Slashdot Mirror
Game Developers Cracking Down on Cheating
Hector73 writes "ZDNet has an article discussing a growing concern for the makers of on-line video games. Cheaters and trolls are making it harder for casual users and newbies to get hooked on the on-line versions of games. Considering that on-line gaming may become the major revenue source for game makers over the few years, maybe they will actually do something about it."
They need to introduce some sort of peer rating system, where each individual rating doesn't mean much. Something like -1 Troll, +1 Good Sportsmanship, etc.
I suppose it's not an optimal solution, but you can always lock down the server and only play with people you know. The drawback is, of course, that you won't always have a full server, but then, locking down the server is a good way to manage how much time you spend playing online =)
"Oh, I hope he doesn't give us halyatchkies," said Heinrich.
I don't know about you guys, but CSGuard and HLGuard have just about killed Counterstrike for me. If I go into servers without them there's no problem, with them and it's constant crashing.
I don't mind products to even the playing field (a 12 year old with OGC can ruin a whole game you've been in for hours), but when they interfere with game play, what's the point?
You can be sure that I won't be buying any games from the people mentioned in that article, and I suggest everyone else who values their freedom do the same.
"I don't know that atheists should be considered citizens, nor should they be considered patriots." - George Bush
I have always been bothered by cheaters and jerks and such. Mostly my real world friends and I just play alone. Beats dealing with the general gaming pupulace.
> Cheaters and trolls are making it harder for casual users
Does anyone understand what a troll is anymore? The moderators certainly don't....ah, the long-gone days of usenet when YBHT. YHL. HAND. actually meant something. Let's hear it for today's bright IT majors! Yeah! Go administer some systems for a terrible salary...good work, fellas.
This is precisely why Microsoft announced that all of the Xbox's online games will be run off of Microsoft controller servers. They've seen how cheating can rapidly cause a subscriber base to shrink. By controlling everything themselves they hope to limit the damage done by those looking for ways to cheat. I imagine that just in case anything should go wrong, this means frequent backups that can be restored upon a users requests.
"Chances of RHIC-induced Armageddon are exceedingly rare, but... you never know." - MIT Physicist Bob Jaffe
Gamers should take power into their own hands. Some people will write cheats, so others have to write anti-cheats, and they don't have to be the fluffy "detect and block" kind either. Some jackasses at my school were cheating at CounterStrike, the only game worth playing, so I took it into my hands to write a little java app that crashes their server whenever they do it. Legal, maybe not, effective hell yes.
They stoped cheating, we started playing.
http://news.com.com/2100-1040-933822.html?tag=fd_t op
Black ice.
spawn_of_yog_sothoth
Great, now if only we can get rid of the plethora of bots and campers in Quake!
From excellent karma to terible karma with a single +5 funny post...
Let the MS bashing begin!
A presentation for Xbox Live, Microsoft's online service for its game console, stressed hack-proof servers.
I'd suggest you don't use Slashdot as your only news source, or you will suffer permanent brain damage.
Remember dongles of a by-gone era? (They were hardware that would "activate" your game by returning the proper answer to challenges given through the serial/parallel/etc. port). /lots/ of the game logic in the hardware? Besides fancy graphics, etc, I bet you could basically /cripple/ a game by having the basic maps/character stats/whatever be controlled by secure hardware attached on a USB slot. Since this solution would cost far less than the $49.95 for which a next-generation game retails today, why don't we see more "cheating isn't possible" solutions based on having lots of the "easy" (low-computing power) solutions based on a dongle attached via USB?
Well, why don't gaming industries today make dongles that have
Cheaters and trolls are making it harder for casual users and newbies to get hooked on the on-line versions of games Sounds like some "blogs" i know of.
There have been many attempts to do things about this. Plenty of bot detectors for the fps's. Between diablo 1 and 2 there were many changes made for anti-cheating concerns. If you look at the top of the changelog here. You'll see that anti-cheat protection is right on top. I believe its goin to be the same battle as OS security, and game console copy protection. There is always going to be something that somebody can do to cheat the system, and there will always be somebody willing to do it just to make themselves feel a little more powerfull.
edge
"It's all fun and games untill somebody looses a harddrive."
from the article:
"A presentation for Xbox Live, Microsoft's online service for its game console, stressed hack-proof servers."
Should we start a pool maybe? For when it will first be cracked? I want 24 hours after they some online myself.
Disclaimer: no this is not a shot at Microsoft just because it is microsoft. But if anyone calls anything hack-proof, you can bet that there are a lot of folks out there who are just dieing to prove you wrong.
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
They need to take cheats out of the game all together. It's more fun if you can die. That's why games are exciting and fun. If there's no risk (to your character), then why play a game at all? Why not just stare at the floor. I don't know much about online gaming, but I would assume that the online cheats are possable because of cheats and hacks in the game meant for local, non-networked play. If they cut those out, it would be alot harder for cheaters I'd assume. Between that, and taking an active role in the online game itself (playing the game and catching cheaters in the act to kick them off), I think that games would be pretty much cheat-less.
--Forest C. Adcock--
Designers should write in the ability for users to vote off other people they think are cheating. Usually it's obvious that certain people are cheating and so some mod writers for games like Counter Strike have already written this in. If enough people vote that someone is cheating, they will get booted.
This should be taken a step further though. If a cheater has been booted off a server a certain number of times, their cd key should be revoked or temporarily disabled from the master database. Then they won't be able to play online anywhere instead of simply moving to another one of the 1000's of servers.
The problem is this could be abused. People could vote against a player that just happens to be really good, but from all the games I have played the really good players almost never get booted off. It's always the real obvious cheaters that get voted off.
Outdoor digital photography, mostly in New Engl
The fact is that games can not simply act as a glorified frame buffer and transmit keystrokes and mouse movements to a centralized server and then display the results with minimal computation on the client side.
To get around the limits of network connectivity available to vast majority of people developers have to allow the client to render the graphics and interpret the input and then send back the minimum that is needed.
While we all know that open source generally increases security, when you're dealing with people who are trying to abuse features you can't let them know all your secrets. Open source security assumes that the people working together want access to each other, but want to keep others out. The game security model assumes you want to let anyone in, but keep them from doing bad things.
Thus unless you move all potentially abusable functionality to the server side, open source gaming will be limited except for games which tolerate low bandwidth and slow ping times.
Nascantur in Admiratione. (Let them be born in Wonder)
I'm interest in making a game. How possible is it to defeat cheating by doing server-side processing of multiplayer game data?
Well, we have seen valve put in code with Counterstrike 1.4 that checks to see if your opengl.dll is correct, to stop people with cheats like OGC. However, this sucks for all those using wine, becuase wine uses a hacked version of opengl to run windows games in linux. I've been cs free for about a month now, as a result.
The real irony is, wine will not load cheats (as far as I can tell), so people using wine cannot cheat. I had a similar issue with Cheating-Death.
=================
Unix is very user friendly, it's just picky about who its friends are.
yea ... sure ... follow this link ...
www.slashdot.com/filter
At least in Return To Castle Wolfenstein, in the latest rev, 1.3(?) they added whats called "Punkbuster" which throws cheaters off of servers which are screening for cheaters.
I sig, therefore I was.
Okay, I can understand blaming cheaters and newbies for shitty gaming communities. But trolls? How do you troll Quake? By faking a limp and laughing at people who shoot you?
At some point, game developers are going to have to own up to the fact that they just make shitty games that are easy to hack.
Karma: Good (despite my invention of the Karma: sig)
The bottom line is that there are cheaters in every aspect of life, whether it be real or virtual. Game companies, much like governments, can only do so much. The rest of the problems people just have to live with. Virtual worlds will never be perfect and people will always try and ruin someone else's day.
=-=-=-=-=-=-=-=-=
Oh bother.
The main problem is that there is actually a rather strong, organised group of people out ther ewho distrubite exploits and hacks for online games, considering it their 'right' to cheat because they purchased a copy of the game. The problem is that when they do this they fail to take into consideringation the position of the other people who's gaming experiences they're wrecking.
Of course.. the difference between Man and Beast, when you get down to it, is being able to think about things frm someone else's point of view, so when you think about it, this shows you something about the mental state of the organised online cheater.
Even a Chimp can think about something from someone else's perspective...
The fundemental problem is that the game itself lies on the clients computer.... It is completly unfeasable to secure that program once it has been taken out of the shrink wrap...
Sure you can require frequent patches to fill the holes after release. Or maybe require a check-sum of critical files to play. Etc, Etc... But, there will always be people that are willing to figure out ways to by-pass it.
Just like computer security in general. You trade amount of security to functionality.
Heck. I remember when I had snake on Qbasic. I was 6 and had no clue about programming. But, I realized that Player1_Lives = 5 means something and I wanted to change it.. I understand that this is an oversimplified analogy that is completely missing the multiplayer side but, people will always want something for nothing and this is a way they can do it.
Probably the only way to completly secure a game from cheating is to make the client side as thin as possible but, of course the trade off is the server would have to work extremely hard (already a problem now, with server's designed as the thin ware)....
As solution will work itself out eventually.
I've played my share of online games, from the simple telnets to the varied mmorpgs. Technological and admin based solutions never seems to adequately solve any real poroblem.
You can boot players, ban IPs, reprimand, close servers, but the miscreants always find a way back in, because its an enjoyable game to them... annoying others.
The only viable solution I've ever come across is the social stigma. This method of self-regulations fails if the game doesn't implement a system of reliance on other players though. As long as several players are needed to band together to achieve certain goals, social stigma works.
Picture a mmorpg where you need 3 other players to help you defeat a certain barrier. There's no other way, its part of the game structure. If you're a cheater, others won't help and you're limited in your game play. Where's the fun now?
Game builders have to be aware that cheaters exist and really strive to construct game play in such a manner where players can self-regulate like that. Admins and code-limitations never seem to solve the real problem.
I don't think "Microsoft" and "hack-proof" should EVER be used in the same sentence again.
BAD, ZDNet! BAD!
mund freud.
Damn the Emperor!
I understand that having a GM be the final arbiter can be both fair and unfair, so are there any/many instances where a non-cheater was expelled as a cheater?
I understand the example in the article (fighting a guy with twice your stats) perfectly-
I went to a live action role playing event (LAIRE for those who know) and it SUCKED. In the first round of combat, in one hit, the "npc" character completely decimated me. Yes, they were given orders by the GM's not to actually kill anyone.
NOTE: this message is free from any comments regarding Microsoft servers as military grade.
In the future, I would want to not be isolated from my friends in the Space Station.
This is long over due since cheating in multi player games annoys everyone. If you want to cheat it is fine with me as long as it is a single player game.
I can see you you can crack down on cheating, most people don't like it, and would support that kind of action, but Trolls? How could you ever crack down on that without censureing(sp?)? I personaly like the /. method of moderation, because all the posts still show up, but we can choose how much crap we want to see. But how can you implement that in a real-time senerio? I don't see how without using server-side filters which people will object to, or client-side filters which has already been done before.
Sigs are out of style, so I'm not going to use one...oh wait..
And I wonder why? 'Slashdot.com' anyone? Seriously, these high-scroing posts are really offensive (to my intelligence mostly) and I just want not to have to view them.
Not being able to wait for Sony's version of an ethernet adapter, my younger brother and I went out and bought a Linksys USB Ethernet adapter. Being that the only online game thus far was Tony Hawk's Pro Skater 3, that's what we were playing. When we first started using it, we noticed people getting obscenely high scores. This was explained away on a few websites (and by players) as them just being *that good* at the game. However, a few online players conceded that they had gotten high scores by using a Game Shark.
The rumor mill has me believing that Activision (or whoever is running the game servers) is keeping an eye out for rampant cheaters, especially those using the Game Shark.
Another good move was that each individual server is set with a skill rating. For example, I absolutely suck at THPS3, so I would look for a lower skill level server. However, this doesn't keep cheating (or just exceptionally talented) players from coming in to these beginner's sessions and kicking everyone's ass.
I guess that was a little whiney. But it sort of takes away from the online experience when you know you suck, put yourself in a position where not being good at the game would be okay, and still have some ass clown rack up millions of points (legitemate or otherwise), while you're just trying to have some fun and perhaps compete a little.
mstyne: real name, no gimmicks
This has been a problem since counter-strike came out. How long did it take them to figure this out!
Reminds me of the first time I saw a bot on Quake. I remember playing on a server and then a new guy started. I ran up behind him to give him a little surprise and saw that he was just running straight with rockets firing off in all directions. I just sat there thinking WTF is going on. Then we learned you could type in "no bots" which kicked off the first bots before people started modifing them. Never understood the thrill of cheating like that.
I didn't know there were trolls in online gaming, except Ultima Online, and they're just an adversary, and I'm pretty sure they don't cheat.
