Fighting Online Game Cheating in Hardware 289
Monk writes "Multiplayer games these days have one problem. Cheating. Cheating is out of control because of failed attempts by software such as Punkbuster, and VALVe's Anti-cheat (VAC). Now it seems that could change change with Intel's own Anti-cheat Software/Hardware."
Add the cheats as features to the game (Score:4, Interesting)
*sigh* (Score:3, Interesting)
Not in the game anymore (Score:3, Interesting)
Well, I'm not impressed. (Score:5, Interesting)
Intel's little trick wouldn't detect that as it involves no software at all, no injection of keyboard events. As far as the console is concerned, it's a keyboard, period.
I could go a whole lot more sophiticated and build a USB box that would emulate both keyboard and mouse events. Marry that with software that can "look" at the screen data and recognize patterns, and you'd have yourself an automated player.
Go ahead Intel, invent better traps. We'll invent better mice.
Re:gharr (Score:0, Interesting)
now, for the explanation..
just what do you think will happen when things can be censored or monitored at the source of the input?
i'm using a rather innocuous example of a first post gone awry, but what happens when **insert nasty shadowy agency here** decides that they want to be able to scan encrypted data?
why.. get the data before it's encrypted, of course.. how do you do that? why, a key logger that 'allows' you to play a certain game, of course!
now, i'm not suggesting that the average gamer routinely inputs data that the government wants, or even that intel has any special interest in doing this.. but on the other hand, what happens when your biggest rival in the game has figured out how to tell your computer that it no longer recieves "intel approved input" and so your character simply stops responding to commands..
the point of all this is that if you're going to try to do things that make it harder to cheat, you'd better make damn sure it can't be misused.. i'm sure we've seen enough of the arguments on here over the last 5 years about how seemingly benign laws and technology get misused by with those with an agenda..
and i for one don't want to see it come to my games too, because my fear is that someone will think of something more nefarious than i can, and voila, he's already got the tools in place on literally THOUSANDS of computers worldwide. oh but wait. nobody ever attacks windows gamer boxes, right?
ok. thanks for letting me vent about that, i'm sorry the joke wasn't clear enough the first time, and that i had to have the discussion with myself instead of you folks.
have a nice day.
Re:there is no technological fix (Score:3, Interesting)
At its crudest, what's stopping someone from wiring up the keyboard to.... anything they like?
It's not going to happen. (Score:3, Interesting)
But technology has moved on. For one, hardware is far more complex these days. The idea of having to hit modern hardware from scratch sounds nightmarishly complicated.
For another, the PC philosophy is that you can use many different types of sound/video/etc hardware because they're supplied with drivers. If there was no OS, the game writers would have to write their own drivers for *every damn card that they expected it to run on*. And that's assuming that the makers were willing to release the specs to their cards anyway, which very often isn't the case.
In short, you'd have to duplicate the functionality of large parts of Windows XP, the sound and video drivers, DirectX, networking, blah blah blah.... all from scratch. You can see why this isn't going to happen just to stop a few kiddies cheating, especially since it would likely get cracked quite soon anyway.
Re:The problem with anti-cheat software.. (Score:4, Interesting)
40% aiming accuracy? Too good. 5 headshots in a row? Too good. etc.
It wouldn't even have to have anything to do with cheating, actually. The message a detected player would recieve would be something like this: "Sorry, you are already too good for this server, it's low-skill only. You will be kicked in 5 seconds, so the noobs here will have more fun in a more even and fairer game. Feel free to play on our mid- or high-skill servers over here."
Re:Not in the game anymore (Score:2, Interesting)
Mod me offtopic... (Score:5, Interesting)
That always cracks me up. Vader's "NOOOOOOOO" becomes "DO NOT WANT!!!"
Re:The problem with anti-cheat software.. (Score:3, Interesting)
In order for an aimbot to work it needs access to the internal game state, particularly positions and velocities of objects in the game, which it can gleam by analyzing the data packets between server and client or by accessing in memory game data.
If all you have is a video stream, the aimbot has access to no game state. The best it could do is try to recognize objects on the screen by pixel patterns (screenscrape), which I doubt would work if everyone chose skins matching the background. It also wouldn't have access to positions of off-screen objects, which gives the aimbot its real advantage--shooting at people behind you or hidden underwater or in shadows. I think in that case any screenscraping aimbot would be more trouble than its worth as well as very inaccurate (obvious).
