Slashdot Mirror
Do Anti-Cheat Systems For Online Games Work?
Mr Wriggle writes "There is nothing worse than playing your favorite game online game, only to have someone frag you and your teammates blatantly using cheats. As many of you are aware, there are various Anti-Cheat systems available i.e. Punkbuster and Cheating Death. PunkBuster comes bundled in some games and is mandatory to play certain games on certain servers. I would like to ask the Slashdot community whether you think these systems work well, or do they cause more problems than they solve? Or is there a solution that the anti-cheat developers have overlooked? Additionally, is the locking-out of CD keys of people caught cheating the reason why more and more viruses attempt to steal CD keys of such games?"
I've used PB with the latest BF1942 release. I've had ZERO problems with it. I've also noticed a lot LESS cheaters (but still SOME!) on PB enabled servers, which is great. It's worked well for me... so far.
I only play on Enemy Territory servers that use Punkbuster. I have had no problems with them (except when my client refuses to update so I have to manually update it, no big deal)
I'd say the cheaters on these servers are few and far between, if one is discovered the admins are quick to remove them
"Some things have to be believed to be seen." - Ralph Hodgson
A similar question was asked about port knocking on the misc@openbsd.org mailing list the other day. I think it was said best by henning (i think it was henning) "you want to fix buggy software...with more software?"
I kind of have to agree, why not take the time to do it right the first time? Cheats are just creative uses of bad loops, or algorythms in the code (for example the long jump in quake III if you had a fast video card).
/* oops I accidentally made a comment, sorry */
To a degree...
I play SOF2 on a PB enabled server... in fact, I search exclusively for those servers... I've noticed a couple of cheaters so far, but by far, it seems to work out quite well..
Same goes for Enemy territory - not very many cheaters, and generally makes the game 'funner' to play...
One thing I *did* notice was that when the 'sync gameplay' was enabled (I think thats what it's called) that it would slow everyones FPS down without really telling anyone about it... so people would have laglike issues on a BRAND NEW machine - but other than that no problems at all...
As far as bannign Invalid CD-Keys - what a waste of time....
Howabout a game that encourages cheating? Lag normalized, the constraints are the time you get to react to the incoming stream and build a response. Anything you can do with the incoming data is up to you. I know this gets away from "game" and more into code war, but that sounds more fun overall, especialyl if it lent itself to genetic algorithms. Eh, maybe I just miss Core Wars.
We are running six Half-Life (HL) servers with Counter-Strike and Natural Selection Mods and have found that Cheating death is the best viable solution.
Valve (the makers of HL) are offering their own security engine but its almost worthless since it gets updated rarley and it is aimed to detect cheats only.
Cheating Death on the other hand is aimed not only to detect but to prevent cheats (for example by moving the things you arent supposed to see anyway (player behind wall) to the players back). Because of this Cheating Death can't catch a cheater but his cheats are becoming useless. In addition to that Cheating Death is updated very often and so it is able to prevent most cheats.
Conclusion:
A anti-cheating engine that isn't updated regulary is almost rendered useless in a long run.
Spelling errors were made for your amusement only...
Lately I've been playing Enemy Territory mostly, and only on PunkBusted servers. For a while, wallhacks were fairly common in ET (when you're spectating someone, detecting wallhackery is fairly easy) - but I haven't noticed a cheater for a long time now.
PB seems to work as advertised, and has never given me any problems. If it's letting some cheats through, it's not enough that it would affect my enjoyment of the game. If someone cares more about the outcome (or their performance), I suppose they may want a more foolproof tool - but PB is good enough for me.
Let's not stir that bag of worms...
Whenever you have a game that keeps score you will have people who try, and many times find a way to cheat. Even when there is nothing to directly gain from it. For the life of me i can't figure it out
Punkbuster is definitely excellent for public servers. It thins out cheaters hugely(but not entirely), and what cheaters there are don't last long on well-adminned servers.
