Multiplayer Game Cheating

This is a very insightful article by Shoeboy · 2000-07-25 04:52 · Score: 5

I for one deplore cheating on online games. For shame. I'd write more, but I've got to go log on with my other account and moderate this post up.
--Shoeboy

But I wana cheat! by slashdoter · 2000-07-25 04:54 · Score: 3

I think that some times a little chitting can add to a game, come on how many can say that you haven't got home from work and entered "it is a good day to die" in to the chat Window of Warcraft II and send a Peon out to kill the dark armys of the humans? Helps with the stress and it can add a little to the game.

--
Does anyone actually have a Java program designed to control air traffic, or for the operation of a nuclear facility?

You know... by TheReverand · 2000-07-25 04:55 · Score: 4

This is obviously a result of our declining values in this country. For some reason everyone feels the need to get something for nothing, whether it's software, music, or a level 14 fire spell. Kids today don't want to recognize the value of spending weeks walking around in circles and killing the same 6 monsters in order to advance 1 level. If you ask me "open source" and "Free Software" is part of the problem. HighSchoolers seem to think that free software means no rules and no consequences.

If I went into a job interview and took the previous persons resume in with me how far would that get me? That's about the same thing as cheating in video games.

These kids better wise up before they get smacked by the real word.

Re:You know... by donutello · 2000-07-25 04:59 · Score: 2

This is a result of the radical isolation and harassment of geeks who felt like outsider in a neo-apocalyptic Columbine-esque highschool.

--
Mmmm.. Donuts
Re:You know... by Ralph+Wiggam · 2000-07-25 05:01 · Score: 3

A guy interviewed at the company I work for about 6 months ago. On his resume, he put down the programming work he had done on a Diablo cheat. At least one other company offered him a job, because he took that one for more money.

Remember kids, cheating does pay off. Just be good at it.

-B
Re:You know... by jallen02 · 2000-07-25 05:12 · Score: 2

This is ripe for trolling/flaming.. :-)

However I will make an intelligible reply.

I believe you are correct about declining values in 'this' country, we will just go ahead and assume America since mostly only Americans talk about "this" country and expect everyone else to know who it is :).

I do NOT think Free Software is the 'problem' I think parents are the problem.

Free Software and the belief that Music and such should be Free and the prolific use of Napster/gnutella I believe is a result of bad parenting.. Something is causing a decay of sorts and its not really the fact that its the things are available. They have always been available but the fact that it is more readily and easily avaialable due to advances in technology and the *DEMAND* for such things indicates more along my line of reasoning, it is the parents.

All things you think and say are learned expect for some very basic instinctual things such as breathing and eating.

This means of people have no morals then they are just not being taught them.

The mp3's and Free software are not a cause...

Yes.. Welcome to the *real* world. Where these young people NEVER wise up and they will teach even less to their own children. Maybe the instigators of Moral value(parents) need to wise up before reality hits them ehh?

Jeremy

If you think education is expensive, try ignornace
Re:You know... by dolanh · 2000-07-25 05:24 · Score: 3

I'm sorry, but I have a hard time hearing the "declining moral values" argument and taking it seriously.

People have been complaining about declining values for centuries, and yet our society has not imploded. It's not difficult to find accounts of Europeans visiting the nascent colonies in the 18th century and complaining of the lack of values found in the US. In theory, then, if values have been continuously declining, then shouldn't they have bottomed out at some point?

Values haven't declined at all per se. What has declined is the possibilty of "upstanding people" keeping seperated from those "with no values" in a place as open as the internet. What has declined is accountability, as you (I think) pointed out, and as the article highlights.

People are inherently no better or worse value-wise than they ever have been. It's simply that the rules of engagement have changed, and now they favor freeloading. I'm all for doing something to change the rules, as long as nobody bitches about "declining values".

--
just my blog and pix
Re:You know... by wrenkin · 2000-07-25 05:38 · Score: 2

lmao. Speaking as a high schooler (and one who, sadly, seems to be among the minority laughing while reading this post), I really can't take this seriously. I love these kind of trolls.

Where are you getting this from? First hand experience? I'm sure that if you were a little more clear, I would take you a little more seriously (And please, Kids, or High-Schoolers. Pick ONE). There is an obvious separation between a random kid off the street, and your capable SoftIce user reverse-engineering a game. Most 'kids' don't cheat. Most cheaters I know tend to be Windows and Mac users downloading an executable, and blindly clicking. And most cheaters I know have grown out of it, just as they've grown out of flooding the hopeless goofs on #eggchat. Kids will be Kids, no matter what decade they're growing up in.

Yes, new technology is cool, (or k3w1, if you're a 'kid') but you overestimate the impact of free software on the country. Linux is great, but it's impact on (I'm guessing, due to your wonderfly savant tone) american teenage society? Go buy a Britney Spears CD. I somehow Richard Stallman is driving her 'Crazy'

--
-- "Is this death or is this Ohio?"

the only real deterent to cheating is cheating. by garcia · 2000-07-25 04:57 · Score: 3

when you use any sort of game cheat for so long it just isn't even fun to play anymore. You have such an unfair advantage that if you actually are enjoying it, you really need to take a look at yourself and consider getting professional help. Computer games that are played online are NOT real. You are NOT cool when you win. I think that gamers that cheat to win sucked at everything they did (inside or outside of the Internet) and they feel this need to fix that (something like the fathers that scream at the kids to kick ass in some such sport or get all fired up on bad calls because they are living their non-existant sports career out in their kids).

Anyway, like I said, after a while it just isn't fun anymore. Until someone starts cheating a lot they will always have this desire to do it (to see what it was like). It is nothing special. Get over it :)

Just my worthless .02

Game Cheaters As Resource? by Mr.+Mikey · 2000-07-25 05:00 · Score: 3

One thing that impressed me about the article was the ingenuity of cheaters (the ones who actually create the cheats, not the lamers who just download and use them). The Doom/Quake franchise managed to, in some sense, harness that creativity by allowing people to create their own game modifications.

How could the creativity of cheaters be harnessed in other ways, without ruining the game for non-cheaters? Maybe create games where you design in-game ships or weapons by writing some sort of psuedo-code ?

--
wants to be the first monkey to touch the monolith

Re:Game Cheaters As Resource? by Hentai · 2000-07-25 05:43 · Score: 2

Doesn't really work; games like Battletech/Mechwarrior were based around this concept, and cheating in them is rampant. The primary problem is that 99% of the 'PK-ers', 'cheaters' and 'hackers' aren't out to make themselves better - they're out to make everyone else WORSE. It's just another form of bullying, and it's done precisely BECAUSE people don't like it.

--
-Hentai [in vita non pacem est]
Re:Game Cheaters As Resource? by Bryce · 2000-07-25 06:26 · Score: 5

How could the creativity of cheaters be harnessed in other ways, without ruining the game for non-cheaters? Maybe create games where you design in-game ships or weapons by writing some sort of psuedo-code ?
At WorldForge, we're doing exactly this. The client is made available in source code form so that the player can customize it to make it work better for them. And we make all of the server code available for download so players can look through it and discern new tricks for effective playing. If in doing so, they uncover a bug that can be taken advantage of to the detriment of other players, then they're welcome to make use of it - sometimes this is the best way to test out how bad the bug really is.
If I don't think the bug is worth my time fixing, then any players sufficiently bothered by it are welcome to download the source code to the server, find the area causing the problem, fix it, and submit a patch. If I disagree with their patch or otherwise refuse it, well then at the least they have the permission to establish a new server and compete with me. So I will probably work hard to make sure to include the patch!
So I guess a lot of stuff I see called cheats, I think really should be honestly called 'bugs', and responsibility placed with the programmers rather than the players. Some stuff - like denial of service or similar - that's just plain mean, and out of the server programmer's hands to prevent. But a lot of the in-game cheating is preventable via code.
Maybe I'm an idealist, but the best way to harness the creativity of cheaters, is, IMHO, to establish an environment where giving out fixes to cheats has as much glory as identifying the cheat in the first place.
We also strongly encourage (even urge) players to get involved in the game development process. Our present game server is written in Python, and we will encourage and allow extension of it by direct coding (the amount of extension is limited by the slowness of Python). Our next game server (being coded now - in C++), will allow players to design assemblies and mechanisms in-game, and automate them with scripting, among other things. :-)
And of course, since the client is open source, you're welcome (and encouraged) to automate your character as much as you want. (In my opinion, if the game is so simple that you *can* program a super-bot that wins consistently, then the game lacks adequate sophistication. AI programming is tough, and if allowing for this kind of "cheating" encourages lots of people to gain skill at it, then this makes the (game)world a more interesting place! Besides, programmers are cool and deserve an edge. *Wink*)
Bryce
Top Geek at WorldForge
Re:Game Cheaters As Resource? by casret · 2000-07-25 07:54 · Score: 2

I don't know, it seems like a phase that many go through on the way to geekdom. Personally I fucked around with MUDs. I poked and prodded, 'cheated'. Later I found out that I could come up with better cheats if I looked at the source code and learning C. And finally I decided that actually writing MUD code was the most rewarding.