I am the evil aardvark!
yeah, RTFM... or change your viewing threshold to something to keep out the trolls (1 is usually pretty safe), check of the "save" box and then click change. or you can get really creative in your user prefernces and edit your own weighting for different moderation selections....
"If I wanted your input on my pet project, I'd stick my hand up your ass and use you like a sock-puppet." - Muse
I think the solution would be the release of a program that functions somewhat like an antivirus software, that must be run in order to play public games (I'm thinking public CS servers, MMORPGs, etc) that scan for hacks, cheat programs or exploits. Sure, sure, bitch all you want about your precious privacy, but how many people cry about the fact that Norton AV scans their harddrive? not many. And yes, the cheaters, the dedicated ones, would figure out how to make their stuff harder to detect, but with regular updates, it shouldnt matter. I for one would be only too happy to let a program from a reputable game company scan my memory and perhaps my hdd to see if there are cheats, knowing that the idiots (must resist impulse to cal them '12 year old morons') who get their kicks out of breaking rules and screwing people are not going to be interfering with me.
Ideally, in games like CS or MOHAA, where an individual runs the server, it could be their option to implement this...if all the cheaters wanna play a game together where everyone can get headshots and see through walls, fine by me, but stay out of my game.
If you can't see the value in jet powered ants you should turn in your nerd card. - Dunbal (464142)
This kind of voting is already done. The problem is that people have CD-Keygen programs.
From what I've heard, open source games are easy to cheat with. If you can modify the source code then you can certainly cheat with it. This is an intresting area of thought and yes I have seen people cheat on open source games by modifying the source code.
$ yes >
My experience in a lot of recent games has gotten me rather jaded on the online gaming experience in general. I find it much more enjoyable just to play the single player versions of most games, or to play with trusted individuals only on a LAN. I wish more games would come with support for a wider variety of networking options.
-- Adam
on another note, PSO became unbearable to play online once all of the cowards with their game sharks started cheating. they ruined it for me. i seriously hope they do something about that for PSO2.
ps iddqd
idkfa
yeah, now im ready for the last board.
I want 2D games back.
The new 1.4 version that has CSGuard and HLGuard running says that I'm cheating when I try to play counter strike using winex on linux. I guess it checksums dll and when it fails it spits out that I'm cheating and I get kicked off of servers. Just another pain in the butt carried over from windoze land.. :(
grrr
Counter-Strike nick : neddy [TUX]
duping stuff in Diablo2 and selling it on ebay.
"A presentation for Xbox Live, Microsoft's online service for its game console, stressed hack-proof servers."
And we all know how hack-proof Micro$oft products are.
RIAA cracking down on song theft: bad
TV Network cracking down on Tivo commercial skipping: bad
Microsoft cracking down on security hole advertisers: bad
AT&T cracking down on cable theft: bad
Game developers cracking down on cheating: good
I wonder if people realize that sometimes Microsoft might actually be right - especially with regards to having a closed, "secure" system for Xbox online gaming (aka Xbox Live). Not trying to sound pretentious, but having worked in the online gaming industry for years, I can tell you from first hand that cheats and hacks are the number one issue with gamers - and more importantly, the reason people get turned off of playing online. There are a lot of good people out there, and if everyone was like them I'd be all for having a completely open anonymous system for online gaming on an Xbox. But this isn't the real world. Instead we live in a world where we need people to be accountable for their actions. You can't have accountability without some sort of identification - even if it's just an anonymous number. I'm all for gaming online, even with the Xbox, but I for one am hoping the Xbox *is* serialized, and Microsoft has the ability to lock out users who abuse the network - not by a transportable user ID, but by the system itself. Yes, I'm well aware of Microsoft's track record on security. But that's no excuse for them to not try. AV
It's not just the security of the servers but also the data packets. Authenticating packets as having come from the game itself not some hacking tool for example. Authenticating users is also troublesome, near-positive ID is needed to enforce policies. Relying on IP numbers and cd keys is insufficient. This topic is far more complicated than the article suggests.
Ouch! You slashdot editors are evil bastards! I don't wan't to end up like this!
And what about cracking the dongle? Like that hasn't happened before? Just store the maps on your computer.
You can't stop someone with tampering software on his own (or her own) computer.
Just, basically, dongles suck.
GNU guru and mainframe hacker
Games with huge numbers of people like EverQuest will suffer from a certain number of bad apples, just like the real world. They're ultimately going to need to rely on policing, technology can't solve everything.
Fortunately, many games don't have huge numbers of players. Quake games peak at a few dozen. Even as small scale games grow, there are practical limits that will keep size down.
There is a partial solution I haven't seen implemented yet: trust networks. To play, you generate a public key and share it with all of the other players. As you play, you mark other players as being friends. (You can also blacklist them, but it's easy for the other person to create a new identity, so it's only a very small part of the solution.) When you mark another player as a friend, your client provides them with a signature proving that you marked them as such. Then based on these networks of trust you can make judgements about who to play with. When you create a game, you might limit it to "my friends, my friends' friends, and 3rd generation friends if they have at least three references from 2nd generation friends." Maybe you leave a spot or two open for anyone to hop in on as a way to make new friends (and if they're a punk, you and your friends can blacklist him quickly).
This will make it harder for truely new people to make initial friends. Many gamers will know at least a few real-life friends who can give them a hand up. For the rest, they'll regrettably have to spend some time learning who they can trust. It's a shame, but it's just like real-life.
There are few details I'm admittedly handwaving (key revokation, special case exceptions), but they're all solvable problems. I'd really like to see a system like them when I play Quake, Half-Life, Diablo II, or Dungeon Siege online.
"Hello, thank you americans for buying our game. We do not feel like fixing the problem for anyone but our much respected japaneese players who we actually care about. Please continue to pay us for PSO v.2 so it will fix the cheating untill someone works arround it! hehe! stupid americans.. oh, what? it's still recording?"
Phantasy Star Online (Dreamcast) was a bust due to people cheating out of boredom who went mostly unpunished because the facilities to stop them were only implimented for Japaneese servers. When they did make it to the US servers, they were almost instantly defeated and still major steps behind the Japaneese counterparts.
Lots of people seem to think this was NOT how it was, but Sonic Team had NO INTENTION of making things easy on US players, all the way down to only accepting payment methods popular for Japan and not any other countries (No debit cards, for example), do I even need to mention the price for access in PSO v.2 was 2000¥ (up to $15 USD) for 3 months, sure, they sell the game in Europe and the United States, but the prices are only in Yen and not given an exact ammount for exchange rates. I think I was charged $14.63 and then $3 by my credit card company for doing the conversion. UGH.
So, new PSO players for other platforms, beware: Sonic Team has no idea how to write secure Client/Server enviroments.
Surely good design can defeat cheating? I know Bungie's Myth series was cheat resistant after a couple of patches.
From the article (ya know, that thing you should read before commenting on its contents):
Kick. Ass. I know nothing about this company or their games, but I like them already.
You cannot apply a technological solution to a sociological problem. (Edwards' Law)
Cheaters do have a right to ceat, on their own servers.
What pisses us all off isn't so much cheaters, as it is deceptive cheaters that try to take advantage or ruin other peoples' fun. Ceating is easy in almost all games where there is any client software at all. I would oppose any game that tried to prevent my use of my computer just like I oppose any os or application that tries to monkey with my computer.
This problem is very difficult to solve because all a player needs to do is outsmart dumb software. That's pretty easy. Everybody knows when someone is using a headshot bot in counterstrike, but it's a little tougher to notice cheaters who pay attention to who is watching and how obvious they are being. I quit playing CS because of cheaters.
Blizzard beat most of the maphack/exploits on StarCraft just by continually patching the software. I think CS and Half-Life should take a hint. Modify the code so that people can't exploit it... often. It's tedious to stack traces for exploitable code, and if the code changes frequently then it becomes very very tedious.
My $0.02 will always be worth more than your â0.02, so
Because nothing guarentees the data getting to their carefully guarded servers is valid if their communication protocol is weak.
Aim cheats have nothing to do with server stored data. It all has to do with the fact the classic protocols requires all players in the field to tell all other players in the field their positions in the field. If you can snoop the positions of people then you can calculate an accurate "from the hip" shot with merciless robotic accuracy. If an aim cheat isn't possible, then you can just snoop the data and realize where the other players are hiding and their positing.
The way to beat cheaters is to apply tried and true security practices. Don't trust that the machine on the other end of the connection is really a client(so don't feed it any extra data beyond what it should need to know to function). Don't blindly accept any data coming back from supposed clients(does the client really have "permission" do what it is telling the server to do?).
Protecting the data is a good thing but just like server farms just locking the machines behind a door isn't enough. You have to secure the lines of transmition as well.
Trolls and cheaters get a hard time on servers where there is a community of people who regularly get together. The best CS servers I have been on haven't relied on technology to keep the game clean -- a decent admin with the power to bitchslap is just fine.
For obvious reasons. This game is FILLED with hacked, crackers, cheaters and game exploiters. Why? Because the game makers (Turbine) doesnt control the servers. Microsoft does because they run The Zone, which is what Asherons Call runs on.
] .j pg
I play on Darktide, the Player vs Player only server. I cant tell you how many people will cheat or use third party programs to gain a huge advantage in PvP combat. Even if it takes all the fun in killing someone, perhaps a trick that instantly kills people with a click of the mouse, they'll do it!
Last November the server was hit with a major duping bug. Items, be them common or extremely rare were duped. People made thousands on Ebay selling them! Turbine and MS banned quite alot of people. Some were unjustly banned, and got thier account back, but some people (people who openly admitted to cheating) get thier accounts back too!
It goes even further, when the in game monarchies advertise on fan sites to join their clan based on thier hacking and cheating abilities.
This is a real ad banner take from Crossroads of Dereth (cod.xrgaming.net)
http://www.theblackrose.org/Shoei/Junk/gothax[1
They dont even try to hide it because they know Turbine and MS wont do a damm thing to prevent it. Yeah sure if the exploit is severe, they will hotfix it in a few days, but for most exploits, they can exist for months on end. The speedhack used in Half Life became incredibly annoying in Asherson Call, even though it wasnt designed for AC. Players were able to run up to others, kill them in seconds, then zip on off into the sunset before anyone could see what happend. And it caused so much lag, that even if you did know what was going on, not much you could do about it.
This is the main reason why I will NOT be playing Asherons Call 2. I just dont have any faith in Turbine or Microsoft in their abilities to enforce the rules they set. Got a name like "Cupid Stunt", you'll get your character deleted! Dupe a few set of ULTRA Rare, no drop, armor, sell it on ebay for 10,000$ and get banned for a month.
Game companies are looking to subscription fees from online players as a major source of recurring revenue in the near future, with leading games publisher Electronic Arts predicting that 400,000 subscribers will be paying about $15 a month for "The Sims Online" by the end of its current fiscal year.
i would sure hate to loose battle.net. the freedom of battle.net is the reason games like StarCraft and Diablo have lasted as long as they have! I mean, sure, it may cost money to run the servers, and all, but they could get more sales of the actual product if you didn't have to pay, and if people just stopped playing, they could release *gasp* a new version!
Still doesn't solve the problem. Even if you have a dongle, then you write some code that sits inbetween the dongle and the network that injects cheated packets and info to the server or lets you see more, etc...
(as a side note, all usb devices use more cpu then they should)
You will always be able to reverse engineer the protocol, it will just take more and more effort to do so..
Could encrypt the network packets as you send them, but someone can still patch the binary of the game to inject bad data into them.
Could encrypt the instruction code for the network play, until a valid key is obtained from a server, but then it has to be decrypted sometime, probably ahead of time to be good. Maybe if they implemented a hardware feature where you could give the processor an encryption key, and sent it an encrypted instruction stream, it would decrypt it on the fly. That would be hard to decrypt, unless the attacker were to get ahold of the key, then they could decrypt it.
Any way you look at it, someone, somewhere will be able to figure out a way around it. Social solutions are a much better way to solve the problems of cheating.
I play a lot of online MOHAA and trolls are as much of a problem as cheaters.
One of the most realistic ways to play MOHAA is with friendly fire on -- you have to know where you're chucking grenades and so on. However, it's nearly impossible because trolls will kill most of the team right at the spawn point. Some trolls block tight passageways or just play obnoxiously. In a full 8-user server, two trolls on one team can shift the balance of power so far its just not any fun.
Then there are cheat trolls that combine cheats with trolling behavior (noclipping under the road and killing people, for example) to be seriously obnoxious.
I don't know how you combat this, really. I think the best way would be enabling a kickban command that would kick a user from the server and then ban their IP, username, or both for a specified period of time. Banning IP blocks might be an option as well.
I know, I know, NAT, DHCP pools, etc etc will lessen the effectiveness of such techniques, but if you make it just annoying enough to troll people might stop and go back to making prank phonecalls or whatever they did before they messed with games.