On the other hand, It isn't too hot for competitve play. Updates aren't frequent enough.
I play bf1942 in the TWL 8-man ladder, and I must say, BFSecure is definitely a great tool. Updates are extremely frequent(at least once a week-- i only update before matches). It performs its job exceptionally-- the only thing we have to worry about is people using exploits.
Unfortunately though, as the name suggests, bfsecure is specifically for battlefield. I don't think they could keep up with the cheats if they had to handle multiple games.
~To choose doubt as a philosophy of life is akin to choosing immobility as a means of transportation. -Yann Martel
The first goal of most games is to be 'playable' over broadband with moderate latency. In order to accomplish this certain tradeoffs must be made. These are not bugs.
The 'long' jump in Quake is hardly a 'cheat' that PunkBuster is designed for. PunkBuster purpose is to remove client mods that give you auto-aim, radar/enemy position info, and enemy texture/highlighting type cheats. All of these involve modifying the client.
Yes, the client knows where all the players are. Yes that is a weakness. No it can't be fixed easily, because we have to deal with 60ms-200ms one way latency. That requires some think ahead, which means giving the client more info than they should have. If this was any other type of software than a FPS game we could suffer performance for security.
Programs like Punkbuster use arms-race philosphy to try and stay ahead of the cheat makers. Far less time goes into defeating a specific cheat, then it does to build that cheat. One small change to the pb client and away goes 2weeks coding work of a cheat-maker. PB tries to guarantee the client environment, including memory, and what they see on screen. The pb screen captuing util is the best defeense for an admin.
Having said all that, it's logically impossible for them to do this 100% effectively. You can not control and audit access the the system memory and devices on modern day motherboards. Anything you have running to check this can be modified.
It will take technology such as Pallidum to make true 'anti-cheat' and balanced playing environments. I welcome the day game programmers can trust the client and leverage caching techniques that require pervasive knowledge of the game world. It will make games faster and more enjoyable for a broader range of peple in geographically disparate areas.
-Malakai
A Dragon Lives in my Garage
punk busters is supposed to keep america's army players in line, and it pretty much does as much as it can.
however, it doesn't help that the developers decided to include a 'dev mode' or something that's basically providing a bunch of built-in cheats even in the latest 2.00a version.
Just yesterday I was playing AA, and PB kicked someone off the server for cheating. The message was something about a skin hack.
So I know that PB works, because I've seen it in action.
However, I think both the previously made comments and the news report itself is asking a different question for a different topic. Read the title again.
Do Anti-Cheat Systems For Online Games Work?
Note the fact that it merely states 'Online Games', yet everyone here is talking about FPS games. Well what about games like Warcraft 3? Theres currently no Punkbuster support for it (although Blizzard is doing a fairly good job at monitoring and banning cheaters). Theres no (effective 1st party) support for anti-cheating programs for Half-Life and its mods (Punkbuster and Cheating Death don't count).
What I'm trying to say is that this generation of anti-cheat systems is nothing more than a "warm-up" for next-gen games such as Half-Life 2 and Doom 3 (and maybe UT2k4 we'll have to see how its accepted though since its shipping on SIX CDs). We know pretty much anyone who considers themselves a gamer will pick up either HL2, Doom 3 or both so the chances of cheats being written is obviously high. When HL2 comes out (since its being released first), expect to see a complete change in the way anti-cheat systems are implemented in games.
Oh, and to answer the question: Yes, they do work. For now.
It does seem to have gotten better, but sometimes I can't tell if someone really is that good, or if they're cheating. Of course, I don't like being shot round corners by cheaters; bots can also look like cheating players - they are very accurate over long distances, which normal players generally aren't.