You see this pattern alot, whether it be writing cheats, cracking systems, defacing webpages.
Re:Game Cheaters As Resource? by FFFish · 2000-07-25 08:36 · Score: 2

OT Q: Why rewrite the server in C++, when you can continue to use the existing Python server? Profile the code, determine where the real speed issues are, and re-code those passages in C++. That way, you'll get the best of both worlds: the speed of programming in Python with the speed of execution of compiled C++.

--

--

--
Don't like it? Respond with words, not karma.
Re:Game Cheaters As Resource? by Bryce · 2000-07-28 06:57 · Score: 2

OT Q: Why rewrite the server in C++, when you can continue to use the existing Python server? Profile the code, determine where the real speed issues are, and re-code those passages in C++. That way, you'll get the best of both worlds: the speed of programming in Python with the speed of execution of compiled C++.
Good question. The basic answer is that the speed of programming in Python isn't as valuable to us for this particular application. The stuff that isn't performance critical also happens to be the simpler bits of the program, so even if it is a bit harder to do in C++ than in Python, it doesn't matter all that much in the grand scheme. Plus, having the entire core written in one language is nice for simplification and elimination of interfaces (and the overhead).
What we'll probably end up with is the server's core in C++, and pluggable modules that can be written in Python or whatnot to implement some of the game-specific stuff. That way, the C++ will be limited to the areas that maintainers and future game developers won't be getting into very often.

Article a little short on solutions. by Chiasmus_ · 2000-07-25 05:13 · Score: 5

The article identified six types of cheating, but completely failed to identify any reasonable solution for the first one: reflex augmentation.

It is not terribly difficult to write a script to execute commands without the use of the mouse. In Quake 2, the only real effect was that some people had godlike aim - and this was usually pretty easy to spot.

But consider what reflex augmentation could do in Warcraft 2, for example. One could write a script that caused the "mouse" to "click" on your Town Hall and Barracks, automatically creating peons and ogres at a set rate, while you controlled everything else.

Would this even be possible to spot?? From the server side, it would just look like someone had insanely good reflexes. And, of course, it would be easy to tone it down just a little - occasionally have your script "mis-click" just to the left of the town hall, put in tiny delays, etc.

It seems to me that the only way to prevent reflex augmentation would be to force the player to play on someone else's computer with a very restrictive account... any thoughts?

--
"Beware he who would deny you access to information, for in his heart he deems himself your master."

Re:Article a little short on solutions. by SuperKendall · 2000-07-25 05:32 · Score: 5

One solution to things like reflex augmentation is for a server to present false data to the client that cannot be perceived by normal players - the best example I can think of is a seemingly real quake player embedded (or moving) within a wall, or on the ceiling with a ceiling skin to render the fake player invisible to the normal.

The augmentation will try and go after the "fake" players, and the server could try to detect attempts on the fake players and shut down a client that went after them with regularity.

---> Kendall

--
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Re:Article a little short on solutions. by Otter · 2000-07-25 06:29 · Score: 2

Unfortunately, I think you would run into the CmdrTaco principle:

When you start trying to outwit the troublemaking lusers, you turn it into a game. And they'll always win, because they have a lot more time on their hands than you do, and more self-esteem at stake.

How well are the troll filters working?

--
What I'm listening to now on Pandora...
Re:Article a little short on solutions. by Weezul · 2000-07-25 07:10 · Score: 3

But consider what reflex augmentation could do in Warcraft 2, for example. One could write a script that caused the "mouse" to "click" on your Town Hall and Barracks, automatically creating peons and ogres at a set rate, while you controlled everything else.

Hos is this a bad thing? If there are nice abstract control features which can be added to a strategy game like Warcraft/Starcraft then it's crappy game design to not include them in the first place!

Seriously, aim-bot style "cheats" in RTS games like Starcraft are not cheats. They are improvments to the user interface. It's the game designers fault for expecting people to keep pushing the stupid create peon button like some kind of lab rat.

Now, it's true that one player gets the improved user interface and another player dose not, but that's easy to fix. Add a scripting langauge to your RTS game, but make the game send your scripts to everyone else who you play against. These people can paw through your scripts and pick out the part's they think they can use.

Anywho, my point is that a RTS game should not be based on mindless clicking. It should be based on strategy. It's not cheating to hire someone to click the mouse for you while you look over their sholder and tell them what to do, so why should it be cheating for the game to do the stupid stuff for you.

Actually, my roomate 2 years ago and I were pretty bad ass at sharing the effort of remembering to do all the stupid shit. One of us would play while the other would remind him to do the stupid stuff when it needed doing and help him to think though the biger strategic descisions. I've always considered the need for this kind of double teaming to be evidence of a poorly built game.

--
The Christian religion has been and still is the principal enemy of moral progress in the world. -- Bertrand Russell
Re:Article a little short on solutions. by zatz · 2000-07-25 08:48 · Score: 2

Why "solve" this "problem"? Having buildings produce units automatically is a FEATURE. Try ctrl-click to build in TA Kingdoms, for example.

Rather than "cracking down", I think improvement of the UI should be encouraged. It's supposed to be a strategy game, not a clicking-speed game, right?

--

Java: the COBOL of the new millenium.
Re:Article a little short on solutions. by Thrikreen · 2000-07-25 11:16 · Score: 2

Not possible, there are autoaim proxies out there that can parse BSP maps (since the specs are publicly available), know when a target is inside a wall (otherwise an invalid target), or know what texture they're using.

The best method I've seen to combat the autoaim is to make aim irrelevant in that even if the crosshair is on the guy, the bullet's exit vector might not be on the same vector as your aim - the Counterstrike/Rainbow 6 cone of fire effect where your aim gets all wonky due to the recoil - the more you fire, the faster you move, the wider the cone becomes and the less accurate your bullets.

There's no way I can see an autoaim proxy that can get around this since the bullet vector is random and handled by the server. They will still get a higher % of hits, but they won't be able to dominate as badly. Unfortunately for games like Quake2/3, some people are amazing with the railgun without the use of a proxy and such an effect would totally kill their gameplaying since they rely on their aim being where they hit.
Re:Article a little short on solutions. by Ed+Avis · 2000-07-25 23:58 · Score: 2

I've never been that keen on God-games like Dune 2, Transport Tycoon, Warcraft and so on that operate in 'real time'. They often end up being a test of how frantically you can click the mouse, rather than of real skill or strategy. What's especially stupid is that 'real time' ticks by many times faster than you'd expect. If a building takes 'three months' to build, why is the player not allowed even three seconds of thinking time without 'days' or 'weeks' of game time being wasted?

It might be better to have a game where you can pause, think about things, and order various actions. The actions only start happening once you unpause the game. In this way speed of mouse clicking would not be a factor. OTOH such a game would probably be very dull and would not have the 'real-time strategy' element that makes eg Dune 2 so fun to play. I used to play Transport Tycoon by pausing and unpausing all the time, but then I decided life was too short to play in such an anal fashion.

It would be interesting to _encourage_ the development of scripts for Command&Conquer type games. It might make the games more fun to play. If I have to sit in front of a Windows box and repetitively click on things I get annoyed. On Unix I'd probably write a script to automate it and get on with something more interesting. There are tedious elements in strategy games too, why not let users automate those?

--
-- Ed Avis ed@membled.com
Re:Article a little short on solutions. by Weezul · 2000-07-26 00:32 · Score: 2

In my opinion, the best approach is that used by Valve (Half Life, Team Fortress Classic)... support scripting, and when you have an update later, take the best features that people have 'added' via scripting and make them standard to the game. That way avid scriptwriters will have a significant, but only temporary advantage over that of the average player.

