how do you actually tell in server side if a client is e.g. actually good at a game vs playing recorded moves with a bit of randomisation when you don’t have access to into on what’s actually happening on the client device?
as much as I love Linux this sounds like purposeful partial blindness from hopium/copium
You’ll never catch all cheaters no matter what you do. All the kernel access in the world won’t stop someone from having a secondary device hooked into the monitor output and faking a dumb keyboard and mouse.
A solid robust server-side solution and well architected server-client system will stop 99% of cheating. And no, Kernel AC is not part of a “well architected” system.
It’s, at best, a bandaid for a shitty server-client system that introduces a shit ton of privacy and security issues for everyone that uses it. Shit needs to stay out of the kernel unless absolutely necessary, and that goes for Linux, Windows or MacOS kernels.
Almost every blue screen/Kernel panic I’ve dealt with was traced back to some shit hooking itself into the kernel where it didn’t belong. And absolutely fuck third-party antivirus that hooks into the kernel too.
All the kernel access in the world won’t stop someone from having a secondary device hooked into the monitor output and faking a dumb keyboard and mouse.
I guess that’s true, but that’d be a lot difficult to program and expensive to use compared to a simple program that can read data straight from the game’s memory in machine readable format and send inputs straight into the system’s input framework. by raising the entry bar you’re effectively decreasing the amount of people that will cheat in the game
it’s ultimately the user’s decision if they want to sacrifice the purity of their kernel for a game like this, and I think it’s their problem if their kernel panics for them wanting to play slop made by AAA studios
These are almost impossible to do anything about even client-side because they operate on a hardware level.
In general state-reading hacks (like invisible walls and Gameworld state information hacks) are almost impossible to do anything about, to the point where when companies are able to find a way to defeat one of these things it’s huge news.
it’s ultimately the user’s decision if they want to sacrifice the purity of their kernel for a game like this, and I think it’s their problem if their kernel panics for them wanting to play slop made by AAA studios
That’s absolute horseshit, the average gaming consumer doesn’t know shit about the kernel, what it even is or the implications of running Kernel AC. They might know their game has AC, but chances are they won’t even know what kind to make this kind of informed decision.
This is becoming less true for FPS every month - the described method of cheating (off-device reading and input simulation) is becoming more accessible as more cheat makers are selling premade devices that do this. Huge problem even for new shooters like rivals - someone was already caught doing it in one of their ingame tournaments. It’s the primary way people cheat in League of Legends, and it would not surprise me to see evidence of it in dota 2(though I haven’t personally, I haven’t been paying attention to it for some years and it isn’t as frequent that a variety streamer or youtuber plays it compared to lol).
As mentioned before, kernel anticheat won’t catch these guys anyway, so it’s largely just a way to alienate your user base. There’s a new problem it does nothing special to solve.
One part would be to run a shadow client that takes the user’s input and sees how much the game state diverges. There will be a certain amount of it due to network latency, but if there’s some cheater using an engine mod/hack to fly around the map, this will catch that. Though something like that should be caught by a lower level check that makes sure the players are following the laws of physics in the game (like max speed, gravity applies, no teleporting).
Another one would be to see if the player follows things they shouldn’t be able to see. If a player hides behind something they can shoot through but can’t see through, do they somehow seem to always know they are there? Do they look around at walls and then beeline for an opponent that was hidden by those walls?
Another one would be if their movement (view angle) changes when they are close to targeting an enemy or if they consistently shoot when the enemy is centre of target, then it’s a sign they are using a device that even kernel mode anti cheat won’t catch to cheat (it plugs in to your input between your mouse and PC, also plugs in to somewhere that would allow it to act as a video capture device, then just watches for enemies to get close and sends movement or clicks to aim or shoot for you). Though this one is pretty difficult to catch, due to network latency. But those mouse movements might defy the laws of physics if the user was already moving. Natural movement is continuous in position and its first derivative (always, by Newton’s f = ma, though sample rate complicates that), and the way we generally move is also continuous in the second derivative, but banging your mouse into your keyboard can defy that and it’s even more sensitive to sample rate.
Imo these techniques should be combined with a reporting system and manual reviews. Reports would activate the extra checks for specific players (it would be pretty expensive to do it for all players), then positive matches from the extra checks would trigger a manual review and maybe a kick or temp ban, depending on how reliable the checks are.
That said, I believe there will eventually be AI-based bots where detecting them vs other skilled players will be impossible. And those will be combinable with some infrastructure that allows players to take certain amounts of control, maybe even with an RTS-like interface that could direct the bot to certain areas. Though adding an LLM and speech to text and vice versa could allow it to just respond to voice commands, both from other teammates and from the player.
