It doesn’t meaningfully impact the rate of cheating at all
So EA and every other anti-cheat software is paying developers to make software that does nothing? I don’t follow.
It doesn’t meaningfully impact the rate of cheating at all
So EA and every other anti-cheat software is paying developers to make software that does nothing? I don’t follow.
yeah, someone dumb it down for us plebs
No, it doesn’t. Cheating is still incredibly common on games that install malware
I never claimed it’s flawless or that it works in all cases. Think of it like antivirus software. Does it catch every and any malware that has and will ever exist? No. Does it still work to minimize all kinds of “bad shit” for normal end users? Yes.
If people care enough to cheat, they will cheat whether you have kernel access or not.
Lets rephrase that: If people care enough to commit crimes, they will commit crimes whether you have cops in your city or not - Your statements logical conclusion would be to get rid of police and crime investigators. Does that sound reasonable? It shouldn’t, and it doesn’t make sense against anti-cheat software for the exact same reason.
They use it for the exact same reason they use DRM. Because they can.
They use it because it solves a real-world problem that’s unsolvable by other means. There’s no real alternative because you have to trust the end-user, who, although may not be very likely to cheat, makes it extremely easy for a bad person to spoil the fun for everyone else.
I would love to live in a fantasy world where we don’t need cops, a government, rules, regulations, and anti-cheat software, but there are bad apples that will spoil the fun for everyone.
It also can’t possibly theoretically “reduce harm” when every single installation on every individual computer is many orders of magnitude more harm than all cheating in every game ever made.
I mean “reduce harm” in the strict sense of spoiling the fun in gaming. vulnerabilities happen with all software, this isn’t unique to anti-cheat.
Client side validation cannot possibly provide any actual security
Except it already does.
but even if that wasn’t the case and it was actually flawless
Nobody is claiming its flawless. This is the same anti-seat belt, anti-air bag, anti-mask, anti-vax argument. It “DoEsn’T WoRk iN eVeRy CaSe!” - that was never the intent. It’s about harm reduction.
it would still be unconditionally unacceptable for a game to ever have kernel level access.
Anyone with a technical background would agree with you, as do I, but the reality is anti-cheat software with kernel level access already exists and it works specifically because it has kernel level access.
Right, but the server is still receiving data from the client. If the client sends a plausible head shot, even though it was actually a miss, how would the server know? You still need client-side “police”, AKA anti-cheat software to mitigate a significant type of software-based hacks.
Now that I’ve typed it out, cops are actually a great analogy to anti-cheat software. Cops play the exact same role. Nobody wants them around until a crime has been committed. Cops/anti-cheat software don’t catch everyone, but the threat of being caught mitigates some crime/hacks, and for the cases where criminals/hackers are caught, society/gamers are better off for it.
In closing ACAB - I completely understand why we don’t want anti-cheat software on our computers, but there really is no better way; or if there is, I still haven’t heard it.
If this works on Linux this is probably what I’ll switch to. I’ve played it and liked it, the pace is a bit too fast for my taste, but I can get used to it.
Thanks for the reminder! I’ll have to revisit. I wonder if that can be tweaked to play more like Apex.
I completely agree with you, there’s always ways to bypass the system. But at the end of the day its about raising the barrier to entry for everyone to be hacking. In the example you’re giving, someone who wants to hack the system now needs to configure to separate systems to work AND have the technical skills to set it up. Without any local anti-cheat software, all someone needs to do is run software written by one person and run by thousands.
My overall point is that the current anti-cheat systems do work, not in every case, just like spam or antivirus software, but raise the barrier to entry so that you see less hackers while gaming vs without.
Yeah it didn’t occur to me that I’d be relegated to playing with cheaters until after I posted. Best to just let the game go.
They already do this, so this doesn’t solve the problem.
Because it doesn’t have to.
But according to that article it’s still trusting the client. It’s just validating that the action was within the realm of possibilities, not that it wasn’t faked.
From the article (highlighting from me):
Here’s how it works:
- When you shoot, client sends this event to the server with full information: the exact timestamp of your shot, and the exact aim of the weapon.
The article continues to state:
The enemy may be the only one not entirely happy. If they were standing still when he got shot, it’s their fault, right? If they were moving… wow, you’re a really awesome sniper.
But what if they were in an open position, got behind a wall, and then got shot, a fraction of a second later, when they thought they were safe?
Well, that can happen. That’s the tradeoff you make. Because you shoot at him in the past, they may still be shot up to a few milliseconds after they took cover.
What’s stated above already happens in Apex, telling us that they already do everything this article is talking about. This article mentions nothing new and doesn’t solve the problem of clients sending fake data that is within the realm of possibilities - e.g. a headshot when you were actually off by a bit.
And when one client sends actuons that are weird and doesn’t line up with it’s internal game state
What if my hacked client sends actions that are not weird, completely plausible, but didn’t happen and instead were faked? E.g. I take a headshot and would have missed, but my client sends data that I actually shot them dead center, because I wasn’t completely off? How would the server know it wasn’t me?
