[HN Gopher] Valve bans 40k Dota 2 accounts using honeypot patch
___________________________________________________________________
Valve bans 40k Dota 2 accounts using honeypot patch
Author : chungus
Score : 157 points
Date : 2023-02-23 11:32 UTC (11 hours ago)
(HTM) web link (www.dota2.com)
(TXT) w3m dump (www.dota2.com)
| throwwaway8529 wrote:
| How can they be so sure that that memory wasn't accessed due to
| corruption of a pointer
| izacus wrote:
| They're willing to take that risk I guess.
| brookst wrote:
| Could also be cosmic rays. Or ghosts.
|
| But I imagine they tested the patch, like any other patch, and
| did not find evidence of any other access to that memory. You
| can never be 100% sure, but if that's the standard, then how
| could any banned player be 100% sure cheat software wasn't
| secretly installed on their system using nation state invisible
| rootkit capabilities?
| mschuster91 wrote:
| Cosmic rays can be excluded by sampling. Say, someone
| triggering a guard page once or twice gets ignored, but
| consistent read activity whenever the user is playing is
| likely to be either an antivirus (which can be correlated and
| culprits identified) or a cheat.
| brookst wrote:
| You haven't ruled out ghosts.
| Festro wrote:
| It seems like they haven't been overzealous and cross-
| referenced hits with other data. People are getting varying
| degrees of bans, and exploiters with several accounts are
| reporting that not every account has been banned. i.e. Valve
| are only banning when they are certain.
|
| I imagine they are looking at the honeypot, and in-game actions
| that would be a result of the player having information they
| shouldn't.
|
| Unlikely that they checked each of the 40,000 bans
| individually, but I imagine they devised a simple quantitative
| check that they could automate like "honeypot = true, check how
| far from STDDev player's dewarding accuracy was", then they
| spotchecked the highest confidence rates until they were happy
| to rollout the banwave.
| throwwaway8529 wrote:
| That would make sense
| cypress66 wrote:
| There are always false positives. Many years ago I was
| incorrectly VAC banned in one game.
| voldacar wrote:
| How does the client know when the cheat reads data from the
| honeypot?
| [deleted]
| kuroguro wrote:
| I think throwaway40602 from the previous discussion had it
| right - there's a variable that clients can't normally set
| (dota_use_particle_fow) that allows seeing some
| particles/spells and allows guessing where the enemies are
| trough fog of war. You can even find open source
| implementations years back for this. It appears to be a popular
| feature in cheats.
|
| They probably just query the clients to see if it's set.
| Querying client cvars from the server is already built in the
| game engine.
|
| If true then the announcement just made it sound way more
| amazing than it is.
| throwaway40602 wrote:
| this cvar has been around since 2016 which makes you think if
| it was really a honeypot or not
| kuroguro wrote:
| I can see how it _technically_ turned into one when they
| started collecting data. But yeah the PR is strong w/ this
| one.
| warent wrote:
| Could just be a simple property that existed on some game
| object, which was exposed in the interface but nothing in the
| game ever accessed the property. Then a getter would report the
| read to their backend. The cheat programs probably
| automatically read every property of these objects.
| voldacar wrote:
| A getter? If I write a cheat, I'm just reading bytes from the
| address of the honeypot in ram
| jeroenhd wrote:
| I'm no reverse engineering expert but I doubt cheats would
| actually call getters when they have access to the raw memory
| underneath.
|
| Maybe lazy cheats do use that mechanism, but it's hardly a
| foolproof system. If this is how detection was done, I
| imagine Valve has targeted this detection system for a
| specific cheat tool/framework.
| warent wrote:
| Yes I'm seeing now how unsophisticated and probably
| incorrect my approach is, clearly running into the limits
| of my understanding of compiled programs / cheat engines :)
| nagisa wrote:
| Couple ways (on Linux):
|
| * You can set a read watchpoint using debugging APIs (ptrace);
|
| * You could place the honeypot in a memory page(s) that has its
| read permission revoked. An attempt to read the page(s) causes
| a signal to fire. In order to not crash the application, the
| code would then handle the signal by making the mapping
| readable, before continuing execution as normal.
|
| Other approaches probably exist too, these are just the two
| options I would personally try first.
| deathanatos wrote:
| There is also userfaultfds on Linux: they're a file
| descriptor on which the kernel will send fault events, and
| let a userland process handle the page fault.
|
| So, e.g., you alloc a blank page into memory: it isn't
| _mapped_ yet, so the first read will trigger a page fault.
| You register that page with your userfaultfd. You (Dota,
| here) never read from it. If the userfaultfd receives an even
| that the page is faulting, then it isn 't _Dota_ /you that's
| reading from it.
|
| Judging from the comments it sounds like Windows has similar
| capabilities.
|
| ... there are _all_ sorts of false-positives here. (Or with
| _any_ honeypot, really.) Many are mentioned elsewhere in the
| comments...
|
| (Cf., userfaultfd(2).)
| voldacar wrote:
| > You can set a read watchpoint using debugging APIs
| (ptrace);
|
| What kind of read is sufficient to trigger this? If dota
| makes a read watchpoint with ptrace, my cheat process calls
| the linux equivalent of readprocessmemory on the dota
| process, then dota gets notified by the kernel? So every time
| a process directly interacts with the memory of another
| process, the kernel has to look through a list of which
| processes have called ptrace and run some kind of handler? As
| an aside it seems like this would be bad for performance of
| the whole OS
|
| If ptrace is a syscall and ptrace (according to wikipedia)
| allows one program to intercept and manipulate another
| program's syscalls, then couldn't I just launch my cheat
| first, have it ptrace dota, and intercept dota's ptrace call,
| so that the read watchpoint never gets set up in the first
| place?
| xvinci wrote:
| The old saying goes (basically the same as with Malware vs
| Anti-Malware): Whoever loads first, wins. So you are right
| in theory, you could intercept any call that would allow
| you to detect malicious behaviour. That being said two
| things:
|
| 1.) Windows is a closed-source and really huge system.
| There are many places you will leave traces, and they
| change all the time. Getting it right is hard.
|
| 2.) At least for malware, windows offers official ways to
| get to go first with e.g. https://learn.microsoft.com/en-
| us/windows-hardware/drivers/i... - I do not know if this is
| used by any Anti Cheat though.
|
| The super exotic theory would be a rootkit, in those cases
| not even windows can help you. But as with security, as
| long as there is easy money to be made (because most anti-
| cheat systems are simply bad), those very expensive
| solutions will be limited to selected few professionals.