I think at that point, preventing cheating in online games will be impossible and in person tournaments will probably involve using computers provided by the organizers (tbh I’m kinda surprised this isn’t already the case and that some people have been caught using cheats during these kinds of tournaments).
how do you actually tell in server side if a client is e.g. actually good at a game vs playing recorded moves with a bit of randomisation when you don’t have access to into on what’s actually happening on the client device?
as much as I love Linux this sounds like purposeful partial blindness from hopium/copium
You’ll never catch all cheaters no matter what you do. All the kernel access in the world won’t stop someone from having a secondary device hooked into the monitor output and faking a dumb keyboard and mouse.
A solid robust server-side solution and well architected server-client system will stop 99% of cheating. And no, Kernel AC is not part of a “well architected” system.
It’s, at best, a bandaid for a shitty server-client system that introduces a shit ton of privacy and security issues for everyone that uses it. Shit needs to stay out of the kernel unless absolutely necessary, and that goes for Linux, Windows or MacOS kernels.
Almost every blue screen/Kernel panic I’ve dealt with was traced back to some shit hooking itself into the kernel where it didn’t belong. And absolutely fuck third-party antivirus that hooks into the kernel too.
I guess that’s true, but that’d be a lot difficult to program and expensive to use compared to a simple program that can read data straight from the game’s memory in machine readable format and send inputs straight into the system’s input framework. by raising the entry bar you’re effectively decreasing the amount of people that will cheat in the game
it’s ultimately the user’s decision if they want to sacrifice the purity of their kernel for a game like this, and I think it’s their problem if their kernel panics for them wanting to play slop made by AAA studios
I mean DMA (direct memory access) devices are only like 170 bucks now:
https://www.dma-cheats.com/dma-cards
These are almost impossible to do anything about even client-side because they operate on a hardware level.
In general state-reading hacks (like invisible walls and Gameworld state information hacks) are almost impossible to do anything about, to the point where when companies are able to find a way to defeat one of these things it’s huge news.
In addition to what @homicidalrobot@lemm.ee covered on the first part of your response
That’s absolute horseshit, the average gaming consumer doesn’t know shit about the kernel, what it even is or the implications of running Kernel AC. They might know their game has AC, but chances are they won’t even know what kind to make this kind of informed decision.
This is becoming less true for FPS every month - the described method of cheating (off-device reading and input simulation) is becoming more accessible as more cheat makers are selling premade devices that do this. Huge problem even for new shooters like rivals - someone was already caught doing it in one of their ingame tournaments. It’s the primary way people cheat in League of Legends, and it would not surprise me to see evidence of it in dota 2(though I haven’t personally, I haven’t been paying attention to it for some years and it isn’t as frequent that a variety streamer or youtuber plays it compared to lol).
As mentioned before, kernel anticheat won’t catch these guys anyway, so it’s largely just a way to alienate your user base. There’s a new problem it does nothing special to solve.
One part would be to run a shadow client that takes the user’s input and sees how much the game state diverges. There will be a certain amount of it due to network latency, but if there’s some cheater using an engine mod/hack to fly around the map, this will catch that. Though something like that should be caught by a lower level check that makes sure the players are following the laws of physics in the game (like max speed, gravity applies, no teleporting).
Another one would be to see if the player follows things they shouldn’t be able to see. If a player hides behind something they can shoot through but can’t see through, do they somehow seem to always know they are there? Do they look around at walls and then beeline for an opponent that was hidden by those walls?
Another one would be if their movement (view angle) changes when they are close to targeting an enemy or if they consistently shoot when the enemy is centre of target, then it’s a sign they are using a device that even kernel mode anti cheat won’t catch to cheat (it plugs in to your input between your mouse and PC, also plugs in to somewhere that would allow it to act as a video capture device, then just watches for enemies to get close and sends movement or clicks to aim or shoot for you). Though this one is pretty difficult to catch, due to network latency. But those mouse movements might defy the laws of physics if the user was already moving. Natural movement is continuous in position and its first derivative (always, by Newton’s f = ma, though sample rate complicates that), and the way we generally move is also continuous in the second derivative, but banging your mouse into your keyboard can defy that and it’s even more sensitive to sample rate.
Imo these techniques should be combined with a reporting system and manual reviews. Reports would activate the extra checks for specific players (it would be pretty expensive to do it for all players), then positive matches from the extra checks would trigger a manual review and maybe a kick or temp ban, depending on how reliable the checks are.
That said, I believe there will eventually be AI-based bots where detecting them vs other skilled players will be impossible. And those will be combinable with some infrastructure that allows players to take certain amounts of control, maybe even with an RTS-like interface that could direct the bot to certain areas. Though adding an LLM and speech to text and vice versa could allow it to just respond to voice commands, both from other teammates and from the player.
I think at that point, preventing cheating in online games will be impossible and in person tournaments will probably involve using computers provided by the organizers (tbh I’m kinda surprised this isn’t already the case and that some people have been caught using cheats during these kinds of tournaments).