[HN Gopher] Valve bans 40k Dota 2 accounts using honeypot patch ___________________________________________________________________ Valve bans 40k Dota 2 accounts using honeypot patch Author : chungus Score : 157 points Date : 2023-02-23 11:32 UTC (11 hours ago) (HTM) web link (www.dota2.com) (TXT) w3m dump (www.dota2.com) | throwwaway8529 wrote: | How can they be so sure that that memory wasn't accessed due to | corruption of a pointer | izacus wrote: | They're willing to take that risk I guess. | brookst wrote: | Could also be cosmic rays. Or ghosts. | | But I imagine they tested the patch, like any other patch, and | did not find evidence of any other access to that memory. You | can never be 100% sure, but if that's the standard, then how | could any banned player be 100% sure cheat software wasn't | secretly installed on their system using nation state invisible | rootkit capabilities? | mschuster91 wrote: | Cosmic rays can be excluded by sampling. Say, someone | triggering a guard page once or twice gets ignored, but | consistent read activity whenever the user is playing is | likely to be either an antivirus (which can be correlated and | culprits identified) or a cheat. | brookst wrote: | You haven't ruled out ghosts. | Festro wrote: | It seems like they haven't been overzealous and cross- | referenced hits with other data. People are getting varying | degrees of bans, and exploiters with several accounts are | reporting that not every account has been banned. i.e. Valve | are only banning when they are certain. | | I imagine they are looking at the honeypot, and in-game actions | that would be a result of the player having information they | shouldn't. | | Unlikely that they checked each of the 40,000 bans | individually, but I imagine they devised a simple quantitative | check that they could automate like "honeypot = true, check how | far from STDDev player's dewarding accuracy was", then they | spotchecked the highest confidence rates until they were happy | to rollout the banwave. | throwwaway8529 wrote: | That would make sense | cypress66 wrote: | There are always false positives. Many years ago I was | incorrectly VAC banned in one game. | voldacar wrote: | How does the client know when the cheat reads data from the | honeypot? | [deleted] | kuroguro wrote: | I think throwaway40602 from the previous discussion had it | right - there's a variable that clients can't normally set | (dota_use_particle_fow) that allows seeing some | particles/spells and allows guessing where the enemies are | trough fog of war. You can even find open source | implementations years back for this. It appears to be a popular | feature in cheats. | | They probably just query the clients to see if it's set. | Querying client cvars from the server is already built in the | game engine. | | If true then the announcement just made it sound way more | amazing than it is. | throwaway40602 wrote: | this cvar has been around since 2016 which makes you think if | it was really a honeypot or not | kuroguro wrote: | I can see how it _technically_ turned into one when they | started collecting data. But yeah the PR is strong w/ this | one. | warent wrote: | Could just be a simple property that existed on some game | object, which was exposed in the interface but nothing in the | game ever accessed the property. Then a getter would report the | read to their backend. The cheat programs probably | automatically read every property of these objects. | voldacar wrote: | A getter? If I write a cheat, I'm just reading bytes from the | address of the honeypot in ram | jeroenhd wrote: | I'm no reverse engineering expert but I doubt cheats would | actually call getters when they have access to the raw memory | underneath. | | Maybe lazy cheats do use that mechanism, but it's hardly a | foolproof system. If this is how detection was done, I | imagine Valve has targeted this detection system for a | specific cheat tool/framework. | warent wrote: | Yes I'm seeing now how unsophisticated and probably | incorrect my approach is, clearly running into the limits | of my understanding of compiled programs / cheat engines :) | nagisa wrote: | Couple ways (on Linux): | | * You can set a read watchpoint using debugging APIs (ptrace); | | * You could place the honeypot in a memory page(s) that has its | read permission revoked. An attempt to read the page(s) causes | a signal to fire. In order to not crash the application, the | code would then handle the signal by making the mapping | readable, before continuing execution as normal. | | Other approaches probably exist too, these are just the two | options I would personally try first. | deathanatos wrote: | There is also userfaultfds on Linux: they're a file | descriptor on which the kernel will send fault events, and | let a userland process handle the page fault. | | So, e.g., you alloc a blank page into memory: it isn't | _mapped_ yet, so the first read will trigger a page fault. | You register that page with your userfaultfd. You (Dota, | here) never read from it. If the userfaultfd receives an even | that the page is faulting, then it isn 't _Dota_ /you that's | reading from it. | | Judging from the comments it sounds like Windows has similar | capabilities. | | ... there are _all_ sorts of false-positives here. (Or with | _any_ honeypot, really.) Many are mentioned elsewhere in the | comments... | | (Cf., userfaultfd(2).) | voldacar wrote: | > You can set a read watchpoint using debugging APIs | (ptrace); | | What kind of read is sufficient to trigger this? If dota | makes a read watchpoint with ptrace, my cheat process calls | the linux equivalent of readprocessmemory on the dota | process, then dota gets notified by the kernel? So every time | a process directly interacts with the memory of another | process, the kernel has to look through a list of which | processes have called ptrace and run some kind of handler? As | an aside it seems like this would be bad for performance of | the whole OS | | If ptrace is a syscall and ptrace (according to wikipedia) | allows one program to intercept and manipulate another | program's syscalls, then couldn't I just launch my cheat | first, have it ptrace dota, and intercept dota's ptrace call, | so that the read watchpoint never gets set up in the first | place? | xvinci wrote: | The old saying goes (basically the same as with Malware vs | Anti-Malware): Whoever loads first, wins. So you are right | in theory, you could intercept any call that would allow | you to detect malicious behaviour. That being said two | things: | | 1.) Windows is a closed-source and really huge system. | There are many places you will leave traces, and they | change all the time. Getting it right is hard. | | 2.) At least for malware, windows offers official ways to | get to go first with e.g. https://learn.microsoft.com/en- | us/windows-hardware/drivers/i... - I do not know if this is | used by any Anti Cheat though. | | The super exotic theory would be a rootkit, in those cases | not even windows can help you. But as with security, as | long as there is easy money to be made (because most anti- | cheat systems are simply bad), those very expensive | solutions will be limited to selected few professionals. | voldacar wrote: | ELAM is interesting. Though I think if you ran the cheat | using DMA from a pcie card or some similar means, I don't | think any driver could stop you | DSMan195276 wrote: | You could potentially use a timing-based approach - if the | "first" read to the area is fast enough to suggest it has | already been demand-paged in then that would indicate someone | else already touched the page. Obviously there's lots of | caveats, you can't guarantee a page won't be loaded in anyway | without anybody touching it, and it also requires the cheat | software to touch that section of memory even though it's | effectively unused. If you had a good understanding of how the | cheat software worked and went about probing your process's | memory I suspect you could make it work though (whether the | accuracy would be acceptable is a different matter). | agilob wrote: | OMG I hope this means they will ban TF2 bots too. This game has | been so fucking bad for like 2 years now. | tpxl wrote: | The last content patch (that wasn't Halloween) was in 2017. | They're planning a new content patch for this summer/autumn, | and I'm cautiously optimistic they'll increase moderation prior | to the patch to increase player engagement. | O__________O wrote: | Only way cheating will ever end if players have to risk losing a | meaningful percentage of their real world wealth -- and even then | you would have account that get stolen for the sole purpose of | being a throw away account to cheat with. | bilekas wrote: | That is an insanely large number of accounts, I understand | there's always going to be cheaters but I had no idea the scale | of it was so bad! | oblio wrote: | Cheating is a lot more widespread than you'd think. | | In the past (pre-internet/early internet days) entire companies | were built just on selling cheats. | | Competition drives people to it, especially since many players | are kids and don't have better stuff to do. By competition I | don't just mean in-game results, but also recognition for | achievements (i.e. social competition). | MengerSponge wrote: | Do you know how many active (have played >1 match in the last | month) accounts exist? 