Fighting Online Game Cheating in Hardware

Monk writes "Multiplayer games these days have one problem. Cheating. Cheating is out of control because of failed attempts by software such as Punkbuster, and VALVe's Anti-cheat (VAC). Now it seems that could change change with Intel's own Anti-cheat Software/Hardware."

there is no technological fix

[circletimessquare]

for a social problem

anything designed by a man can also be broken by a man

the only remedy for human antisocial activity is human social activity. no technology will change that fact. and if you think it can augment those who intend good, then you're right but you must also bear in mind that it can also augment those who intend evil

this applies to security cameras, file trading on the internet, etc. as well as game cheating

Re:there is no technological fix

[AnonymousDivinity]

there is no technological fix for a social problem. anything designed by a man can also be broken by a man.

I don't know about you, but I for one like having locks on my doors. Are they 100% perfect at keeping determined individuals out? Of course not. But that's not their purpose. These kinds of measures merely need to make an activity "not worth it" to those who have some motivation (the aforementioned societal problem). Economic deterrants do work well, at least on a statistical basis.

As for cheating devices, if one were to construct an anti-cheating system that would require a hundred million dollars worth of high tech, rare equipment to break - do you think some gamer is just going to have that kind of money lying around? I'm not saying Intel's solution is of this nature, but this absurd notion on slashdot that technology cannot help/solve societal problems is total bullshit. A lot of social problems are highly context/environment dependent (mostly as a result of human psychological quirks, and evolutionary behavior), and technology can do a lot to alter the environments where people interact to the point where many harmful behaviors are discouraged or stopped altogether.

Re:there is no technological fix

[The+Clockwork+Troll]

The social problem has an obvious solution: accountability.

If banning of an anonymous ID is the worst any cheater might endure, and they know it, they're going to operate as you would expect someone with impunity to operate.

The obvious solution has obvious problems. The social solution leaves a worse taste in our mouth than cheating. That's why we're chasing it technically.

Re:there is no technological fix

[EsbenMoseHansen]

In an online chess game, where the rules are fixed, I would challenge you to trick the server other than by hacking it. There is two things: Game data and interpretation of this data.

There are at least 2 possibities: Changing the rendering of the incoming data in a favorable manner (e.g. highlighting opponents, pickups or what-have-you) and having a custom client that plays or help you play. The classic example is the aimbot, that is a client that helps you aim your shots.

Re:there is no technological fix

[irc.goatse.cx+troll]

latency of two moving people around some obstacle means you either let them both know where eachother is before they should be able to render, or you'll be able to induce lag to allow yourself to teleport around the game which is just as bad.

Then theres issues of "can it be seen through?" for example when I replaced all fences (which in a real engine blurs to solid after some distance). Is it cheating to tweak your drivers with rivatuner to change how it blurs them so you can see through them? What about replacing the texture with an empty texture?
Replacing the enemy models with sold colors?

Even defining cheating with 100% accuracy is impossible, saying you can stop cheating is laughable.

Add the cheats as features to the game

[Slim+Backwater]

How about just adding cheats as elements to the game? Players like radar? Add it. The ability to see through walls? Auto aim, auto trigger? Make them power ups. Don't fight it, integrate it.

Re:Add the cheats as features to the game

[boaworm]

Because many of these games aim to be realistic, that's why people play them. Adding an "aimbot" as a powerup is not something that would have happened the 101:rd airborne when they dropped down over normandy, so when you play that scenario, neither do you want it or should have it.

Re:Add the cheats as features to the game

Yeah, make an FPS game where everyone automatically has immortality, omnipotence, omnipresence & every conceivable weapon.
Sounds a lot of fun.

Re:Add the cheats as features to the game

[Saville]

Attempt 1) get shot down
Attempt 2) get shot down
Attempt 3) get stuck in tree and then shot
Attempt 4) get shot down
Attempt 5) get stuck in tree and spend 5 minutes press the 'escape' key then get shot on ground
Attempt 6) get shot down
Attempt 7) kill some nazis then get shot
Attempt 8) get shot down
Attempt 9) get shot down
Attempt 10) get shot down
Attempt 11) get shot down
Attempt 12) be sneakier and kill more nazis then get shot
Attempt 13) download FAQ and type special 'idkfa' cheat and walk around like Rambo and have more fun playing the video game as escapism where you become a hero. You've just had your fill of realism, now you want entertainment. You want to play the role of the top 1% that didn't die or get wounded instead of just another peon.

*sigh*

[Verte]

The Quake fiasco has already taught us plenty about this: don't trust the user.