One giveaway is ping: it's fair to assume that if someone has got a significantly better ping than you, they are going to get the shots in better. I've noticed that my playing is much better with a ping of 80 than with one of 120 - somehow I miss less the faster my ping is. For many, changing from an old modem to isdn/cable/dsl has at least as big an effect as any cheat would. I therefore think it's fair to suspect someone of cheating when they keep on fragging you although they have a 200 ping and you have 100.
With that said, I don't play on many servers that require anti-cheat programs like punkbuster, although the newer (steam) versions of HL and co seem like they might now have anti-cheat stuff built in.
-- Steve
I knew a guy in college (back when the anti-cheat programs were just getting popular) who was really good at shooters (particularly UT). In fact, he was too good: if he played on servers that had aimbot detection on he would get banned if he was having a good night. On servers without anti-aimbots the players would decide he was cheating and ban him after a while too. Unfortunately he had to completely retreat from public servers, and only play with people who knew him, although they still bitched about how accurate he was. I actually sat behind him and watched as he would catch a glimpse of someone on the other side of the map, move to a better location, and then heatshot them a few seconds later. He mostly used the sniper rifle, but just because of it's increased power (he got body or head on 90% of shots, so he mostly didn't need more than one shot), he usually made most of the flag caps for his team too.
Kurdt
I'm not anti-social. Just pro-technology.
um.. the solution to this is to play with people on your own level, and work your way up. most games have "newbie" servers, or try playing with friends on a LAN first. sorry, but i have no sympathy with you at all, saying "the only way I even have the slightest chance is if I cheat". if this was allowed, where would we draw the line? do you turn the cheat off when you're doing well "oh, but i was having so much fun". no. cheating = wrong. getting better the honest way is also so much more fun. if you really can't seem to get better, then find a better game (a better game for you, hell i have no idea what's a good game atm i haven't played a game in years :/).
This is my Sig, this is my Gun. One is for Slashdot and one is for Fun.
Banning CD's keys sounds like a good idea to stop cheating but in the end it only hurts the naive players. Those who cheat generally have no problem scamming people out of their cd keys. They are already proved they are dishonest by cheating in the first place.
The only alternative is to use a hardware driven, trusted computing set of keys that validate that *the* hardware is there and that a real 'punkbuster' program is running. Although, in theory, if you can hack this key, you can get around even this, although the key can be made sufficiently difficult so that you will need centuries to crack it and you lack the ability to physically pull apart a CPU.
Working against any cheat is publicity. Most hackers do not make the cheat for their own purposes but because they WANT publicity (I am guessing about the 'most' part - I have no imperical evidence). And once a cheat is publicized, Punkbuster, etc. can break it.
Of course, we have a the hackers who only share with their clan or just use them themselves, but their impact on the average player should be limited.
ProQuake is a modification to the original Quake (NetQuake, not QuakeWorld) code to provide some client-to-server verification of maps and models.
I'm curious if anyone here has heard of any attacks on this cheat-free method?
Thanks
-molo
Using your sig line to advertise for friends is lame.
"How did you kill me!!!!!111 I had full armor and health!" :("
"It's called a headshot. Get used to them."
"WTF!! You kill me every time I walk around that corner!"
"It's called 'aim', you should get some"
"This SUX0RS. You are using an aim bot
"Aim bot? Is bot short for robot? I don't have one of those, but your mother says I love like a robot"
1@|\/|37_69 voted to kick+ban You_Suck
So let that be a lesson to all of you out there. Sometimes people ARE just that good.
SCO.com uses Linux
You, sir, are the problem and why we need anti-cheat systems in the first place.
Play games with single-player modes against bots to develop your skills. Play on heavily-populated servers where there is wide range of players and skills to challenge. Success does not happen overnight, like any game practice is essential to become decent at it.
Only a selfish clod would ruin the game for everyone else by cheating to cover his own incompetence.
The problem with both of them, at least when I last played them both, is that both of the anti-cheating devices are not associated with the companies of the games the devices are used for.
_
I used Punk Buster with Quake 3 Gold and was not able to get it to work due to the lack of help from Id and a problem with XP that prevented the PB updates from fully setting.