40k is a lot, but there's got to be | redundancy. | | I'd also _love_ to see a breakdown by region. Just knowing what | servers were more impacted would be super interesting. | bilekas wrote: | Absolutely no doubt a lot, can't check steam metrics right | now but I just didn't expect so many people to be cheating. | Especially with a pvp game. I don't see the point personally | how you could feel good after. You didn't win.. your cheats | won. Strange pov. | c22 wrote: | I think to adopt this pov you have to feel good about other | people losing. | bob1029 wrote: | This is why some of us are not giving up on the streaming | gaming idea. | | It doesn't solve 100%, but it definitely fixes this entire | universe of "oops the client has to know a little bit too much | about the game state" problems. | bilekas wrote: | That's actually a really good point I never made the | connection of cheat prevention and cloud gaming. | | A point to be made for remote competitions requiring it! | bob1029 wrote: | > A point to be made for remote competitions requiring it! | | My current dream is a streaming-only arena shooter with | various competitive modes. Something needs to fill that | hole that UT2k4, OW1 and others have left behind. | | I had a friend casually suggest a solution - similar to | Valve's - for the 1% edge case in the streaming gaming | scenario. An example of this edge case is ML bots that | watch real-time video feeds of the gameplay to aim/click | the mouse. | | A possible solution is to inject "honey pot" information | into the actual frames in order to bait the bots into | taking extremely unlikely actions. Enough of these small | tests over time and you can arrive at a statistical | impossibility that the player is not cheating. | barbariangrunge wrote: | As a percent of total players, it's not that crazy | Jamie9912 wrote: | Don't popular antiviruses scan entire process memory? | adzm wrote: | Popular antiviruses often have exclusions for particular | processes in order not to trip anti-cheat / tamper-detection | code, as well. Especially for well-known anti-cheat mechanisms. | throwaway40602 wrote: | there was a convar in the game for 6+ years that let you see | particles in the fog of war; 99% of cheats forced this convar on. | source lets you request CVars from the client and the value, so | they simply did that. it has nothing to do with reading memory, | but rather writing memory to allow you to see particles | kurisufag wrote: | if dota is anything like CS:GO, then most CVar-editing cheats | are done by hooking the underlying functions instead of just | forcing them. I distinctly remember the word on the street a | few years ago being that manually writing to CVars was | Dangerous Stuff To Be Messing With. | seatac76 wrote: | Great work. They need to do it for CS GO too. | mkl95 wrote: | Could there be any false positives? Data mining for legit use is | a big thing in games like World of Warcraft | nozzlegear wrote: | I play much more World of Warcraft than I should but I'm not | sure what kind of data mining you're referring to. I don't | think Blizzard allows anything that can read the memory of the | game while you're playing it. Are you maybe referring to the | raid logs that people use? Those are just addons that write the | raid combat log to an external file, and then someone in the | raid runs a program that reads the log file and uploads it to | www.warcraftlogs.com | GuB-42 wrote: | How is data mining by reading from the client software memory | "legit"? You are supposed to discover things by playing the | game, not by doing things that are explicitly forbidden by the | terms of service. | | Even when it is tolerated, it is always "at your own risks". | bredren wrote: | I played a lot of this game (WD for the win) a while back but | gave up on it years ago. | | Cheating was only a secondary problem to the toxic community. It | went all the way up to the casters. | s09dfhks wrote: | I'm curious about what data the "cheats" were reading and how it | gave them an advantage | rootcage wrote: | Does it matter? If external software is accessing data within | the game client, that itself is a breach of contract. | [deleted] | andybak wrote: | Contracts are often overly restrictive and I want to use | software I've bought in any legitimate way I can. | | For example - VR mods for older games give me great pleasure | and a ban because they used internal hooks would make me very | angry. | babypuncher wrote: | Are you arguing that cheaters should be allowed to run | rampant in multiplayer games purely because that is how | they want to use their software? Because at that point, | there is no reason to even have multiplayer games. | aaomidi wrote: | Honestly the solution to this is to have | | 1. Self hosted servers. Let communities do their own | moderation. | | 2. As part of #1, cheating/sandbox lobbies. | babypuncher wrote: | I get the desire to go back to community hosted servers, | but there are real tangible benefits to modern | matchmaking systems, particularly for games with a | competitive focus. | CursedUrn wrote: | Some of them read unit positions/type/health to auto-aim at the | best target. | noxvilleza wrote: | There's a variety of different parts, I can describe some. | | * A flag on each CDOTA_Unit which includes heroes for example | CDOTA_Unit_Hero_Weaver has a called m_iTaggedAsVisibleByTeam | which allows you to tell which teams this entity is visible to, | so you can tell if the enemy can see you or not. | | * Particles (which affect things like Town Portal scrolls, | Smoke of Deceit, attacking neutral camps, etc). There are some | things that happen in the game that need to be sent to all | clients (even if it's happening in the fog of war for this | client), otherwise things would look weird if you were to | suddenly get vision of these areas. There's a great explanation | by one of the Valve Dota devs on this exact topic and why it's | hard to solve: | https://old.reddit.com/r/DotA2/comments/uywfxi/comment/ia85u... | | * Some other cheat modules are able to see spells cast, so they | can track cooldowns of spells (with indicators above each | hero). They can also track cooldowns of specific events: when a | player uses buyback there is a cooldown before they can buyback | again, when Roshan is killed his respawn time is randomly | decided within two bounds so you want to track those bounds. | gregw134 wrote: | I heard you could tell when your opponents had vision on you. | Useful for detecting ward spots or incoming ganks. | macinjosh wrote: | > Useful for detecting ward spots or incoming ganks. | | This phrase makes me feel old, haha. No idea what it means. | | As a programmer with no game dev experience what are the most | common technical mechanisms used for cheating? Are they | modifying outgoing network traffic on the fly or something | like that? | xvinci wrote: | Everything that goes is common sadly. This includes: | | - Reading from and writing to memory (either by direct | means provided by windows, by custom drivers, or by | exploiting installed vulnerable drivers to bypass secure | boot and such) | | - Reading network traffic (particularly nasty because it | can be done on a device where the game and Anti-Cheat is | NOT running provided you get access to SSL decryption keys) | | - Having an external device react to your video feed only | (either "dumb" aka on colors, pixels shapes etc. or fancy | with AI and stuff) and then react by a "faked" input device | (mouse, controller, etc). | | - Modifying game files (e.g. replace texture walls with | transparent textures) | | - The very easy way: Simply exploiting game bugs. E.g. you | can cheat in Fifa on console (!) since years by doing stuff | in the system menu. Fifa will just disconnect the game | without giving you a loss for the match. | zinclozenge wrote: | I'm no longer in the game, but circa counter-strike 1.1 or | 1.3, the typical way was using windows hooking API to load | your hack into the running process. You could then simply | use the freely available half life modding sdk to use the | same structs and things like that. Network related stuff | also happened, but I never paid attention to it. | margorczynski wrote: | Ward - object placed somewhere to give you vision around it | Gank - suprise attack basically, usually when a guy from | one lane go to another one to suprise kill an enemy player | acchow wrote: | It's not really an age thing. If you don't know anything | about Dota or the MOBA genre, these concepts will be | meaningless. | | Let's translate to the more commonly understood First | Person Shooters. In a FPS, you don't know if someone is | hiding behind a door. But with cheats on, the cheat program | could be reading game data and know that someone is behind | a door. It could highlight that person on your screen in a | red color, that way you can see them even tho they are | hidden. | | It could also move your mouse cursor automatically for you | so you get an easy headshot without even trying to aim. | | Neither of these involve modifying outgoing network | traffic. | powersnail wrote: | I've heard of the following cheats in dota2 | | - Tell you where the enemy is during TP. This is really useful | for, for instance, Zeus, who has a stun (stops TP) that can be | placed anywhere on the map. | | - Show you where enemy has vision, which makes de-ward a | trivial task, and therefore makes sure the enemy has basically | no vision. | | - Instant skill casting when an enemy comes into vision. Useful | for heroes with instant stuns/silence, makes them be impossible | to be jumped, basically an impeccable counter-initiate, but not | always an advantage when initiating. | warent wrote: | Meanwhile, Riot Games issued a warning to League of Legends and | Teamfight Tactics players earlier this year that new cheats could | be developed after source code for both games and the legacy | anti-cheating software they use was stolen in a data breach. | | As a past fan of League of Legends and Riot, this is a very | typical response from them. Zero effort; meaningless notices. | After years of playing, I quit permanently after reviewing my | games and finding I was the only one not cheating in about 10 | games in a row (that means I encountered about 90 cheaters in a | row). This was _before_ the code leak. God help the remaining | legitimate community now. It 's so obvious that Riot sees people | as an obstacle to their money. | | Seeing this news for Dota 2 warms me up inside. I don't play Dota | 2 because I don't want to allocate the time to it, but it seems | like they truly care about their community, at least to a much | greater degree. Very happy news. | aaomidi wrote: | How do you even cheat in TFT or league? especially in TFT. The | game is basically an RNG game mixed with counting/figuring out | probabilities. | noxvilleza wrote: | In some sense this news was surprising and great (40k is I'd | estimate, ~0.5% of the unique monthly players!), but the | release was also a bit misleading. The part "With that goal in | mind, we released a patch as soon as we understood the method | these cheats were using" is just outright false - there are | numerous open-source Dota cheat engines which have been around | and in working order for many years. | thot_experiment wrote: | DotA 2 has got a system where each person has a community | rating, based on some aggregate of your reports and | interactions. If you have a good rating you get placed with | others who have a similar rating. It's not perfect but my score | has never not