It seems rather futile though..

[boaworm]

The whole concept of anti-cheating is based on making a chip comparing input on mouse/keyboard to input into the program.

So how about:

1: Software that wraps this chip, and returns "true" all the time ?
2: Cheats that does not emulate keyboard or mouse input ? (like radars, spike skins, you name it)
3: Software that generate keyboard/mouse interrupts ?
4: The fact that someone would not buy a CPU/MB with anticheat stuff in it if you intend to cheat. You'd just have a dummy driver emulating this hardware or something.

This only seems to be able to solve a very small portion of cheats.

Wow!

[smiltee]

Exactly like DRM, I am sure this restrictive method will work flawlessly! I think Intel is making the right choice by using something you can't update against an entire army of hackers!

Solution: The Istrate

[kaufmanmoore]

This handy device fits in a computer's 5.25" inch bay and if it detects cheating a razor sharp knife comes out and relieves the offending player of the little (as is always the case with cheaters) piece of manhood that the loser has left. (Towels to clean up blood not included).

Great..

[Khyber]

I'm looking forward to the time when I can't play a game online because some POS hardware/software thinks that my MP3 or video encoder is a cheat mechanism.

Lame, very lame. And you KNOW this will eventually happen. Some harmless software program running at the same time as a game will screw your online play without lube.

Why can't the game devs shift focus away from DRM & etc. and try building a solid product that doesn't NEED a third party anti-cheat software running? It's called internal testing, FFS. You made the software yet you can't find the holes, meanwhile some smartass 15 year old Russian just reads your code and goes "Oh! Look at what we have here!"

Well, I'm not impressed.

[dannycim]

A friend of mine plays the Final Fantasy XI MMORPG on PlayStation 2. I rigged a little box with a bunch of timers, relays, the heart of a USB keyboard which can repeat timed sequences of game macros without supervision. It works wonders for some "skill-upping".

Intel's little trick wouldn't detect that as it involves no software at all, no injection of keyboard events. As far as the console is concerned, it's a keyboard, period.

I could go a whole lot more sophiticated and build a USB box that would emulate both keyboard and mouse events. Marry that with software that can "look" at the screen data and recognize patterns, and you'd have yourself an automated player.

Go ahead Intel, invent better traps. We'll invent better mice.

The problem with anti-cheat software..

[Animaether]

..is that the server, at some point, has to trust the data the client is sending. Now there's client-side anti-cheat software that will do things like try and make sure that external applications (not entirely unlike the old TSR cheats of lore) aren't altering the data in RAM before it sends the info back to the server. But that client-side anti-cheat software can-and-will be defeated. Eventually there might be an anti-cheat relying on TCPM sort of things, but eventually somebody will just make a TCPM-less version indistinguishable from the TCPM type by the server.

So the only proper anti-cheat lays with the server. But there you hit a problem. You can, for example, prevent some cheats that way. Somebody lobs 2 nades while the server knows he only has 1? Cheating. Somebody moves all over the screen, faster than the player can actually run? Cheating. Wait - or a laggy connection.. or a bug. Tread with caution there. Caution means a margin. A margin means a margin for cheating. Okay, so you don't have your cheat make your player run at 200% - you just make him run at 105%. Still an advantage, and the anti-cheat won't catch it because of the margin. And even when you can detect all the -technical- cheats (more ammo, faster reloads, increased speed, greater jetpack fuel (if there's any), that leaves you with the cheats that cheat the User Input. Aimbots and the like - which can be extremely difficult to detect.

In the end, you can't 100% prevent cheating. But you can make the landscape unattractive enough to cheat in by at least trying to prevent it and having an actual human being look at suspicious behavior from time to time.

( I admin at one of the more popular Soldat servers - we're virtually cheater-free because the cheaters know they'll be busted in no time and their cheating fun ruined by us /kill'ing them (rather than banning - as they'll just be back) and ousting them in public. )

Re:The problem with anti-cheat software..

[Catil]

As far as casual public server playing goes, there might be another solution: Statistics.
40% aiming accuracy? Too good. 5 headshots in a row? Too good. etc.
It wouldn't even have to have anything to do with cheating, actually. The message a detected player would recieve would be something like this: "Sorry, you are already too good for this server, it's low-skill only. You will be kicked in 5 seconds, so the noobs here will have more fun in a more even and fairer game. Feel free to play on our mid- or high-skill servers over here."

Re:The problem with anti-cheat software..

[lena_10326]

And that *still* doesn't get rid of aimbots.