Re:The problem with anti-cheat software.. (Score:4, Interesting)
Re:there is no technological fix (Score:3, Interesting)
Sibling is wrong that you'd have to duplicate XP. You'd have to duplicate Linux, because it'd be a HELL of a lot cheaper than licensing XP, or developing your own drivers.
But here's why that's a bad idea:
Let me tell you one thing it would be good for, though: LAN parties. I've been meaning for awhile to make a DVD of UT2004 (maybe minus a few maps), Quake3, Doom3, etc, probably based on Ubuntu, so that people who bring a crappy, spyware-infested computer to a LAN party at least have a chance of getting into the game with a decent framerate, without us having to format them and install a pirated XP (which we have done).
Currently, we ask that people bring their computers a day early -- even to a small, 10-person LAN party -- so we can check them out, and decide if we want them on the same subnet as our own, and maybe clean them up a little -- not to mention do mass-installs of whatever games we're playing.
But, even here, it's a backup, because it won't work for all games, and the ones it does work for almost certainly have Windows ports, or we can just install Linux partitions everywhere. It's a LAN party, so we can look over someone's shoulder and physically beat them if they cheat, and it's much faster to boot an OS off your hard drive and launch the game, because hard drives really are that much faster.
It's actually not a horrible idea, though. Someone founded a company based on it, but they didn't get very far. They were called "Gentoo Games".
Re:The problem with anti-cheat software.. (Score:2, Interesting)
This would punish cheaters, sure; but it would also punish those who just happen to be good (on that map in my case).
Re:The problem with anti-cheat software.. (Score:5, Interesting)
Re:The problem with anti-cheat software.. (Score:4, Interesting)
In the end I settled on playing on one or two public servers run clans. That way they knew who I was, trusted me not to be cheating and let me carve through people when I was on a good run. That way admin would usually explain to noobs I wasnt a cheat when the acusations started to fly.
I also changed my name to Nohax for a laugh but that was only after I got the hacking acusations.
The truth is though that human admins are the best anti hack method. If you got caught cheating on their servers you would probably get a lifetime hardware ban. That means your PC gets banned, not you account name or anything. I don't know how it works but it is effective as I have heard people complaining they downloaded a hack for a laugh and then could never play again until they bought a new PC.
Re:The problem with anti-cheat software.. (Score:3, Interesting)
In order to defeat TCPM, you can:
#1 and #2 require you to have an actual TCPM chip. #4 is unlikely, and would be fixed. Only #3 and #5 really seem likely to produce a version that would work on a computer without a TCPM chip.
The solution to this is, fix the bug.
Somebody moving all over the screen can be made impossible by having the client send velocity and direction updates, and the server send positional updates back. Or even if you send entirely positional updates, both ways, the simple solution is to have the server send positional updates back, correcting the client. So if somebody is moving at 105% speed, all that will happen is they'll jump back from lag. The faster their connection, the closer it will get to their screen vibrating, rather than them being jerked back a foot or two. And it will only look that way to them, so I can't see it giving them an advantage.
Not even detect. Defeat, plain and simple.
Consider someone trying to create a godmode. Can't be done. You might be able to convince your own client that you have 100 health, but if the server says -37, that's what everyone else sees, and they also see your body blow up, and their score go up.
You forgot cheats with the display. Invisible or translucent walls, giant target boxes on people's heads, even things like adjusting the screen brightness.
And you're right, those you have to deal with by having competent admins. But you have to be careful here -- some people really are that good. One way to tell is go to a first-person view of that player, which can help, but not always.
As always, the surest way to tell is to know the people personally, have occasional LAN parties, and maybe form a team.
Or add lag to probable cheaters (Score:1, Interesting)
Another approach was prototyped a few years back by a research group in Australia, which involved adding latency to those presumed to be cheating... Enough to make the cheater think the network was playing up (encouraging them to go away) rather than pissing the cheater off (and inviting spiteful repeat attempts at disrupting the game). Not sure how good the scheme worked, though.