I used Cheating-Death when playing the Half-Life WW2 Mod 'Day of Defeat'. On the plus side, this program sucessfully weeded out all the hackers and cheaters very quickly. Updates were made much more frequently than VAC (Valve's Anti-Cheating solution) ever did. I LOVED that CD found the cheats and updated them within a week of being known. VAC? You would have to wait until they released their updates which were few and far between.
The Drawback was that the program WAS developed independently of Valve and the program gave the playing experience many 'challenges'. Most of which were lag related.
So yes, they work but the game companies need to work more closely and quickly with these solutions as they are EXCELLENT solutions to the cheating problems in on-line games.
Dolemite
_____________________________________
Save the World! Use a Quote!
I once got 343 kills on a CS server, with maybe a dozen deaths, over the course of a whole day. I wasn't cheating, I was just a lot better than the people on the other team. And they absolutely refused to learn from their mistakes.
Example 1: The idiot who always, always ran to the same hiding place to try for an ambush. After about two rounds, I started shooting through the crate to kill him. He claimed I was using a wall hack, but I really just knew he'd be sitting in the same place again.
Example 2: The other idiot who didn't know the map. He kept accusing me of using a speed hack to get to the target before him, but the real problem was that he was taking the long way around.
sorry for huge essay, but if you're not interested dont bother reading.
I only have experience with Punkbuster on RTCW and Enemy Territory - playing, running servers and modding a large forum.
Detecting cheats is the big selling point of PB, and fundamentally what it is for. How well it works at removing cheaters depends on your point of view. PB generally only picks up cheats the developers have found - those posted on cheater sites/forums or submitted by players who have come accross them. PB is then auto updated to scan the player's memory/hard disk and if it finds a match, the player gets kicked and the cheat violation logged on the server for the admin to look through and set a pernament ban.
Evenbalance have no qualms admitting the software is unlikely to detect cheats that are kept private, i.e. someone who makes his own and keeps them to himself. There are exceptions to this, for example if someone just modifies a detected cheat and doesn't change what gets picked up, or its a simple game file modification and PB simply detects the files are not as they should be (not logged as a cheat violation, but still stops them being used). Further, the detections are always going to lag behind the cheats being made available - though as said in a post above, the effort for the hacker is liable to be significantly more than that for PB to pick it up. PB also get paid for it.
So PB only picks up publicly available cheats? This in itself is more than worthwhile - you might still have cheaters, but maybe at most 10% (total guesstimate) of these guys can get past PB. 90% less cheating? Yes please. Sure I'd like 100%, but back on planet reality this isnt going to be a possibility any time soon. Anyone who cant figure that 90% less is massively better is either an idiot or likes cheating.
There is a secondary cheat detection method that comes with PB, although it is less reliable and takes significantly more effort for the admin. PB can be used to return a screenshot portion from the player. With this, it is possible for the admin to find someone who is using even a private hack they made themselves that is not detected by PB. Admins can set PB to automatically take these screenshots from all players, and also they can take screenshots at specific moments from specific players. The system isnt exactly perfect though, the admin will have to regularily download and look through all the shots taken, so it takes a lot of admin time for a relatively tiny hit rate. For busy public servers, this is liable to not be worth the effort (except where admin has spotted a dodgy player and so gets screens from him specifically), for example I've downloaded several hundred of these screens and only picked up one player cheating with it. However, for clan matches, this becomes much more worthwhile - both because there are far fewer screens to look through and because the "value" of a detection is far higher. A further weakness is that not all players return a proper screenshot to the server, I'll not go into why but the function is hardly reliable, though evenbalance have said they are completely rewriting the code to improve it. I havent seen on any cheater forum that anyone has sucessfully managed to write code to bypass it yet though, like they did for CS (NB: PB now is very different from PB in CS, where it wasnt even integrated to the game properly).