There is an extreme case of a corporation trying to prevent cheating On that game that the US Army is developing, "America's Army" http://www.americasarmy.com , if you shoot a team mate, even if its only once, you get banned from the server immediately. This was in an interview which was posted on CNET a month ago or so.
Best introduction to the subject I've seen. Has things for everyone to think about and this was two years ago. I think games coming out now will have at least all these cheat prevention measures in them.
development.lombardi.com
From what I've read about the Army's promotional game, it's probably got one of the strictist anti-cheating things I've herd of. If you shoot too many civillians or ANY of your teammates, you're given a time-out, and if you do it a few times in a row, you're banned. Automatically.
As an aside, and I really hate to ask this, I still haven't figured out how to post a root-level comment. I mean, even the First Post-ers and gotse lamers can figure it out, but I'm stumped. Where's the "post comment" button?
- sig? who is this sig of which you speak?
Proxy cheats require 2 computers: the one you game on and a proxy that you connect to the server through. The proxy keeps track of what's going on in the game by analyzing the packets that get sent through it. It then makes adjustments (ie aiming corrections) to the packets as they are sent out to the server. This in no way involves breaking into the server.
The common transparency cheats are to a) replace the textures used on the walls with translucent/transparent ones or b) hack your video card's drivers. Neither of those affects the server in any way.
There's a multitude more of these types of cheats. I know because I used to run a decent Half-life and Counterstrike server. I got so depressed at the prevalence of cheating (and cheating accusations), I shut down the server and very rarely play any online games.
Monday is a horrible way to spend 1/7 of your life.
The other option (which I use) is to play on closed TCP-IP sessions. Online play for the most part sucks. If the cheating diminishes, the lag exponentially increases (even on my DSL line). Kind of a nasty catch-22.
The simple solution is to sell their damn server code and to stop harassing the open bnet project. However, that would screw them when they (inevitibly) move to a subscription system. Which will suck.
----rhad
Slashdot needs to interview Natalie Portman.
Yeah no problem. Just click one of the links in the parent post, and that should provide you with the information you are looking for.
Most of the servers I play on generally give a lot of respect to the good players. I think one thing that helps are programs that display player statistics, like Psychostats for C-S. This program collects 2 weeks of playing info on certain players which you can access via the web... it is an awesome system. Not only can you check out how you rank, but you get a sense of how other players perform. If I see someone on there with a 37:1 k:d record, obviously I am going to watch that person for cheating. You can also see the patterns that makes a player good vs. a cheater. Frankly I am surprised no one writes a statistics analysis program for these sorts of things... there must be certain player stats that spike or behave differently for certain kinds of cheating.
The moral of the story? Cheating not only hurts the newbies who want to get into some online games, but also hurts those of us who play often and occasionally show a glimmer of skill.
"I'm a leaf on the wind. Watch how I soar."
-Hoban Washburn
How can Microsoft turn its back on cheating? I mean, cheating, lying and stealing, that's how they got where they are today!
Please, Microsoft, give us the freedom to innova... I mean, cheat!
Monty Burns put it best, "Cheating is a gift Man gives himself!"
I agree. Playing with people you know is probably much more fun too.
The only other solution I see is a -- and you've heard me say this before -- a web of trust. Integrate game-matching / chat and a PKI. Players will sign the keys (this can be abstracted in the GUI of course to make it simple) of players they trust and enjoy playing with.
Then it is up to the players, some may risk it and play with anyone, others might only play with close friends, and the majority might opt for the middle ground and play with any player within some distance of the web of trust.
You could do a lot of things with this. A client could chose to play any other client based on the number of signatures and their age (trusting it even if there is no path to it), etc.
Belief is the currency of delusion.
I remember reading an article a while back about online game cheating. Seems like things haven't changed all that much in a couple years...
Comic Book Guy: "There is no Groening in my store."
Cheaters and trolls are making it harder for casual users and newbies to get hooked on the on-line versions of games.
If they got rid of cheaters, they'd just be losing an excuse. Hell, I've been accused of cheating when I'm having an "on" night, and I suck. In the end, a player that is playing far over the head of the others on the server can suck the fun out of the game as effectively as one that's cheating. If they are really concerned with playability they'll probably need to come up with some sort of skill rating, as well, so that games will be competitive. That and a killfile ability so you can avoid some of the crap that gets posted to chat by some, without missing the say's from other folks. Actually, a filter that translated variations of "ur momma" to "my momma" would at least make it more entertaining...
Consider a game like Unreal Tournament, Quake III, or Counterstrike.
Hook up a camera that only responds to the color of whatever you want to kill, connect it to the fire button, and point it at the cross-hairs.
This low-tech triggerbot will not be detected by any CSHP or UTPure, or PunkBuster, or whatever... and good players won't have any behavior patterns to look for (aimbot cheaters typically behave wrong... always pointing at the nearest person, for example).
Please don't feed the trolls..........
I don't know about the viability of this but allow the central server to snoop in on the data sent to players, if the client isn't responding correctly given the inputs (ie server registers hit but the client doesn't) you know that client is cheating and you can block their IP. The only thing I wonder is how to ensure that only the central server can access the incoming data. Any ideas?
I stole this Sig
*IF* we can detect cheaters (either by voting, or by server checks, or whatever), then I had an interesting idea occur to me recently.
If we detect a cheater, let them continue to play, but give the server smarts enough to 'funnel' that player quietly into troll-land. It'll look similar to the real world, but only cheaters are in it. The trolls/cheaters would never know the difference.
That way they can continue to play, but we also keep the 'real' gaming area free of them, letting the regular players enjoy themselves.
What can be really interesting is that a portal could be built into the world so that regular players could, if they really wanted to, go to troll-land to fight the cheaters, or rescue anyone who got wrongfully thrown in.
Food for thought...
Here's an interesting one. What if one of the developers nailed a cheater, or the creator of a cheat who distributed it across the net for clearly malicious purposes with a DMCA violation?
At the Hollywood Stock Exchange simulated stock market, there have been problems with cheaters for many years. HSX cheaters - called "manipulators" and "shills" - use information tactics and coordinated buying and selling patterns to dishonestly make HSX dollars.
Internally we have an "SEC", which consists of individuals who seek out cheating patterns in the trading data. We also get suggestions from players as to who may be cheating and how they are able to cheat. HSX Traders that are "guilty" of manipulation are fined according to set procedures.
One of the most interesting cases of cheating was when we received an AIM transcript of real-time cheating behavior. It read like someting out of "Wall Street", except with lots of net slang. We busted them and fined their accounts (after an investigation and due process, of course).
Despite the "threat" that cheating poses to the "civility" of a game community, cheaters and the interesting tactics that they use no doubt make online games more interesting. I often ponder about how to better design game play which can harness the criminal instincts of simulated market manipulators (for the betterment of the game).
As cool as this sounds, I do not think that unleashing 1980's style "media raiders" onto the trading community will ever happen at HSX. HSX trades are transformed into marketing data used by movie production studios, hence requiring us to ensure that game play is fair, and, generally, that trades reflect the real media preferences of HSX traders.
- James
When my buddies and I played together online, if we found someone cheating, we would just declare a hunt on them. Most of the cheats we encountered were "aiming" and "speed" oriented cheats, but being in a game with 20+ players with 2 guys cheating, it quickly became a "Hunt the Cheaters" which was a lot of fun for all of us. Usually after we ganked them a few times and they were no longer winning, they would drop out of the game.
The other one, provided you are hosting your own server, is just to boot and ban them.
It may be in the game producer's interest to keep the games cheat free, but there is little they can really do about it as people will always cheat, regardless of what we try to do to fix it. Socially(I.E. in the gaming arena) we can start making a difference. If you have never played with cheat free/ethically bonded clans, then you have not seen the impact this can have (plus their server's tend to host some of the most fair, skillful and action packed games).
-- You don't shoot to kill, you shoot to stay alive.
Even though this is a troll, it brings up a valid point. Which is: TOS and EULA agreements should be detailed BEFORE you buy a game. Wouldn't it be great if a NO CHEATING clause were prominently displayed on the outside of the box. Something along the lines of "Multi-Player play available over the Internet via {insert site here} as long as player doesn't cheat and abides be the rules of conduct outlined below; and via TCP/IP or direct dial to independant host connections." You may use the game as you like, but you may only use our matchup service if you agree to terms we disclose BEFORE you plunk down your cash. Everyone wins.
Don't moderate flamebait as Troll. Know the difference or you will be Meta-moderated.
Got great gameplay? Great graphics? It counts for zilch if you are not cheat-proof. And that is hard.
It's ruining BZFlag right now. A lot of work on an open-source game that is great to play. But cheaters arrive, and drive everyone else off the server.
Running everything on the server-side, with the game being a 'dumb terminal' is one fix. MtG:Online is going to be using that model. But this needs lots of servers with fat pipes to work. And is much easier in turn-based games than FPS.
If the client has some control, then someone will spend however long it takes to find a way to screw everyone else over.
YHBT HAND
Two words: Cheating Clans.
Many cheaters just don't care about the 'stigmas', but rather relish their negative reputations.
Typical situation on a shooter game when you have a TK on your team making your life hell: You start a vote but cannot get enough votes to kick the TKing a-hole off.
Why? Because in a lot of cases the other team doesn't give a damn about it. Especially if they've been getting a steady butt-kicking. Someone on your team who disrupts play and lets them all of a sudden start winning doesn't seem so bad to them.
About the only solution I've seen to this is to repeatedly announce "Since you didn't help up vote the jerk out you're gonna get a taste of it." and then switch to their team and proceed to methodically teamkill them until they get the point. It's harsh, but it works a lot of the time.
If you can identify cheaters from the server side, don't kick them off, just dump them into a dungeon. One where they can frag NPCs all day without affecting the other customers. That way, the cheaters keep playing, theyr're happy, and they're diverted from getting a new account and making more trouble.
It is kind of like ./ trolling where you do a lot of BSing and try to hide it. One can join a team with the intent of messing the game up for them. You teamkill members while trying not to make it look intentional, block passages and get in the way of the action, claim that you mistakenly hit "tell all" instead of "tell team" to broadcast your teams position and status, if friendly fire is on you use other ways such as pushing or knocking people into kill zones to kill them, etc.
The problem is if you don't let people cheat or pk they just find other ways to be annoying. They can chat bomb, grief kill. In diablo you just heard up enemies and put em near portals etc, in warcraft3 they can team up and then drop out in a 2X2 and let you get decimated by 2 opponents, there are endless ways to cause people grief in online games without cheating. Basically until there are no areseholes in the world there will be aresholes online, and to get their kicks they will find some way to ruin others experience. In any game more complex than solitaire someone can and will find a way to make in unfun for others. Guess people will have to learn to live with it online just like in the real world.
There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
From what I have seen, what is really needed is a bit of human intervention. Why not just pay a few people to play/pretend they to want to cheat and get them to report all the cheats and cheaters and have then have the cheaters kicked out of the game. It's not like it would be hard to find a few people who would be willing to sit at home all day playing a game for minimum wage.
Ignore them.
Yes, it's hard, that's why there are so many cheaters and trolls.
If everyone collectively stopped playing when they see a cheater or troll they would go away.
But unfortunately most players cannot tell good players from cheaters, trolls from newbies, and will keep giving the attention the cheaters/trolls want so bad.
The traditional form of that sig uses Solaris ping:
$ping god
god is dead
$
I've had enough abrasive sigs. Kittens are cute and fuzzy.
Thanks for reminding me why I quit playing.
Check out the concept of blessed binaries sometime. They are cryptographically signed, making cheating quite a bit more difficult. Can't connect to the server if you can't decrypt their challenge.
Using your sig line to advertise for friends is lame.
The problem with many of the restrictions placed on software to "prevent cheating" can result in limitations in use for those of us who don't cheat, don't game online, and wouldn't bother anyone by messing around with files.
A case in point was Sierra's ProPilot -- one of the few challenges to Microsoft's domination of the Flight Simulator market that came out a few years ago. Many people liked it, and, as sim pilots tend to do, they wanted to paint their own planes, design their own scenery, and the like.
Now Sierra claimed they wanted to release an set of tools to help you do this. But no -- other of Sierra's software at the time (specifically one of the Tribes, I believe, which at the time they were positioning towards heavy online usage) used the same encrypted archive format to store many of its runtime and configuration file. So despiute the fact that the flight-sim software developers wanted to release a nice set of (de/en)-archiving tools to all allow these user editing, Sierra was extremely relunctant about this because the same tools would allow users of their other games to cheat.
I think they need to stop trying to make cheating impossible and instead focus on making it unatractive. Focus on cheat detection, it's not easy, but I think it's a much more attainable goal than cheat prevention. If you can detect cheats then you can punish cheating. And if done right, that will eliminate cheating as a problem.
It's funny, cheating doesn't bother me half as much as seeing someone get away with it. Someone who cheats makes me annoyed. Someone who cheats but can't be caught really gets me pissed.
