Valve's Battle Against Cheaters 336
wjousts writes "IEEE Spectrum takes a look behind the scenes at Valve's on-going efforts to battle cheaters in online games: 'Cheating is a superserious threat,' says [Steam's lead engineer, John] Cook. 'Cheating is more of a serious threat than piracy.' The company combats this with its own Valve Anti-Cheat System, which a user consents to install in the Steam subscriber agreement. Cook says the software gets around anti-virus programs by handling all the operations that require administrator access to the user's machine. So, how important is preventing cheating? How much privacy are you willing to sacrifice in the interests of a level playing field? 'Valve also looks for changes within the player's computer processor's memory, which might indicate that cheat code is running.'"
Re:VAC is a joke (Score:0, Informative)
Agreed. Just like in a denial of service attack, it's all about ratios. People developing cheats =1,000, people developing anticheats =50. How can they ever win? Rather then create a proprietary anticheat that's constantly circumvented, they need to give useful tools to server administrators and community modders/developers.
I run several popular Valve-game based servers, and we've had much more success dealing with cheaters through various server plugins, administration techniques then from VAC. What Vavle is really trying to do with crying about cheaters is create another excuse (along with piracy) to completely abandon the PC platform altogether and just make console games, like everyone else is slowly doing.
Re:Threat to privacy? (Score:1, Informative)
"implies"
I imply, you infer.
2 Main Problems with VAC (Score:2, Informative)
There are two big problems with VAC over PunkBuster
1) All power resides specifically with VAC. There are no tools for the server admin to make things like md5 or cvar checks, no screenshot facility to check players, or even the ability to kick a player. As such, you HAVE to rely on VAC doing all the work, and you as a server admin have nothing to say about it. If you see a cheater that VAC is failing to catch, your outta luck.
2) VAC gives no information as to what it is doing. You never see a player being kicked due to VAC detection, so you have no idea what VAC is actually doing. Is it truly detecting anything, and if so, how would you know? With PunkBuster, it gives you kick messages which if not displayed on the screen, are at least logged in the server and client logs.
No accountability is never a good thing.
Re:Trust Nothing (Score:3, Informative)
This is completely unworkable: it massively increases the amount of data that needs to be passed between client and server, and the amount of work the server must do, and makes movement far more pause-filled. If we were all on gigabit Ethernet on a local network, and all had top-of-the-line game machines, it might be workable. But not for reasonable hardware and modest network connections.
Also, certain triangles would be pretty recognizably face images.
Re:Really? (Score:1, Informative)
A friend of mine worked for a...well, lets just say large gaming company and a few years ago he had worked on a project which had a large online component. Despite attempts to prevent piracy, the game was quickly pirated and uploaded to torrent sites around the net (which really wasn't unexpected). What they noticed however is that they could very easily identify the pirated versions playing on the online servers from the legit versions. With a few lines of codes they could permanently prevent those pirated versions from connecting to the servers. But they did not.
Why?
Because their sales were slower than they'd like and the online component wasn't as populated as they would have liked it to be. They understood that the piracy didn't necessarily mean lost sales and disabling a major component of the pirated game wouldn't likely create increased revenue. Their biggest threat was an under populated multiplayer. If people who legitimately bought the game avoided the online component because it was tough to find a full server or enough of a selection of servers to keep their interest it would create a snowball effect where the servers would become so unpopulated that the replay value of the game would be crippled. That in turn would seriously damage the amount of people spent talking about the game which in turn would seriously damage sales past the initial first couple weeks.
So they let the pirates play.
Did it work? Well, I don't know. My friend opted not to tell me the game's title in case I were to...you know, talk about it on Slashdot a few years later. But the point is, that game companies are well aware of the damage an unhealthy multiplayer community can have on a game's sales to the point of allowing piracy to occur in order to maintain that healthy community.
Speaking for the Counter-Strike community, VAC (Score:5, Informative)
I am an admin in one of the larger gaming communities in my country, and have a history of competitive gaming. I was never a gamer before I saw the teamplay in CS 5on5 matches (example video [youtube.com]). I still play the orginal game once a week or so. Just for the record, CS is a team-game where aiming and firing is only part of the skill. Knowing and practicing with your team is essential just like any other sport.
If you didn't already know, Counter-Strike [wikipedia.org] (CS) is still one of the largest on-line games out there, peaking 75k [steampowered.com] users yesterday. I'm talking about the version 1.6 and not the CSS (CS Source) version. There is still a larger userbase for other Steam-games, but we still regard the original CS to be the game played by the eSports community because of its smooth gameplay and predictable recoil patterns when firing guns. Many "elite"-players have tried moving on to newer games, but get disappointed and still comes back for the good old CS 1.6 where graphics may suck, but you get a predictable gameplay where the player is not that much affected by randomness.
The story of cheating in CS has been a long annoying trip. People have even been cheating at LAN-events where they used aim-key, and they even won price money and got away with it. The story is long, and websites profiting from selling cheats are very active today. Some of the cheats go very deep in kernel and hide itself just like a root-kit. Ring 0 [wikipedia.org]-cheats are common.