| voldacar wrote:
| ELAM is interesting. Though I think if you ran the cheat
| using DMA from a pcie card or some similar means, I don't
| think any driver could stop you
| DSMan195276 wrote:
| You could potentially use a timing-based approach - if the
| "first" read to the area is fast enough to suggest it has
| already been demand-paged in then that would indicate someone
| else already touched the page. Obviously there's lots of
| caveats, you can't guarantee a page won't be loaded in anyway
| without anybody touching it, and it also requires the cheat
| software to touch that section of memory even though it's
| effectively unused. If you had a good understanding of how the
| cheat software worked and went about probing your process's
| memory I suspect you could make it work though (whether the
| accuracy would be acceptable is a different matter).
| agilob wrote:
| OMG I hope this means they will ban TF2 bots too. This game has
| been so fucking bad for like 2 years now.
| tpxl wrote:
| The last content patch (that wasn't Halloween) was in 2017.
| They're planning a new content patch for this summer/autumn,
| and I'm cautiously optimistic they'll increase moderation prior
| to the patch to increase player engagement.
| O__________O wrote:
| Only way cheating will ever end if players have to risk losing a
| meaningful percentage of their real world wealth -- and even then
| you would have account that get stolen for the sole purpose of
| being a throw away account to cheat with.
| bilekas wrote:
| That is an insanely large number of accounts, I understand
| there's always going to be cheaters but I had no idea the scale
| of it was so bad!
| oblio wrote:
| Cheating is a lot more widespread than you'd think.
|
| In the past (pre-internet/early internet days) entire companies
| were built just on selling cheats.
|
| Competition drives people to it, especially since many players
| are kids and don't have better stuff to do. By competition I
| don't just mean in-game results, but also recognition for
| achievements (i.e. social competition).
| MengerSponge wrote:
| Do you know how many active (have played >1 match in the last
| month) accounts exist? 40k is a lot, but there's got to be
| redundancy.
|
| I'd also _love_ to see a breakdown by region. Just knowing what
| servers were more impacted would be super interesting.
| bilekas wrote:
| Absolutely no doubt a lot, can't check steam metrics right
| now but I just didn't expect so many people to be cheating.
| Especially with a pvp game. I don't see the point personally
| how you could feel good after. You didn't win.. your cheats
| won. Strange pov.
| c22 wrote:
| I think to adopt this pov you have to feel good about other
| people losing.
| bob1029 wrote:
| This is why some of us are not giving up on the streaming
| gaming idea.
|
| It doesn't solve 100%, but it definitely fixes this entire
| universe of "oops the client has to know a little bit too much
| about the game state" problems.
| bilekas wrote:
| That's actually a really good point I never made the
| connection of cheat prevention and cloud gaming.
|
| A point to be made for remote competitions requiring it!
| bob1029 wrote:
| > A point to be made for remote competitions requiring it!
|
| My current dream is a streaming-only arena shooter with
| various competitive modes. Something needs to fill that
| hole that UT2k4, OW1 and others have left behind.
|
| I had a friend casually suggest a solution - similar to
| Valve's - for the 1% edge case in the streaming gaming
| scenario. An example of this edge case is ML bots that
| watch real-time video feeds of the gameplay to aim/click
| the mouse.
|
| A possible solution is to inject "honey pot" information
| into the actual frames in order to bait the bots into
| taking extremely unlikely actions. Enough of these small
| tests over time and you can arrive at a statistical
| impossibility that the player is not cheating.
| barbariangrunge wrote:
| As a percent of total players, it's not that crazy
| Jamie9912 wrote:
| Don't popular antiviruses scan entire process memory?
| adzm wrote:
| Popular antiviruses often have exclusions for particular
| processes in order not to trip anti-cheat / tamper-detection
| code, as well. Especially for well-known anti-cheat mechanisms.
| throwaway40602 wrote:
| there was a convar in the game for 6+ years that let you see
| particles in the fog of war; 99% of cheats forced this convar on.
| source lets you request CVars from the client and the value, so
| they simply did that. it has nothing to do with reading memory,
| but rather writing memory to allow you to see particles
| kurisufag wrote:
| if dota is anything like CS:GO, then most CVar-editing cheats
| are done by hooking the underlying functions instead of just
| forcing them. I distinctly remember the word on the street a
| few years ago being that manually writing to CVars was
| Dangerous Stuff To Be Messing With.
| seatac76 wrote:
| Great work. They need to do it for CS GO too.
| mkl95 wrote:
| Could there be any false positives? Data mining for legit use is
| a big thing in games like World of Warcraft
| nozzlegear wrote:
| I play much more World of Warcraft than I should but I'm not
| sure what kind of data mining you're referring to. I don't
| think Blizzard allows anything that can read the memory of the
| game while you're playing it. Are you maybe referring to the
| raid logs that people use? Those are just addons that write the
| raid combat log to an external file, and then someone in the
| raid runs a program that reads the log file and uploads it to
| www.warcraftlogs.com
| GuB-42 wrote:
| How is data mining by reading from the client software memory
| "legit"? You are supposed to discover things by playing the
| game, not by doing things that are explicitly forbidden by the
| terms of service.
|
| Even when it is tolerated, it is always "at your own risks".
| bredren wrote:
| I played a lot of this game (WD for the win) a while back but
| gave up on it years ago.
|
| Cheating was only a secondary problem to the toxic community. It
| went all the way up to the casters.
| s09dfhks wrote:
| I'm curious about what data the "cheats" were reading and how it
| gave them an advantage
| rootcage wrote:
| Does it matter? If external software is accessing data within
| the game client, that itself is a breach of contract.
| [deleted]
| andybak wrote:
| Contracts are often overly restrictive and I want to use
| software I've bought in any legitimate way I can.
|
| For example - VR mods for older games give me great pleasure
| and a ban because they used internal hooks would make me very
| angry.
| babypuncher wrote:
| Are you arguing that cheaters should be allowed to run
| rampant in multiplayer games purely because that is how
| they want to use their software? Because at that point,
| there is no reason to even have multiplayer games.
| aaomidi wrote:
| Honestly the solution to this is to have
|
| 1. Self hosted servers. Let communities do their own
| moderation.
|
| 2. As part of #1, cheating/sandbox lobbies.
| babypuncher wrote:
| I get the desire to go back to community hosted servers,
| but there are real tangible benefits to modern
| matchmaking systems, particularly for games with a
| competitive focus.
| CursedUrn wrote:
| Some of them read unit positions/type/health to auto-aim at the
| best target.
| noxvilleza wrote:
| There's a variety of different parts, I can describe some.
|
| * A flag on each CDOTA_Unit which includes heroes for example
| CDOTA_Unit_Hero_Weaver has a called m_iTaggedAsVisibleByTeam
| which allows you to tell which teams this entity is visible to,
| so you can tell if the enemy can see you or not.
|
| * Particles (which affect things like Town Portal scrolls,
| Smoke of Deceit, attacking neutral camps, etc). There are some
| things that happen in the game that need to be sent to all
| clients (even if it's happening in the fog of war for this
| client), otherwise things would look weird if you were to
| suddenly get vision of these areas. There's a great explanation
| by one of the Valve Dota devs on this exact topic and why it's
| hard to solve:
| https://old.reddit.com/r/DotA2/comments/uywfxi/comment/ia85u...