Yes, this is a very good thing, but you should also force the client to upload all the scripts to it's opponent. This means that someone who is vaguely competent at programming can take ideas from the people who beat them.

Also, I really hate those little timing exploits which quake scripts can exploit. Unfortunatly, game writers mayu be tempted to leave these "bugs" as some sort of reward for the person who waist a large amount of time mastering the timing of a timing "bug." Scripts will force them to make it a normal part of the game or remove the timing exploit.

BTW> Why should players who invest a significant amount of time outside the game engine not be rewarded more then players who jyust invest time inside the game engine? I agree that it changes that nature of the game, but I think it changes it in a good way.. it makes people think more then react.

--
The Christian religion has been and still is the principal enemy of moral progress in the world. -- Bertrand Russell
Re:Article a little short on solutions. by SuperKendall · 2000-07-26 02:00 · Score: 2

I'd agree that you really don't want to do anything to limit players that have amazing aim to start with. Part of the fun is improving your skill, and if you try and cap peoples skills unaturally, you'll take away a lot of fun.

There are other ways of using my original plan, even if the clients can parse the maps for location and skins. You could have the virtual players exist with normal skins, but just outside of the field of view of the player (though I'd imagine good auto-aim clients probably only target things being looked at). You could place them at far distances that players wouldn't really notice them otherwise. You could architect the game to have "curtains", things that people and weapon fire could go through but you couldn't really see, and place virtual players behind that. You could just give virtual players the invisibility powerup and have them stand still in a corner. Perhaps a virtual player with invulnerability lurks in every lava pool. What checat client would resist the opportunity to kill a guy stuck in a lava pool?

And that's only one dimension of what you could send. Why limit the server to sending just false players, you could send other wierd things about the game state that would have no effect on what a normal player saw or did, but could confuse (or possibly even crash) a hacked client (or the real one - careful!)

I'm sure there are a lot of other ways to implement the idea. Basically I feel that if the developers really were serious about preventing the augmentation kind of cheat, they could architect the game in such a way to make the virtual players easy for the server to place without distracting normal users and at least limit the effictivness of the augmentations to the point where they were more trouble to use than they were worth.

Until now, I don't think cheat prevention has been even a low priority for most game developers, even for a lot of the MMP games. They're just at the stage now where most developers realize they need to store most things on the server! Soon I think they'll really start dealing with cheating issues, but they have a long way to go to build in any kind of sophistication.

--
"There is more worth loving than we have strength to love." - Brian Jay Stanley

Re:It's happened to me before... by B'Trey · 2000-07-25 05:13 · Score: 2

In large part, that depends upon how you define "win". Your definition (and mine) involves meeting a specific objective by using a set procedure. IOW, following the rules is inherent in the very definition. To a lot of people, the word win seems to mean something like "humiliate the other person as much as possible by any means necessary." To their way of thinking, "cheating" is merely creative strategy. The fact that they were "smart" enough to cheat and you weren't is just more proof of their superiority.

--

"The legitimate powers of government extend only to such acts as are injurious to others." Thomas Jefferson.

This would not happen by Golias · 2000-07-25 05:15 · Score: 5

This would not happen if playing these games honestly was as fun as it is supposed to be.

The problem with the entire RPG genre of on-line games is that it isn't really the fun that hooks people in, it is the basic stimulus-response instinct that keeps people up all night playing Everquest or a MUD. By making you do things to get rewards (levels, new items, etc.), and by dishing them out a little at a time (with a fair ammount of randomization), these games tap into the same psychological conditioning scheme that makes old ladies spend their retirement checks all day at slot machines and BINGO games.

Since the satisfaction one gets in these games is usually the reward of a more powerful character, the mind begins to make the association of "better character == more fun", and cheating, or power-leveling, or "twinking" becomes very attractive.

The draw of these games is that they sort of let you live life in fast-forward. In a few dozen hours of gaming, you go from being a pathetic babe in the woods to being a massive warrior or wizard. Cheating speeds this up even more. It's a logical extention of the persuit of the goals the game establishes, really.

You don't often see the kind of rampant cheating that prevailed in Diablo 1 or Ultima Online when you are playing the FPS games. It seems that the shooters have acquired a sort of sports culture. To cheat at Team Fortress would be a lot like cheating at a pick-up basketball game. Neither side has more fun as a result, because the rewards of player-vs-player gaming comes from the joys of testing your skills against other people. Cheating in such situations is boring for both the cheater and the victim, even among younger kids.

It seems to me that the challenge that lies before those who wish to write on-line RPG's is to get a little farther away from the "kill monster, get a treat" format that is so common to these games. Good storytelling is helpful; nobody cheats at games like Myst. Creating a social environment that facilitates less of a "who's got the biggest *" mindset would also reduce cheating dramatically.

Mind you, I'm not saying that the typical hack-and-slash, smash-and-grab RPG does not have its place. I wore out a mouse on the first Diablo, same as the next geek. All I am trying to say is that game designers ought to start thinking beyond it, now that the current technology allows them to explore a lot of new avenues.

--

Information wants to be anthropomorphized.

Re:This would not happen by Nanookanano · 2000-07-25 05:29 · Score: 4

Back in the old days of paperbound Player's Handbooks, we had 'Monty-Haul' D.M.s and 'Sudden Death' D.M.s and (Ja knows) we had 'Die-Rollers' (who were the worst). But, the only ones worth a damn were the storytellers. Cheating is a sign of boredom, and only a new resource of mind-stimulating inspiration will fill the boredom and quench the cheating.

--
"..don't you eat that yellow snow."
Re:This would not happen by RollingThunder · 2000-07-25 05:42 · Score: 3

It's not just in the RPG's, though.
The world of first person shooters is, if anything, even more rampant with cheats (probably because it makes you look more skillful, and then you get the girls, or so they think).
In Tribes, which I play quite a bit of, they only recently installed CRC checking on certain critical files. This ended up being done because modified models and bitmaps were out there that would turn the normal half-man height flag into a massive monstrosity 50 times the normal size. Because of the way the Tribes engine works, this would extend THROUGH buildings! You could always tell where the enemy flag carrier was hiding - be it inside their base, or crouched behind a hill. And that was only ONE of many alterations in the poorly named HappyMod... visible mine trigger radii, remote turrets that showed around the corners they hid behind, etc.
And this is in one of -the- fastest paced FPS games out there, where sometimes you see the enemy capper for less than a second as he screams through at mach 5 on his sliproute.
Again - it's not just RTS. It's all games. Some people think they have to win, no matter the cost, because that's all they think is fun.
Re:This would not happen by The+Pim · 2000-07-25 06:28 · Score: 2

Splendid! You expressed my disappointment with RPG's, and various campaign-style semi-RPG's, better than I ever could.

Here's my critique. I find that these games offer enough semblance of realism and complexity to convince you that your intellect is shaping the outcome in rich and subtle ways; when in fact the range of possible outcomes is limited and has a coarse-grained dependence on your inputs. Generally, while your skill affects how slowly or quickly you advance, steady progression towards victory is inevitible once you've mastered the basic moves. Eventually (usually as the sun rises on a new day) you realize that you're no longer investing any creativity, yet you're still acquiring ability after ability, hoarding gold piece after gold piece, and all you can do is feel like a dupe.

Other human players help to some degree, but to me they can't overcome fundamental inflexibilities in the games.

I haven't played all that many games, but I'm thinking of Dune, Freeciv, Ultima. All great fun at first, but ultimately vapid.

--

The evaluation of an action as 'practical' . . . depends on what it is that one wishes to practice.
Re:This would not happen by Sludge · 2000-07-25 06:29 · Score: 2

I agree with what you said. However, I'm a long-time FPS player, and I've put in more hours in Doom than any other game in existence, and I have to say I disagree with cheating being boring. Cheating doesn't always give an absolute guarantee of winning. Sometimes, it just gives a player an unfair advantage.

Such is the case of the Doom cheat that was put in by Id Software. Any version of Doom before the final release 1.9 had a cheat in it that allowed you to see where your opponent was on the map. If you hit TAB and held down the left ALT key and typed 'IDDTIDDTIDDT', you would have this advantage. I know of a local hardcore player who used it quite often, and he ended up SLAUGHTERING everyone who wasn't really quick at finding a weapon after they respawned. However, they still had a chance, and in many cases, he was outgunned.