Look for IGLU under http://caia.swin.edu.au/genius/tools.html [swin.edu.au], or the README at http://caia.swin.edu.au/genius/tools/iglu-0.2-REA
Re:there is no technological fix (Score:3, Interesting)
Online cheating is not "human nature". It needs to be considered "socially unacceptable" to cheat and there needs to be tangible punishments associated with doing it. Take the behavior of purchasing characters, items, gold, etc. for MMORPGs on Ebay. This is cheating, pure and simple. Using aim-bots is also cheating and Valve, Microsoft, and other online game providers should be zero-tolerance on this. They should stick in their bullshit license agreements that if they cheat on the service they have to pay a $50 "reactivation fee" EVERY time you cheat. And not just MMOs. If you cheat they block your CD key and you have to either purchase a new key or a new copy of the game. Sure a few whiners might sue, but I suspect that most cheaters are little brats and unlikely to defend themselves in court.
The reason they're not doing this now is that they fear lost revenue. As gamers we should pressure them to bring the hammer down.
Recent PB update is a rootkit (Score:5, Interesting)
Normally, PunkBuster is a
The executables are run upon startup of your computer, and run constantly in the background, regardless of whether you are playing the game. They also intermittently connect to the Internet and send data to Evenbalance's servers. Of course, the player has consented to this (and more) by agreeing to PB's voluminous EULA. In fact, if you read it carefully, players have consented to sending their entire hard drive and hardware information to Evenbalance at any time Evenbalance deems necessary.
Evenbalance will tell you, as support team member Glenn (or someone imitating him) says on a game forum I found: "We're not trying to hide anything or throw anything by the user without his knowledge. These services are doing nothing when a PB-enabled game is not being played, other than waiting to see a PB-enabled game launched. When a PB-enabled game is not being played, we're not scanning your computer or internet traffic or anything of that nature."
Though if you have any sort of firewall on your computer you'll know that that is either total ignorance of their own product or a total lie, as PnkbstrB.exe and PnkbstrA.exe do in fact connect to the Internet while the game is not being played. They also use a large amount of system resources for something that is only supposed to be a service waiting for a game to start.
PunkBuster offers people the option of uninstalling these files, with something called pbsvc.exe which gives you an "UnInstall" option. This doesn't seem to uninstall everything, as the PB files are not only still present but still load on startup despite the uninstaller's "Uninstall Finished!" message.
All-in-all, if PunkBuster cannot even get its act together to create an uninstaller, nor to inform its support team of what a rootkit they just installed on everyone's computer is actually doing, how can anyone expect PunkBuster to detect cheats and hacks? Private home-made hacks can already slip through PB's dragnet--the only ones they can catch are publicly available hacks Evenbalances finds on the Internet, the way a virus detector works, so I think it's pretty clear that the solution does not lie on the player's computer.
Instead I'd say it lies in the programming of the game itself. Wallhacks and radar, for instance, wouldn't work if the server did not send the locations of non-visible players. A difficult task perhaps, and for only one kind of cheat, but it is a real solution. And it doesn't involve uploading my hard drive to Evenbalance and granting them access to information which, as EvenBalance's EULA says, "includes, but is not limited to, devices and any files residing on the hard-drive and in the memory of the computer on which PunkBuster software is installed"
Re:It's not futile; it's extremely dangerous... (Score:3, Interesting)
1) There exist, right now, software emulators for the TPM.
2) How will "the internet" or individual services like Valve or ISPs determine the authenticity of the private keys?
This is a very key point. While it is likely there is a fixed format for the keys, I think it's every unlikely that there will be a secure method developed to distribute a list of which keys are valid. Key distribution is the Achilles heel of public key cryptography and it's weaknesses are glaringly apparent here. Look at the similar situation with AACS. As long as there are non-revocable keys and there is no secure means to distribute blacklists and whitelists this system will break if only ONE key is compromised.
Many people don't seem to get this. You can't sling private keys around to dozens of companies and thousands of engineers and not expect one of those companies to leak the keys, either though weak implementation or direct leaking. Secrets shared by thousands of people aren't secret.
Re:It's a reputation problem. (Score:3, Interesting)
I guess I have to make a whole new account for when HL2 ep. 2 comes out so I can fucking play on secure servers again.
Re:The problem with anti-cheat software.. (Score:4, Interesting)
Re:The problem with anti-cheat software.. (Score:1, Interesting)
But, of course, getting that tense and into the game isn't to everyone's taste. I also do like owning n00bs sometimes too, it's quite relaxing in a way and it's nice to know that I really have got better than I used to be.
Re:The problem with anti-cheat software.. (Score:2, Interesting)