|
| * Some other cheat modules are able to see spells cast, so they
| can track cooldowns of spells (with indicators above each
| hero). They can also track cooldowns of specific events: when a
| player uses buyback there is a cooldown before they can buyback
| again, when Roshan is killed his respawn time is randomly
| decided within two bounds so you want to track those bounds.
| gregw134 wrote:
| I heard you could tell when your opponents had vision on you.
| Useful for detecting ward spots or incoming ganks.
| macinjosh wrote:
| > Useful for detecting ward spots or incoming ganks.
|
| This phrase makes me feel old, haha. No idea what it means.
|
| As a programmer with no game dev experience what are the most
| common technical mechanisms used for cheating? Are they
| modifying outgoing network traffic on the fly or something
| like that?
| xvinci wrote:
| Everything that goes is common sadly. This includes:
|
| - Reading from and writing to memory (either by direct
| means provided by windows, by custom drivers, or by
| exploiting installed vulnerable drivers to bypass secure
| boot and such)
|
| - Reading network traffic (particularly nasty because it
| can be done on a device where the game and Anti-Cheat is
| NOT running provided you get access to SSL decryption keys)
|
| - Having an external device react to your video feed only
| (either "dumb" aka on colors, pixels shapes etc. or fancy
| with AI and stuff) and then react by a "faked" input device
| (mouse, controller, etc).
|
| - Modifying game files (e.g. replace texture walls with
| transparent textures)
|
| - The very easy way: Simply exploiting game bugs. E.g. you
| can cheat in Fifa on console (!) since years by doing stuff
| in the system menu. Fifa will just disconnect the game
| without giving you a loss for the match.
| zinclozenge wrote:
| I'm no longer in the game, but circa counter-strike 1.1 or
| 1.3, the typical way was using windows hooking API to load
| your hack into the running process. You could then simply
| use the freely available half life modding sdk to use the
| same structs and things like that. Network related stuff
| also happened, but I never paid attention to it.
| margorczynski wrote:
| Ward - object placed somewhere to give you vision around it
| Gank - suprise attack basically, usually when a guy from
| one lane go to another one to suprise kill an enemy player
| acchow wrote:
| It's not really an age thing. If you don't know anything
| about Dota or the MOBA genre, these concepts will be
| meaningless.
|
| Let's translate to the more commonly understood First
| Person Shooters. In a FPS, you don't know if someone is
| hiding behind a door. But with cheats on, the cheat program
| could be reading game data and know that someone is behind
| a door. It could highlight that person on your screen in a
| red color, that way you can see them even tho they are
| hidden.
|
| It could also move your mouse cursor automatically for you
| so you get an easy headshot without even trying to aim.
|
| Neither of these involve modifying outgoing network
| traffic.
| powersnail wrote:
| I've heard of the following cheats in dota2
|
| - Tell you where the enemy is during TP. This is really useful
| for, for instance, Zeus, who has a stun (stops TP) that can be
| placed anywhere on the map.
|
| - Show you where enemy has vision, which makes de-ward a
| trivial task, and therefore makes sure the enemy has basically
| no vision.
|
| - Instant skill casting when an enemy comes into vision. Useful
| for heroes with instant stuns/silence, makes them be impossible
| to be jumped, basically an impeccable counter-initiate, but not
| always an advantage when initiating.
| warent wrote:
| Meanwhile, Riot Games issued a warning to League of Legends and
| Teamfight Tactics players earlier this year that new cheats could
| be developed after source code for both games and the legacy
| anti-cheating software they use was stolen in a data breach.
|
| As a past fan of League of Legends and Riot, this is a very
| typical response from them. Zero effort; meaningless notices.
| After years of playing, I quit permanently after reviewing my
| games and finding I was the only one not cheating in about 10
| games in a row (that means I encountered about 90 cheaters in a
| row). This was _before_ the code leak. God help the remaining
| legitimate community now. It 's so obvious that Riot sees people
| as an obstacle to their money.
|
| Seeing this news for Dota 2 warms me up inside. I don't play Dota
| 2 because I don't want to allocate the time to it, but it seems
| like they truly care about their community, at least to a much
| greater degree. Very happy news.
| aaomidi wrote:
| How do you even cheat in TFT or league? especially in TFT. The
| game is basically an RNG game mixed with counting/figuring out
| probabilities.
| noxvilleza wrote:
| In some sense this news was surprising and great (40k is I'd
| estimate, ~0.5% of the unique monthly players!), but the
| release was also a bit misleading. The part "With that goal in
| mind, we released a patch as soon as we understood the method
| these cheats were using" is just outright false - there are
| numerous open-source Dota cheat engines which have been around
| and in working order for many years.
| thot_experiment wrote:
| DotA 2 has got a system where each person has a community
| rating, based on some aggregate of your reports and
| interactions. If you have a good rating you get placed with
| others who have a similar rating. It's not perfect but my score
| has never not been maxed out and would say that solidly over
| 60% of my games are jovial and cooperative with people being
| communicative and friendly. I have friendships going on decades
| that started in that game, but also I continue to make friends
| to this day. I've got people in my book club I met on DotA last
| year.
|
| I've played some league and it's definitely a very different
| community feel.
|
| I also think that the fact that in DotA you are not able to
| surrender is incredibly important when it comes to the feel of
| the game and community. I think the single biggest mistake Riot
| made is allowing teams to surrender, it makes the game so much
| worse to even give people the possibility of giving up. DotA is
| a game you can win off a marginal mistake even till the bitter
| end, I'm glad the mechanics reflect that.
| Llamamoe wrote:
| "after reviewing my games and finding I was the only one not
| cheating in about 10 games in a row" how did you know that all
| the other 90 people were cheaters?
| warent wrote:
| I'm not sure if "cheat" is the exact word to use here. They
| were all bought accounts or in the process of being boosted.
|
| One way to tell is by looking at a player's match history and
| seeing their account plays one or two champions for a while
| repeatedly getting MVP with 20/0/x, and then suddenly
| switches champions and either plays significantly worse or
| somehow playing even better depending on the ELO. The
| opposite is also true--consistently playing horrendously,
| then suddenly switching to different champions and
| steamrolling beyond their ELO.
|
| There are networks of boosters and account sellers. Some
| people spend full time hours farming hundreds of accounts to
| level 30 for ranked play, and these accounts are purchased by
| other boosters who spend full time hours getting to Diamond+,
| to then resell. This is how you can find fresh level 30
| accounts at the highest ranks--it's account farming.
|
| When you analyze closely, the majority of the community is
| composed of these bogus Chinese account farms. Hardly anyone
| is actually playing the game. This problem goes all the way
| even to the Challenger level; streamers constantly deal with
| this problem and Riot doesn't do anything.