VAC (Valve Anti Cheat) has been the attempts from Valve to stop the cheats, however VAC has always been ages behind any new cheat and has never taken all cheats available for free at the net. There has been attempts from the community at steampowered to scare users with passive detections and delayed bans so users could not be sure which cheat got them banned, but mainly VAC seem to me being a low priority project at Valve. Valve is still, like any other company, prioritizing new projects and just leaving maybe one programmer doing some cheat-detection-code on his free-time. The situation is a win for cheaters and others. And also a win for Valve, since there are a lot of people trying cheats and thus they sometimes get banned, ending up buying a new copy of the game (the price for a new CS at Steam is currently available at 7,99€ which is annoyingly cheap). Valve still sells a lot of copies (in the years 1999-2008, Valve had sold 4,8 million copies!).
Various anti-cheat communities has gathered during the years, where one try syncing ban-lists and communities constantly have players monitoring other players trying to spot cheats by spectating. As VAC is such a failure, many still go undetected. Especially if one hides their cheats well. The community RADAR [gaming.no] is one of these initiatives which accept new communities for sharing such ban-list.
The latest addition; Easy Anti Cheat [easyanticheat.net] (EAC) is a project created by a skilled programmer that is based upon deep-level detection accompanied with screenshots. This programmer may seem hard-core, and this is mainly because he used to be a cheat author(!). This is currently the best anti-cheat system available for CS, but it's still only used in Clan Wars/eSports. The public-area for normal players is still depending upon VAC, as the EAC requires a 3rd party client installed which is a tough barrier to overcome.
The future now seem brighter, as we have now left VAC and we are mainly no longer depending on it. I wish Valve software good luck in the future, but it seem to me that if VAC remains a low-priority project it will still annoy thousands of everyday players and leaving a few cheaters laughing, destroying the on-line experience.
Yours
Re:The casualties of the battle are ... (Score:3, Informative)
On the flip side, how many of these "bugs" are due to cheaters trying to weasel their way back into VAC servers?
There's sadly no way to know for sure, really, except for maybe people you know IRL.
Re:Privacy? (Score:1, Informative)
Re: Xbox 360 and aimbots
There are many aimbots available for the Xbox 360. Microsoft has been somewhat fighting this for a long time, with several rounds of banning large amounts of people from the XBox online thingy when they find out how to detect these things.
However, for games like Modern Warfare 2, hacks are coming out daily.
Feel free to search Youtube for these things. There are plenty of example, which are both sickening and fun to watch.
Re:VAC is a joke (Score:3, Informative)
TF2 uses dedicated servers and allows server side mods. Therefore, votebans and votekicks are simple to use and many times don't even need an admin online to work properly.
MF2 however doesn't use dedicated servers, any one player is actually hosting the "server" on their machine. The problem (well, A problem) with that is that there is no Server admin or other person in control of the back end of the game, so if the automated systems don't pick up the cheats, the players have no recourse to expel the cheater(s).
Re:VAC is a joke (Score:4, Informative)
PunkBuster is awful. I don't need their shit running in the background 24/7. If MW2 used PB, I would not have purchased it.
The thing about VAC that people don't fucking get is that it runs on a delayed ban wave system. They don't ban people immediately for cheating. They want to flag as many cheaters as they can to keep the cheat writers guessing... then slam hundreds of cheaters with a ban all at once... often a week or more past the date they were flagged. This method is great for Team Fortress 2 and Counter-Strike, but unfortunately not so much with a server-less game like MW2. In TF2 and CS, you can ban people from your server and not have to put up with them (and some servers have votekick mods as well), but MW2 doesn't have servers, admins, votekick, cheat reporting.... none of it. And that's a major roadblock to many people for an otherwise-great game, and I'm hoping that perhaps Infinity Ward decides to try and recover the PC community's image of them and make it up to them with better anti-cheater features. But for now, they're just giving us the middle finger.
Still a good game, though, and I still play it. The cheating isn't nearly as rampant as it was when any jackass could pirate the game and essentially have infinite copies to play online after being banned, and this matchmaking system that everybody bitches about is, imo, better than dedicated servers. Dedicated servers in CoD4 are absolute shit. The CoD community is shit. The modding community that people cite in their pro-dedi argument is inexistant. Matchmaking lets me not have to deal with laggy servers with useless mods and stupid rules and hammer-happy admins. Thank you IW for matchmaking... now fix it.
Re:VAC is a joke (Score:3, Informative)
Basing any sort of anti-cheat on stats would be a terrible idea.
More to the point, you don't even need any automated system for that, if players can kickvote. In fact, all too often I see people kickvoted for being "too good", even when it's clear to better players that it really is probably just skill and not hacking.
Usually, the protection against that is player recognition. I've been playing Dystopia a lot lately and the relatively small community combined with the stats (and ranking) system provide that. You get good by playing a lot, which means that other players recognize you and your rank goes up. The model of having you spec other teammates between respawns also helps you spot cheaters without having to stop playing to spec them.