been maxed out and would say that solidly over | 60% of my games are jovial and cooperative with people being | communicative and friendly. I have friendships going on decades | that started in that game, but also I continue to make friends | to this day. I've got people in my book club I met on DotA last | year. | | I've played some league and it's definitely a very different | community feel. | | I also think that the fact that in DotA you are not able to | surrender is incredibly important when it comes to the feel of | the game and community. I think the single biggest mistake Riot | made is allowing teams to surrender, it makes the game so much | worse to even give people the possibility of giving up. DotA is | a game you can win off a marginal mistake even till the bitter | end, I'm glad the mechanics reflect that. | Llamamoe wrote: | "after reviewing my games and finding I was the only one not | cheating in about 10 games in a row" how did you know that all | the other 90 people were cheaters? | warent wrote: | I'm not sure if "cheat" is the exact word to use here. They | were all bought accounts or in the process of being boosted. | | One way to tell is by looking at a player's match history and | seeing their account plays one or two champions for a while | repeatedly getting MVP with 20/0/x, and then suddenly | switches champions and either plays significantly worse or | somehow playing even better depending on the ELO. The | opposite is also true--consistently playing horrendously, | then suddenly switching to different champions and | steamrolling beyond their ELO. | | There are networks of boosters and account sellers. Some | people spend full time hours farming hundreds of accounts to | level 30 for ranked play, and these accounts are purchased by | other boosters who spend full time hours getting to Diamond+, | to then resell. This is how you can find fresh level 30 | accounts at the highest ranks--it's account farming. | | When you analyze closely, the majority of the community is | composed of these bogus Chinese account farms. Hardly anyone | is actually playing the game. This problem goes all the way | even to the Challenger level; streamers constantly deal with | this problem and Riot doesn't do anything. | | Even when League was having betting problems at the | Grandmaster/Challenger level, of people betting against their | own games and then "soft throwing" to make money, it wasn't | Riot that did anything about this. It was the betting | companies themselves that banned League from being gambled on | their platforms. | lcnPylGDnU4H9OF wrote: | I stopped following this scene around 2018-2019; basically | right after G2/Fnatic started to be some of the most | dominant teams, even compared to the best Korean teams | (that's not why, just around that time). | | It's disappointing -- but not surprising -- to hear all | this, especially that it even affects the Challenger-level | games. This does sound like the kind of issues they would | have no idea how to deal with. Not that they don't care | exactly but that they can't figure out how to handle it. | warent wrote: | Yeah it sounds like a lot has changed. I joined around | 2019 and quit end of 2022. | tester756 wrote: | Smurfs / Elo Boosters | | Arent "Cheaters" in the sense this thread is talking about | lcnPylGDnU4H9OF wrote: | > it seems like they truly care about their community | | I continue to get good vibes from so much of what Valve does. | It might just be good PR work from them but it seems like it | goes beyond that. | | - They maintain an online service which is used by millions, if | not billions, of people around the world. They actually(!!) | provide customer support for this service. | | - They sell computer hardware, admittedly for the primary | purpose of using the aforementioned service. I've never heard | about any serious complaints about this hardware that are left | ignored (this might exist but I haven't heard of it). | | - They develop an online multiplayer game with community | support. I almost never hear bad things about how this | community is managed from members of the community. I guess | this is the most likely to be just "good PR" but again, I don't | tend to see these issues escaping community discussion as I | would expect for hot-button topics. | ilrwbwrkhv wrote: | Valve is one of the only tech companies worth its salt. | jeffbee wrote: | I wonder how they developed this honeypot in such a way that the | magic page or region of memory was known to have been accessed by | a cheat and not by, for example, an antivirus daemon. | fwlr wrote: | I doubt they're doing anything super clever with examining | access to memory regions. From the way they use the word | 'honeypot' and other comments here about cheating software | setting team vision flags, I suspect they simply noticed some | of their internal functions were commonly being used by | cheating software. From there it's simple: duplicate those | functions, add "_legit" suffixes, find/replace all use of those | functions in your code with the _legit-suffixed version, and | add logging to the original function without breaking its | functionality. You can even formally prove that the original | function will never be called by legitimate clients with dead | code analysis. Cheating software will go on using the original | functions because they still work, not realizing that the core | game logic functions they were using have suddenly become dead | code with logging. | quadcore wrote: | Im surprised reading data in the client can give unfair | advantages. | ROTMetro wrote: | Can Valve do anything about all the Z flags in their community? I | mean, yeah, I know they can. But why don't they? F Valve. | squarefoot wrote: | Because a letter is just a letter, and although we all know the | nefarious meaning of that Z, it's still a generic letter. Same | reason why nobody would have grounds for reporting you here for | writing that (well deserved) "F Valve". | wildrhythms wrote: | The average Dota 2 player count over the last 30 days was around | 396,000[1] so am I correct in understanding that _at least_ 10% | of all Dota 2 players were cheating in some way? | | https://steamcharts.com/app/570 | Ekaros wrote: | 396k is the average number of players during. The peak is | seemingly 680k in last 30 days. Peak is the least number of | players(accounts) there was during last month. | | Million to two million would be my estimate of players. Still | leading to 2-5% of player base. Which itself isn't small | either. | cypress66 wrote: | As a very rough rule of thumb for these multiplayer games, MAU | is about 100x concurrent players. | 1MachineElf wrote: | Disclaimer: I've never played Dota 2 | | It's also possible some of those accounts were created to be | sold on on a marketplace. Online gaming marketplaces have | traders with in-game items, credits, and even accounts for | sale. It's especially big for online games where item | duplication glitches allow some players to hoard hundreds- | thousands of hot commodities. Accounts that have maxed out | levels, achievements, and/or rare rewards (possibly via this | cheat) can sell for hundreds of real world dollars. | agilob wrote: | I don't play Dota2, but it would surprise me in TF2 and L4D2. | I've been in games where 5 of 8 players were bots. | reportgunner wrote: | Since Dota is a free to play game I would point out that it is | likely that cheaters almost always have more than one account | to evade bans so I don't think 1 account = 1 irl user is always | true. | | Even for non F2P games it is usual for cheaters to use phished | or hacked accounts that they buy for a few cents. There are | also accounts that are tradebanned because they were used as | bots for 3rd party trading websites and they are basically | worthless after getting tradebanned. | ridgered4 wrote: | This always seems obvious to me with F2P games. They create | more and more complicated measures to detect cheats, but when | it cost nothing (except an SMS service now I guess) to spin | up a new account you aren't getting anywhere. | | The old business model of just charging a lot of money up | front for the game seems like it wouldn't have this problem | to the same extent. You just ban their key and they're out | $20-60. But that business model is less popular now I guess. | reportgunner wrote: | > _The old business model of just charging a lot of money | up front for the game seems like it wouldn 't have this | problem to the same extent._ | | The problem with such games exists as well but challenges | are different: | | - cheaters still have access to phished/hacked abandoned | accounts that own the game that they can buy very cheap | | - another way to get new accounts for cheap is to buy the | games in countries where the games are cheaper i.e. | argentina or turkey | | - there is very little motivation from developers to | completely stop the cheaters or slow them down (every | banned account is a potential sale of new copy of the game) | the developer benefits financially from cheaters continuing | to evade bans | | - the players hurt the most (who already bought the game | and paid the developer) don't generate any new income to | the developer and dont pose any risk to income generation | unless they quit the game en masse (discouraging potential | new players from buying the game) | cathdrlbizzare wrote: | Yep. There's no incentive to catch every cheater because | it helps sell the "need" for advantages conferred by DLC | and virtual currencies. | mirker wrote: | The common free to play guard is you need to play X number | of unranked games before you can play ranked. The account | is "paid" for with some proof of work. | cathdrlbizzare wrote: | You can bet F2P games generally aren't playable without | buying virtual currency and DLC. | ferminaut wrote: | I've had the idea that a deposit in free to play games | would be sufficient. Put some amount of money in, say $20. | When you are done with the game, you get the $20 back. If | you cheat, you lose the $20. | reportgunner wrote: | Nowadays money is not a problem for full time cheat | developers - they sell the cheats (often in a monthly | subscription model) to the cheaters or they sell a | service where the cheater joins you in the game and does | all the cheating for you (so called carry services, e.g. | in escape from tarkov a cheater joins your game, kills | all your enemies and lets you take all the loot). | | I have seen