It would get rid of aimbots.

In order for an aimbot to work it needs access to the internal game state, particularly positions and velocities of objects in the game, which it can gleam by analyzing the data packets between server and client or by accessing in memory game data.

If all you have is a video stream, the aimbot has access to no game state. The best it could do is try to recognize objects on the screen by pixel patterns (screenscrape), which I doubt would work if everyone chose skins matching the background. It also wouldn't have access to positions of off-screen objects, which gives the aimbot its real advantage--shooting at people behind you or hidden underwater or in shadows. I think in that case any screenscraping aimbot would be more trouble than its worth as well as very inaccurate (obvious).

Re:The problem with anti-cheat software..

[Bombula]

And the high-skill servers will be like SNL's All Steroid Olympics. Why not? Same with MLB. Who cares if people cheat - as long as everyone is cheating, it's still a level playing field.

Re:The problem with anti-cheat software..

[PachmanP]

Conversely, servers that better players frequent would be more likely to recognize and bust cheaters. Whereas the n00b servers, people would be more likely to just think the guy was really good, die alot, and give up on the game.

Re:The problem with anti-cheat software..

[Kjella]

Except the people using aimbots and the like aren't interested in skills - they're interested in the feeling of being invincible, to tear through a map like a mean Rambo look-a-like. Put the cheaters together and they'd have no fun. So what they'd do is find ways to do it anyway, while the good players will get banned by any other name. What are you going to do, start banning people for winning too clearly? Sure, that's incentive... get too good and you get banned on every server except the garbage heap of cheaters, woohoo.

Re:The problem with anti-cheat software..

[Ash+Vince]

I play americas army alot on the net. At one point I was out of work and pretty much played full time for 2-3 months. By then end of that period I got more hacking acusations than you can shake a stick at. I even got banned from a few servers. I have never cheated. The truth is that really good players get headshots first time, almost every time.

In the end I settled on playing on one or two public servers run clans. That way they knew who I was, trusted me not to be cheating and let me carve through people when I was on a good run. That way admin would usually explain to noobs I wasnt a cheat when the acusations started to fly.

I also changed my name to Nohax for a laugh but that was only after I got the hacking acusations.

The truth is though that human admins are the best anti hack method. If you got caught cheating on their servers you would probably get a lifetime hardware ban. That means your PC gets banned, not you account name or anything. I don't know how it works but it is effective as I have heard people complaining they downloaded a hack for a laugh and then could never play again until they bought a new PC.

Re:The problem with anti-cheat software..

[Sigma+7]

This is why you won't find cheating in a good RTS or MMO, the server or peers can run everything in parallel. Actually, there are easy ways to cheat in RTS/MMOs:

• Maphacks/wall hacks allw you to see through obstacles. This obstacle is FoW in RTS games, and due to their nature, most RTS clients tend to be syncronized and require having a copy of the game.
• MMOs can be botted. While not "cheating", it is an unfair advantage since it allows you to get powerful players more quickly than what is normally accepted.
• RTSs, as they generally need a copy of the game state on each client, can have critical information about other players displayed (e.g. how much resources they have/spent.)

Maybe the AI could run on a cheater's system, but I have never seen good AI in an RTS. The AIs you see on most RTSs are lobotomized - they are written to be "good enough", whether it's through scripts or through randomness.

As an example, look at Starcraft - while the AI is relativly strong for new players, it is weak compared to the "build orders" that are posted on various websites, which are then memorized by master players. There's no reason why this can't be placed in an AI to make it stronger.

Another example is Galactic Civilizations (which isn't an RTS, but the same concept applies.) In most difficulty levels, the AI is crippled but is still a threat to most players - the only "cheat" is that it knows the location of good planets (which isn't much of an issue, since they were probing the universe before your race invented hyperspace). The threat is caused by the economic optimization - it picks the best tax rates and maximizes production efficiency. As a side note, there were reports of the AI somehow bypassing tech tree requirements - this complaint was eventually resolved, either through a patch or by identifying how they did it (e.g. tech trading with other races.)

The AI discussions were common with the game Total Annihilation, as it was the only game at the time that allowed AI patching. No matter how well you made your AI script, it was limited with implementation bugs - for example, the AI engine had a failsafe in case the script was faulty (or if it got nuked) where it would start building resource production on an economic shortage, but would never turn off the failsafe. Another bug would be the "5 peewee" rush, which could paralize the enemy AI commander and kill it.

It's not a lack of technology that limits RTS AIs - it's the lack of implementation. There hasn't been any serious attempts to make a strong AI.