Science may someday discover what faith has always known.
this is primarily for games such as CS, MOHAA and Diablo II, but periodically the server could ask the client if it can "see" player X. suppose player X is behind a wall, or if player X is really an object far far away. if the client responds that yes it can indeed see player X, then the server knows that client is employing some sort of exploit and can act accordingly
of course, this relies on your client being 'dumb' to a good part of the game, tracking things and whatnot, but i'm not sure of all the techinical stuff
If you can't see the value in jet powered ants you should turn in your nerd card. - Dunbal (464142)
Shoddy code is the reason OGC works? Hardly. You can NOT trust anything on the client, and yet if the client can perform all the aiming and shooting for the player, how can you tell who's doing what? That's the real problem, and reactive detection is the only practical way to deal with it at this point... ;P
That, or me standing behind you with a baseball bat at the ready while you play.
Valve left the Half-Life code more "open" for a reason. Counter-Strike is the biggest. Mods don't show up often if you try to lock down your client code too much.
You hit that nail on the head.
PSO was one of my wife's favorite recreational activities until rampant cheating (namely item hacking and cloning) sucked all of the fun out of the game. She still enjoyed the social aspect of the game, but the gameplay mechanics quickly lost their lustre. She's seemed relatively indifferent to FFXI when I've mentioned getting it for her. Very odd considering what a Final Fantasy nut she is. I think the PSO experience has put her off on-line gaming for a while...
Game manufacturers had best pay close attention to installing cheat countermeasures or they'll find this to be a common pattern.
And it's the one that the designers of the open source multiplayer action game Netrek figured out from day 1. You accept that the clients will be compromised, and you design your server and your network model appropriately.
It's only very recently that commercial games developers are even beginning to understand this, and they're still not getting it right. For example, Counterstrike now attempts to check that your opengl.dll is correct. Fine, but that still relies on the client being uncompromised and reporting the correct number. That's a small barrier for a crackers with a hex editor.
They really need to get it through their heads: you can't trust the client. Every packet that comes in has to be assumed to come from a borg or robot client, and dealt with accordingly. What this means in practice is:
This isn't theoretical. I wrote a 'borg client for Netrek (bypassing the pretty darn good RSA binary check that still surpasses that in many commercial games), and found that it gave me at most a marginal advantage. It hardly effected my combat ability at all, and it made only a slight improvement to my strategic ability (by recording the limited information it received and making best guesses about what was actually going on in the game state). It certainly didn't spoil play balance like many FPS hacks do, and it didn't require any server fixes, because I simply could not exploit it very far to start with.
The reason why the Netrek developers understood all this was that it was open source (so it was trivial to hack up a client), and also that servers developers were somewhat separate from the client developers. The server developers could dictate the architecture and packets and the client developers had to work with what they were given. Contrast that with the way that commercial games development tends to get done, with the same people writing both server and client, with a mandate to get it working as quickly and easily as possible.
If I was back in commercial games development, this is the first change I'd make: separate the server developers and client developers, and only let them communicate through the code - and with the server guys calling all the shots. That sounds inefficient, but if you don't make the effort early on, you'll damn well have to do it later, once the problems are out there in the field. We need to fix the attitude endemic in commercial games development that there's never time to do it right, but always time to do it twice.
If you were blocking sigs, you wouldn't have to read this.
No matter what server I go to, I get my rear end handed to me on a plate, with a side of 'slaw!
At first, I wanted to believe that you were all cheating... you dirty rotten minks!
But, in all honesty... I really am that bad.
Last week I survived for more that 30 seconds... I was elated! Then 'ANAL-PLASMA-BABE' hosed me like never before, and insulted my still writhing corps
I have much to learn...
Above comment is personal opinion. Poster is not a spokesperson.
It's to the far right of the bar directly under the article which tells you what your current Mod Thresholds are.
Do not confuse duty with what other people expect of you; they are utterly different.Duty is a debt you owe to yourself.
just login to battle.net with the Diablo 2 Expansion. During the 9 months or so that it has been out, there have been several dozen major hacks, including several spree's of item duplicating (duping). Because of the widespread duping, the online economy is hosed, and you can often trade for one of the really nice items, only to have it disappear next time you join a game. There is still a bug utilizing the druid, whereby you cause all players within a small radius of your character to drop from the game. Unfortunately, they remain in the game for a few seconds after they drop, allowing you to easily kill them (this has been around for 6+ months). There is a map exploit out that gives you the full map, and shows all players and monsters on the map. It also removes darkness, and let's you see through walls. For a time, there was a bug that allowed one to raise their skills to unlimited levels. This would allow paladins to have auras extending for thousand's of yards, and doing damage in the hundred of thousands. Sorcs were similar. Some spells would have the same mana cost for each level, so at level 1, you might only do 5-10 damage, but at level 2039, you could do 29920-1929302020999302.12993891 damage (*slight* exaggeration).
And yet, Blizzard responds very slowly to reports of exploits, and does very little to those that do cheat. Recently, they banned some accounts, but that was a one time occurance, and it probably won't happen again. Part of the problem, is that the code base has grown so large, that the programmers can't review all their code, and QA can't test everything. Some of the fan websites list a number of the known bugs, yet they never get fixed. One of the bugs even makes it so that Barbarians always do double damage. This one has been known about since the last patch back in September, yet nothing has been done about it.
If you managed to read your way through this long rambling thing, I thank you.
I was wonderin when they where going to start cracking down on that shit. I stopped playing online counterstrike and Red faction because of those bastards. LAN parties are much more fun cause the people can actually hear the full inflection in the voice when you scream " Goddamn campin-cocksuckin-bitch!!!"
I develop bots as a hobby. My current project is an autonomous bot that moves from server to server (its playing right now actually). The main design goal is not winning (too easy), but rather tricking the players into thinking it's a real human. Most of the work was emulating the movement patterns/paths of advanced players. Initially I was going to have it talk back to people, but for now I just have it reply with random taunts. This is acutally pretty convincing.. many real players are jerks.
Next project is a clan of bots who will be competing in ladder play - where scrutiny is much more intense.
People might not like what I do, but I really don't care. Its more fun than playing the game, and the logs are hilarious.
Most online game are a big revenue generators for cheaters. I remember in Asheron's call where some items would be sold on e-bay for 50$ or more.
A cheater will find a way to duplicate objects to get money. Cheaters have a money incentive with most MMORPG that just doesn't exist in other kind of games.
The fun of crushing someone else is really just a small part of it. Money is the big one.
Your idea works well on the microlevel, for small scale (2-8) games. I envision an expansion of this concept to that which would work on the existing infrastructure of servers. Namely, addressing the policing problem of the public servers we have.
The problem with public servers is, although they have admin policing the servers for cheating, bans are entirely local. That is, if someone comes onto a server, cheats, and is banned, he can just go onto the next server for a fresh start. It'd be nice if one single ban could lock a cheater out from a larger number of servers, but that imposes the problem of SysOp trust: A corrupt SysOp can ban a number of honest players and screw them over royally. Obviously, a SysOp responsible for dozens to hundreds of servers would require a superhuman level of trust.
But suppose we took your idea and applied it to servers? Each server is connected into a meta-network that tracks levels of trust between servers and players, and servers and other servers. Each server keeps a list of the players they do or don't trust, with the distrusted players banned entirely. This list could be supplemented by the lists of 'friend' servers, which have proven to be reliable. Should the 'friend' servers turn out untrustworthy, their submissions can be yanked and ignored. Thus, a service that distributes SysOp trust.
Also, by keeping such a system centralized (or at least, the directory), a suspicious SysOp could manually look up a player's history and ratings of other servers. Should it turn out to be worse for worse.. *poof*
But then again, it's not like I'm motivated enough to code all that shit.
Moofius
I've been trying to hack reality for years...
Securing end client software has always been an extremely difficult problem to solve....
<Valenti>And this is why we need the CBDTPA.</Valenti>
Will I retire or break 10K?
uses a plug-in DSP board - to emulate that you would need a considerable amount of grunt... possible these days but not practical when it was most popular.
Even games which require the cd to run are a pain in the ass, especially when you play a few different games.
If a game didn't have to load itself from the CD or from the DVD, what would it load itself from? What are you asking for? A GameCube with a disc changer?
Will I retire or break 10K?
As for the rest of us, not all of us have available USB ports (in my case, I've got a zip drive and my digital camera cable occupying both USB ports), and I don't think a SINGLE game's dongle is worth one of those ports.
I have a hub occupying my USB port.
Why hasn't anyone pointed out the obvoius?
The point of the oh-so-disputed Bnetd project was
to counter cheats and trolls.
Set up your own server - invite your friends, and
kick out whoever you don't like.
So what M$, Blizzard and the others should do is turn the situation to their advantage,
stop selling server time - sell server software.
The more trolls out there, the more people will want to run their own server.
Maybe if they implemented a hardware feature where you could give the processor an encryption key, and sent it an encrypted instruction stream, it would decrypt it on the fly. That would be hard to decrypt, unless the attacker were to get ahold of the key, then they could decrypt it.
Smells like CBDTPA to me.
Will I retire or break 10K?
One of the best compliments I ever got on my Quake skills was being kicked off for being a reaper-bot. Nothing inflates your ego quite like the first time you're told you're too good to be human.
--Jimmy has fancy plans; and pants to match.
From a purely protocol/programming standpoint it would be *VERY* easy to prevent cheating in online games. Remember that the distributed data state of an online game is in every way a distributed database synchronization problem. Additionally, the portions of the database that are "useful" as a cheat are, in any game, relitively isolated.
(One simple version of) What you have to do is align the key data elements in contiguous memory in a platform independent format and then do MD5 (or similar) checksums on it. Every few hundred {your favorite quanta here} transmit the new checksum to the game server. If a given client participant's checksum is wrong then reset the client, if the client persists in "going bad" then a cheat has almost certianly been used and the client is ejected and barred from the server for some time (say two days).
Now, to work, the game designers will have to actually learn how to do a few things like a proper checkpoint of a real time database, but that is the cost of data integrity.
Consider "Starcraft". The two areas where cheats come up are "map cheats" (where after the game is in play, a cheat "tweaks" the local map to give the player an advantage) and "unit tweaks" (where the attributes of a unit are changed to make it faster, invoulnerable, more damaging etc).
Now consider: durring startup the server builds the MD5 of the map definition. Durring a "checkpoint cycle" the server starts a snapshot of the unit configurations for the target client. The client transcribes a snapshot of the working data (map and units), creats the checksums with an exact timestamp and sends those checksum and timestamp to the server. The server rolls its log to the matching timestamp and does a checksum. If they don't match then there is a problem.
Consider the "unkillable unit" hack. In order to spoof the checksum the chekpoint code would have to "back out" the hack to get the unit flags back to spec and somehow account for the "wrong" hitpoints remaining.
Now a first-order drirtive of the problm would be if the main server "noticed" that the "base hitpoints + points repaired - points taken as damage" values didn't match in the first place, the checkpoint would not be necessary. For that simple check the server would have to track those three numbers instead of just "remaining health". It would be one of those "why is this unit still alive with a current health of -1288 points?" kind of conditions. The thing is the "Starcraft" engine doesn't seem to arbitrate things at that level. If it did, the "unkillable unit" hack would never have worked in the first place.
Then again, the "total cost" of duplicating all the data instead of just "trusting" the client is hugely trivial compared to the cost of, say, rendering a frame of graphics.
So if the engine designers would treat the games as a true distributed dataset. (You know, do a little integrity constraint checking.) Learn how "real" programs solve these problems in "real" (as opposed to "toy") applications and apply that known technology to their games, the cheats would vanish into the noise floor.
That of course, would require the companies to take a little manpower from the front-side gee-wiz rendering problem, send that manpower to school to learn some hard comp-sci of the boring data-integrity kind, and then pay them to beef up that "user shouldn't ever see it if it is working correctly" part of their system.
Innocent people shouldn't be forced to pay for inferior software development.
--"Code Complete" Microsoft Press
Will you lot stop making it out that cheaters are some desperate for attention, glory seeking mentally Ill people? Ive messed around with OGC in CS myself, and you know what? Its just funny. I was just sitting having a laugh and wondering how the program worked whilst a bunch of nazis went mad telling me I must have no girlfriend and be a 33 year old loner and must never win at anything (all wrong). Get the friggin point! Cheaters are just taking the piss out of you. Why be their entertainment by going all irate and showing yourself up? Theyre just normal guys like you: The only difference is theyre having fun and laughing their ass off and youre not. And btw HLGuard/CSProtector/WhateverItsCalled does not work. I bound my mousewheel up/down to activate/deactivate the OGC aimbot (thus I activated it when aiming at someone) and nobody ever suspected me (atleast not when I was trying to be subtle). Disclaimer: I only tried it to see what its like and whatnot. The experience was valuable: I feel like my eye for cheaters is far more honed than it was before.
loply.com
having more secure protocols
Mallory can inject her code into the client application and crack any "secure" protocol unless the hardware is trusted, and that can only happen if Congress passes the CBDTPA. Do you really want to give up all fair-use rights just to prevent online gamers from cheating?
having the server not tell each client what others nearby are doing (unless they are in sight)
How will the server quickly determine, during each frame, whether enough of the other player is showing (i.e. not right behind a corner or hidden in a dark shadow) without having to render each frame itself? And how will a server tell a player with good natural aim from a player using a subtle aim-enhancing code patch?