ads for cheats where a monthly cheat | subscription costs more than a new copy of the game. | JustBreath wrote: | It doesn't work for all games, but I was a big fan of Dark | Soul's method of dealing with cheaters. | | If your character or account was flagged for cheating, you | were put into a public multiplayer pool/jail with all the | other cheaters and would only match games other cheater. | | It's clever because you never actually know what you did to | get caught or if you have even been caught. | | You can only suspect when you notice nearly everyone else | you play with also cheats. | barbariangrunge wrote: | Wasn't dark souls famous for getting you flagged as a | cheater because a real cheater joined your game and | dropped a hacked item? There were streamers doing this to | ruin the play of ordinary players all the time | favaq wrote: | You don't know how bad it is in PC games. This is precisely the | reason we need anti-cheats in the kernel. | bob1029 wrote: | Baking anti cheats into the photomasks of our CPUs still | won't fix anything. | | You have to fundamentally alter how you serve these | experiences to customers if you really want to solve it. | cathdrlbizzare wrote: | I fail to see an argument for this being a technical | necessity. | | And, you don't offer any data or evidence for this. | | There are thousands of businesses and million of users who | don't care about and don't need this. | Sayrus wrote: | 396000 average concurrent users. There are many more accounts | as players are not online 24/7. | | Monthly active users should be in the millions. | kuroguro wrote: | Well they collected data for "the last few weeks" and banned | them all at once. Total unique player count would be more | accurate to calculate the % | ctvo wrote: | Does anyone remember when Warcraft 3 was in beta and got leaked? | Pirates created an emulated Battle.net that could work with the | beta assets and had matchmaking, ladder, etc. working. | | Hundreds of thousands played. Blizzard released patches in beta | that would, for example, spawn infernals to attack your town hall | if it detected you were on the emulated server. This reminds me | of that. Blizzard lost their battle, by the way, and people | pirated WC3 all the way until release. | duffyjp wrote: | Along the same lines I loved the Serious Sam solution to | piracy. They let you play but spawned an invincible enemy | occasionally to ruin the experience. | | https://www.thesixthaxis.com/2011/12/08/how-to-get-rid-of-th... | margorczynski wrote: | Don't really get the idea behind fighting cheating in SP | games - you just destroy the game for yourself. In MP on the | other hand you destroy it for others. Maybe some kind of | telemetry + ML analysis could help here as the current | methods seem to have holes in them that get found out | eventually. | xvinci wrote: | Piracy is not Cheating (or rather it is, but a different | kind: cheating the developer out of his money):) | nottorp wrote: | How buggy was it? | | I remember in Settlers 2 or something (before Ubisoft ruined | it) the iron smelter was producing pigs in pirated versions. | | However, it wasn't extremely good at detecting them leading | to pissed off legit players. | duffyjp wrote: | No idea, my first encounter with Serious Sam was a cheap | Steam bundle so it never happened to me. They're really fun | over the top games and hearing about that "feature" it made | so much sense. The developers definitely prioritize fun | over taking things seriously (no pun intended). | nottorp wrote: | Oh I've played all the Serious Sams :) It's about the | only modern 3d shooter series I can still stomach. | Battlefield of Honor of Duty and derivatives take | themselves too seriously and are too much for | hypercompetitive dudebros. | Negitivefrags wrote: | C&C Generals had a thing where if you had multiple clients | with the same CD key in a multiplayer game everything would | be fine for a while, but 10 minutes into the game all the | buildings of the people who duplciate keys would explode. | | This happened a few times at LAN parties to my friends, some | of whome gave each other the game by copying the install | directory across. Took us a while to work out what the hell | was happening. | bombcar wrote: | Which is interesting because Starcraft had a specific | "Spawn Install" so you could have two people play | multiplayer from the same license. | | https://en.wikipedia.org/wiki/Spawn_installation | lcnPylGDnU4H9OF wrote: | I had a pirated copy of WC3 available to me via a vulnerability | in my school's AD setup which allowed me to access another | student's directory where it was installed. | | I would play it almost exclusively in a web design class I | took. That class was where I learned HTML; that wasn't the | focus of the class, not by a long shot, but it was the thing | that captured my interest the most. I ignored everything else | in that class in favor of the Wintermaul Tower Defense custom | map. | ShadowRegent wrote: | EarthBound took a similar approach with it's anti-piracy | measures if you work around the obvious ones. There are far, | far more enemies to make the game less enjoyable. They also | added random freezes when entering certain areas. If you | managed got to the final boss despite everything else, it | freezes and deletes your save. | jmacd wrote: | Did they lose, or did they just have a lot of fun coming up | with ways to mess with people? | ctvo wrote: | They tried very hard to stop it. Eventually the lead | developer of the WarForge (emulated server) effort was | approached with a job offer from Blizzard. | | One thing about Blizzard is they're extremely litigious wrt | to piracy and emulated servers. See WoW, etc.. | tskool3 wrote: | [dead] | 4gotunameagain wrote: | > This patch created a honeypot: a section of data inside the | game client that would never be read during normal gameplay, but | that could be read by these exploits. Each of the accounts banned | today read from this "secret" area in the client, giving us | extremely high confidence that every ban was well-deserved. | | Any speculation as to how this worked on a lower level ? | tester756 wrote: | 15 years ago in Tibia there was concept of let's call it - | changing network payloads. | | I know it only from stories, so forgive me mistakes. | | So basically | | action X at patch Y sends instruction Q1 | | and then | | action X at patch Y+1 sends instruction Q2 | | but cheating/botting software when ran straight after the | update still sends old instruction Q1, | | which is now impossible to be generated by legit player and | this way you can instantly mark player as botter. | | but I think it cannot be it since modern cheaters wouldnt be | this stupid, right? | wrren wrote: | VAC probably sets up a hardware breakpoint conditioned to | trigger when the start of that memory region is read. When | triggered, a function registered via | AddVectoredExceptionHandler will be called. It probably just | sets some flag somewhere indicating that the memory region was | accessed before resuming flow. You can guard entire pages of | memory using a similar approach | (https://dzone.com/articles/memory-access-breakpoint-large). | blibble wrote: | hardware breakpoint maybe? | tobyhinloopen wrote: | I imagined the secret area contained fake details about the | game, like adding an invisible fake street to a map. If the | client refers to the fake street or any location within it, you | can be certain the details about that fake street were obtained | using cheats. | | This trick is used to catch cheaters on minecraft, by spawning | in fake diamond blocks that would only be visible to specific | cheats (xray). If a user suddenly were to dig to these blocks, | you can be reasonably certain there's something fishy going on. | | Other way to think about it, is adding an invisible field to a | contact form that is only hidden through CSS | toxik wrote: | > Other way to think about it, is adding an invisible field | to a contact form that is only hidden through CSS | | Watch out for autocomplete though. | tough wrote: | And as a consumer, watch out for auto-completed css hidden | credit card details | jfengel wrote: | A nice callback to the "trap streets" used in actual paper | maps to catch people violating copyright: | | https://en.wikipedia.org/wiki/Trap_street | cptcobalt wrote: | Or just call it what it is, a honeypot: | https://en.wikipedia.org/wiki/Honeypot_(computing) | elzbardico wrote: | I don't think it needs something deeply clever involving | hardware breakpoints, sniffing for virtual pages backed by real | memory or something like that. And probably that's why it is | described as a honeypot. | | It can just be something exposing a data structure that gives | the player some unfair advantage and them watching the players | that could only have achieved some very unlikely advantage in | the game by exploiting this information. | | In a FPS for example, if a player consistently anticipates | their adversaries sneaking behind a wall, well beyond what | would be dictated by probability laws, there's a very high | chance that he is cheating in a way that allows him to "see" | their adversaries behind walls. | pandog wrote: | Implementing what you describe sounds to me way more "clever" | and less robust than the canary page approach described | above. | | Specifically - I wouldn't fancy writing the "consistently | anticipates their adversaries sneaking behind a wall" | heuristic you describe but the earlier post describes the API | that already exposes the "has read canary page" | functionality. | bmitc wrote: | How does that work with latency? For example, if someone has | extremely fast internet and a low ping, they are going to | "see" around walls more often than opponents. | throwaway40602 wrote: | there was a convar in the game for 6+ years that let you see | particles in the fog of war; 99% of cheats forced this convar | on. source lets you request CVars from the client and the | value, so they simply did that. | | to be clear, this was not a honeypot, but they claimed it to be | kuroguro wrote: | Do the particles alone w/o any cheats give an advantage? | throwaway40602 wrote: | yes, you can tell where enemies are in fog of war | kuroguro wrote: | Hmm, well I wouldn't permaban people for using a known... | built in setting, even if it gives an unfair advantage. | | _edit_ | | To whoever downvoted me later - I would consider it a bug | if it was user settable without