PS. I seem to remember the changelog that ID released with 1.9 saying something along the lines of "miscellaneous soundcard fixes"... it was never publically admitted that there was a multiplayer cheat in the game all along. :) I'd actually like to know why this cheat was in a commercial game... heh.
Re:This would not happen by Weezul · 2000-07-25 07:23 · Score: 2

This is the most intelegent responce I have seen.

The interesting thing is that sometimes "cheating" is the solution to the bigger problem of "kill the monster get a treat" which creates the "cheating."

A MUD which gives you levels for cheating will just have people write bots to raise their characters level. A RTS game which requires lots of mindless clicking for building troops and commanding troops will be hacked to automate these tasks.

These are *good* cheats! They remove a stupid unnessicary part of the game and allow the player to play the game they really want to play like role-playing with higher level characters and exploring dangerous lands in the MUD or thinging about the actual strategy in the RTS game.

Anywho, cheating is not always the problem.. sometimes it's the solution.

I suppose the real long term solution to cheating is adding a scripting langauge to the game to make writing "reasonable" cheats (like an auto produce peon button) easy but make writing the "unreasonable" cheats (like removing the fog of war) harder (ala the artice).

--
The Christian religion has been and still is the principal enemy of moral progress in the world. -- Bertrand Russell
Re:This would not happen by MostlyHarmless · 2000-07-25 08:05 · Score: 2

I don't know if this is true under freeciv (because the diplomatic model is not fully developed), but "steady progression towards victory" is anything but inevitable in CivII and, to a lesser extent, Civ. It has a _lot_ more depth than freeciv, and other strategies besides ICS (infinite city sleaze) will work much more effectively than in freeciv. And under deity, CivII is _hard_.

--

--
Friends don't let friends misuse the subjunctive.

game integrity in MMOGs by MattW · 2000-07-25 05:33 · Score: 5

In massively multiplayer online games, most notably MMORPGs, integrity is everything. If people can't trust the integrity of other characters, they won't bother spending the time to build them. I think a lot of attention needs to be paid about how to keep server-side certain pieces of critical data.

First, the tradeoff: anything you keep server side on a trusted server is safe. Anything you load client side you can assume for the sake of argument will be possibly modified by a player. So, let's take a MMORPG: you have characters, monster, and various abilities all interacting. What is responsible for the integrity? The server needs to be. First, the all important player character should be totally stored server-side. No information about stats/abilities/etc is kept locally, and the server never reads any from the client. It just sends a scenario and accepts commands. A pristine client interprets options from the server to provide an interface, but just because you locally manage to send a "super fireball" command when you only have a regular "fireball", doesn't mean the server should parse that. It should obviously return an error. (and probably flag you for some sort of observation, cheater!)

In any event, the dichotomy between client and server matches that between cause and effect -- never let clients dole out effects, only accept input.

On to the more difficult problem, which is when the information you pass to the client is more than they should have, based on the fact that you cannot transmit it as-needed due to bandwidth/cpu/latency limitations. This is where innovation needs to occur. Things like handing over partial maps, or possibly breaking maps/info up into smaller pieces and giving them all out encrypted, then handing decryption keys over real time. (And this would be an art in itself? Would 16-bit XORs work? Or would someone find a way to analyze all 65k combinations for consistency and break through in sufficient time to gain an advantage?)

In a game which was not time-sensitive, obviously, this stuff should be kept server side. For example, I've never played age of kings, but I've played HOMM2/3, which are turn-based strategy games. In those cases, all data could be kept server-side, other than the revealed portion of the map. Because the players play each turn in succession, time is not a real issue. A few seconds for pulling data is not that important.

Anyhow, good article. This is definitely one of the biggest problems facing MMO gaming, and as multiplayer becomes more important to games, and as more games go MP-only, this will be critical. Bandwidth and lower latency will help alleviate the problem, but there's a lot of room, I think, for clever protection from cheaters.

Yeah, and what do non-geeks think? by cvd6262 · 2000-07-25 05:36 · Score: 2

One of the worst consequences of thi cheating, no matter what the reasoning, is the way the general public percieves it. Remember Colombine? The problem people had with the kids playing Doom was that they had turned on cheats so they could kill more.

I love playing Half-life, and I figure if I break even (Kill/Deaths) it's pretty good. You have to figure if there's 12 others trying to kill you, then that's REALLY good actually.

Some people just don't see it that way and/or are too egomaniacal to accept it, so they cheat. They look at the 3-Kills, 7-Deaths stat and can't live with it.

But, like I said, it doesn't matter why they do it. The fact that there is wide spread cheating in what is percieved to be a close-knit gamers' culture, makes outsiders seriously wonder if we aren't all screwed up.

--

I'd rather have someone respond than be modded up.

Re:Yeah, and what do non-geeks think? by Nanookanano · 2000-07-25 05:53 · Score: 3

Ask a combat vet what a winning scenario is. He is likely to tell you; no deaths and no kills. "An interesting game..the only way to win is not to play." We are being deluded into believing that a life without fifteen minutes of fame is not worth living. Read the book Stiffed by Susan Faludi.

--
"..don't you eat that yellow snow."

The challenges of stopping cheating with my proj. by bugg · 2000-07-25 05:38 · Score: 3

I'm the lead developer for a project called chessd, and cheating has, believe it or not, always been somewhat of an issue with online chess servers. The concern is that when people are playing _very_ fast games, they'll push back their clock to gain some extra time. The obvious solution is to have the server determine how long they spent on the move, but then lag is not taken into consideration. 2-3 seconds can be the difference between a win or a loss in these games of chess. We've seen examples where someone lost by a tenth of a second..

The previous generation servers, that the earliest branches of chessd are based off of, solved this problem by what they call "timeseal". They distributed a closed source binary for a bunch of platforms to their users, and should they choose to use them, it would use the MOVE command in such a way where it would trust the time reported. This was a half assed solution, at best. Besides being easily reverse engineered, anyone who knows how to use their system's "date" command can fool it.

The crux of the matter is, at least in chessd's case, that we can't stop cheating. We can pretend to stop people using timers, but there's no way in heck we can stop people who use a chess engine to analyze their position, etc. Hence, in our rewrite we will be implementing a "trust" system. Either the user trusts the client and risks playing a cheater, or trusts the server and bites the lag bullet. We will, of course, be doing _some_ checking on the trusted moves to make sure they aren't obviously faked. (No negative times!)

We don't think that an E-Bay style recommendation system is needed, because frankly, the server admin can always ban someone who they have good reason to believe is cheating.

In conclusion, you should trust your opponent out of good faith. If you can't, you can either trust the server and bite the performance bullet, or not play at all.

--
-bugg

But do cheaters really enjoy it? by Fryed · 2000-07-25 05:40 · Score: 3

Along with ruining the fun for normal players, cheaters (especially in FPS games) usually end up ruining their own fun as well. I remember one particular server I played on in TFC, that had only one other person online when I connected, and that person appeared to be the one running the server. After playing for about 3 minutes, it became obvious to me that he was cheating (unless, of course, someone has a rational explanation for being able to switch from the sniper rifle, to the rocket launcher, to the HWGuy's gun) The thing is, even though he was obviously cheating, I was still killing him a lot more than he could kill me. Eventually, frustrated that even with his cheating he was still losing, he decided to turn the gravity from almost none to the highest setting, making it nearly impossible for me to move, so I left after that, leaving him all alone. I don't imagine he had a lot of fun all by himself there.

The point is, often cheaters (in certain types of games) will end up being punished automatically, because online games just aren't fun unless you have someone to play against, and no one likes playing against a cheater.

Read about aiming proxy.. by cOdEgUru · 2000-07-25 05:42 · Score: 4

(From the Article..very interesting. read on) An FPS aiming proxy works like this: The proxy program is run on a networked computer and the player configures it with the address of the server they are going to play on. They then run the FPS game on another machine and connect to the proxy machine, which in turn connects the game to the server, acting just like an Internet packet router.