Re:The problem with anti-cheat software..

[apoc.famine]

You hit the nail on the head. We run our own UT2k4 server. We occasionally get decent players on. We also occasionally get people who magically get 6, 7, 8 kills in a row in on people that they can't see, or as they round corners. If someone seems just too good to be true, they get the banstick. Have we possibly banned people for just being super-good players? Possibly. But there are a couple hundred other servers for them to play on. Have we banned downright cheaters? Yep. My favorite was the kid in igib Hall of Giants - if you know the map, you'll know how amazing it is to get a "HOLY SH*T!" twice in a row. Yeah, that's 16 kills in a row, with a max of 3 seconds between each one. All the more impressive was that he did it from...the bottom of the map...and shot someone directly above him in the air immediately after shooting someone on the ground, and then immediately shot someone behind him and to the side. I was spectating for the second round of kills, and most of the people who died you couldn't see, due to the distance limitations. Many were nearly 180 degrees apart from each other at huge distances, but they were located and killed in the span of a second or so. Not overly hard to justify a ban for things like that.

Re:The problem with anti-cheat software..

[fractoid]

This would punish cheaters, sure; but it would also punish those who just happen to be good (on that map in my case). To be honest, I don't care whether they guy that headshots me 5 seconds before I see him, every single time, is cheating or is just really good. Either way it makes the game suck for me, and it presents no challenge for him. Users *should* be grouped by ability level (whether natural or assisted) so that everyone can actually enjoy the game while they're getting good at it. Surely you didn't have as much fun 'owning noobs with your leet sniper skillz' as you would have playing against equally skilled players?

Yay for Trusted Computing

[Cheesey]

Remember folks, although the remote attestation features of TCPA could be used by online services to force you to use a particular "trusted" application/OS stack, locking you in to a configuration like "IE on Vista", that's not why they are there.

The point of TCPA isn't to enforce DRM or strengthen software monopolies. It's all about things that benefit you, like preventing cheating in online games, and... erm... many other things.

TCPA is a misunderstood technology. The EFF, the FSF and security experts are just making a knee-jerk reaction to something that they don't understand. Let me explain:

1. TCPA doesn't take away your ability to run whatever software you want. If every online service requires you to use (say) Vista, and uses TCPA to enforce this, you can just opt out of the Internet entirely and carry on running Linux or .*BSD or whatever. It's your choice.

2. TCPA doesn't spy on you, although it might be used to prevent you modifying software that does. But then you can just opt out of using that software. Again, it's your choice.

So, say yes to TCPA! Like atomic bombs and subdermal RFID chips, the technology isn't inherently evil, and it will certainly never be abused to reduce competition in the software marketplace, preventing free software interoperating with online services.

Just one problem?

[Quarters]

Multiplayer games these days have one problem. Cheating.

Really? Just one? What about:

Bad design

High prices

Poor performance

Steep system requirements

Bugs

Re:Just one problem?

[cshake]

You forgot another one:

EA

I'd also include 'lack of support for old games' but just saying EA covers that pretty well.
(C&C Generals is what, 4 years old? They don't even have a section on their website for it anymore FFS!)

It's a reputation problem.

[Colin+Smith]

You can't trust the person, you can't trust the hardware or the software you can't trust anything which comes back from the client machine.

Da fix? A cross game registry of gamers with identities linked to real addresses and bank details. Something which all the online games can query, though I'd go with hashed values for bank details/address etc rather than real ones. You get caught cheating, you get marked as such. To get rid of the marking you need a new identity.

Will it stop it? Mmm look at the athletes who take drugs, I doubt it. What getting caught would do though is ruin the gaming life in all the games which use the registry. Gaming environments could be split into two areas. One for trustworthy gamers, one for cheating scum.

Custom cheat hardware will become popular

[dlleigh]

Software that compares the input from the hardware with what the game sees? No problem: just make sure that the input comes from the hardware itself, and not from a piece of emulator software.

I built a cheat box for GTA San Andreas soley because I am lazy. The game requires that the player have their character "exercise" in a gym in order to build strength and stamina. I didn't like the idea of abusing my fingers and keyboard by rapidly typing the necessary keyboard combinations, so I buit a box with three big buttons on it that emulates a USB keyboard. It emits the correct key combinations when I press a button. (NB: I didn't use a programmable keyboard because I'm a hardware guy and was playing with USB anyway. I like my form factor better and used actual arcade game buttons for feel and durability.)