cheats. Similarly you | could see trough smokes in CS for a long time by changing | some video settings. You don't (usually) ban people for | bugs. | throwaway40602 wrote: | it was restricted, you couldn't force it without cheats | kuroguro wrote: | Ah, yeah sounds plausible then. I somehow don't buy the | guard page/hw breakpoint explanations. This also lines up | with "[information] that wasn't visible during normal | gameplay". | ohgodplsno wrote: | Take the player info struct: struct | player_info { std::string name; vector4 | position; vector3 orientation; int level; | ... } | | and dump in something like | `report_when_accessed<std::list<player_info>> oops_here_are_all | _the_other_players_and_their_position_i_am_only_for_debug_pleas | e_remove_me`. Your client will never, ever access this list: | it's your honeypot. The moment you get any access on list[i], | it gets noted down and reported (like sudo does, straight to | the naughty list). Cheat makers will see this and, if it | doesn't smell of a too obvious honeypot, cannot pass such a | golden opportunity: literally free maphack, just locate where | the player struct is in memory and read it all! | pedrovhb wrote: | It doesn't necessarily have to be useful information. They | mentioned they understood how the cheat application worked, | so it's possible it was doing something like indiscriminately | accessing certain memory regions; this would make it possible | to detect without any changes to the cheating program. | throwaway40602 wrote: | how do you expect to be able to tell when someone has read | one of your pages outside of working set watches/guard pages? | larschdk wrote: | You could possibly query the OS for whether physical pages have | been allocated or not. Physical pages would only be allocated | on the first page fault, when the pages are read. | jsnell wrote: | I'd do it by read-protecting the page, and install a fault | handler that records the access and then unprotects the page | (to avoid detection when the cheat causes the game to crash). | TheAdamist wrote: | Windows lets you configure guard pages where you get notified | on access, normally used to detect stack growth and such. | Although that should be an easy and normal thing to avoid for | av/cheats. | | https://learn.microsoft.com/en-us/windows/win32/memory/creat... | ed_mercer wrote: | I wonder if this can be circumvented by running Dota in a VM. | poizan42 wrote: | Not helping as long as the page fault is triggered and | handled by the process. You could just not do a regular | read of the page though. No need for a VM for that, just | call VirtualQueryEx and check | MEMORY_BASIC_INFORMATION.AllocationProtect for the | PAGE_GUARD flag. | HHad3 wrote: | (Wrote anti-cheat software in the past.) | | There are multiple ways to detect this. Hardware breakpoints | were already mentioned, but they only work per thread, so if | one is sniffing on your memory from another process or the | kernel then these won't help. | | The most stealthy and evil way I found was to allocate a page | but never actually use it. | | Windows lazily allocates physical memory for fresh memory pages | when they are first used. | | The detection is to periodically poll the page map from your | process and check your canary pages via NtQueryVirtualMemory. | If your unused page suddenly is backed by some physical memory | then something happened to read from it! Bonus-points for | putting such canary pages into places previously used for real | game data. | | This method is not foolproof: Anti-virus programs can read | memory of all programs (but don't, Overwatch e.g. does not like | this and crashes randomly due to this exact protection method). | A bug in the program could also read from the page accidentally | (e.g. out-of-bounds array read). But it's a /very/ good | indicator that something is wrong when other cheat detection | mechanisms also trigger. | | Once you know how this works it's pretty easy to defeat | unfortunately: Read the page map first, then avoid reading | pages that have no backing physical memory, because those | contain no useful data at best and are canary pages at worst. | pixl97 wrote: | Hmm, this sounds like you should always run your cheat tools | with the executable name/faked exe information of anti-virus | application. | rogers18445 wrote: | I used to work on an anti-cheat briefly, and migrated away | form relying on Windows API to do this as the parent | comment suggested, instead we used cache timing "attacks". | | Antivirus was a concern but easily solved by the fact that | cheats access memory many times a second, antivirus does it | rarely if ever. | HHad3 wrote: | Author of parent comment here: Interesting insight! I | love (and somewhat miss) this industry because the game | of cat and mice is never over. | HHad3 wrote: | Oldest trick in the book, good luck faking the PE signature | to match the vendor's certificate ;-) | | (Jokes aside, the kernel does not provide any information | about which application reads a canary page. It's best to | just use this as necessary condition and take it with a | good pinch of salt.) | cabirum wrote: | So they detect reads from an external process? What if, instead | of an exploit app, an antivirus read the memory? | marcinzm wrote: | Presumably the access pattern (ie: how often, which regions, | etc.) of a hack is very different than an antivirus. | Jamie9912 wrote: | The article just says anything that read that section | cathdrlbizzare wrote: | There are all sorts of security software that could do | this. Antivirus, DLP, and more. | | Conflating a variety of possibilities and relying | correlation doesn't reduce to intent or prove causation. | | OTOH: Don't play computer games on company hardware unless | it's part of the job. | | I don't have skin in this computer game. To stay ahead of | cheaters requires constant vigilance and creative solutions | to scale detection. | marcinzm wrote: | If I was them I wouldn't give out all the details on this. | cathdrlbizzare wrote: | Security through obscurity isn't security. | Wowfunhappy wrote: | This isn't security in the same sense, and consider they | also do ban waves for a reason. | GuB-42 wrote: | It only said "Each of the accounts banned today read from | this "secret" area in the client", it also said you _can_ | get banned if you read data from the game client memory. | | Reading from that section was a necessary condition for | this wave of bans, but they didn't say it was sufficient, | and that they didn't do any additional checks. | MagicMoonlight wrote: | Yeah yeah of course, it was your brother who was cheating and | we should unban you. | | Come on, how naive do you think they are? Antivirus doesn't | load player_pos[4] every 35ms. | fatfox wrote: | Any top players banned? ;) | Festro wrote: | A Chinese team called Knights were suspected of cheating with | an exploit that might have been detectable through this | honeypot method. However, so far, the whole team continues to | play in the current major tournament that began yesterday in | Lima. | | The honeypot doesn't seem to have had anywhere near a 100% hit | rate on users of a well-known exploit system. Lots of | exploiters self-reporting that they have had some of their | accounts, but not all, banned. | | Valve have likely been fairly careful in reviewing the results | from this method. It's a banwave after all, not an automated | detection system that issues bans in realtime. Also worth | noting that exploiters have reported game bans, account bans, | and VAC bans, from this wave. So, the severity of the | punishment seems to have been measured against some metric too. | It's not a simply boolean of 'UserExploit=True', there's shades | of grey involved. | thrdbndndn wrote: | Rumors (from Chinese community) also said that the honeypot | was only implemented after Knights "incident". They could | (would be stupid to not, _if_ they did use) simply stop using | hacks after they were in spotlight. | NKosmatos wrote: | Nice move and it's better that they're open about it so that any | wannabe cheaters might consider it. On the other hand, what is | stopping cheaters from creating new accounts and trying to read | data from the client with a new exploit or other means? | FartyMcFarter wrote: | > This software was able to access information used internally by | the Dota client that wasn't visible during normal gameplay, | giving the cheater an unfair advantage. | | I'm curious what this information was - does the Dota 2 client | have access to all the game state including players hidden from | view? | Ekaros wrote: | Not all state, but very often in networked game the client | needs to know information of what is soon to be visible. Say | two characters approaching each other with fog of war. For | latency compensation it makes game feel better for this to be | send to client sometime before client renders the other | character. | brookst wrote: | Don't know about "all state", but consider that the graphics | are rendered client side, where the polygons are loaded into | the GPU. The GPU checks for occlusion and renders what's | actually visible. The GPU is also responsible for shadows and | reflections, both of which can come from offscreen or occluded | objects. | | For that to work, the client needs to know at least where every | player / model / polygon is within some range and field of | view. | | As fast as the game moves and as much freedom as players have | to change their position and heading, it's likely that | everything anywhere near the player is computed and sent to | GPU. | Festro wrote: | So, there's a character in the game that has a passive ability | that lets it recover HP faster if they are not being observed | by the enemy. | | That ability necessitates a function that checks for enemy | vision, from heroes or from static observer wards that you can | buy. | | From an exploit perspective that is a huge boon to use for a | variety of purposes. Lately it may have been used to allow | exploiters to detect those purchaseable wards so that they can | be countered and removed in gameplay. | FartyMcFarter wrote: | Interesting. I would have thought such an ability would be | implemented by increasing the HP on the server and then | sending the new HP value to the client. But perhaps this is | impractical for some reason. | tikkabhuna wrote: | I'm wondering what the client vs server is responsible for. | I would have thought the server could have been