The only hitch is that the proxy monitors and attempts to decode all of the packets it is routing. The program keeps track of the movements and locations of all the players the server is reporting to the game, building a simple model. When the proxy sees a Fire Weapon command packet issued by the cheating player, it checks the locations and directions of all the players it is currently tracking and picks a target from them. It then inserts a Move/Rotate command packet into the stream going to the server in front of (or into) the Fire Weapon command packet that points the player straight at the selected target. And there you have it: perfect aim without all the mouse twisting. (End of Article)

I just cant help thinking, these guys are so desperate about cheating. All this effort could have been spent on building something productive or learning how to use the mouse with the keyboard and kicking bots ass. Why cant we just learn to lose sometimes. Why is winning so important ? I have had my ass kicked by bots and humans alike, but I jump right back up and rail his sweet ass to kingdom come. Gaming is not all about winning, but its about perspiration that drips from your eyebrows, but you cant wipe it off, because you know your enemy is out there, seeking you out with a railgun combined with the power of Quad Damage, with an ethereal blue shadow to his skin, and you wish you were somewhere else... :)

--
Rapid Nirvana

Re:Read about aiming proxy.. by zatz · 2000-07-25 09:04 · Score: 2

It's a little harder than the article says, actually. The proxy has to grok the map, too, or you fire at walls with people behind them.

I wrote a Q1 proxy... but it was designed to be run on the SERVER. (I had to do magical loopback things to convince a Q1 server that each connection was from a different client, because it mostly ignored port numbers... required multihoming on most IP stacks.) It was meant to fix some lame problems with existing CTF mods (they couldn't even reliably kick players or enforce team colors), and to help players make macros to report their status to teammates. I was even working on some weird features like a good spectator mode (unlimited connections, ghosting another player without help from the server), and server side demos (merging all the event streams from different clients to make a single demo that included all the gamplay).

Anyway, I spent a lot more time on that, and tools to query lists of servers (before gamespy existed), than I ever did on cheats. But Q1 wasn't very popular anymore by the time I started on the more interesting stuff, so I never really finished it due to lack of demand :(

--

Java: the COBOL of the new millenium.

But Cheating is Allowed!! by (void*) · 2000-07-25 05:42 · Score: 4

Or how would Neo dodge bullets or bend spoons in The Matrix???

Re:But Cheating is Allowed!! by swerdloff · 2000-07-25 06:25 · Score: 2

Yes, but what you have to realize is that there is no spoon, and it's only you that bends.

[which, with reference to gaming, implies to me that if you're using a 'cheat' and racking up kills, it's you that's _getting_ cheated, because instead of learning to play and being good at it, you're merely bending yourself...]
Re:But Cheating is Allowed!! by WNight · 2000-07-25 22:39 · Score: 2

Nor is there a railgun in Quake3, but if you use a proxy bot to shoot railgun slugs at another nonexistant player, that's cheating...

If you don't play by the same rules as everyone else, it's not a fair game.

(Why was Neo a hero? He wasn't good at anything, he simply had a magical power (as far as people in the sim could tell). He didn't actually do anything based on actual skill, he auto-trained for things, basically, using scripts... Yay, what a hero... Whoa!)

You Must Cheat To Even Out The Playing Field by KiwiKing · 2000-07-25 05:42 · Score: 3

Yes I've used the map hack on Starcraft- not to cheat, but to give myself a fighting chance because cheating is so widespread on BNET. The whole balance of power concept from that Star Trek episode where Kirk in response to the Klingons arming one side of a warring faction, broke the rules and armed the other side in order to create an equilibrium. It's a never ending cycle because everytime a patch is released, the new hack follows in a matter of days. Maybe trying to cut corners for that edge is just human nature.

Re:Is anybody surprised that RPG's encourage this? by gwernol · 2000-07-25 05:49 · Score: 2

RPG's encourage kids to live in a fantasy world.

etc.

Like adults, children are very good at distinguishing fantasy from reality. Many children play games (computer-based and otherwise) in which they can fly, yet relatively few of them attempt this in the real world. Either you fail to grok this, or you have an extremely low (and deeply incorrect) estimation of the intelligence of children.

--
Sailing over the event horizon

What about single player mode? by Johnathon+Walls · 2000-07-25 05:53 · Score: 3

As someone without a cable/DSL/anything above 33.6, I have little interest in multiplayer gaming. I typically buy games only for single player only.

It drives me insane when I hear an announcement that X game is delayed to correct a few multiplayer cheat bugs. *I DON'T CARE*. Why do I have to sit and wait because some poor attention-starved loser wants to cheat on a part I will never use?

Add to that the added insanity (disclaimer: I believe single player games should allow me to cheat my damn brains out - i bought the game, let me do what I want with it) that sometimes developers disable cheating entirely in the game as a way to deal with the multiplayer bugs.

How are they going to solve that? Sell two separate versions of the game? I'd also expect it to be cheaper than the single+multiplayer version.

Is there any reason why this can't be done? Or am I, as a single player, destined to be ignored due to the complaints regarding a game I don't even play?

Re:Forms of cheating you can't stop by Kisai · 2000-07-25 05:56 · Score: 3

Another form of cheating that get's overlooked is cheating by the people who are running or created the game.

Anyone remember when BBS's were popular? How you could log into a BBS Door game and play it for maybe a maximum of an hour? Ever play one where the SysOp played too? Not very fun if everyone picks on the SysOp, because the SysOp would turn around and just cheat to restore balance to their favor.

The same goes for MUD's, The people running it might just be as guilty of cheating as the people playing it.

There is no such thing as a cheat-proof game. The closest Online Games come to being cheat proof is when it's Client-Server and nobody has access to the server. The second part is that the "Client" has to only process I/O from the server (Person moved from x,y to X,Y and got hit by a frog.) and not store any data on the user's end. Now the problem with these set-ups is that there has to be checks in place to prevent multiple accounts or multiple users. (Anyone play Utopia or Earth 2025? Worst case of Client Server cheating I've ever seen, reason being that the only multiple account check is the uniqie email address the authorization code was sent to.)

Of course that could be blamed on the fact there are too many free email systems out there for people to abuse.

The worst examples of cheating always occur in peer-to-peer and client-server systems that the client has to do calculations to send back to the server.

A type of cheating I haven't seen too much, but realized people do this (and not just to games!) is to create macros or bots so they don't have to play the game themselves.

The "Adbar make free money" system has been the latest target of cheating with people creating emulators and macros to cheat them.(Look it up, they exist, Alladvantage being the biggest target) And to make more free money out of them here comes the muliple accounts that they use for referer's, so when they do their X hours on whatever ad system, they load up the next account and do the X hours again.

Just about every aspect of cheating in games can be applied to cheating other software, be it cheating the Ad-paid software, to cheating stupid software from wasting your bandwidth (Do you know how many programs waste your bandwidth? *cough*Real*cough*Player*cough*)

In my opinion, if people are going to create cheats for online games, the people who create the games should be looking out for these cheats and what they do to the game. (Lot's of cheats rely on over-writing some part of the game's memory with different values) Save-game cheats
being the easiest way for the novice to cheat(all you need is a hex-editor), to the more complicated using a debugger and changing memory values to cheat.

Again I come back to the point where game developers should not "use" any data calculated on the client side since it could be cheated easily.

Anyways I think this message is long enough.

You've an important distinction there... by SvnLyrBrto · 2000-07-25 05:59 · Score: 2

The "skript kiddie" cheater, who reads the cheat codes from isucksogivemecheetcodez.com, and downloads the cheat patches.

vs.

The "hacking cheater, who opens the binary in a hex editor, actually groks what's in there, and figures out the cheat codes, AND mabye WRITES the very patches that he cheats with.

The first kind, is really kind of contemptable. And I, for one, doubt that anyone really buys into his "sk1ll3z".

But the second kind... well hacking up the executable of someone elses game (and generally the source is NOT available in MOST games)... that takes GENUINE skill. And not only to I NOT hold these guys in contempt, but I think that we could agree that THESE guys are due some respect. Patching executables is a dying art in this era of fast and smart compilers, linkers, and assemblers. Hell, most people would never even THINK to even LOOK at an executable in an editor, much less CHANGE anything. My kudos to the guys who can still do it.... and do it well.

john
Resistance is NOT futile!!!

Haiku:
I am not a drone.
Remove the collective if

--
Imagine all the people...

Re:You've an important distinction there... by Gurlia · 2000-07-25 11:27 · Score: 3

Agreed absolutely!!!!