|
| Even when League was having betting problems at the
| Grandmaster/Challenger level, of people betting against their
| own games and then "soft throwing" to make money, it wasn't
| Riot that did anything about this. It was the betting
| companies themselves that banned League from being gambled on
| their platforms.
| lcnPylGDnU4H9OF wrote:
| I stopped following this scene around 2018-2019; basically
| right after G2/Fnatic started to be some of the most
| dominant teams, even compared to the best Korean teams
| (that's not why, just around that time).
|
| It's disappointing -- but not surprising -- to hear all
| this, especially that it even affects the Challenger-level
| games. This does sound like the kind of issues they would
| have no idea how to deal with. Not that they don't care
| exactly but that they can't figure out how to handle it.
| warent wrote:
| Yeah it sounds like a lot has changed. I joined around
| 2019 and quit end of 2022.
| tester756 wrote:
| Smurfs / Elo Boosters
|
| Arent "Cheaters" in the sense this thread is talking about
| lcnPylGDnU4H9OF wrote:
| > it seems like they truly care about their community
|
| I continue to get good vibes from so much of what Valve does.
| It might just be good PR work from them but it seems like it
| goes beyond that.
|
| - They maintain an online service which is used by millions, if
| not billions, of people around the world. They actually(!!)
| provide customer support for this service.
|
| - They sell computer hardware, admittedly for the primary
| purpose of using the aforementioned service. I've never heard
| about any serious complaints about this hardware that are left
| ignored (this might exist but I haven't heard of it).
|
| - They develop an online multiplayer game with community
| support. I almost never hear bad things about how this
| community is managed from members of the community. I guess
| this is the most likely to be just "good PR" but again, I don't
| tend to see these issues escaping community discussion as I
| would expect for hot-button topics.
| ilrwbwrkhv wrote:
| Valve is one of the only tech companies worth its salt.
| jeffbee wrote:
| I wonder how they developed this honeypot in such a way that the
| magic page or region of memory was known to have been accessed by
| a cheat and not by, for example, an antivirus daemon.
| fwlr wrote:
| I doubt they're doing anything super clever with examining
| access to memory regions. From the way they use the word
| 'honeypot' and other comments here about cheating software
| setting team vision flags, I suspect they simply noticed some
| of their internal functions were commonly being used by
| cheating software. From there it's simple: duplicate those
| functions, add "_legit" suffixes, find/replace all use of those
| functions in your code with the _legit-suffixed version, and
| add logging to the original function without breaking its
| functionality. You can even formally prove that the original
| function will never be called by legitimate clients with dead
| code analysis. Cheating software will go on using the original
| functions because they still work, not realizing that the core
| game logic functions they were using have suddenly become dead
| code with logging.
| quadcore wrote:
| Im surprised reading data in the client can give unfair
| advantages.
| ROTMetro wrote:
| Can Valve do anything about all the Z flags in their community? I
| mean, yeah, I know they can. But why don't they? F Valve.
| squarefoot wrote:
| Because a letter is just a letter, and although we all know the
| nefarious meaning of that Z, it's still a generic letter. Same
| reason why nobody would have grounds for reporting you here for
| writing that (well deserved) "F Valve".
| wildrhythms wrote:
| The average Dota 2 player count over the last 30 days was around
| 396,000[1] so am I correct in understanding that _at least_ 10%
| of all Dota 2 players were cheating in some way?
|
| https://steamcharts.com/app/570
| Ekaros wrote:
| 396k is the average number of players during. The peak is
| seemingly 680k in last 30 days. Peak is the least number of
| players(accounts) there was during last month.
|
| Million to two million would be my estimate of players. Still
| leading to 2-5% of player base. Which itself isn't small
| either.
| cypress66 wrote:
| As a very rough rule of thumb for these multiplayer games, MAU
| is about 100x concurrent players.
| 1MachineElf wrote:
| Disclaimer: I've never played Dota 2
|
| It's also possible some of those accounts were created to be
| sold on on a marketplace. Online gaming marketplaces have
| traders with in-game items, credits, and even accounts for
| sale. It's especially big for online games where item
| duplication glitches allow some players to hoard hundreds-
| thousands of hot commodities. Accounts that have maxed out
| levels, achievements, and/or rare rewards (possibly via this
| cheat) can sell for hundreds of real world dollars.
| agilob wrote:
| I don't play Dota2, but it would surprise me in TF2 and L4D2.
| I've been in games where 5 of 8 players were bots.
| reportgunner wrote:
| Since Dota is a free to play game I would point out that it is
| likely that cheaters almost always have more than one account
| to evade bans so I don't think 1 account = 1 irl user is always
| true.
|
| Even for non F2P games it is usual for cheaters to use phished
| or hacked accounts that they buy for a few cents. There are
| also accounts that are tradebanned because they were used as
| bots for 3rd party trading websites and they are basically
| worthless after getting tradebanned.
| ridgered4 wrote:
| This always seems obvious to me with F2P games. They create
| more and more complicated measures to detect cheats, but when
| it cost nothing (except an SMS service now I guess) to spin
| up a new account you aren't getting anywhere.
|
| The old business model of just charging a lot of money up
| front for the game seems like it wouldn't have this problem
| to the same extent. You just ban their key and they're out
| $20-60. But that business model is less popular now I guess.
| reportgunner wrote:
| > _The old business model of just charging a lot of money
| up front for the game seems like it wouldn 't have this
| problem to the same extent._
|
| The problem with such games exists as well but challenges
| are different:
|
| - cheaters still have access to phished/hacked abandoned
| accounts that own the game that they can buy very cheap
|
| - another way to get new accounts for cheap is to buy the
| games in countries where the games are cheaper i.e.
| argentina or turkey
|
| - there is very little motivation from developers to
| completely stop the cheaters or slow them down (every
| banned account is a potential sale of new copy of the game)
| the developer benefits financially from cheaters continuing
| to evade bans
|
| - the players hurt the most (who already bought the game
| and paid the developer) don't generate any new income to
| the developer and dont pose any risk to income generation
| unless they quit the game en masse (discouraging potential
| new players from buying the game)
| cathdrlbizzare wrote:
| Yep. There's no incentive to catch every cheater because
| it helps sell the "need" for advantages conferred by DLC
| and virtual currencies.
| mirker wrote:
| The common free to play guard is you need to play X number
| of unranked games before you can play ranked. The account
| is "paid" for with some proof of work.
| cathdrlbizzare wrote:
| You can bet F2P games generally aren't playable without
| buying virtual currency and DLC.
| ferminaut wrote:
| I've had the idea that a deposit in free to play games
| would be sufficient. Put some amount of money in, say $20.
| When you are done with the game, you get the $20 back. If
| you cheat, you lose the $20.
| reportgunner wrote:
| Nowadays money is not a problem for full time cheat
| developers - they sell the cheats (often in a monthly
| subscription model) to the cheaters or they sell a
| service where the cheater joins you in the game and does
| all the cheating for you (so called carry services, e.g.