responsible | for adding/removing the buff where necessary. | | Curious as to how health regen is done in general. The | server must have some sort of understanding of what it | should be otherwise clients could set it to whatever they | want. | Festro wrote: | I think it's a matter of network performance, and the | visual bugs that you can create without due care in such a | fast-paced online game. | | Valve have commented on this hero's mechanics, and issued | fixes relating to client/server-side interactions within | the past year in fact. But apparently, the exploiuts still | exist. | | Their comments have been around how redoing such mechanics | can cause undue lag between clients that need to be 'caught | up with' as quickly as possible. Too long and a client | could see something they shouldn't and get a competitive | advantage. Valve don't want to have a server updating 10 | clients on 10 different network connections if they can | avoid it. The compromise is to do more client-side, but | that leaves the system vulnerable to such exploits. | | Considering that the game includes fog of war, and | invisibility mechanics, visual bugs from these systems do | crop up a fair bit. | izzydata wrote: | I have found over the last 5 years that it is impossible for me | to take online multiplayer gaming serious in any capacity | anymore. Cheating has become so rampant and so ubiquitous that I | have no confidence in any online gaming match to be cheater free. | If people are cheating then what am I even playing for? It's only | fun for me when I know there is some semblance of integrity | between the players, but nobody else seems to care. I don't even | particularly care about being good or winning. You wouldn't cheat | at tic tac toe despite the inherently low stakes of the game so | it doesn't seem any different in any other video game. | | I also have no trust in any sort of gaming related records of | feats of ability. I've been deeply involved with gaming | communities in the past where people would show off their world | records. I would question such scores only to be flamed and then | years later it is discovered they were cheating after all. | | Really my only point is that I despise cheaters and any game that | isn't single player or only between friends may as well not exist | for me anymore. | arecurrence wrote: | Bots have been improving a lot in recent years. It may be that | the future is not multiplayer but single player with excellent | bots... maybe Sliders got the end times wrong :) | aaomidi wrote: | I am so annoyed I can't play league with those awesomely good | boys. Seriously just let me stop interacting with angry man | children and give me bots. | abathur wrote: | It is, at least, supremely satisfying to pwn a blatant cheater. | | One time there was a blatant hacker on the Markov server in the | original PlanetSide (a TR player with a name like iIiIiIiiIiii) | that was using some sort of time/speed hack to move and shoot | at some large multiple of normal. | | They were having a lot of fun camping inside towers to kill | people spawning there, so I managed to camp out in one before | they arrived and held a good corner with my trusty bolt driver | (sniper rifle). I managed to pop them once on their way up the | tower, and I think they were moving so fast that they didn't | realize it'd happened until they got to the top. Just enough | time to reload and switch angles for them to come back down. | | I know the hacker was there to enjoy ruining fun for others, | but they gifted me what was unambiguously the most | exhilarating, triumphant, and memorable of the 25K+ bolt driver | and 40K+ total kills I recorded. | 2OEH8eoCRo0 wrote: | > it is impossible for me to take online multiplayer gaming | serious in any capacity anymore | | I'm a gamer but I don't think that they're meant to be taken | seriously. | izzydata wrote: | That's not exactly what I mean by serious. I only play games | for fun and don't consider anything that occurs in said games | important to my life. But I am not going to spend the time | playing something that has cheaters as it reduces the value | of the experience to nothing for me. | babypuncher wrote: | I don't know what games you play, but in the games I play | (Mostly Overwatch), cheaters are a pretty rare sight. | [deleted] | AlexandrB wrote: | IMHO, the only reliable solution is community-managed or | "dedicated" servers where there are trusted admins that have | the power to ban cheaters at their own discretion. I don't | think this problem is solvable "at scale" in the general case. | Unfortunately the gaming industry has spent the last decade | taking power away from gaming communities and replacing it with | proscribed matchmaking and map rotation - so the tools for | community policing haven't advanced much beyond a "report" | tool. | charcircuit wrote: | Another solution is the console approach where the platform | is secured so people can't cheap. This approach does scale. | The PC platform is still playing catch up. Someday | multiplayer games will be able to prevent cheats from reading | / writind it's memory or injecting come into the process. | They will be able to use remote attestation to prove that | they are using the actual game client on not cheater | operating system. | JohnClark1337 wrote: | I feel like I've "aged out" of online multiplayer gaming. I | could pick up COD for maybe the hour or two of gaming time I | have a day and immediately be dominated by those younger who | have a vast amount of more time to hone their techniques. Or I | could play something single player (or something that can | easily be played single player like an MMO) that relaxes me | after a stressful day at work. I choose the latter. | int_19h wrote: | Online multiplayer doesn't have to be competitive, though, | and co-op seems to be growing in popularity after PvP peaked | a while ago. | mrguyorama wrote: | Except, ten years ago "older folk" COULD enjoy much less | competitive online multiplayer experiences. I place the | moment Call of Duty started spawning you randomly during team | deathmatch as the marker. Instead of spawning in a safe zone | with clearish "Fronts" to approach and attack and plan | around. Instead, you spawn randomly, often with your back to | an enemy, and half the time you spawn you instead have an | enemy's back to you. I hypothesize that quick "yeah I got a | kill" made the game more attractive to kids, and not allowing | you to plan and implement any sort of individual strategy | other than "click heads faster than the other guy" made | online games more demanding in ability. | armchairhacker wrote: | I don't like online multiplayer but instead of cheaters it's | because I just suck: most of the time almost everyone is just | better than me, and it seems like I lose way more than 50% even | with SBMM. I think it's not just cheaters that are the problem, | it's skilled players who artificially lower their ranking so | they can play against less skilled players and win more. | | A really smart SBMM would solve both problems. One that not | only prevents players from artificially dropping rank, but also | hiding their skill and maintaining a lower rank; and perhaps | instead of an ELO, also matches players with similar play- | styles. Because then cheaters will quickly end up in a rank | with other cheaters, and won't be able to leave unless they buy | another copy of the game. | mchaver wrote: | It sucks and I suppose things will only get worse as AI | improves. The unfortunate thing with computers is once easy | automation is available and there is a reward for winning, then | these systems will attract cheaters, spammers, etc. Spam email, | online game cheaters and the most recent example Clarkesworld | Magazine that had to close submissions because so many people | were using AI systems to generate low quality stories. | | The only positive thing is maybe gamers will push for more | local multiplayer options. | ShrimpHawk wrote: | AI has actually been working against cheaters. Using server | side measurements fed into an AI like OSRS does has | drastically cut down on the number of cheaters. Mass amounts | of data can be collected of users mouse movements that when | fed in can detect cheaters using aim botting in FPS. Valve | actually does some of this already as well to reduce the | number of blatent cheating overwatch candidates in CS:GO. | nwallin wrote: | > You wouldn't cheat at tic tac toe despite the inherently low | stakes of the game so it doesn't seem any different in any | other video game. | | It takes a minimal amount of study, training, effort to be a | perfect tic tac toe player. If you put a small amount of effort | into it, you can get skilled enough at tic tac toe to never | make any mistakes, to never end up with a result less than a | draw. No amount of improvement will ever give you a better | result. | | Not so with nearly any online game, especially one with as high | a skill ceiling as Dota2. You can _always_ get better, there 's | _always_ room for improvement, there 's _always_ someone better | than you. If you could get just a little bit better, you will | win more games, no matter how good you are. | dyingkneepad wrote: | Play fighting games! You may complain about smurfs, the | netcode, input latency or S++ tier characters, but you'll never | complain about cheaters. | whateveracct wrote: | Or you can go play with people in person and not complain | about anything :) except the busted characters I guess haha | unshavedyak wrote: | Why is that? There's plenty of computer opponents in fighting | games (offline/campaign/etc), wouldn't bots be possible to | cheat with? | serf wrote: | my take : you won't notice the cheaters because the modern | fighting game genre is a DLC-laden garbage fire ; you're | unlikely to complain about the cheaters .. | | ...but admittedly i've been turned sour by a few purchases | recently in that genre .. so i'm probably just axe-grinding | ;) | aseipp wrote: | Several reasons but one is that, a lot of games where | cheats are super effective are places where you can have | "silent" advantages like ESP, equipment data, silent aim | adjustment for better headshots/tracking, etc. These rely | on the ability to not be detected and are extremely subtle | when compared to normal gameplay. The more subtle, the | harder to detect. Little of this applies in a fighting | game. It's largely a mind game, not a game of inputs or | technicalities. You're