Will I retire or break 10K?
You mean, two?
I don't think so. My printer and scanner are USB. Whoops, there go all my USB ports. My webcam is also USB, which means that everytime I want to use it I have to unhook either my printer or scanner. USB mice and keyboards are semi-popular (and standard on macs), and there are also USB joysticks, CD burners, and a whole slew of other things. If there was a game out that required a dongle to be attached to the USB port, I wouldn't buy it, simply because it's too much frigging work to unhook useful accessories just to play a game.
Y2K Compliant since the late 1890s
[corny_joke--]Since EVERYONE has broadband Internet, why don't game servers simply run instances of the game over VNC?[--corny_joke] Actually, on a serious note, IFF the game was played over a LAN or Internet backbone, and the server was powerful enough to handle the players, I think that WOULD be a neat concept to at least explore. Thin-client gaming!
He's good all the time, he knows the levels well enough that he snipes hiding places pretty much at random, killing people he not only couldn't know about but did not in fact know about. He pretty much can't play on any server he isn't admin on anymore.
The only way I can see to distinguish cheaters from good players is social. Set up LAN arcades in public places, perhaps next door to the laser tag parlors. Give everybody the same brand of keyboard and optical mouse. Install code-integrity measures on the servers and clients. Cheating in this environment becomes impossible. So what if playing against somebody in Japan requires actually getting on an airplane?
Of course, you'll have to sign agreements with the games' publishers to get permission to do pay-for-play (called "public performance" in copyright law), but those shouldn't be that expensive.
Will I retire or break 10K?
If a majority of the particular gaming community doesn't want you there (for whatever reason--you're cheating, you're an asshole, you unbalance their game with your "superhuman skill") you should be out.
Once you beat the game, you're banned from ever playing it again? Way to kill replay value. That may work for the popular first-person shooters, where anybody can throw up an expert-players server, but it doesn't work as well for the MMORPGs where one entity often controls all the servers.
Will I retire or break 10K?
Back in Nam, we employed "camper" techniques... Called ourselves Snipers and yeah, both the NVA and the VC whined about it, but it was part of the game, and they grudgingly had to accept it.
Cover and concealment are vital tools in survival, and if they're good enough for real life, then by God, they're good enough for online games.
I've made many cheats.. I started with Quake2, went to Halflife, and am currently making cheats for Quake3, quake3 mods, and quake3-derived games (rtcw, jk2, sof2). I've made both client hooks (like ogc), and opengl passthrough driver aimbots/wallhacks. I've made cheats for both win32 and linux. I've bypassed every anti-cheat known. All of them have been a joke, except perhaps Cheating-Death for counterstrike. The worst anti-cheats were of course Punkbuster and CS/HLguard, both of which barely worked.
I barely use my cheats online, and I don't release cheats to the public so some 12 year old punk can use them to annoy people.
So, you may ask why I make them in the first place. I do it because it's a good exercise of programming. Usually game developers try general tactics to disable cheats. It's fun to bypass these. In general, there is almost no way to make a game cheatproof. The closest I've ever seen is Cheating Death.
So, if any of you are interested in cheat programming, I recommend you visit the ClientBoard forums.
...maybe they will actually do something about it."
Yeah, it's too bad the game industry didn't have more money. If they did, they'd be able to pay to have something like the DMCA or SSSCA enacted against cheaters.
_______
2B1ASK1
The servers at NerdTreeHouse do an excellent job of detecting and banning cheaters. The resident CS guru, Village, really stays on top of things so people that play on the N.E.R.D. servers tend to return.
My roommate got a copy of [Tribes] 2, but failed to read the system requirements on the box.
At least it's not like id's Doom 3, which some have said will require a Pentium 5 or ClawHammer processor and a GeForce 5 video card if you want to get anything over 15fps at 240x160. (For comparison, the display of the Game Boy Advance system has 240x160 pixels.)
The preceding post has been brought to you by Exaggeration Enterprises LLC.
Will I retire or break 10K?
Cheat protection has all the same problems as copy protection, and is just as difficult to get working.
To recap a bit from other discussions: Let's say we have Alice and Bob that want to communicate securely. Say Alice is the content provider, and Bob is the consumer.
There are a number of ways for Alice to get content to Bob without Charlie being able to modify it. They could use private communication in close proximity in either Alice or Bob's location, use a previously-agreed-upon secret key, use public-key encryption, have a trusted third party validate the end result, etc., etc., etc.
Here's the problem with both copy protection and cheat-proofing: BOB IS CHARLIE.
Throws a wrench in the works, doesn't it?
To illustrate cheat-proofing problems: Alice (the game server now) needs to be sure that Bob (the game client) is unaltered, pure, or whatever you want to call it. Bob needs to send some bit of information without Charlie altering it. But BOB IS STILL CHARLIE. Argh!
Also, in the case of a client checking itself, Alice, Bob, and Charlie are ALL the SAME ENTITY. Rather sticky, no?
I got my Linux laptop at System76.
Most of the cheat programs for the current crop of MMORPG's simply take over the network stream and insert their own, valid commands.
That's because EQ, UO, etc. are real-time games, susceptible to the same MITM aim-enhancers as first-person shooters such as Counter-strike and Tribes. FreeCiv, on the other hand, is a turn-based sim game, which removes the twitch factor that machines are so much better at than humans.
Will I retire or break 10K?
They are cryptographically signed, making cheating quite a bit more difficult. Can't connect to the server if you can't decrypt their challenge.
However, an experienced cracker can potentially insert an exploit into printf() and other functions of libc. Even if libc is static, a cracker can still attack the kernel. Neither the kernel nor the BIOS is blessed unless CBDTPA passes.
Will I retire or break 10K?
This article beautifully summarizes the conditions of cheating and where the online game companies have dropped the ball. Its one thing to prevent hacking. Its not EASY to do so, but with proper security auditing, it can be done.
In-game cheats are much more difficult to control and eliminate. Most of them require actions that no legitimate user would ever make, but the software is so complex, with modifiers upon modifiers, server crashes, timewarps, multiple game servers that have to pass user data from one to the other, etc. The chances of finding EVERY problem is slim. And while the obvious holes need to be patched, the only surefire way to stop cheating is to make sure the users won't do it.
DAOC has it right. There is no tolerance for cheating. You can't do it accidently. You intend to do so maliciously and therefore you're gone. If all the users realize that if they cheat they will be caught and they will be permanantly banned, then it will discourage such activity in the long run. Trolls of course are a different issue. myg0t and other losers have made it their sole mission in life to take pleasure in the misery of others. Groups to find honest players might help weed out some of those as well, but its difficult if you can't 100% control the people you play with. And people can easily ruin the gaming experience for someone in ways that don't violate a TOS.
For instance, in Ultima Online, there was a huge PK problem. While they were annoying, at least they generally played within the bounds of the rules, but not always. However, the real problems were the looters that had a notoriety which "protected" them from the good players because attacking them to protect a fallen comrade or to keep someone from robbing your house. They might have fixed it in future versions, but the whole idea of assigning notoriety to help people identify the good from the bad completely defeated the purpose of using it in the first place. Life would have been better off if there was no notoriety at all. People would learn quickly enough who was good and who was evil. And if you encounter some stranger on the road in real life you have no idea if they're good or not. And so should it be in the games. Let people police the game themselves. And when you encounter some random traveller on the road, you SHOULD be catious. And there can be skills to determine if that person was recently involved in a battle, and maybe even who it was they attacked/killed/etc. But this would be far better than being punished for protecting what belongs to you.
-Restil
Play with my webcams and lights here
I'm suprised nobody mentioned the US Army games more. They are including some really cool features that don't so much prevent 'cheating', but prevent stupidity, which is just as bad for the online game communities. @$$holes can quickly make an online game almost umplayable because of their stupid comments and antics.
The US Army games are going to counter this with 'realistic' features like extream punishment for a player who shoots a civilian, an ally, or a player on the same team. Things like this can get you banned for life from the server, or can get you 'locked up' and have to wait for your 'court martial' before you are allowed to play again.
I think reducing the amount of loosers who call themselves '1337' and make the game less fun for everybody would be a good start to improving the quality of the online gameing experience, especially for newbies.
Another way is if you kill more than X teammates, you get kicked, or kbanned for a period of time.
Then how will people who just bought a copy of the game yesterday and don't yet have full control of their input devices be able to play? How do we distinguish trolls from legitimate newbies?
Will I retire or break 10K?
Its one thing if your cheating on a game that you have played through at home single player or multiplayer BUT its another thing to mess with games where if your playing for awhile are actually WORTH TANGIBLE MONEY
With UO oe EQ if youve built yourself a nice little house and cottage you could sell it on ebay for quite some CASH - now if all kinds of hacks come out for UO or EQ it makes that house and cottage worth dick again
I for one am down for getting PAID for my gaming habits and if you try and fuck that up your stealing from me - IMO
Ave Molech Setting
The ZDNet article is missing the link to my original article which is what lead the news.com writer to interview me.
I can see why they left it out though, it calls a lot of the people they interviewed in addition to me names. ;)
First off, I'll start by saying that I AM a casual online gamer and have had a number of bad experiences with cheating. In fact, I ONLY play with direct connections to friends because of these problems. Quite frankly, I have been burned badly enough and often enough that I WILL NOT go online to play in a public game -- whether it is free or not. I've tried many times and have given up -- this really sucks since it seemed to have great potential. Here is why...
My first online game experinces was on Yahoo Games. It looked interesting: meet new people, have some fun. I was a newbie, and so, went to the newbie area. I a game of cards seemed like fun but was dropped out of the game (lag). When I returned to the server I was chased and verbally harassed (with swears) through 3 other card games. I've never been back... and will never go back.
Sometime later I regained my curiosity and thought I'd try Diablo online. Foolishly I took a high level character (can't remember how high, but had made it to hell difficulty) online and was killed instantly (twice! once in town!). I didn't know anything about 'hacks' then and persisted thinking this was due to server lag (or bugs). Then all of my equipment was stolen after a healing spell was cast on me. No backups, so goodbye all the effort. That was my last Diablo I game online.
The pattern seems to repeat itself with frightening regularity: Quake II: dead, dead, dead and dead again), Unreal Tournament: similar to Quake, Starcraft: rushed (after making no rushing agreements) and had defences repelled by infinite numbers of enemies and attacks that failed even with overwhelming technical and numerical superiority, AOE 2: faced impossible tech advances and armies, Diablo 2: PK'd in no-pk mode. The list goes on.
I make no claims to be an expert player in these games and would have no problem being beaten by a better player -- I find that's often the best way to improve! But, I have taken efforts to use the newbie areas to find other newbies to play with. Unfortunately, cheaters look at these areas as their playground too!
I give up. Too bad, it could have been fun.
-First, most of the cheating has no long term major bad effects on other players. In most of the online RPG games the bugs were usually about someone finding a way to duplicate gold or items. Sometimes players found ways to kill, steal, or trade unfairly but those are usually fixed quickly. The leftovers are the small bugs and balancing that are always controversial.
-Second, the game is constantly alive and evolving, which makes it impossible to catch every bug before it goes live. No one will every fix every bug and kick every cheater without reading minds. (If that were possible then Neo and Morpheus wouldn't have a chance!)
-Third, if you are greatly concerned about cheating in a game it's because you have invested much time towards playing it. The players that devote much of their time to the game will always have a far greater advantage over the casual gamers. The ability to be good (or better than average) at something is good enough for me, because there will always be someone better (if not now then in the future).
-In the end, after you retire, you won't really care about the cheaters from years ago and instead you'll remember friends, accomplishments, and the few times you pulled off some sneaky maneuvers.
The fatal flaw with ranking and voting systems is that they only work well with regular gamers. As a newbie, that would be the kiss of death -- all it would take is a cheater using a hack (or some other technique, like a new account, character or serial number) to circumvent the system. I've experienced this problem firsthand (with starcraft, IIRC) where the server ranked players (by victories or losses) using their account. Cheaters would create new accounts and go after newbies (like me). This really discourages you from returning.
The more people cheat, the less people want to play games, and the more productive their lives will be.