In today's age, understanding how the machine actually works is wayyyy underrated. People don't care about it anymore because they now grow up with smart compilers---or worse, they grow up buying the lie that just knowing how to use applications is "good enough" (umm, what if that app becomes obsolete, God forbid?!), and teachers de-emphasize it because it's not the "industry trend".

*I* say, screw the "industry trend". You need to understand how the thing actually works. I haven't researched this, but I'm willing to bet that people who don't know how the machine works write poorer quality code than those who do. I'm not talking about obsessive "optimized" coders who tweak the last ++ operator in C and abuse #define's to get a "100%" efficient program (only to get totally screwed over by the optimizing compiler that gets totally confused by the weird code and spits out poor executables). I'm talking about people who've had solid experience in assembly language programming. They are the ones who understand what exactly goes on in optimizing compilers, and how to take advantage of them. (John Carmack, anyone?)

People think that assembly language programmers will become extinct. Everybody around me says so. But they don't realize how much understanding you can gain just by learning how to look at a hex dump, and with a good reference on your processor's assembly language, locate where a piece of code might be, and then figuring out how to patch it to do what you want. Figuring out how to locate a piece of code in a large binary executable, possibly with no information on what is code or what is data, this in itself will be such a valuable learning that you won't ever regret spending the time and effort. You may not actually use this in your career, but who knows, the kind of logic that you need to apply to this kind of problem may well earn you a good income. And then of course, after locating the piece of code you're interested in, constructing the patch to it -- which must take into account many constraints like size, which often severely limits what instructions and addressing modes you can use -- and applying the patch... the kind of analytical thinking that you need to accomplish this will be such a help to you that even if you'll never touch assembly language again in your life, you won't regret having learned how to deal with it.

It's not that assembly language programmers are stubborn or trying to hold on to "outdated" methods; rather, it's that young programmers spoilt with modern conveniences and short-cuts are deprived of an experience that may make a huge difference to their abilities, even if their area of expertise will be programming in a high-level language.

---

--
mikre he sophia he tou Mikrosophou.

Re:Slashdot contradiction? by Izaak · 2000-07-25 06:02 · Score: 3

But now that someone posted an article about the security of multiplayer games, hacking suddenly becomes a bad thing. It is "evil" to play around with a game you bought and to try to find out the security holes it has.

I didn't get that message from it. I don't think it is evil to hack on a game and find its weakenss. It IS evil to use that knowledge to screw with an unsuspecting person's game. Well, at least it is rude. I've considered writing a Battlezone bot just for the fun of it, but you can be darn sure I would have let other players know it was a bot they were playing against.

In the end, I decided to write my own game instead (or more correctly, a game toolkit). Sorry about sneaking in that shamelessly self serving plug. :)

Cheers,

Thad

--

The Bolachek Journals

Contra by vitaflo · 2000-07-25 06:05 · Score: 4

Looks like "Up, Up, Down, Down, Left, Right, Left, Right, B, A, Select, Start" has been the downfall of human kind.

Why not a trust model? by Fizgig · 2000-07-25 06:07 · Score: 4

Why not skip the technical solution and go for the social one? Sort of like Advogato's trust model, or maybe more like PGP's key exchange mechanism. I trust Anna, who trusts Bob, so I trust Bob. Stuff like that. If someone cheats, you don't trust them. That way you don't have to trust everyone explicity, but you still have a wide pool to play from. Perhaps this is a bit too complicated for the average FPS-player (I'm not sure it could be implemented to where I thought it was easy). Do any games have solutions like this? Of course, such a model could possibly be abused and would put new players at a disadvantage (aren't they already, though?).

No solution, period by kevin805 · 2000-07-25 06:09 · Score: 2

I don't see how there could be any solution to this. In theory, you could take your cheating all the way to a massively complicated AI you plug in between the machine the game is running on, and the keyboard, mouse and monitor you see.

There's also no solution to having more information than you're supposed to -- how about turning up the brightness on your monitor? How about using video drivers that allow you to up the gamma? Maybe automatically adjust the levels so that contrast is perfect?

There's stuff you just can't control. But the stuff you can't control isn't necessarily the interesting part of the game. I don't play video games because I'm always insanely frustrated by stuff like why my peons seem to have such pathetic AI. Try to design the game so that cheating doesn't matter, rather than trying to make cheating hard, and you've got a great game. Imagine -- how could you cheat at Sim City? You can't (other than trivially: more money, etc), because the decisions you make in Sim City are decisions that a computer can't (currently) make.

On the other hand, testing your skill in spotting stuff on a dark monitor screen, or in getting the mouse just perfect, isn't all that interesting.

Cheating in Open Source Games by Izaak · 2000-07-25 06:13 · Score: 3

This was an interesting article, but most of the *fixes* described were basically ways of obfuscating the code or the game data. This works fine in a closed source game but is near impossible in the open source world. I am working on a game SDK and an eventual *massively multiplayer* RPG... and the cheating issue concerns me.

The best strategy I can see so far is to keep the authoritative simulation on a central server. Game character data would have to be stored and authenticated by some central authority as well. My vision for a MMRPG involves a network of virtual worlds running on many servers, and that makes the who cheating issue even more complicated. Anyone have any thoughts to share on that?

BTW, you can check out my SDK at www.gridslammer.org.

Later,

Thad

--

The Bolachek Journals

Re:Cheating in Open Source Games by Izaak · 2000-07-25 08:25 · Score: 2

It's a social issue, at that point, as well as a design issue. Reduce the game advantage/bonus/penalty of reflexes, and you reduce the cheating on reflex actions.
I've come to basically the same conclusion myself. I've decided that my MMRPG will be a strategy game more than an action game, so the 'enhanced reflexes' issue is not so important. Also, it means the network protocol need not be quite so chatty, so a server can support more simultaneous users.
The server code will be open source, so there is the possibility of a person putting up a hacked server and running a world where they can cheat, but that is where the social engineering part of it comes into play. When they are found out, other game server admins can vote to exile that server from the web of worlds. We still need some sort of trusted repository for game character data and maybe a 'central bank', but I think that can be worked out. If anyone thinks this would be fun to work on, please join the GridSlammer mailing list.
Thad

--
The Bolachek Journals

A problem with this argument. by Christopher+Thomas · 2000-07-25 06:20 · Score: 2

This would not happen if playing these games honestly was as fun as it is supposed to be.

Not true.

All it takes is one person who considers it more fun to harrass their fellow players than to play the game.

These people will always exist, no matter how good the game is. Look at the slashdot trolls for an example.

Any system that has to deal with a vast number of people will have to protect itself against the small but occasionally very capable minority who will actively try to ruin it for everyone else. This applies to games, public forums, network administration, and many other aspects of life.

They'll kill me for this, but... by Brand+X · 2000-07-25 06:34 · Score: 3

Out there on the web, we've got this site...

MUD-Dev is a professional and advanced amatuer discussion and design sharing forum, based around a mailing list and the kanga.nu domain. These topics are a regular subject of discussion there.

Follow this for a philosophical/technical discussion about trusting the client; includes significant amounts of contribution by Raph Koster (OU's Designer Dragon)
This is a currently running discussion about controlling "grief players"...

Take a look... there's some good stuff in here.

--
-- Still waiting for the Nike endorsement

Can be 'foiled' by Thomas+Charron · 2000-07-25 06:34 · Score: 4

Look at how many hacks and/or cheats that have been uncovered in Everquest. Nada.. Ziltch.. A few cheats that have been quickly 'repaired', but those that resided in the 'buisness logic' of the game.

One has to ask how they did it. And I can tell you one thing, it wasn't with client side logic. ;-P

They do virtually *EVERYTHING* that this article says is a big nono, or simply not possible. Yet they are successfull. They take some addition precautions as well, such as not allowing the app to run minimized, therby making it a *little* harder to hack while running. They encrypt all local files, and do a CRC check on them. If they fail, they update them. All communications is encrypted, and yet they still maintain decent framerates..

Granted, their framerates aren;t their selling points, but the game is playable with *hundreds* of people in the same zone..

--
-- I'm the root of all that's evil, but you can call me cookie..

Re:Can be 'foiled' by PhiRatE · 2000-07-25 06:54 · Score: 2

I hate to burst your bubble..

http://www.hackersquest.gomp.ch/html/seqfiles.sh tml

The ShowEQ program, with equivalents under Win, gives you plenty of information-leakage advantage under EQ. It reassembles the packet stream itself..so much for encryption..Also on that site, code to read all the data files, and some code which emulates an EQ server. EQ is just as vunerable as everything else I'm afraid.