| in escape from tarkov a cheater joins your game, kills
| all your enemies and lets you take all the loot).
|
| I have seen ads for cheats where a monthly cheat
| subscription costs more than a new copy of the game.
| JustBreath wrote:
| It doesn't work for all games, but I was a big fan of Dark
| Soul's method of dealing with cheaters.
|
| If your character or account was flagged for cheating, you
| were put into a public multiplayer pool/jail with all the
| other cheaters and would only match games other cheater.
|
| It's clever because you never actually know what you did to
| get caught or if you have even been caught.
|
| You can only suspect when you notice nearly everyone else
| you play with also cheats.
| barbariangrunge wrote:
| Wasn't dark souls famous for getting you flagged as a
| cheater because a real cheater joined your game and
| dropped a hacked item? There were streamers doing this to
| ruin the play of ordinary players all the time
| favaq wrote:
| You don't know how bad it is in PC games. This is precisely the
| reason we need anti-cheats in the kernel.
| bob1029 wrote:
| Baking anti cheats into the photomasks of our CPUs still
| won't fix anything.
|
| You have to fundamentally alter how you serve these
| experiences to customers if you really want to solve it.
| cathdrlbizzare wrote:
| I fail to see an argument for this being a technical
| necessity.
|
| And, you don't offer any data or evidence for this.
|
| There are thousands of businesses and million of users who
| don't care about and don't need this.
| Sayrus wrote:
| 396000 average concurrent users. There are many more accounts
| as players are not online 24/7.
|
| Monthly active users should be in the millions.
| kuroguro wrote:
| Well they collected data for "the last few weeks" and banned
| them all at once. Total unique player count would be more
| accurate to calculate the %
| ctvo wrote:
| Does anyone remember when Warcraft 3 was in beta and got leaked?
| Pirates created an emulated Battle.net that could work with the
| beta assets and had matchmaking, ladder, etc. working.
|
| Hundreds of thousands played. Blizzard released patches in beta
| that would, for example, spawn infernals to attack your town hall
| if it detected you were on the emulated server. This reminds me
| of that. Blizzard lost their battle, by the way, and people
| pirated WC3 all the way until release.
| duffyjp wrote:
| Along the same lines I loved the Serious Sam solution to
| piracy. They let you play but spawned an invincible enemy
| occasionally to ruin the experience.
|
| https://www.thesixthaxis.com/2011/12/08/how-to-get-rid-of-th...
| margorczynski wrote:
| Don't really get the idea behind fighting cheating in SP
| games - you just destroy the game for yourself. In MP on the
| other hand you destroy it for others. Maybe some kind of
| telemetry + ML analysis could help here as the current
| methods seem to have holes in them that get found out
| eventually.
| xvinci wrote:
| Piracy is not Cheating (or rather it is, but a different
| kind: cheating the developer out of his money):)
| nottorp wrote:
| How buggy was it?
|
| I remember in Settlers 2 or something (before Ubisoft ruined
| it) the iron smelter was producing pigs in pirated versions.
|
| However, it wasn't extremely good at detecting them leading
| to pissed off legit players.
| duffyjp wrote:
| No idea, my first encounter with Serious Sam was a cheap
| Steam bundle so it never happened to me. They're really fun
| over the top games and hearing about that "feature" it made
| so much sense. The developers definitely prioritize fun
| over taking things seriously (no pun intended).
| nottorp wrote:
| Oh I've played all the Serious Sams :) It's about the
| only modern 3d shooter series I can still stomach.
| Battlefield of Honor of Duty and derivatives take
| themselves too seriously and are too much for
| hypercompetitive dudebros.
| Negitivefrags wrote:
| C&C Generals had a thing where if you had multiple clients
| with the same CD key in a multiplayer game everything would
| be fine for a while, but 10 minutes into the game all the
| buildings of the people who duplciate keys would explode.
|
| This happened a few times at LAN parties to my friends, some
| of whome gave each other the game by copying the install
| directory across. Took us a while to work out what the hell
| was happening.
| bombcar wrote:
| Which is interesting because Starcraft had a specific
| "Spawn Install" so you could have two people play
| multiplayer from the same license.
|
| https://en.wikipedia.org/wiki/Spawn_installation
| lcnPylGDnU4H9OF wrote:
| I had a pirated copy of WC3 available to me via a vulnerability
| in my school's AD setup which allowed me to access another
| student's directory where it was installed.
|
| I would play it almost exclusively in a web design class I
| took. That class was where I learned HTML; that wasn't the
| focus of the class, not by a long shot, but it was the thing
| that captured my interest the most. I ignored everything else
| in that class in favor of the Wintermaul Tower Defense custom
| map.
| ShadowRegent wrote:
| EarthBound took a similar approach with it's anti-piracy
| measures if you work around the obvious ones. There are far,
| far more enemies to make the game less enjoyable. They also
| added random freezes when entering certain areas. If you
| managed got to the final boss despite everything else, it
| freezes and deletes your save.
| jmacd wrote:
| Did they lose, or did they just have a lot of fun coming up
| with ways to mess with people?
| ctvo wrote:
| They tried very hard to stop it. Eventually the lead
| developer of the WarForge (emulated server) effort was
| approached with a job offer from Blizzard.
|
| One thing about Blizzard is they're extremely litigious wrt
| to piracy and emulated servers. See WoW, etc..
| tskool3 wrote:
| [dead]
| 4gotunameagain wrote:
| > This patch created a honeypot: a section of data inside the
| game client that would never be read during normal gameplay, but
| that could be read by these exploits. Each of the accounts banned
| today read from this "secret" area in the client, giving us
| extremely high confidence that every ban was well-deserved.
|
| Any speculation as to how this worked on a lower level ?
| tester756 wrote:
| 15 years ago in Tibia there was concept of let's call it -
| changing network payloads.
|
| I know it only from stories, so forgive me mistakes.
|
| So basically
|
| action X at patch Y sends instruction Q1
|
| and then
|
| action X at patch Y+1 sends instruction Q2
|
| but cheating/botting software when ran straight after the
| update still sends old instruction Q1,
|
| which is now impossible to be generated by legit player and
| this way you can instantly mark player as botter.
|
| but I think it cannot be it since modern cheaters wouldnt be
| this stupid, right?
| wrren wrote:
| VAC probably sets up a hardware breakpoint conditioned to
| trigger when the start of that memory region is read. When
| triggered, a function registered via
| AddVectoredExceptionHandler will be called. It probably just
| sets some flag somewhere indicating that the memory region was
| accessed before resuming flow. You can guard entire pages of
| memory using a similar approach
| (https://dzone.com/articles/memory-access-breakpoint-large).
| blibble wrote:
| hardware breakpoint maybe?