Yeah that's good right?
eTrade SUCKS
It's called a "USB Hub," and someday, somebody is going to invent it, and you'll be able to find one at any consumer electronics store, and all will be right with the universe.
most the "good" stuff in the game you need a lot of teamwork to make happen. This is why the big guilds rule - they have a larger pool to pull people from.
While there are things that can be done to prevent cheating, there are always "false positives." I know of some really good Quake players who have been booted for being "bots" because they have good accuracy.
I personally tolerate cheating in a non-tournament setting. If someone wants to feel l33t by cheating and CounterStrike, let him. It is just a game.
"You spoony bard!" -Tellah
Ummm... At the very top, above the first comment, there is a section of drop down boxes, a checkbox, a "Change" button, and a "Reply" button.
That "Reply" button is the "Post Comment" Button.
Not a very good location or name, I'd say.
Somebody seekms to be cheating, you watch them. If you catch the,impliment the security procedure for that situation.
Hire people to police in game, and look for clues. Hey, that guy has an 80% hit ration, while every on else has a 30% hit ratio. Maybe they're just that good, so watch, collect evidence, then prosecute.
You must also give the players a means to contest cheating acusations.
Of course all this costs money, what they really want is "how can we stop cheting for little or no cost"
that is a different animal, which boils down to, watch everybody, scan hardrives for files that imply cheating. of cousr your customers won't stand for that(nor should they).
SO what you have is a half ass way to try and prevent cheaters that stops nothing, and oonly pisses off non cheaters.
The Kruger Dunning explains most post on
- using strong security (cryptography, code signing, frequent patches, etc.)
- some sort of booting (by vote, by cheat-detectors, etc.)
Either way is not completely effective:- there is a trade-off between security and functionnality
- cheaters could create bot-players or/and aggregate in cheaters clans
Here is an idea I haven't seen yet.This would be a mix of technological and social solutions. Of course, the idea need to be careful analyzed. Here are some considerations:
One thing I'd like to see is more open "AI"/bot APIs in games. While I agree that using a bot in what is ostensibly an all-human game is somewhere between pointless and shameful, I think bot tourneys and "cyborg" (bot-assisted human player) tourneys have their place as well, especially in games outside the FPS domain. Bot tourneys in particular are well established in chess; why not in, say, RTS?
...when you're writing a game...tweak the difficulty of "Easy" to something [your mother] can cope with. -- onion2k
i built and run edrugtrader.com (now moving to better colo facility so don't try to hit it, its down)
i built the game from day 1 with "how could someone use this to cheat" in mind. if MMORPG developers don't have that mindset their game WILL fail. redundant and flamebait, mod as you wish.
MARIJUANA, SHROOMS, X: ONLINE?! - E
Or for other multiplayer game for that matter. You did it to stop them from cheating, fine. But in these games, especially the ones with many players, there is always the grief element
Grievers like nothing better than to ruin other people's game. For them, it's not the winning, it's knowing they caused someone else discomfort. Many who have played MMORPG's will know what I mean. If they find how they can crash the server, they cheerfully will.
In the words of Richard Garriot: "The client is in the hands of the enemy". In other words, leave nothing in the gamers hands. Self policing like you did, peer ratings like some suggested, all that stuff will not work. As opposed to real governments, and contrary to popular opinion here, these game worlds need a very strong central authority, and rules enforced with an iron hand. That authority rests with whoever runs the server: the game company, or a game master
If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
Speaking just for myself, I usually have no problem with campers. As long as they are standing still, trying to ambush me while I'm expecting an ambush, THEY are the easy target. However, in games where people are dead until end of round, a stubborn camper on the team who is supposed to be the assault or attack team reduced everyone elses fun. Because they end up being the last person alive on their team hanging back at their spawn, not trying to achieve the objective waiting for the last defender to walk into their sights. So 18 dead people watch them sit for two minutes while nothing happens while the last defender defends the objective and time finally runs out. That isn't fun, that isnt' playing the game.
Don't moderate flamebait as Troll. Know the difference or you will be Meta-moderated.
Here we have a truly rare specimen, the meta-troll. Notice how it lambasts the mislabelling of disruptive players as 'trolls', points out the traditional definition, and demonstrates it as well by inviting a storm of irritated replies from unsuspecting slashdotters.
:)
-- jhantin, posting anon so I don't get slammed for being offtopic or feeding a troll
How to stop it?
The usual problem is that the client software is untrusted, so you can't do anything unless you take a netrek like approach and design the game with non-instant weapons and then clamp down data transfer so bots can't see more than humans and perfect aim doesn't help.
That sucks because it doesn't reward good aim, and we're limiting weapon design due to some technological limitation instead of a legitimate game play problem.
What if you changed the equation and made the client software trustable?
My proposal would be to have the game engine take a dynamically loadable module for the networking and security checks.
Have the module by crypto-summed and verifiable, have it verify the client, and have it control the network interaction (all encrypted itself).
Now set the server up to generate these modules on the fly for each map, and force the player to download it on each map cycle, thus getting a new encryption seed/key to protect the network tunnel (no more proxy bots!), and constantly verifying the client (no client side hacks!)
I think this is a lot of hand-waving, and may not be possible, but OTOH, it might be. What would be left to do to plant a seed of trusted code on the client and then leverage it to trust the whole client?
The hackers, trolls etc... will still find a way to crack the software no matter how complicated it will be to do and it will just be harder for the casual users and newbies to cheat. At least now the newbies can fight back and cheat just like the hackers/trolls.
Yep. The hard core gamers are the ones that cheat. That's what it's all about. It's just like in real life. People take viagra and get breast implants, and none of this is fair, either, but if you're out to win, then you should take any and all opportunities to do so. But if it involves actually killing other people or something similar, you might want to check whether it's illegal or not, because you don't want to get thrown in jail or executed, because then you'll be a looooser. Cheating on your spouse is ok, too, because everybody does it, and it's only a problem if somebody finds out.
So, I say go ahead and cheat. If you can't beat them, join them, right? So, all online multiplayer games will eventually evolve to the equivalent of nuclear war. You press "fire" and everybody else in the game dies, except for you. Of course, everybody else has the same power, so you've got to be the first one to hit "fire". The games will be pretty short, and not all that interesting, but hey, that's what it's coming to.
Physically, you'll look like those people playing the slot machines in vegas, just clicking, and clicking, and clicking away at the button as fast as they can. But since this is on your computer in the comfort of your own home, you'll eventually figure out how to download a program to do the clicking, clicking, clicking for you,and you can just leave your computer on and go off and do something else more worthwhile, like sleeping with someone else's girlfriend (or guyfriend).
But seriously now, I would have liked for Intel to continue to put serial numbers in their processors, because then what you could do in a game like CS is blackball individuals instead of IPs, and there could even be a central blackball list on a main server, where if someone got blackballed from, say, 4 servers, then they'd be blackballed from the game entirely. Until they got a new processor.
I mean, who's afraid of having a serial number on their processor? I have serial numbers on just about everything else. Heck, my mouse's serial number is LZB6242191, and I don't feel violated by THAT having been made public. If you've got something to hide, then you must be a bad person, like a terrorist. That's how I see it.
(Background: Somebody hates it when the game's original storage medium is used as a dongle for the game because (s)he doesn't want to swap discs all the time. I responded by asking "what do you want, a disc changer for your game console?")
I think he's talking about PC games.
A dual-layer DVD-ROM disc can hold 8 GB of data. A low-end to midrange PC typically comes with 40 GB of hard disk space. Are most players willing to devote 8 GB of that to storing a full copy of each game they play?
Will I retire or break 10K?
Wow, been a while since I've thought about that. Have a lot of good (and bad...) memories as Opus.
My first exposure to widespread cheating was playing StarCraft on battle.net, when in just a few seconds into a 3 on 3 game, all 3 of the enemy players would charge into my base with a massive zealot rush, and I don't care how good of a player you are, you're not surviving an early game zealot rush by 3 players. I always wondered how they knew exactly where I was before even exploring the area...very frustrating. It seemed whenever Blizzard released a patch, this type of early rushing behavior would stop-- for a week or so, then start up again. Then once I learned of the widespread use of the map hack, I had to get it-- not to cheat, but to level the playing field. Sort of the old balance of power thing. Blizzard would never mention addressing the map hack in their patch release notes, but obviously a new map hack would be out within a week to circumvent the latest patch. The cheating was so insane and widespread, that before playing with strangers (when lounging in the pre-game chat room) I actually encouraged them to find the map hack and install it. Most of them feigned ignorance of its existance (yeah right).
So how does your cracked kernel decrypt the packet?
Classic man-in-the-middle attack. Watch the game in a debugger to discover the protocol, and then patch an aim-enhancer proxy (or whatever) into the kernel's TCP/IP stack.
Will I retire or break 10K?
I played Descent 2 for a long time on Kali, and there were always lots of cheaters. No need for Interplay to crack down.
Come on.
The fact is, most people don't use the hacks, thus its not a serious problem. Of those who do use the hacks, many of them only play against other cheaters.
The solution is to give the host of a game -- the person who started it -- the power to kick users out of the game temporarily or permanently; also give them the power to permanently ban IP addresses from that game.
I played Descent 2 on Kali for about 5 years (now I play Descent 3), and cheaters were never a serious problem.
Also, everyone seems to accuse you of cheating when you're just better than they are. "You move so fast in Descent, you must cheat"; "No, I just use triple strafing: travel in 3 directions at once".
social sciences can never use experience to verify their statemen
I'm a big Grand Prix Legends fan, and there is a pretty big community that has built up in the past three years around this game.
It's a racing sim, set in '67 and the cars are vey very difficult to drive. Cheating is really easy, there are programmes used to make new (slower) cars that could easily be used to make faster ones too, and no-body would now. The ranking system relies on a text file!
Yet no body cheats. The game requires a fair amount of skill, and by the time you've learnt how to get the car around the first turn, you've giben up on the idea of being a cheater or a troll and become an addicted player.
So perhaps the games people need to make better games, ones that take a few weeks practise to do even basic things (think how long it would take to learn to shoot like a sniper) and people might care enough not to want to cheat.
One possible answer is dumb terminals.
Once broadband gets the speed and latency necessary to run a videophone, it'll be enough to run games as a dumb terminal. Online games could, instead of storing and running the game on the player's local computer and sending only the most critical data over the line, run entirely on the server, sending only I/O data over the line. The code would reside and run on a few dozen servers under the developer's and publisher's control, rather than on millions of hard drives out of their control.
This would not only make cheating hard but it would also make copyright violation hard. It would also go against how people like to use their PCs, so this system would probably run on some living room box that AOL will rent to you.
And the anti-cheating organization? Come on. Don't these people have lives'? Its just a game. Lets not bring this to the level where we destroy the game because we take it so seriously, which sucks the fun out of it (prime example, chess). Also, many non-cheating players have no problem playing with players who use cheats.
When I played Descent 2 on Kali, I used to play against some of the people who had hacks so they could fire two EarthShaker missles at a rate as fast as Gauss cannons. It made me better, and was fun.
social sciences can never use experience to verify their statemen
Seems like you could eliminate a good portion of the MMORPG cheaters by imposing real-world penalties. Like, say, $75 per offense after three warnings. This would be particularly effective against twelve-year-old scrubs who need to learn that anonymity isn't a blank check... and whose parents are probably not thrilled with the $15/month fee in the first place.
Of course, there are obvious obstacles, else we'd have seen this done already... I suppose even a single false positive is unacceptable (for public relations if nothing else). But you don't need to nail every cheater; you don't even have to come close. Stick to verifiable, airtight cases -- by keeping logs, for example, to complement the human GMs used today -- and then make big, flaming examples of them.
This wouldn't replace technological solutions. Ideally, it would bring the amount of cheating down to a level where anti-cheats could be more targeted and perhaps therefore more effective.
I wonder if this might be inviting lawsuits... but considering the Evil that's already present in the typical EULA, I wouldn't expect any problems. IANAL.
---
Dum de dum.
Freedom is not the license to do what we like, it is the power to do what we ought.
With both Opengl and DirectX, that would require a depth read from the graphics card's vram. This is sloooowww. It would cut a games' fps by more than half.
Check out the manpage for glReadPixels, for example.
"Considering that on-line gaming may become the major revenue source for game makers over the few years, maybe they will actually do something about it." It seems you could proofread these things before you post them! What sense does "over the few years" make?
Game publishers are obviously listening.
Interesting how they are always listening when it's 400,000x$15 per month, isn't it?
They often weren't listening when the Sims was being pitched, by the way...
Just an observation...
Hmmm yes.
This is possibly the best method I've read so far, as I've had the same idea before, this is possibly the only method that will make it agonizing for the pranksters out there to get around.
With encryption in place, man-in-the-middle is avoided...
Are you sure? Man-in-the-middle problem is a LOT harder to "fix" than just introducing encryption. That's the whole issue with online bots, and such: there is no easy way of making sure you're talking to the authentic client or to some proxy (I think John Carmack even said something of the sort in one of his .plan updates). Only decently workable way so far was to keep the communication protocols secret (and encode data to make it hard to figure out from just sniffing the packets), but that hasn't worked well anyway.