--
You can't win a fight.
Re:Can be 'foiled' by Dirtside · 2000-07-25 09:20 · Score: 2

The reason this isn't a big deal is because, for the most part, EQ is about the player vs. the environment, NOT player vs. another player. Most multiplayer online games are about player vs. player, but (except for on the PvP servers, which are only 3 out of 34), you're just fighting the environment. It's not as big a deal if you cheat the environment, because it doesn't usually affect other players! Verant still doesn't want people cheating, but because of this, when someone does get info using ShowEQ (or whatever), it's not as big of a deal.
To put it another way, you're never getting any info that they aren't already sending you; you're just using a program to ease the analysis of it.

--
"Destroy science and religion. Science would re-emerge exactly the same; but not religion." - Penn Jillette, paraphrased

Which not make a game for hackers? by jonathanclark · 2000-07-25 06:45 · Score: 4

I think someone should make a persistent world game designed for programmers. Instead of having them focus their energy destroying the experience for other players, why not make a game that encourages programming/hacking - in fact it requires it.

That is, all the entities in the game are controlled by computer programs, which are written by the players. The programs can run remotely on their machines and make request over the network (with some human guidance) or they can run 24hrs a day on a Java Servlet on the server.

The idea of programmers writing robots for a game isn't all that new. A long time ago there was C Robots. About 8 years ago Dave Taylor and I got our start in the gaming world by running the National Programming Contest for IEEE. This contest had a fresh new game every year that was played by client programs and run on the IBM AIX platform (they gave us free machines). Our contest were simple because contestants only had one weekend to make a client, but I can imagine a much more complex and interesting world for clients to play in.

What is kind of new here is the idea of a persistent world. As players get more advanced they can have their characters spawn new ones. A computer program can control 10 people almost as easily as 1. And computer programs can play 24 hrs a day, but human players have to sleep. And for someone looking to make money - you could charge for "hosting" the client program.

--
-- Virtual Windows Project

Re:Is anybody surprised that RPG's encourage this? by MousePotato · 2000-07-25 07:03 · Score: 2

You almost made your point... While I agree that the declining morals/values issue needs to be addressed its not the fault of RPG's. It is almost entirely the parent of said childrens fault. These games are not for children. Period. Teenagers, well ok, depending on the values you have successfully instilled in them. If you let a television set raise your child then you will get what we as a society are seeing in the rise of violence amongst minors. Our generation had D&D and we didn't go around killing classmates and teachers yet D&D was more of a fantasy world than these games create because you have to visualize the deaths of your oppenents etc. On the flipside if you teach young minds the strategies that games teach (for arguments sake even checkers does this) they will have learned skills that puts them several steps ahead of most folks in business school. And wait a minute... is baseball(or other little league sports for the matter) better for your kids when parents are beating up (recently killing) other parents/coaches/umpires because they disagree with the calls? Many of the little league systems could even be blamed for the rise in the use of steroids because the children are being taught to win at all costs. I think not. I would say the best activity for children to participate in is martial arts training (don't even bother with the 'thats violence' retort) as long as your not a 'little league' small minded parent who puts thier kids in tournament karate events(see above note on parental behaviour) for selfish reasons like pressuring your kids to perform.We are bringing up children in a society where they are encouraged (in school none the less) to turn thier parents in if the parents use corporal punishment and children can divorce themselves from thier parents etc. The problem goes much deeper than the proverbial scratch in the surface mentioned here though, 'Blame Shifting' is on the rise. People can't believe that its thier own fault thier kids are the way they are so they need scapegoats to blame for thier inaddequate parenting. Parents sued Judas Priest and Ozzy Osborne for this kind of lunacy in the 80's becuase thier kids committed suicide. Hence, it is much easier to say its so and so's fault rather then thier own. Disagree? Read your own post and then take that magnifiying glass of self-righteousness and point it back at yourself. Like I said the blame is on the parents, a lack of parenting combined with a lack of discipline for innappropriate actions not society, not rpg's, not even music or television.

--
Prospecting Stinks. Stop Wasting Time on Cold Calling.

The challenge by xant · 2000-07-25 07:08 · Score: 2

While I agree with your psychological assessment for the most part, I don't agree that more fun = less cheating. Matt Pritchard and you both missed one of the most important reasons for someone to create a game exploit - the challenge of it. Hacking a game open to see the guts, and then figuring out how to attach the throat directly to the aorta and make it all work when you sew the game back up (to overstretch a metaphor) is as much fun in short bursts as writing the game was in the first place.

I believe that the people who produce cheats to games do so for different reasons than the people who use cheats use them. The person creating a cheat might want to see how a particular program works for knowledge's sake, might enjoy reverse-engineering for its own sake, might want to demonstrate his coding skill to others, might want to get a little advance knowledge about the game offline before he goes online and makes a tough decision. (Example: how to spend skill points in Diablo 2. This is a crucial decision that, due to poor documentation, must be made with relatively little information - unless you create a level 93 character of your class offline just to find out.) He might even want to abuse the system and cheat, but I speak from experience when I say that mostly, by the time you're done reverse-engineering the game structures you're interested in, it's no longer that interesting to play with the cheats.

And once you're done, you might want to distribute your cheat so you can get a little credit for your skill - but don't. It's the losers who download your cheat and use it to ruin the game for everyone else you have to be worried about.

--
It's rare that you're presented with a knob whose only two positions are Make History and Flee Your Glorious Destiny.

LAN parties are the solution, kiddies by grizzo · 2000-07-25 07:14 · Score: 4

i, for one, don't give a shit about cheating because whenever someone i'm playing is cheating, i can walk over to their computer and kick them in the good 'n plentys. let me explain:

internet multiplay is crap! stop doing it! everybody cheats, we know this. you don't know the people you're playing against (this, i'm sure, is not true in many cases, but i'm generalizing) so what fun is it to win? basically, all that internet play does is foster agressiveness and competitiveness in people-- two things i personally can live without. internet play is also difficult for modem users who are up against HPBs all the time.. gosh, what fun!

the solution is, get some friends together and start having LAN parties. start playing with people you know. multiplayer games are so much more fun when you get to talk about it afterwards over a beer or a mountain dew or whatever the hell you want to drink: "dude, that one part where you bounced off my rocket over the lava and onto jimmy's head was RAD!" "yeah, rad". i know, sounds lame, but you all know it's fun.

basically, i'm giving a call to gamers to quit being lazy sax of shznit and start organizing LAN parties in your town: they kick ass, and you could probably use the socializing (if you're anything like the hermits i normally party with)!

thanks for your time, sorry if i was overly-crude

--
grizzo: totally insecure, but very convenient.

Diablo II by nmx · 2000-07-25 07:34 · Score: 2

I realize this is (only slightly) offtopic, but the article mentioned that in the original Diablo cheating was rampant. I've been playing Diablo II for a while and I don't believe I've encountered any cheaters. The CD key system and requiring Closed characters to be stored on their servers seems pretty secure to me, but I'm curious, anyone have thoughts/comments on how cheat-proof it actually is?

--
"Well kids, you tried your best, and you failed. The lesson is, never try."

Die, cheating scum. by Azog · 2000-07-25 07:49 · Score: 2

After reading the article, I'm just depressed. But, I had kind of a neat idea for hitting cheaters back - hard. The wailing and gnashing of teeth would be heard far and wide...

Now, in Quake III, each player has a unique CD key that identifies them with the master server. This is used to prevents piracy.

Imagine if some of the countermeasures described in the article were implemented in a really subtle way... not to prevent cheating, but to just detect it, and detect it carefully and explicitly. Let that system run for a few months or so and collect a big blacklist of the cheater's unique CD keys, without anyone knowing about it.

Then the sting... (insert evil laughter here...) ban them from playing in regular games. Set up another "master" server just for the cheaters, listing servers that explicitly allowed cheating, and only let the cheaters play on those servers.

Oh yeah... make sure the delay before people got put on the blacklist was long enough that the fsckers couldn't return the game and get their money back.

Maybe that would teach the little bastards! Please, ID software! Do this for DOOM 2000!