Check the data on the server
I believe this already happens to some degree.
Don’t give any data to the client it doesn’t need, like enemies around the corner
Enemies around the corner still make noise/peek/shoot/etc. You can’t just hide data of nearby enemies from the client because their actions still have in-game consequences that need to be reproduced across all active/nearby players.
Now the server doesn’t need to care. There’s input? Validate and use it.
How do you validate data that is within the realm of possibilities? if my head shot would have been 1 pixel too far to the left to hit and my hacked client sends it 1 pixel to the right so it makes a hit, how does the server know this isn’t fake?
Server decides if it’s a headshot.
If my fake data doesn’t look out of the ordinary i’m still hacking the system and tricking the server-side validation.
Client only sends coordinates of origin and target. Lag? Sucks to be you, with or without cheat.
The math to send the perfect headshot isn’t difficult if you know where you are, where the enemy is and you can only send origin & target coords, I’m not sure this solves anything.
That would only create more work for the developers, all for the defacto expulsion of Linux users (Way less players at all times). The best course of action here would be the actual expulsion of Linux users. Also, EA is at most 25% correct. (Not a rational argument, I just very much dislike them)
Agree with you 100%.
Damn, sorry to hear that. It’s always bad to leave something one knows because something’s become unbearable. I wish you best of luck on your journey! (I’m assuming a lot, but why else would you switch despite your choice of use of free time?)
Thanks! I’m a huge open source supporter and only ever installed Windows on my desktop to play games, still using Linux on my laptops. Thanks to Valve, Proton, and Wine, I’ll be able to go back to Linux and maybe discover some new games.
On the other hand: I quite like it. It forces them to keep their grubby little hands from my kernel.
I do not like anything anti cheat. But I also don’t really like cheaters, especially in online games, so anti cheat could be tolerated. The only thing is: nothing trumps my systems integrity. Definitely not online player satisfaction.
Kinda agree with you on this. Although I have my desktop as a strict “gaming” machine, I wouldn’t mine an EA rootkit on my Desktop Linux system if all I did on it was game. But yes, they can keep their hands off my kernel on my “work” devices.
I’ve been praying for an Open source Apex clone that can be self-hosted. A man can dream.
Genuinely curious, because this isn’t my area of expertise, but how do you design a server to be “better” if it has to trust data from a remote client?
Example, if the client is compromised - because as they’ve said, they have no way to “attest” that the kernel is not compromised - how would the server know any better?
If my Apex client tells the server I got a perfect headshot, how would the server know I didn’t fake the data? Is there a real answer to this problem or are we just wishing they come up with an impossible solution?
My general understanding is that EA is 100% correct. Now, on the other hand, maybe the should just limit plays between Linux <-> Linux so people can at least still enjoy the game (I’m moving to Linux soon so I’ll basically no longer be able to play the game, which is, as my primary gaming addiction, a huge loss I’m willing to take).
There’s compromises EA could take, but I think the Linux market share is just too small for them to care to spend any resources - even though they’re raking in billions (~$3.4 Billion) and could spare a few resources to find a good middle ground. Capitalism at it’s finest.
From the POV of someone who’s never used a bidet, you come off like someone who was just looking for conflict.
“Responsible” and “Bitcoin” is an oxymoron due to the inherent multi-level marketing pyramid/Ponzi scheme aspect of crypto“currencies”.
First, you’re removing the next two words “financial diversification” from the statement. Your own personal opinions and emotions aside, financial diversification is not a bad idea. It’s all about percentages and risk calculations. I would agree with you if they went “all in” on crypto, but they didn’t say that.
Second, you’re lumping in bad people with good tech that has solved a very specific problem - the ability to transfer funds without relying on a central bank or authority. Is email bad because the majority is spam? No. Is the internet bad because the dark web exists and thousands if not millions of crimes are being carried out on it? No. Are encrypted messengers bad because they allow criminals to send message? No. Same concept here. There can exist a good technology that gets abused by bad people.
“Money corrupts; bitcoin corrupts absolutely.
You can stop at “money corrupts”. bitcoin is money and money corrupts.
Disregarding all of bitcoin’s shortcomings, a financial instrument that brings out the worst in people—greed—won’t change the world for the better.”
Disregarding all of the U.S. Dollar’s shortcomings[1], a financial instrument that brings out the worst in people—greed—won’t change the world for the better.”
Fixed it for you.
[1] The US spent 877 BILLION dollars on its defense budget (as much as the next 10 countries combined!) to ensure the USD keeps its power.
Corporate Memphis
Link for the lazy: https://en.wikipedia.org/wiki/Corporate_Memphis
if it was pure theater my friends and family who pay for all their streaming services would be able to share the content without permission from Netflix, Hulu, etc. That this is not the case disproves your claim that it’s pure theater. It does exactly what it aims to do and that’s raising the barrier to entry for piracy.