The client can always be decompiled (no matter what licensing you put on it) and encryption algorithm extracted, which would enable a custom program to make a totally authentic connection to the server. No way to prevent that.
"If anything can go wrong, it will." - Murphy
This is more than fair, and actually makes sense from a realism perspective. Real armies have to obey rules of engagement, why not gamers playing a military FPS game? The more I hear about "America's Army" the more I like it. Good going, Uncle Sam.
Knowledge is power. Knowledge shared is power multiplied.
The main enabler of cheating is poor protocol design.
Thus the main people to blame are the kiddies who are writing the games without adult supervision, so that the protocols don't have holes.
If you keep all the data on the server, it can't be manipulated; this was the big problem with "Bolo", and why, when I cloned it for X Windows,
I changed the protocol. The AppleTalk version used a "turn token", and the consensus reality was modifiable by any of the clients -- there was no server. Netrek was my model for the server
protocol, but it had its problems, as well.
One of the issues that a server designer needs to consider is the "reveal". A lot of games, e.g. Quake, etc., send all position information down to the client all the time. They don't take into account visibility. Because of that, position information on non-visible opponents is revealed to the client, which is then trusted to not expose it to the user.
Assuming that you close all the protocol holes, keep the state information on the server, and permit clients only a restrictied "view" onto the data that would be visible to them (e.g. making the walls transparent doesn't give you position information on opponents, because the information isn't sent to you if there is an intervening wall), that leaves only "bots".
It's always going to be possible to put a man-in-the-middle between the server and the client, if only for your client. This means that, even without source code, your aiming can be uncannily accurate, as can your choice of weapons, and your decision to fire.
The only thing that can avoid this is crypto between the client and the server, and that won't work.
Some people claim that it won't because of the overhead of computing crypto at the server; there are SSL proxy and VPN hardware that makes that into a lie, until you get up to several thousand clients, and then you can always gang the hardware to add more clients.
But. As long as the protocol is proxyable through a firewall, it will be subject to trivial man-in-the-middle attacks. Likewise, any technique (e.g. "blessed binaries", ala Netrek) that attempts to communicate over such a link can be man-in-the-middle attacked, if only by making the proxy into a client and a server, instead of a mere transcoding device.
So the best you can do is trim it down to "bots" with incomplete information.
That would still be a heck of a lot better than what's out there today.
Kids these days just don't understand protocol design. 8-(.
just for you
your brain will thank you
it's not troll and exploitors who make the game hard. it's the gaming companies responding to exploitors and cracking down. bugs like "dupes" and instant skill gain don't hurt anybody. but instakills and othernonsense
unless of course this isn't talking about mmorpg then well i guess it does matter.
plus i hate newbies so screw em
...to have enough admins so that there is usually one on a server, and after certain regular players on a server have been there long enough to determine whether they have any common sense or not, make them admins too, and ID ban anyone who cheats. I know a few servers that are run like this and they are by far the most fun for me the player, as well as being the most popular (and populated) servers.
My blog can kick your blog's ass
Same results in RTCW multiplayer as well, trolls and jerks blocking doorways, spawn-killing, shooting teamates intentionally, mouthing off in the chatline. Also the opponment using a flamethrower and going to his enemy's respawn point and flaming everyone upon spawn, I've only played this game for a month and half and I've seen it all already.
An online game that I've been playing for a veeeery long time (Tanarus) used to be subscription-based, went free for a year, and has just in the last month gone back to a Pay-To-Play model.
Why?
Well, server costs and bandwidth costs, sure. But, this game is 6 years old, so the server costs are SIGNIFICANTLY less than they were when the game was in open beta in 1996. And, this game is owned by the same company that makes EverCrack; they've got bandwidth to spare.
Business issues aside, I think the major reason they went back to a Pay-To-Play model is that the cheating was getting out of hand. We see it in every other game; the older a game is, the more the code has been hacked, and the more cheats there are available. Verant wasn't terribly attentive to the Tanarus community once the game was released comercially, but one thing they *did* do was to issue regular patches to block cheaters. The big problem was, they wanted to just set up the server and move on to other things. However, the cheaters required them to commit some ongoing development time. And this past year, the cheating has been worse than I've ever seen it in the game.
They dealt with the cheaters in a very direct manner -- they canceled the person's login account, erasing their scores, and banned their IP when possible. The big problem was that most cheaters would simply recreate another free account, and use a different IP to log in (obviously, not a problem for dial-up or most cable modem users). I remember one guy saying that he had been banned 36 times in two days. Yikes!
The solution for Verant was to crank up the subscription model again. They aren't charging that much ($7/mo., but they bundle two other games with that). Credit card is required, no checks and no debit cards. Immediately, most of the unsupervised kids are gone (for better or worse) since they don't have CC's. Secondly, no spoofing of account information; you have to give accurate billing information, and you are now traceable through your credit card company; entering fraudulent info here could get you in trouble with the CC companies, who have deep legal pockets. Third, you are limited to the number of accounts you can launch by the number of credit cards you are able to use that have different names on them; no more infinite #'s of accounts. Fourth, Verant now has an easier time with legal recourse. IANAL, but I believe the fact that money in changing hands undeniably establishes that the player has entered into a contractual agreement with Verant to abide by the Terms of Service. There has always been a TOS screen that everyone has to click through in order to join the game, but I honestly don't know how that would stand up in court by itself.
We would all like for online gaming to be free, but charging for games, even if it's just a token amount, is a powerful tool for game companies to crack down on the hackers. The era of free online gaming will be drawing to a close in the near future, and not just because of profits. Hackers are pushing the game companies to it.
I fail to see how hardware can only be trusted if it's got government-approved DRM
If the government doesn't enforce DRM measures (through DMCA, CBDTPA, and other laws that haven't been passed in CANADA), crackers will be able to emulate the DRM and get away with it.
so you must consider yourself an expert on the issues
I've read the bill, and I see no other way of achieving a trusted hardware environment.
And Mallory? Wasn't she the dumb older sister of Alex P. Keaton?
Mallory is one of the "bad guys" in Applied Cryptography. Others include Eve and Oscar.
Will I retire or break 10K?
In UT 6 kills in a row makes you GODLIKE
In Quake, 2 kills in 2 seconds earns you "EXCELLENT"
In CS, six kills in a row is "Kicked By console".
but i wonder if in Americas Army : Operations, its going to be "Wanna join the army?"
Ummm, err, say what, now?
Even in a setup where the computer's job is only to render the graphics, output the sound and return keystroke and joystick movements to a secure hardware, some bots would _still_ be possible. It's kind of like how the analog hole prevents any and all copy protection schemes from working: in this case, if you can see and hear it, you can play it, and so can your bot.
I could imagine in the worst case a bot that would do some limited image recognition on the graphics he extracts from the framebuffer or a dummy graphics driver to walk through the gameworld, recognize enemies and then blast away at them. More likely that the bot would be able to intercept commands and data sent to the graphics driver and start form there.
Cheating with bots is not only a problem limited to online gaming. As a matter of fact many ad schemes where they pay you for clicking ads suffer from bots, and have put a lot of effort into developing heuristics to tell an user from a cheater. The cheaters in turn retaliated by making their clickbots more and more human-like in their behavior and so in turn you will find slightly less than perfect gamebots once you start eliminating perfect players.
I for one don't want to go back to the bad old
days of hardware dongoles and copy-protected floppy disks, for reasons incuding these
)Possibility of hardware failure.
)Possibility of hadrware conficts
)Getting the game handed down to you, only
to find that the person giving it to you lost the
#$#$#$ dongole years before
)in the case of copy-protected floppies, you couldn't just
back up the software, and often you would have to *buy* a backup
copy from the company who wrote the program. Not to mention
if your only copy went bad, or your hard disk crashes after
they key is transfeted to it (some schemes would
do this and wipe the key off of the floppy. You
had to run an uninstall program to get the key
back on it). Not to mention being SOL if the company
goes out of business.
There is a reason why users revolted against copy protextion
in the 80's
That is not entirely true. It is more likely you meant to say that most dongles schemes are easy to crack and I'll agree with you, because the program executes on the PC and somewhere along the line the dongle is going to eventually decrypt the program code. Things get very interesting, however, once parts of the program are located on a remote server and the dongle is used to authenticate to the server or parts of the program run on the dongle itself.
There is some awesome military grade security hardware out there which I promise you, no norwegian 14-year old is going to hack over the long winter nights. One example of what would really make some grown hackers cry is this little device here.
Perhaps a newbie should learn how to play before joining a game. That's why there's a spectator mode and a single player game!
In some games, either there is no single-player game (EverQuest, Ultima Online, Final Fantasy 11) or the goals of the single-player game are completely different from those of the multiplayer game (Tetris, Dr. Mario, Yoshi's Cookie). In some games, a player can beat single-player on the hardest setting with one hand tied behind his back but get creamed the moment he plays another human being.
You think he's just going to jump on in and start playing without first watching for a bit to see how it's played?
Meatspace basketball has a spectator mode, called ESPN, part of the Disney entertainment conglomerate. But basketball doesn't have a single player.
I was more concerned about the new player who knows the rules after having watched several matches, but whose gun hand slips and shoots the wrong player.
In a related note, the new America's Army game
Will have an intensive single-player training mode. I was merely commenting that some other games don't offer a good tutorial.
Will I retire or break 10K?
Have someone or somen monitor the game 24h. If they detect cheating, kick off the cheater. If it is a per-pay game, then the cheater would lose his prepaid money (which is paid after evaluation period).
h
You don't need cheating to ruin a new users experience.
As long as you have uniq IDs, and some degree of anonymity, you will have "better" players (either by skill or cheating) wanting to beat lesser players. It's some sort of easy ego boost I suppose, or the joy of bullying?
A simple example is Yahoo chess. I had a business associate admit to me that he regularly plays online, but uses chess software to beat all comers. He said the number of new players had steadily declined to the point where he didn't play much anymore because all the other players left were cheating as well (they even discuss what chess software they use in chat).
Even in legit games where there is a constant battle against cheaters (like many Unreal Tournament servers), what do you do when the majority of players still playing (not exactly a new game) are experts who are so good the game isn't fun anymore even for intermediate players (like myself) let alone new players? You can never attract new users to online play of Unreal Tournament because the existing userbase is too experienced.
This may be less of a problem where players don't compete with each other, but instead work against non-player characters (like in EQ). But in true competition games I don't see any easy answers even if cheating is somehow completely supressed.
I remember cracking Space Quest III like that. I believe cyl #15 on head 0 of the 720K floppy disk was written with a bunch of odd sized sectors (n > 512 bytes) overlapping each other. There was no way I could copy it with the fdc in my PC, so I didn't even go looking for the function that read and evaluated that track. Instead I intercepted BIOS INT13, checked for reads to that track and just gave out the same data as a fdc would read it.
:-)
:-)
:-). (Automated protection schemes have also been cracked, when people discovered regularities in the obfuscation code generated by the code generator.)
I defeated the protection to Larry II in a similar way. Larry II would force you to lookup the phone numbers of random women in the accompanying documentation before it would start. For its random function it went through BIOS INT1A to get the time. Again I didn't feel like wading through Sierra's code so I just hooked into BIOS INT1A and let it return the same time value whenever it was called and henceforth Larry II always ask for the same womans phone number.
I defeated the protection of a major Production and Planning System (PPS) package for the AS/400 with about 5 lines CL code (and a weekend of tracing through all the CL and RPG program objects it called). It involved deleting a program object and replacing it with a dummy program object that would return the parameters it got exactly the way it got it. Winded up installing the "fix" too, at customer sites upgrading to a new AS/400 which would get you a different machine serial but that's another story
All of these crimes were committed long before the DMCA and in another jurisdiction, at a time when you had to park your Pinto half a mile away from your cubicle, Ashcroft.
When I first got NuMega's SoftIce I took it for a test ride to a certain piece of software that lets users click their way through a zip file. I set a breakpoint on the registration dialogs's dialog function and went from there. Turned out that the program would calculate the required serial number from the user name given and would compare the serial it came up with to the serial number I typed in the registration dialog. You know who you are
Those were the days, and I suppose your approach would be very valid for the scenarios like the ones I listed above but even makers of copy protection have become a little smarter. Nowadays you have convoluted binary code generated by a code generator that takes your unprotected application binary, encrypts it and embeds it into a cesspool of phony decoy and tamper protection code. Somewhere in there is of course also the code for talking to the dongle and decrypting/reencrypting the application code, good luck finding it. Extracting the application code and piecing it together again should be a piece of cake then
Anyway... as long as the code is loaded on and executed on a computer I have control over, it is hackable. It's just not as simple as you make it sound.