| tobyhinloopen wrote:
| I imagined the secret area contained fake details about the
| game, like adding an invisible fake street to a map. If the
| client refers to the fake street or any location within it, you
| can be certain the details about that fake street were obtained
| using cheats.
|
| This trick is used to catch cheaters on minecraft, by spawning
| in fake diamond blocks that would only be visible to specific
| cheats (xray). If a user suddenly were to dig to these blocks,
| you can be reasonably certain there's something fishy going on.
|
| Other way to think about it, is adding an invisible field to a
| contact form that is only hidden through CSS
| toxik wrote:
| > Other way to think about it, is adding an invisible field
| to a contact form that is only hidden through CSS
|
| Watch out for autocomplete though.
| tough wrote:
| And as a consumer, watch out for auto-completed css hidden
| credit card details
| jfengel wrote:
| A nice callback to the "trap streets" used in actual paper
| maps to catch people violating copyright:
|
| https://en.wikipedia.org/wiki/Trap_street
| cptcobalt wrote:
| Or just call it what it is, a honeypot:
| https://en.wikipedia.org/wiki/Honeypot_(computing)
| elzbardico wrote:
| I don't think it needs something deeply clever involving
| hardware breakpoints, sniffing for virtual pages backed by real
| memory or something like that. And probably that's why it is
| described as a honeypot.
|
| It can just be something exposing a data structure that gives
| the player some unfair advantage and them watching the players
| that could only have achieved some very unlikely advantage in
| the game by exploiting this information.
|
| In a FPS for example, if a player consistently anticipates
| their adversaries sneaking behind a wall, well beyond what
| would be dictated by probability laws, there's a very high
| chance that he is cheating in a way that allows him to "see"
| their adversaries behind walls.
| pandog wrote:
| Implementing what you describe sounds to me way more "clever"
| and less robust than the canary page approach described
| above.
|
| Specifically - I wouldn't fancy writing the "consistently
| anticipates their adversaries sneaking behind a wall"
| heuristic you describe but the earlier post describes the API
| that already exposes the "has read canary page"
| functionality.
| bmitc wrote:
| How does that work with latency? For example, if someone has
| extremely fast internet and a low ping, they are going to
| "see" around walls more often than opponents.
| throwaway40602 wrote:
| there was a convar in the game for 6+ years that let you see
| particles in the fog of war; 99% of cheats forced this convar
| on. source lets you request CVars from the client and the
| value, so they simply did that.
|
| to be clear, this was not a honeypot, but they claimed it to be
| kuroguro wrote:
| Do the particles alone w/o any cheats give an advantage?
| throwaway40602 wrote:
| yes, you can tell where enemies are in fog of war
| kuroguro wrote:
| Hmm, well I wouldn't permaban people for using a known...
| built in setting, even if it gives an unfair advantage.
|
| _edit_
|
| To whoever downvoted me later - I would consider it a bug
| if it was user settable without cheats. Similarly you
| could see trough smokes in CS for a long time by changing
| some video settings. You don't (usually) ban people for
| bugs.
| throwaway40602 wrote:
| it was restricted, you couldn't force it without cheats
| kuroguro wrote:
| Ah, yeah sounds plausible then. I somehow don't buy the
| guard page/hw breakpoint explanations. This also lines up
| with "[information] that wasn't visible during normal
| gameplay".
| ohgodplsno wrote:
| Take the player info struct: struct
| player_info { std::string name; vector4
| position; vector3 orientation; int level;
| ... }
|
| and dump in something like
| `report_when_accessed<std::list<player_info>> oops_here_are_all
| _the_other_players_and_their_position_i_am_only_for_debug_pleas
| e_remove_me`. Your client will never, ever access this list:
| it's your honeypot. The moment you get any access on list[i],
| it gets noted down and reported (like sudo does, straight to
| the naughty list). Cheat makers will see this and, if it
| doesn't smell of a too obvious honeypot, cannot pass such a
| golden opportunity: literally free maphack, just locate where
| the player struct is in memory and read it all!
| pedrovhb wrote:
| It doesn't necessarily have to be useful information. They
| mentioned they understood how the cheat application worked,
| so it's possible it was doing something like indiscriminately
| accessing certain memory regions; this would make it possible
| to detect without any changes to the cheating program.
| throwaway40602 wrote:
| how do you expect to be able to tell when someone has read
| one of your pages outside of working set watches/guard pages?
| larschdk wrote:
| You could possibly query the OS for whether physical pages have
| been allocated or not. Physical pages would only be allocated
| on the first page fault, when the pages are read.
| jsnell wrote:
| I'd do it by read-protecting the page, and install a fault
| handler that records the access and then unprotects the page
| (to avoid detection when the cheat causes the game to crash).
| TheAdamist wrote:
| Windows lets you configure guard pages where you get notified
| on access, normally used to detect stack growth and such.
| Although that should be an easy and normal thing to avoid for
| av/cheats.
|
| https://learn.microsoft.com/en-us/windows/win32/memory/creat...
| ed_mercer wrote:
| I wonder if this can be circumvented by running Dota in a VM.
| poizan42 wrote:
| Not helping as long as the page fault is triggered and
| handled by the process. You could just not do a regular
| read of the page though. No need for a VM for that, just
| call VirtualQueryEx and check
| MEMORY_BASIC_INFORMATION.AllocationProtect for the
| PAGE_GUARD flag.
| HHad3 wrote:
| (Wrote anti-cheat software in the past.)
|
| There are multiple ways to detect this. Hardware breakpoints
| were already mentioned, but they only work per thread, so if
| one is sniffing on your memory from another process or the
| kernel then these won't help.
|
| The most stealthy and evil way I found was to allocate a page
| but never actually use it.
|
| Windows lazily allocates physical memory for fresh memory pages
| when they are first used.
|
| The detection is to periodically poll the page map from your
| process and check your canary pages via NtQueryVirtualMemory.
| If your unused page suddenly is backed by some physical memory
| then something happened to read from it! Bonus-points for
| putting such canary pages into places previously used for real
| game data.
|
| This method is not foolproof: Anti-virus programs can read
| memory of all programs (but don't, Overwatch e.g. does not like
| this and crashes randomly due to this exact protection method).
| A bug in the program could also read from the page accidentally
| (e.g. out-of-bounds array read). But it's a /very/ good
| indicator that something is wrong when other cheat detection
| mechanisms also trigger.
|
| Once you know how this works it's pretty easy to defeat
| unfortunately: Read the page map first, then avoid reading
| pages that have no backing physical memory, because those
| contain no useful data at best and are canary pages at worst.
| pixl97 wrote:
| Hmm, this sounds like you should always run your cheat tools
| with the executable name/faked exe information of anti-virus
| application.
| rogers18445 wrote:
| I used to work on an anti-cheat briefly, and migrated away
| form relying on Windows API to do this as the parent
| comment suggested, instead we used cache timing "attacks".