Torrey Hoffman (Azog)

--
Torrey Hoffman (Azog)
"HTML needs a rant tag" - Alan Cox

Re:Die, cheating scum. by Azog · 2000-07-25 10:01 · Score: 2

Regarding Q3A key generators... Graeme Devine of id software recently said in an interview (or was it his plan file?) that none of the so-called key generators work, and in fact, most of them were trojans that do nasty things to the losers trying to use them. This is not surprising.

The assumption behind the concept of a key generator is that there is some algorithm used to expand a small key space into a large one. By finding the algorithm, a hacker could easily guess a key in the small space and expand it to a valid key in the large space. However, There is no reason to believe that ID did that at all.

Q3A CD keys are long. Mine is 16 characters of alphanumerics. That gives a gigantic search space: 36^16, a 64-bit number.

I expect they just created a database of 64-bit random numbers, just enough for as many CD's as they sell. Then they just have to guard that database very, very carefully. If that's how they did it, there is NO WAY to generate a fake key other than guessing. If there are 10 million valid keys, then you would have a one in 795866110994640088 chance of randomly guessing one of them.

The only hope for cheaters would be to steal one of the correct keys!

Obviously there would need to be some way to deal with people who had their keys stolen and whatnot. But overall, I think it would be tremendously effective.

Torrey Hoffman (Azog)

--
Torrey Hoffman (Azog)
"HTML needs a rant tag" - Alan Cox

Online cheating is not always bad by DreamMaster · 2000-07-25 08:03 · Score: 2

Surely I'm not the only one who remembers smart-ass Lord British getting fried in Ultima Online? ;-)

Fortunately, not at all. by An+Ominous+Coward · 2000-07-25 08:14 · Score: 2

Back when Slashdot was small, intelligent comments were the norm. Browsing the site was interesting and often educational. Then, as Slashdot grew, the S/N ratio plummeted. The less knowledgeable geeks began seeing Slashdot comments as a status symbol instead of as a means of exchanging ideas. Most of the older crowd moved on to smaller forums where meaningful conversations could be held.

Then, the trolls showed up. They mocked the Slashbots that drove the intelligent posters away. In a desparate attempt to foster useful conversion, and because he couldn't stand to see people make fun of his site, he implemented moderation. This has been nothing but a disaster. Rather than act as a catalyst for spot-lighting the few intelligent messages, it allowed the Slashbot Karma Whores to pat themselves on the back for useless, mindless drivel. But, the trolls fought back. They organized and attacked brilliantly. They posted hysterical rants, mocked the repetitions, UNFUNY Slashbots (you Slashbots used to think "Imagine a beowulf cluster of these!" was "Insightful", not "Inciteful"), and fictional opinions designed to trigger the knee-jerk response of the hive-minded Slashbots. They are entertaining and artistic. Now that the old guard has mostly abandoned Slashdot for smaller communities, the trolls are the best thing about Slashdot. Frankly, they are the only good thing about Slashdot.

I no longer come to Slashdot to learn and share. I come here for a cheap laugh.

Thank you, trolls.

Some Q1 experiences by zatz · 2000-07-25 08:28 · Score: 2

I used to play multiplayer Quake classic a lot . . . eight hours a day one summer. I made some binary patches to the Linux client, both to enable cheats in multiplayer and fix some minor bugs (players that weren't visible in the score list, messages with carriage returns in them, bogus shirt colors in team games, etc).

I played with the cheats for a while, and discovered some interesting things. The good players could sometimes tell that I was cheating (I never denied it if someone guessed). The cheats often made the game less interesting, because there was less suspense (I only played with rendering hacks). And most interesting... even after I stopped using them, I was a better player from my experiences with them, because I had a better grasp of how other players acted; which routes they took on particular maps, how they evaded me when they thought I couldn't see them, stuff like that.

The stuff I was using was clumsy enough that when I finally found really good opponents (Clanring DM people), it kept me from improving. So I stopped using them, even the lighting hacks, which I think a *lot* of other players were achieving by editing the maps. And eventually I was good enough on my own that people called me a cheater anyway--a high compliment, IMO.

The article has some good advice for game developers; but I think that some forms of cheating, especially in FPS games, cannot be prevented. Determined hackers can always write their own client, or wrap the rendering layer nowadays. The best you can do is carefully filter the information sent to network clients, so that they don't get info about objects that should be hidden. And I can chime in to say that it's always unfair anyway--because of differing lag.

And for RTS games, I think a design goal should be that a human player can learn to be better than a computer. Definitely true for Starcraft, but I would like an option to write my own AI, and an arena where it can compete with other AIs... an RTS Core Wars :)

--

Java: the COBOL of the new millenium.

Re:Is anybody surprised that RPG's encourage this? by FFFish · 2000-07-25 09:26 · Score: 3

Children are *NOT* good at distinguishing fantasy from reality.

Geez, the number of times I see wholly ignorant people spewing that line in defense of letting kids have access to FPS, violent movies, etcetera.

Fantasy rules the child's life. The bogy-man under the bed, the magic of the shopping mall Santa, playing house, don't step on the cracks, Bambi dying.

Even a lot of adults don't have the ability to distinguish fantasy from reality. Look at the number of adults who believe that America grabbed the U571 submarine, or believe that UFOs exist.

It has nothing to do with intelligence and *everything* to do with naivete. Children don't have the life experience necessary to distinguish reality from fantasy.

In adults, it's more tempting to use the word "ignorance," but it's really the same thing: a naive person who hasn't the experience to know historical truth from Hollywood fantasy; or scientific methods versus wishful thinking.

At any rate, the bottom line is that anyone with experience with children or who spends a few minutes looking in a few child psychology books, will certainly understand that fantasy and reality are not easily distinguished by children.

And anyone who thinks otherwise is, at best, naive.

--

--

--
Don't like it? Respond with words, not karma.

Comments from the Article's Author by The+Optimizer · 2000-07-25 10:43 · Score: 5

Oh wow. I just got back into Dallas from Siggraph 30 minutes ago and discovered my mailbox filling up with emails from the /. side-effect. Just a couple quick comments on the discussion....

0) This article first appeared in print in the June 2000 Issue of Game Developer Magazine.

1) I didn't come up with the title. I honestly couldn't think of a catchy title, so I let my editor come up with one. As far as nit-picking over the useage of "Hacker" and "Cracker" - don't sweat it. Yes, I know the difference.

2) The most important point in my mind is that multiplayer cheating hurts other human players and is an order of magnitude different from the things we do when playing solo (single player) games. When a person realizes they are on the receiving end of a cheat - that another human being wants to do that to them - it's a hugely distructive feeling.

2a) People walk away from games and badmouth them to their friends when they think they are getting screwed. The better selling your game, the more this matters.

3) Many people have been emailing me and posting about things I didn't cover. I really appreciate it though I do already have some of it. When I wrote the article I had to keep it to about 7000 words, so I only got to cover about 1/2 of what I wanted to. Given the reception it has received, there will likely be a second article on the topic.

3a) Keep the comments and emails coming - I will try and respond to all.

That's all for now. I really appreciate everyone's input and thoughts on the matter.

-Matt Pritchard

Online Poker Game Exploit by grahamsz · 2000-07-25 19:34 · Score: 2

Take a look at This for an insight into how a group of security experts developed a nice method to figure out the workings of an online poker game despite the fact that the hidden cards were never send down the wire to the thin java client.

Rather they used the fact that the publisher shows off the thouroughness of their software by publishing the deck shuffling alogirithm. Now because this is seeded from the system clock it is possible apply the shuffle using all different values of the clock until you find which time is in sync with the server.

Clever stuff

Re:Bolo was the bomb by bigdan · 2000-07-25 22:38 · Score: 2

Yes indeedy there is.

The Windows port of Bolo is called WinBolo and can be downloaded from the author's website.

There is also a Linux dedicated server available from the same page. A Linux client port is being worked on by the same guy (using GTK and SDL) and should be available sometime in the next few months.

--
.sig? .sig!

Re:Is anybody surprised that RPG's encourage this? by FFFish · 2000-07-27 01:52 · Score: 2

To contradict you:

http://washtimes.com/national/default-2000727225 08.htm

Conclusive is as conclusive does; there are people who believe there's no conclusive evidence that smoking causes cancer. Go figure.

--

--

--
Don't like it? Respond with words, not karma.

74 of 247 comments (clear)