Cheaters are everywhere. I guess its part of human nature to want to win at everything, even if it means making a jerk of yourself. As for a solution, I have only found a few things that work quite well. One and very old is from the days of mechwarrior 2. THere use to be a program known as mechlabmaid that would tell you the stats of anyone you fought against. It would easily show if something had cheated and added tons of armor or heat sinks to their mech. It was one of the most effective tools I knew of at the time that could catch cheaters and PROVE, that being the hard thing now, that they were cheating. This program was run on the clients computer and never effected the gameplay since all it did was watch what happened. This would be a great tool to use in a counterstrike game where people can hack armor and gun damage ratings. Two and more recent is to have an active admin staff on a server. I am an admin for a counterstrike server and its easy to tell when someone is cheating. The server I admin always, and I stress always has an admin on to make sure the game play is far. The owner of the server has also enacted a blacklist of WON ID's so that any cheater caught can never play on the server again unless they get a new CD key. Between those two things, the server stays pretty cheater free consider all admins have the right to not just kick a cheater but humilitate them for even trying to come on the server. Llama, slap and kill are fun commands to enact on the OGC hacker running around the server. Lastly. Yea I am sure you all want me to hush by now, but lastly I think the game developers need to take into account what might be exploited. I know everything cant be forseen but it seems like certain things are left open that would be obvious cheat points, like the bunny hopping in counterstrike or the armor cheats for mechwarrior. Unfortunately I have to say that I can understand why some people cheat. In games like counterstrike its not always skill that makes you a good player. Anyone can click a mounse on a target, its the snappy reflexes that are different between every player that are key to many games. Newbies are outclassed by server regulars and honestly I am sure it cant be fun. Espically with 3d shotters. I know. "Go to another server" well thats a whole other issue. I dont agree with cheating and I do my part on the server to stop it but I think what we need to do is stop taking the games so seriously that lamers and trolls can control a server. I am sorry but anyone that gets so mad to leave a server when someone pops on with a cheat needs to turn off the computer and walk outside and notice things they probably havent before, like the trees, birds and most importantly, sunlight. Honestly I dont think there is ever going to be a cheat free world cause for every good anti-cheat programer, there is an equally good cheat programmer.
Quake I/II/III were or still are closed source. Before the source release of I and II, there were a plethora of proxy cheats, etc. out there and the sources were closed.
Solving cheating requires NOT trusting the client- EVER. If you can come up with a playable game that meets that criteria, you'll have a relatively cheat-proof system. Problem is, that's really compute intensive and bandwidth intensive to not trust the client.
I am not merely a "consumer" or a "taxpayer". I am a Citizen of the State of Texas
There were hacks and cheats for Quake II before the source release. There's hacks and cheats for Diablo and Diablo II. There's hacks and cheats for most games out there. All of those are closed source or were at the time the hacks and cheats were made.
Security through obscurity doesn't work anywhere near as well as people keep thinking it does.
I am not merely a "consumer" or a "taxpayer". I am a Citizen of the State of Texas
Well, my perspective, -which it should be said
is mainly from the FPS [quake] ideology- is that
Cheating is not the big problem that people
make it out to be.
Sure, there are cheaters. I run into them
regularly. I, however, take a different tack.
I realise that the replayability of the game for
these people is going to turn out quite a bit
lower than someone who really loves the game.
If one bides their time, those people
eventually stop cheating or drift away from the
scene altogether. Playing the game in
perpetual godmode just isn't very rewarding.
Now, I can see how this is a slightly
different beast from a MMORPG that has linkages
between game-world and real-world economies
(ebay items, etc)
But, I'm prepared to put up with this type of
cheating as well, for the same reasons.
The type of people who would cheat to farm items
only to sell are in effect nurfing those items in
the long run. The rules of supply and demand will
state that if continuing unchecked, they will
eventually make those items easily obtainable and
thus less effective and finally making less
real cash for them.
As for the companies who want to curtail cheating
because it infringes on their profits in a
pay-for-play system, I say SHAME ON THEM! The open
ideals of a Free for play model produces a richer
and more diverse mod community and followers who
really have a passion for the game they play.
(ex: compare the number of Q3 mods to the number
of EQ mods)
Finally, there's the issue of player
accountability towards their peers. I've often
found that people accuse someone of cheating if
they are being beaten by that person persistently
or in exceeding measure. Though, I've ALSO seen
players of high skill defend those that they KNOW
are not cheating because they've been in the game
long enough to spot the difference between
someone who is cheating and someone who is just
THAT GOOD. Over time, one builds a network of
trusted peers whom they know are on the level.
And, just as certainly, one also builds the
ability to not only spot but work around the
various types of cheats that are known to exist.
In summary, I say, if they want to cheat, let
them cheat. As a player, I will treat it as a
weapon that I must rise to overcome if I am to
consider myself successful at playing the game
legitimately. Game companies
should take id's cue and make it as difficult for
the casual person to cheat as possible without
compromising any aspects of the game that would
be visible to the user (this is in terms of
usability or even convenience.)
PS: Nightmare bots cheat.... do I care? Nope.
It makes it even more rewarding to beat bots that
have an inherent unfair advantage, more
rewarding still to do that with real people.
Most of the current games have, IMNSHO, approached anti-cheat totally wrong, by assuming that the game clients are "trusted" and then patching/updating against specific cheats whenever one is found, always lagging behind the cheaters.
Our approach to prevent this is simple. "Trust noone", meaning dont ever assume the client send anything valid. Check it on all levels, then let the world simulator have the data and perform game logic related checks. Use external tools (on the server) watching for patterns and report to staff if thresholds are passed, this should catch most bots used to "train" a character. Make sure that things like e.g. "wallhacks" are impossible, simply by providing the client with only the info the server thinks it should "legally" be able to see. If you enter a dark cave, and use some cheat to get light, it's useless because the server knows the cave is dark and thus never told you about any items in it.
This can ofcourse be a bitch to actually implement, the amount of processing power required to do more or less fuzzy analysis of all data will be very noticable. But, the gain is simple, we will prevent simple cheats and catch the more advanced quickly. And, as or eula most likely will state, we catch you cheating your account is gone and you end up on our cheat statistics page. Since the gaming industry is about money, we will put a lot of effort into the parts of it that are important to make the customer base keep paying us money, and a gaming experience that isn't destroyed by cheaters and trolls we believe would be pretty high up on the wish list.
--Erik
The next great MMORPG.
Cheaters are hackers. Hackers are terrorists. There is a war against terror. Fire up the F16s and drop daisycutters on their puny little homes!
;)
Well it'd work.
The real problem isnt making a game that prevents customers from cheating, but making a game that dosn't intice people to cheat in the first place.
In fantasy MMPOGs like Ultima, Lineage, or Ragnarock you spend the majority of your time repeating the same tasks over and over again, and for what? You get to advance to a new level of repetitive tasks. Just equiping your character for even the most mildy of dangerous excursion can require days of mindless mouse clicking. So someone invents a program that does the mindless clicking for you; actually better than you. A computer playing a computer game better than a human. There lies the problem! If the human equation in MOST of the game is irrelevant, why do I need to be around to play MOST of the game?
Why do people play online games? To interact of course. That is where online games should place there focus. Goals besides the endless collection of things need to be introduced before these type of games are really going to take off. Shoot, with the way things are now, I don't really need the other people in the game. I could just write a script to make them say things occasionally: "Buying this", "Selling that", "Going hunting", "FU". Just the inclusion of a simple political structure would change everything.
Is it really that important to have people spend hundreds of hours, to make them feel they've earned their character? I don't think so. Do I really need to spend 10 bucks a month doing the same thing over and over again? No, that's called work, and atleast I get payed to do that. Eliminate the desire to cheat, you eliminate cheating.
Aim cheats have nothing to do with server stored data. It all has to do with the fact the classic protocols requires all players in the field to tell all other players in the field their positions in the field. If you can snoop the positions of people then you can calculate an accurate "from the hip" shot with merciless robotic accuracy. If an aim cheat isn't possible, then you can just snoop the data and realize where the other players are hiding and their positing.
The problem is, you always need to get data packets encoding the coordinates of visible enemies. How else is the Game's Rendering Engine going to draw players if it doesn't know where other players are located?
You can do what you want to make revealing the coords tricky within the packets, but when it gets down to it, those players need to be drawn on screen by the engine. Therefore if the engine can player coords from the packet, so can sniffers.
The way to beat cheaters is to apply tried and true security practices. Don't trust that the machine on the other end of the connection is really a client(so don't feed it any extra data beyond what it should need to know to function). Don't blindly accept any data coming back from supposed clients(does the client really have "permission" do what it is telling the server to do?).
How are you supposed to implement this? Clients issue events that effect the game world(i.e. I pressed my trigger and fired). The server determines if you actually hit someone or not. The events must be fired off from clients in some context though...ie you can't tell the server you fired a bullet from a BFG, when all you have is a pistol. And you can't tell the server, "I'm at pos A, and now I'm at posA+1000".
I think, there needs to be a global-wide policy to track actual-player habits. If you find a player within a match having 100% accuracy, you can flag the person as a "cheater warning". Also there should be a policy in place for Team Killers, flagging players to a central authority.
A lot of the problems discussed here involve a proxy that analyzes packets and does aim correction etc. Why is it so hard to to encrypt packets with SSL or somesuch? If my browser can do it why can't the average game? What exactly is the performance penalty for packet encryption?
"Overhead, without any fuss, the stars were going out."
Such people draw energy from the people they play with when they are superior. With a level playing field, they can't draw that much energy since everybody dies pretty fast no matter how good they are. With bot-playing, they get the chance to suck up your energy. The more frustrated you get at them, the more energy you give them. When talking to other people, they will actually BRAG about cheating or misusing their powers. That irrationality is because they actually get high from doing it. So in their view, it's cool, when THEY get to do it..
When you socialize with people like this, you feel devoid of energy if you really take notice. That's because they will always suck up energy from others. They tend to attract maschoshistic personalities that have energy to spare and therefore doesn't notice the drain.
They will usually talk very negatively - focus on negative things. This is the reason they have to suck energy from others. Negative thinking spends energy. Without positive thinking, they need to get the energy from someplace..
A "successful" drain will tend to be considered "lucky" for no obvious reasons. That's because with all the surplus energy, the person can focus it in directions benefiting him/herself. All the while the people around will be less fit for fight and psyched out. Such a person will ALWAYS leave a losing fair fight after a short while. Maschoshistic people do the opposite.
These people need to learn to draw energy from their inner source rather than others around them. One way is to share and do service to the people around them (that want help). That will benefit everyone. Such people will often share, with hidden agenda and conditions behind it that they may be unaware of themselves. They need to drop such silly notions and start to trust people.
If you have paid attention you may conclude: Most people suck up energies from others sometimes. Some are just doing this so much more than others, being more extreme. Sucking up energies from others shouldn't really be necessary.
Though, there's nobody else you can start working with than yourself.
Those things cost a ton of money. I don't want to pay megabucks to be able to ultimately stick dongles into my computer.
Y2K Compliant since the late 1890s
" Michael Bacarella, a New York software developer and aficionado of online action games such as "Doom" and "Half-Life," envisions a system similar to eBay's feedback ratings, with game companies maintaining a central repository where players could rate one another for honesty. The result would be a " network of trust," with honest players given reliable tools to find one another. "
I'm a glass half empty kind of guy. I want to screen out the assholes.
And anyhow, a "network of trust" will NOT work. This isn't like Ebay, where you're probably dealing with only a few people a month, or in most cases less. (Even most sellers won't be dealing with more than a few per day) You will not get enough data for positive experiences.
But people already scream bloody murder about cheating. (Even in Diablo, which is so thorougly CRAWLING with cheaters that to not cheat is to not play) They would GLADLY contribute to a blacklist. It won't work positive and negative...only the negative will get results.
And I'd take it a step further than this centralized system for each game or manufacturer...centralized blacklists like for spammers would be wonderful. To make it so that once someone cheats too many times in a game, they can't play ANY game online again unless they change ISPs. (One result of this would be that people would guard their serial numbers with their life) The benefits to the industry as a whole might override the competetive pressure for companies not to share such information.
That would be the ultimate anti-cheating tool.
Yeah, well, you might change your point of view when some "smart" anti-cheat software busts you because you are so unfortunate to have 5 lucky shots in a row.
That happend to me in CS, and even though I used several hours complaining to the server admins, I'm still banned from all their servers.
Now, fortunately, it's free servers, so I really don't mind that much, but think if you paid like 100$ for the game, and 20$/month, and had to buy a new processor just to be able to play again?
-H
why not have anything goes games as well, i.e. cheating is allowed maybe that would keep some of them happy, of course the really nasty wouldn't go for it (as they want to annoy, upset etc), but it might get rid of some of the pests.
in my life God comes first.... but Linux is pretty high after that
Francis Smit