereas most competitive shooters now have that on the client to have the correct gameplay feel. The big balance between keeping stuff on the server and putting some authority on the client is the gameplay feel. Counter-Strike has been and still is notorious for getting shot around a corner when you don’t see who shot you. This is because of server authority rather than client authority.
I wrote a snarky response because of the final insulting comment in yours but then thought better of it, going to try to address a couple of your points legitimately even after the unnecessary personal attack.
It’s a lot cheaper to make your server dumb. It costs you less in programmers with deep multiplayer programming experience, it costs you less in ongoing hosting because of reduced CPU usage, and it makes the problem less “yours” as a developer.
I’m saying that’s shitty that the developers will try to save money that way rather than investing in actual effective, privacy-respecting cheat prevention.
Your argument seems to be that a quake-style predictive algorithm is the only solution possible for online games. I doubt that is the case, but even if it were, using some raycasts on the server for some basic sanity checks on what data to send to players is an example of where lots of developers just can’t be bothered.
If you want to dismiss machine learning as heuristics, I’m sorta ok with that, as I think they are just glorified heuristics, but even the most basic analysis isn’t done by most developers. Instead, they rely on the sales pitches of various anti-cheat software and don’t implement anything beyond it, even when there might be some low hanging fruit.
I am not saying developers are lazy, there’s tons of stuff to work on. I am mad that this problem gets repeatedly pushed onto the users rather than the developers, though, and I think it’s reasonable for me to offer some pushback when both my CPU cycles and my privacy are being abused.
Sorry, It’s not meant as an attack. I am simply calling it as I see it because I get a lot of gamers who think they’ve arm-chaired thought far more about my job as a networked gameplay engineer than I have. I’ve been doing this for a very long time and I know where developers cut costs. Anti-cheat isn’t just a slap-it-on and call it a good solution. There are a lot of reasons you want to trust the client and it makes the gameplay feel far better.
Typically, the server, especially in counter-strike’s case, isn’t dumb. In all games, the server still handles the dealing of damage which typically includes validations of that damage. In counter-strike’s case, very little data is calculated on the client. Most of it is raw data sent from input to the server.
Lots of game engines including source include and utilize ways to ensure the player is reporting sane inputs. Also, interpolation is different than extrapolation. Lastly, you don’t need to do raycasts to double-check this data. A lot of the time the raycasts are done on the server itself. In counter-strike’s case this is also true. Raycasts are done on the client typically for cosmetics only. You can see this with 3kliksphilip’s videos on sub-tick.
Heuristics haven’t been done by developers in a long time. A lot of that is actually done in Valve’s case by Overwatch. Also, Valve makes it’s own anti-cheat called VAC. They aren’t getting sales pitches.
Frankly, I feel like it’s wrong for you to say that the problem is pushed onto users when you don’t understand the code and effort the developers are writing to solve this issue specifically with counter-strike. VAC is probably the anti-cheat with the least amount of client code. It rests almost entirely on the server. One thing VAC does do is lock down the client on Windows to prevent modifications. One thing you can easily do is replace assets for walls with transparent textures to see through walls. That’s why things like the code and assets can’t be tampered with. Most game engines only send updates to the positions of actors in a network bubble. Maybe Counter-Strike’s network bubble is too large at the time but that’s not an argument you made.
You are the one who continues to make assumptions about what I do and do not understand about the code that makes this work in various games.
I don’t really feel like getting into the nitty gritty here in comments, but if your experience is what you say, I’m very surprised at some of your unqualified statements.
I’ll bow out now.
Your comments are enough to see where your knowledge of what a networked gameplay engineer does at Valve lies. Especially since you make assumptions that the developers aren’t doing things when very clearly there are proof and industry standards that say they do those things. If you are Andrew Burke who works at Valve as an Animator, I would recommend talking to the engineers there.
And the incorrect assumptions just continue…
Edit: Who I am shouldn’t matter to you. Addressing the idea that you can shift some or all anti-cheat to the server is something you should try to engage with directly rather than appealing to authority. For what it’s worth, I’ve spent time as a programmer in the game industry in a handful of different roles and your search will eventually find me if you keep going down that road. My experience isn’t what I am arguing here, though.
It’s not really an assumption if I say “if”. I can agree with you that shifting as much data as possible on the server is best. Valve already does that pretty well for counter-strike. Far more than other competitive FPSs. They still keep shot registration on the server whereas most competitive shooters now have that on the client to have the correct gameplay feel. The big balance between keeping stuff on the server and putting some authority on the client is the gameplay feel. Counter-Strike has been and still is notorious for getting shot around a corner when you don’t see who shot you. This is because of server authority rather than client authority.