|
| Antivirus was a concern but easily solved by the fact that
| cheats access memory many times a second, antivirus does it
| rarely if ever.
| HHad3 wrote:
| Author of parent comment here: Interesting insight! I
| love (and somewhat miss) this industry because the game
| of cat and mice is never over.
| HHad3 wrote:
| Oldest trick in the book, good luck faking the PE signature
| to match the vendor's certificate ;-)
|
| (Jokes aside, the kernel does not provide any information
| about which application reads a canary page. It's best to
| just use this as necessary condition and take it with a
| good pinch of salt.)
| cabirum wrote:
| So they detect reads from an external process? What if, instead
| of an exploit app, an antivirus read the memory?
| marcinzm wrote:
| Presumably the access pattern (ie: how often, which regions,
| etc.) of a hack is very different than an antivirus.
| Jamie9912 wrote:
| The article just says anything that read that section
| cathdrlbizzare wrote:
| There are all sorts of security software that could do
| this. Antivirus, DLP, and more.
|
| Conflating a variety of possibilities and relying
| correlation doesn't reduce to intent or prove causation.
|
| OTOH: Don't play computer games on company hardware unless
| it's part of the job.
|
| I don't have skin in this computer game. To stay ahead of
| cheaters requires constant vigilance and creative solutions
| to scale detection.
| marcinzm wrote:
| If I was them I wouldn't give out all the details on this.
| cathdrlbizzare wrote:
| Security through obscurity isn't security.
| Wowfunhappy wrote:
| This isn't security in the same sense, and consider they
| also do ban waves for a reason.
| GuB-42 wrote:
| It only said "Each of the accounts banned today read from
| this "secret" area in the client", it also said you _can_
| get banned if you read data from the game client memory.
|
| Reading from that section was a necessary condition for
| this wave of bans, but they didn't say it was sufficient,
| and that they didn't do any additional checks.
| MagicMoonlight wrote:
| Yeah yeah of course, it was your brother who was cheating and
| we should unban you.
|
| Come on, how naive do you think they are? Antivirus doesn't
| load player_pos[4] every 35ms.
| fatfox wrote:
| Any top players banned? ;)
| Festro wrote:
| A Chinese team called Knights were suspected of cheating with
| an exploit that might have been detectable through this
| honeypot method. However, so far, the whole team continues to
| play in the current major tournament that began yesterday in
| Lima.
|
| The honeypot doesn't seem to have had anywhere near a 100% hit
| rate on users of a well-known exploit system. Lots of
| exploiters self-reporting that they have had some of their
| accounts, but not all, banned.
|
| Valve have likely been fairly careful in reviewing the results
| from this method. It's a banwave after all, not an automated
| detection system that issues bans in realtime. Also worth
| noting that exploiters have reported game bans, account bans,
| and VAC bans, from this wave. So, the severity of the
| punishment seems to have been measured against some metric too.
| It's not a simply boolean of 'UserExploit=True', there's shades
| of grey involved.
| thrdbndndn wrote:
| Rumors (from Chinese community) also said that the honeypot
| was only implemented after Knights "incident". They could
| (would be stupid to not, _if_ they did use) simply stop using
| hacks after they were in spotlight.
| NKosmatos wrote:
| Nice move and it's better that they're open about it so that any
| wannabe cheaters might consider it. On the other hand, what is
| stopping cheaters from creating new accounts and trying to read
| data from the client with a new exploit or other means?
| FartyMcFarter wrote:
| > This software was able to access information used internally by
| the Dota client that wasn't visible during normal gameplay,
| giving the cheater an unfair advantage.
|
| I'm curious what this information was - does the Dota 2 client
| have access to all the game state including players hidden from
| view?
| Ekaros wrote:
| Not all state, but very often in networked game the client
| needs to know information of what is soon to be visible. Say
| two characters approaching each other with fog of war. For
| latency compensation it makes game feel better for this to be
| send to client sometime before client renders the other
| character.
| brookst wrote:
| Don't know about "all state", but consider that the graphics
| are rendered client side, where the polygons are loaded into
| the GPU. The GPU checks for occlusion and renders what's
| actually visible. The GPU is also responsible for shadows and
| reflections, both of which can come from offscreen or occluded
| objects.
|
| For that to work, the client needs to know at least where every
| player / model / polygon is within some range and field of
| view.
|
| As fast as the game moves and as much freedom as players have
| to change their position and heading, it's likely that
| everything anywhere near the player is computed and sent to
| GPU.
| Festro wrote:
| So, there's a character in the game that has a passive ability
| that lets it recover HP faster if they are not being observed
| by the enemy.
|
| That ability necessitates a function that checks for enemy
| vision, from heroes or from static observer wards that you can
| buy.
|
| From an exploit perspective that is a huge boon to use for a
| variety of purposes. Lately it may have been used to allow
| exploiters to detect those purchaseable wards so that they can
| be countered and removed in gameplay.
| FartyMcFarter wrote:
| Interesting. I would have thought such an ability would be
| implemented by increasing the HP on the server and then
| sending the new HP value to the client. But perhaps this is
| impractical for some reason.
| tikkabhuna wrote:
| I'm wondering what the client vs server is responsible for.
| I would have thought the server could have been responsible
| for adding/removing the buff where necessary.
|
| Curious as to how health regen is done in general. The
| server must have some sort of understanding of what it
| should be otherwise clients could set it to whatever they
| want.
| Festro wrote:
| I think it's a matter of network performance, and the
| visual bugs that you can create without due care in such a
| fast-paced online game.
|
| Valve have commented on this hero's mechanics, and issued
| fixes relating to client/server-side interactions within
| the past year in fact. But apparently, the exploiuts still
| exist.
|
| Their comments have been around how redoing such mechanics
| can cause undue lag between clients that need to be 'caught
| up with' as quickly as possible. Too long and a client
| could see something they shouldn't and get a competitive
| advantage. Valve don't want to have a server updating 10
| clients on 10 different network connections if they can
| avoid it. The compromise is to do more client-side, but
| that leaves the system vulnerable to such exploits.
|
| Considering that the game includes fog of war, and
| invisibility mechanics, visual bugs from these systems do
| crop up a fair bit.
| izzydata wrote:
| I have found over the last 5 years that it is impossible for me
| to take online multiplayer gaming serious in any capacity
| anymore. Cheating has become so rampant and so ubiquitous that I
| have no confidence in any online gaming match to be cheater free.
| If people are cheating then what am I even playing for? It's only
| fun for me when I know there is some semblance of integrity
| between the players, but nobody else seems to care. I don't even
| particularly care about being good or winning. You wouldn't cheat
| at tic tac toe despite the inherently low stakes of the game so
| it doesn't seem any different in any other video game.
|
| I also have no trust in any sort of gaming related records of
| feats of ability. I've been deeply involved with gaming
| communities in the past where people would show off their world
| records. I would question such scores only to be flamed and then
| years later it is discovered they were cheating after all.