on the same level, can see | everything. The only hidden information is what | moves/combos you have, your opponent has, and how much | information your opponent has on you. You have to be able | to read your opponents moves, and respond appropriately. | You have to trick your opponent and bait them into a | scenario that is in your favor. Attacks have definitive | strengths and weaknesses, and certain baits are better | against certain people. If you attack me, and I intercept | your attack with a "crushing blow" that simply overpowers | your attack -- there's nothing the cheat can do to stop | that, short of just like, breaking the game and undoing my | damage. If I bait an attack, and you do it, and I dodge it | by laying on the ground -- it can't retroactively change | your input. If I set you up for a combo and begin wailing | on you, the cheat cannot generally stop that. These games | have mechanics where certain inputs just can't follow other | inputs, where inputs are buffered certain ways, where there | are vulnerability windows, etc. Exploiting these are key to | success and cheats can't stop these mechanics. | | An example is Tekken where I play as Lei Wulong. He's | extremely uncharacteristic and idiosyncratic, to the point | that if you fight actual Lei players -- it's immediately | obvious that bots don't play the same. One of my friends (a | newer fighting game player) particularly hates my playstyle | and tried to scrim against Lei bots to practice, but | instantly realized they play nothing like me or any other | Lei. Lei is a rare character to play. So he had to just | keep scrimming, really. | | Many fighting games also have literal handicap mechanics | that might be seen as equivalent to cheating in some | capacity, but for the same reasons, it doesn't matter. They | are often there to level the playing field, which is | considered fair. Basic Combos in Tekken allow even the | simplest of players to pull off powerful moves like Wind | God Fist, but it doesn't matter how easy Wind God Fist is, | I can and will still beat them even with that handicap, | with no special moves of my own, because I can just read | their attacks and respond and punish all of them and set | them up and bait them endlessly. | | That said cheating does happen but often it's the last | thing on my mind. Bullshit characters that are unbalanced | is where all the complaints go. ;) | | TL;DR Humans have distinct fighting styles, and fighting | games are largely mind games once you get into them. Cheats | that are subtle enough to avoid detection can often easily | be outplayed because of it. | zero_one wrote: | There are bots for fighting games like the Rzr Infiltration | bot for SFV and Smashbot for SSBM[1] which are good enough | to take games off pro players. I'm not aware of it being | abused at scale. Most people cheating in shooters or mobas | aren't using full game-playing agents. They're using | aimbots/skillshot scripts where you still need to move | around and interact with stuff. Similarly, cheating in | fighting games is typically done with button macros, so | there's constant discussion on controller legality. | However, button macros will only get you so far in fighting | games, while an aimbot can get you close to the top of the | ladder if undetected. | | https://github.com/altf4/SmashBot | chongli wrote: | _You wouldn 't cheat at tic tac toe despite the inherently low | stakes of the game so it doesn't seem any different in any | other video game._ | | That's the difference. The stakes are way higher in video | games. People pour thousands and thousands of hours into these | games. They dream of going pro and joining one of the big | teams. They dream of winning the big tournament for real money. | They dream of having a popular Twitch stream with many | thousands of viewers throwing even more money at them. | | Most fall far short of those dreams. Instead they throw temper | tantrums and rage at their teammates over voice chat. Some get | so frustrated about their lack of progress that they search for | alternative means. That's where cheating begins. It's really no | different from sports. | AmVess wrote: | There's the cheating, and then there's the fact that there | are far too many man-children everywhere these days. They | whine, complain, throw tantrums worse than toddlers do. It is | absolutely painful to hear a grown man whining about | something in a GAME. | | For instance, I played a free to play game. The servers just | went live and it was the VERY FIRST MATCH of the game. It | wasn't soon before one guy on our side was crying because we | all sucked. I see this type of behavior everywhere. | pixl97 wrote: | >everywhere these days. | | Whenever you have a sentence that has 'these days' and is | describing human behavior, just leave off these days. | | Humans have been cheating pieces of shit throughout | history, especially when they are in a position where there | is no recourse from the other parties in the transaction. | raspberry1337 wrote: | This assumes that average human behaviour does not change | over time, which seems quite unlikely to me. | mrguyorama wrote: | I've been that guy. It's hard to have fun in the modern | "you will be FORCED to lose 50% of the time" matchmaking | systems, compared to the small communities of the past. | When I loved playing Halo 1 on the PC, you could actively | chose how you were feeling that day, whether you wanted a | very competitive match, or whether you just wanted infinite | rockets with no shields so everyone's bodies are flying all | over. You could have a relaxing game of chaotic fun, or you | could load up a giant map sniper duel, or a very classic | sidewinder CTF that requires teamwork and cunning and | individual talent to make things happen. | | Instead, every single game now is optimized for streamers, | content creators, and a small "Professional" scene. So now, | when a single popular youtuber wants a meme gun, the devs | add a powerful slug to the double barrel shotgun and a red | dot sight, so that youtuber can make a highlight reel of | headshotting people across the map with a damn shotgun | while throwing the entire tactical part of the gameplay out | the window. The community spends 6 years complaining about | a tactic that is basically just spawn camping, and the | publisher gives radio silence, but there's a weird, niche | tactic using your favorite character in the pro scene that | is SLIGHTLY better than random in effectiveness, and you | better believe that character is getting a hard nerf. | | Now I boot up the game, and if I have a good match where I | did better than expected, the system responds to that by | putting me in a much harder game, where I'm expected to | lose, because that 50% win rate must be ENFORCED. Even if | you constantly improve at the game, you just get put in | front of more and more talented people, wiping out any joy | you might experience from your improvement. Meanwhile, you | continually get destroyed by 12 year olds that don't have | to cook dinner every night and have plenty of time to hone | their skills. These systems are even implemented in | """Casual""" game modes, which are then full of pro players | on new accounts making youtube highlight reels. | | So yeah, excuse my old man anger, I just literally lived | through a better time. Right now it is impossible to sit | down with my friends and enjoy a PVP game together, because | casual multiplayer has been thrown to the wolves, often in | service to memes. | Gordonjcp wrote: | > whether you just wanted infinite rockets with no | shields so everyone's bodies are flying all over | | I did a Quake mod a bit like that, infinite rockets with | massive explosive damage that did very little to your | health but blew you right across the map. You could take | about four or five direct hits from a rocket if you were | pinned somewhere but mostly you'd take falling damage | from bouncing the hell off the skybox. | | Yes, it was stupid. | | Yes, it was more-or-less unplayable. | | Yes, it was as fun as it sounds. | | I should resurrect that, if I can still find the code. | vel0city wrote: | It kind of sounds like a good bit of the issue you see is | that you end up with an about 50% win rate on large | timescales. Isn't this kind of an ideal outcome though? | Its not like its statistically possible for the majority | of players to have a >50% win rate. Wouldn't you having a | higher than 50% win rate essentially mean other players | have a lower than 50% win rate? | AmVess wrote: | Average WR on these games is 47%. Ideally, the game | should be designed with 50% as a goal by putting people | of similar skills in matches with each other. | serf wrote: | only if you're trying to fulfill some player-psychology | goal; skill isn't really partitioned that way in any real | life scenario. | | that's exactly why casual multiplayer lobbies suck, it's | a 'Find Now' magic button with no data other than your | previous games, rather than a lobby where I , an expert, | can join "Experts Lobby #3030", create a small friend | network on that server, enjoy repeat sessions, etc. | | Yes, they tried to fix the social aspect with friend | lists/etc, but they also got rid of the homeopathic | solution of user self determination for the sake of | making the game more onboard-able for novices and casual | players. | | I say '... the game' a few times, you can apply these | ideas to practically any modern multiplayer game out | there nowadays that's even a bit popular. | mrguyorama wrote: | No, the ideal outcome is not a 50% winrate. The ideal | outcome is to enjoy the time I spend playing. That is | entirely disconnected from how good or bad I do on a | given day. | | The way my friend plays Rainbow Six Siege gets him killed | every single time without fail. But following "the meta" | is really not fun for him. Instead of being able to find | a community where we can play with people who might not | be as bad at the game as us but are interested in | everyone having fun, he gets thrown into the same generic | "Casual" pool as everyone else, including kids who play | 24/7 and streamers on smurf accounts building a highlight | reel. There's no room for playing around, for trying | different things, for just playing unoptimally. If you do | anything not in "The meta", then you lose, repeatedly, | and then the system forces you against literal children | to ensure you win often enough to keep that 