Want to run on the treadmill for the maximum allowed time? Press and hold a button. Want to lift heavy weights quickly and repeatedly? Press a different button. Yes, folks, I was cheating at virtual exercise.

It actually gets worse. I got tired of holding the button down, so I set an old disk drive on it. Then I could just sit back and watch my character get buff. This was the ultimate in laziness: I was cheating at cheating at virtual exercise.

STOP MODDING UP MEANINGLESS SHIBBOLETHS, PEOPLE.

[mumblestheclown]

For fark's sake people. A statement like "there is no technological fix for a social problem" is just important-sounding nonsense. Really? We seem, after all, to have prevented the problem of people physically reaching out across the internet and strangling people... I have yet to see anybody do this (as much as I'd like to sometimes). Parent poster completely ignores the obvious problem with his arguments: that ALL defense mechanisms are not about absolute defense, but about reducing the rate of successful attacks and/or increasing the barriers to entry (such as technical sophistication, equipment, time, etc) that an attacker must invest in to be successful. Security guards and alarm systems do not prevent all bank robberies - but it is safe to say that there would be more robberies if those things didn't exist. Same here. You may have technological issues as to exactly how much such a hardware defense would decrease the amount of cheating, but it seems fairly obvious that, if implemented, this figure would be greater than zero.

Mod me offtopic...

[SanityInAnarchy]

Is that a reference to the horrible, horrible, Chinese pirated Attack of the Clones (subtitled in english-chinese-english translation)?

That always cracks me up. Vader's "NOOOOOOOO" becomes "DO NOT WANT!!!"

Recent PB update is a rootkit

[rush22]

I was appalled at the recent PunkBuster update. Evenbalance has essentially installed a rootkit on my computer without my knowledge. The only reason I noticed is because my firewall suddenly lit up with warnings.

Normally, PunkBuster is a .dll file in your game folder. However, this recent update downloads two .exe files and places one in the game folder, and one in your Windows system folder. PB says these are necessary only for players who want to bypass admin rights for people who play BF1942 or ArmyOps. Apparently so many people are playing these games on their office network and can't log on as administrator on their own computer that Evenbalance has sent out a rootkit with their recent PB update. The programs are mandatory for everyone, though, regardless if you are the administrator. Any player attempting to play on a PB-enabled server without these files, or otherwise blocking these files with a security program, is kicked for "Losing Key Packets" (PB often has trouble with accurate error messages).

The executables are run upon startup of your computer, and run constantly in the background, regardless of whether you are playing the game. They also intermittently connect to the Internet and send data to Evenbalance's servers. Of course, the player has consented to this (and more) by agreeing to PB's voluminous EULA. In fact, if you read it carefully, players have consented to sending their entire hard drive and hardware information to Evenbalance at any time Evenbalance deems necessary.

Evenbalance will tell you, as support team member Glenn (or someone imitating him) says on a game forum I found: "We're not trying to hide anything or throw anything by the user without his knowledge. These services are doing nothing when a PB-enabled game is not being played, other than waiting to see a PB-enabled game launched. When a PB-enabled game is not being played, we're not scanning your computer or internet traffic or anything of that nature."

Though if you have any sort of firewall on your computer you'll know that that is either total ignorance of their own product or a total lie, as PnkbstrB.exe and PnkbstrA.exe do in fact connect to the Internet while the game is not being played. They also use a large amount of system resources for something that is only supposed to be a service waiting for a game to start.

PunkBuster offers people the option of uninstalling these files, with something called pbsvc.exe which gives you an "UnInstall" option. This doesn't seem to uninstall everything, as the PB files are not only still present but still load on startup despite the uninstaller's "Uninstall Finished!" message.

All-in-all, if PunkBuster cannot even get its act together to create an uninstaller, nor to inform its support team of what a rootkit they just installed on everyone's computer is actually doing, how can anyone expect PunkBuster to detect cheats and hacks? Private home-made hacks can already slip through PB's dragnet--the only ones they can catch are publicly available hacks Evenbalances finds on the Internet, the way a virus detector works, so I think it's pretty clear that the solution does not lie on the player's computer.

Instead I'd say it lies in the programming of the game itself. Wallhacks and radar, for instance, wouldn't work if the server did not send the locations of non-visible players. A difficult task perhaps, and for only one kind of cheat, but it is a real solution. And it doesn't involve uploading my hard drive to Evenbalance and granting them access to information which, as EvenBalance's EULA says, "includes, but is not limited to, devices and any files residing on the hard-drive and in the memory of the computer on which PunkBuster software is installed"