Actual detections are only part of the anti-cheat effect of PB however. The deterrent is at least as good as what it actually picks up. Nobody who has involved themselves in a bona fide community wants to get caught cheating, because they will lose their online buddies. And then there's the issue of having to buy a new game to play on their fave servers again...
I said earlier that detections are the selling point of PB. As an admin, I dont find detections to be the actual number one feature. The best part of PB is the bans are by GUID - a one way hash of the CDKey. Banned players stay banned, for them to come back to your server me
The main reason there are cheats is that the game clients know too much. In ideal world, the game clients would be completely stupid and would only know what's necessary (for example, in FPSes, the client would only know of the players that are in the player's view).
However, implementing things in "dumb" way is not efficient or particularly lag-friendly, so clients have to know a lot of things. The more secure you make the client protocol, the slower and more unreliable the game becomes.
In particular, the clients know where each player are, and where they're apparently moving to.
Also, some clients aren't too efficient what comes to drawing the picture; the client tells graphics card to draw whatever objects are nearby, whether they're hidden behind other objects or not.
So, now there's two ways to exploit it: Either mess with the client by analyzing what the client knows (calculate optimal firing direction and moment by analyzing at the player positions, etc etc) or mess with the display drivers (make all polygons on the screen translucent, enabling people to see behind walls).
That's some of the basics. =)
I play on Passworded servers, most of the time. Keeping the players to a 'elite few' allows for quite a different game than on the public servers.
Actually, this is the main reason Clans are formed. There just a bunch of people who want to play together, without all the idiots on the server with them. That, and the fact that if you play with the same people enough, you get to know who is good at what--and who to stay away from.
Also, having a teamspeak server helps out--as having private and secure comms between teammates (and not having it sound like crap) helps out a bunch. I can't tell you how much better my game is, when I have a mic and all my teammates do too. Having them listen to you helps, but at least this way you can yell to your teammates when a sniper is around the corner. And that isn't cheating. It happens in real combat all the time. duh.
Anyway... I think that the solution isn't having another client to check the client, but checking who you play with first.
Do they work? Nope.
Are they worth the effort? In my opinion, nope.
Cheats will always be out there that cannot be detected, blocked, or otherwise foiled by these 'anti-cheats', so why bother to trouble the legit players with annoying software? At least in HL mods, where a seperate program must be run asside from the game. It's just not worth my time, so I avoid these servers like the plague. The actual amount of cheaters that play CS is probably a lot less than people would like to think, and it's not hard to find a cheater-less non-software regulated server. My tip is play on friendly fire servers, when a real cheater is around, usually the player base can deal with it themselves. Otherwise, nothing beats a well-admin'd server. Find a player community that you can play with and come to trust. Be a reg. It helps the game experience a lot, because you'll have friends that you can trust, and the server will hopefully be administrated well. That to me is a lot better than any big-brother cheat software.
Hey, it's my OPINION that dogs have eight legs and make a sound like a car horn every time they take a piss.
I think that most people are missing the point in their furor over cheating.
The real issue is one of a level playing field, right? That's the basic problem with cheating: it unbalances the game in favor of one player.
That in itself isn't a big deal. Lots of things unbalance a game: hardware (if my bigger badder machine draws frames four times as fast as yours, I'm probably gonna kick yer butt more often than not), network latency, skill,
Obviously it's easy to deal with hardware, latency, and skill: use some sort of game-matching system to pair people up appropriately. That leaves cheating.
It seems to me that the most effective way to combat cheating is in your game design. For instance, a game that gradually tilts things in favor of the loser (say, by giving them advantageous starting positions or any of a million other things) helps bring balance back to the playing field.
Someone with true skill is still going to be able to rock: they'll just overcome a disadvantage. Someone cheating is going to find their cheats less and less effective as the game goes on.
Just some thoughts....
Pooks
What else can we blame when get our butts kicked?