50% winrate. | | Like I said: In the past I could choose when I wanted to | have fun, be lighthearted, and screw around by joining | more casual servers. Then if I wanted to be competitive, | I could join a more serious server, with more strict | rules and systems, and play against both people much | better than me, and much worse than me at the same time. | | Now you have no choice, because everyone is in the same | pool, so if you don't play "the meta" or do something | nonstandard to have fun, you will be crushed, and then | placed against terrible kids, and then placed against | really good kids, over and over again. There's no room | for casual gameplay because the "casual" section of | matchmaking isn't casual. | | The most fun we ever had playing Siege was getting a | group of 8 people together to play "custom" games. The | variability of skill was a huge and important part of the | experience. We knew we had to carefully balance the teams | for things to not be absurd, and we knew that playing | "the meta" wasn't the best strategy in this case because | you couldn't assume your teammates to play like perfect | robots, giving you the freedom to try different | strategies. This is also why people get so damn angry | when you don't follow the meta and play like a perfect | robot who has memorized all the strats, because if you | don't, your team will most certainly lose. You could | enjoy games you were bad at in 2001, because game design | wasn't so aggressive about "perfect matchmaking" and | "perfect competitiveness". I don't want my fun afternoon | game to be a damn esport. | metalcrow wrote: | How did the older games actually accomplish this? I would | guess that if you just throw people into a match at | random, on average half are going to be better then you, | and half worse. So random matches will end up a 50% win- | loss anyway unless you're especially good or bad at the | game (compared to the rest of the population). So if most | of the game's playerbase is kids who can afford to play | 12 hours a day, normal people like us would likely get | worse then a 50% loss rate with the random system! | aidenn0 wrote: | Many games didn't have a global list of servers, so you | just connect to a server you know. | | Even games that _did_ have a global list of servers, one | wouldn 't necessarily always play on random servers, but | have some favorite servers (often ping-based, which means | geographically local, to some degree) and play on those. | scrlk wrote: | > How did the older games actually accomplish this? | | Using Counter-Strike as an example: no matchmaking system | - relied upon community hosted servers offering a wide | range of game modes (official and community created). | More competitive matches (pick-up games) were often found | via IRC. | pie_flavor wrote: | This is, ironically, one of the best reasons to try a | battle royale game like Apex Legends. Once winning at all | is put far out of reach, the psychological aspect to | losing vanishes and you can have fun purely with | gameplay. The extent of SBMM in a chaotic anything-goes | game like Apex is one lobby for KDRs below 2.0 and one | lobby for those above, and despite firmly being in the | 'below' range it's never gotten old. | izzydata wrote: | When I was younger I probably would have thought it would be | awesome to make money from playing video games, but now I | feel like the activity changing from a hobby for fun into a | livelihood has only been for the worse. This trend may exist | for many other hobbies as well such as blogging or making | internet content. | spiffytech wrote: | > The overjustification effect occurs when an expected | external incentive such as money or prizes decreases a | person's intrinsic motivation to perform a task. ... Once | rewards are no longer offered, interest in the activity is | lost; prior intrinsic motivation does not return, and | extrinsic rewards must be continuously offered as | motivation to sustain the activity. | | https://en.wikipedia.org/wiki/Overjustification_effect | AlexandrB wrote: | One of the things that drove me nuts about Overwatch 1 was | the common demand from other players that you employ the | pro-league meta when playing even at the lowest levels. A | lot of players seem to imagine themselves as the next Ninja | (or the Overwatch equivalent) in training and playing | multiplayer in that environment is not much fun. | | See also this video about why it's considered rude to suck | at WoW: https://www.youtube.com/watch?v=BKP1I7IocYU | aaomidi wrote: | Every gamer is a temporarily embarrassed pro? | | I wonder if that same analogy applies. | nemothekid wrote: | No; Overwatch 1 was unique in that a single player trying | to do something "off-meta" meant all 5 other players had | to play around that one player, and if you were losing it | was very frustrating. The game's design and balance IMO | was inherently toxic. Everyone "practiced" the "pro" meta | so there was unspoken rule book on how people understood | how to play the game. One person being off meta was | almost like demanding the entire team play rugby when you | thought you were playing football. The game wasn't | flexible enough to allow individual experimentation. | invalidOrTaken wrote: | There was plenty of room for individual experimentation | ---it was the _players_ who weren 't flexible enough. | Before role queue, any particular player could, at the | drop of a hat, mid-match, mid- _life_ , switch to another | of 21 _very_ different heroes. Hard for a game to get | more flexible than that! | | But in the end, it seems the players didn't want that, | and instead wanted _less_ flexibility for their teammates | and the enemy team. | anigbrowl wrote: | Another problem with multiplayer is that if you don't cheat but | play well, people who lose to you can be so whiny and abusive. | Not jut in game, but following up with nasty emails on the | platform etc. | pixl97 wrote: | It's been 19 years since this was posted, and I don't expect | the truth behind it will ever change. | | https://www.penny-arcade.com/comic/2004/03/19/green- | blackboa... | yamtaddle wrote: | I remember joining games of Dark Forces: Jedi Knight in the | '90s and finding someone playing as a TIE fighter. Like, a | _full size_ TIE Fighter, not a model scaled down to person- | size. And insta-killing anyone who came near. Mind you, this is | a (mostly) first-person shooter that doesn 't normally have | player-drivable vehicles of any kind. | | That and similar ridiculousness were fairly common. | | I actually didn't mind that stuff, it was funny enough to | outweigh the irritation of not getting to play a real match. | The ones cheating without making it overt were the ones who'd | truly ruin a match. | | > You wouldn't cheat at tic tac toe despite the inherently low | stakes of the game so it doesn't seem any different in any | other video game. | | I don't get it, but people do cheat. They cheat in online | games, they cheat at board games, they cheat at tabletop | RPGs(?! and no, I don't just mean the DM fudging some roles in | the name of fun--they have a screen _for a reason_ ) [EDIT] | What I mean is, there must be _some_ impulse to do it, even | when the stakes are nonexistent and it might even ruin the fun | for everyone. It 's not even uncommon. I don't get it either, | but it must be there. | tester756 wrote: | League of Legends is the game where cheating is rare as hell or | | hard to spot because it doesnt give as big advantage due to | game mechanics/dynamics. | | Majority of cheaters that I've met were when I've been leveling | new account | | Also: | | Today on HN we complain about cheaters | | Tomorrow we will complain about kernel rootkit from anti-cheat | software and someone will argue that server-side should be | enough :) | CaliforniaKarl wrote: | I suggest having a look at Deep Rock Galactic | (http://deeprockgalactic.com). It's a coop-first game (that is, | it's meant to be played with others, but can be played solo) | that is PvE (that is, you & others are working together, | against "the environment"). | | Missions are arranged into five difficulty levels ("Hazard 1", | a.k.a "Haz1", the easiest, through "Haz5"). I've found that, | when playing with random people, Haz2 or Haz3 gets you a good | combination of players. Of course there are toxic players, but | the proportion of them (that is, the number of toxic players as | a percentage of the playerbase online at any given time) is | low. | | I think Haz4--more difficult than Haz3 but not Haz5--has a | higher chance of toxic players. I avoid Haz5 as it's | _extremely_ difficult for my skill level, but I understand the | players who regularly do Haz5 missions are good folk. | | If you play DRG on Steam, and you ever see me online | (http://steamcommunity.com/id/CaliforniaKarl/), feel free to | ping me for a mission! | helf wrote: | I do not understand the appeal of cheating in MP games. What is | the point of being invincible in a FPS or unlimited gold in | something else etc? It takes all the effort and skill out of it. | It's like it's a buncha 12yos who cant stand "to lose". | jiggawatts wrote: | This suddenly reminded me of how I was "cheating". | | Before the game starts each of the ten players gets to pick a | distinct hero for themselves out of a pool of about 120 choices. | This is over 10^20 distinct combinations! Each hero has some | unique capabilities that combo with allies or counter enemy | heroes. | | I tried to train a "hero recommender" based on tens of millions | of games. | | It turned out that this is obscenely difficult because even the | best AI training algorithms struggle with such highly noisy | labels. A good hero combo might shift win rates by some positive | percentage but have a single sample data point, which is a loss | because of one stupid kid in the team throwing the game. | | You also can't naively simplify the problem into 2-hero or 3-hero | combinations because this misses the "total team composition" | metrics. | | I found some research papers that were just a few months old at | the time which covered this corner of the AI training space. | Their conclusion were: "We don't know either but it's an | interesting problem!" | sbdaman wrote: | dotabuff.com does this on a broader scale (offers hero counter | suggestions etc.) A better example is u.gg or op.gg which do | this for LoL. ___________________________________________________________________ (page generated 2023-02-23 23:00 UTC)