|
| Really my only point is that I despise cheaters and any game that
| isn't single player or only between friends may as well not exist
| for me anymore.
| arecurrence wrote:
| Bots have been improving a lot in recent years. It may be that
| the future is not multiplayer but single player with excellent
| bots... maybe Sliders got the end times wrong :)
| aaomidi wrote:
| I am so annoyed I can't play league with those awesomely good
| boys. Seriously just let me stop interacting with angry man
| children and give me bots.
| abathur wrote:
| It is, at least, supremely satisfying to pwn a blatant cheater.
|
| One time there was a blatant hacker on the Markov server in the
| original PlanetSide (a TR player with a name like iIiIiIiiIiii)
| that was using some sort of time/speed hack to move and shoot
| at some large multiple of normal.
|
| They were having a lot of fun camping inside towers to kill
| people spawning there, so I managed to camp out in one before
| they arrived and held a good corner with my trusty bolt driver
| (sniper rifle). I managed to pop them once on their way up the
| tower, and I think they were moving so fast that they didn't
| realize it'd happened until they got to the top. Just enough
| time to reload and switch angles for them to come back down.
|
| I know the hacker was there to enjoy ruining fun for others,
| but they gifted me what was unambiguously the most
| exhilarating, triumphant, and memorable of the 25K+ bolt driver
| and 40K+ total kills I recorded.
| 2OEH8eoCRo0 wrote:
| > it is impossible for me to take online multiplayer gaming
| serious in any capacity anymore
|
| I'm a gamer but I don't think that they're meant to be taken
| seriously.
| izzydata wrote:
| That's not exactly what I mean by serious. I only play games
| for fun and don't consider anything that occurs in said games
| important to my life. But I am not going to spend the time
| playing something that has cheaters as it reduces the value
| of the experience to nothing for me.
| babypuncher wrote:
| I don't know what games you play, but in the games I play
| (Mostly Overwatch), cheaters are a pretty rare sight.
| [deleted]
| AlexandrB wrote:
| IMHO, the only reliable solution is community-managed or
| "dedicated" servers where there are trusted admins that have
| the power to ban cheaters at their own discretion. I don't
| think this problem is solvable "at scale" in the general case.
| Unfortunately the gaming industry has spent the last decade
| taking power away from gaming communities and replacing it with
| proscribed matchmaking and map rotation - so the tools for
| community policing haven't advanced much beyond a "report"
| tool.
| charcircuit wrote:
| Another solution is the console approach where the platform
| is secured so people can't cheap. This approach does scale.
| The PC platform is still playing catch up. Someday
| multiplayer games will be able to prevent cheats from reading
| / writind it's memory or injecting come into the process.
| They will be able to use remote attestation to prove that
| they are using the actual game client on not cheater
| operating system.
| JohnClark1337 wrote:
| I feel like I've "aged out" of online multiplayer gaming. I
| could pick up COD for maybe the hour or two of gaming time I
| have a day and immediately be dominated by those younger who
| have a vast amount of more time to hone their techniques. Or I
| could play something single player (or something that can
| easily be played single player like an MMO) that relaxes me
| after a stressful day at work. I choose the latter.
| int_19h wrote:
| Online multiplayer doesn't have to be competitive, though,
| and co-op seems to be growing in popularity after PvP peaked
| a while ago.
| mrguyorama wrote:
| Except, ten years ago "older folk" COULD enjoy much less
| competitive online multiplayer experiences. I place the
| moment Call of Duty started spawning you randomly during team
| deathmatch as the marker. Instead of spawning in a safe zone
| with clearish "Fronts" to approach and attack and plan
| around. Instead, you spawn randomly, often with your back to
| an enemy, and half the time you spawn you instead have an
| enemy's back to you. I hypothesize that quick "yeah I got a
| kill" made the game more attractive to kids, and not allowing
| you to plan and implement any sort of individual strategy
| other than "click heads faster than the other guy" made
| online games more demanding in ability.
| armchairhacker wrote:
| I don't like online multiplayer but instead of cheaters it's
| because I just suck: most of the time almost everyone is just
| better than me, and it seems like I lose way more than 50% even
| with SBMM. I think it's not just cheaters that are the problem,
| it's skilled players who artificially lower their ranking so
| they can play against less skilled players and win more.
|
| A really smart SBMM would solve both problems. One that not
| only prevents players from artificially dropping rank, but also
| hiding their skill and maintaining a lower rank; and perhaps
| instead of an ELO, also matches players with similar play-
| styles. Because then cheaters will quickly end up in a rank
| with other cheaters, and won't be able to leave unless they buy
| another copy of the game.
| mchaver wrote:
| It sucks and I suppose things will only get worse as AI
| improves. The unfortunate thing with computers is once easy
| automation is available and there is a reward for winning, then
| these systems will attract cheaters, spammers, etc. Spam email,
| online game cheaters and the most recent example Clarkesworld
| Magazine that had to close submissions because so many people
| were using AI systems to generate low quality stories.
|
| The only positive thing is maybe gamers will push for more
| local multiplayer options.
| ShrimpHawk wrote:
| AI has actually been working against cheaters. Using server
| side measurements fed into an AI like OSRS does has
| drastically cut down on the number of cheaters. Mass amounts
| of data can be collected of users mouse movements that when
| fed in can detect cheaters using aim botting in FPS. Valve
| actually does some of this already as well to reduce the
| number of blatent cheating overwatch candidates in CS:GO.
| nwallin wrote:
| > You wouldn't cheat at tic tac toe despite the inherently low
| stakes of the game so it doesn't seem any different in any
| other video game.
|
| It takes a minimal amount of study, training, effort to be a
| perfect tic tac toe player. If you put a small amount of effort
| into it, you can get skilled enough at tic tac toe to never
| make any mistakes, to never end up with a result less than a
| draw. No amount of improvement will ever give you a better
| result.
|
| Not so with nearly any online game, especially one with as high
| a skill ceiling as Dota2. You can _always_ get better, there 's
| _always_ room for improvement, there 's _always_ someone better
| than you. If you could get just a little bit better, you will
| win more games, no matter how good you are.
| dyingkneepad wrote:
| Play fighting games! You may complain about smurfs, the
| netcode, input latency or S++ tier characters, but you'll never
| complain about cheaters.
| whateveracct wrote:
| Or you can go play with people in person and not complain
| about anything :) except the busted characters I guess haha
| unshavedyak wrote:
| Why is that? There's plenty of computer opponents in fighting
| games (offline/campaign/etc), wouldn't bots be possible to
| cheat with?
| serf wrote:
| my take : you won't notice the cheaters because the modern
| fighting game genre is a DLC-laden garbage fire ; you're
| unlikely to complain about the cheaters ..
|
| ...but admittedly i've been turned sour by a few purchases
| recently in that genre .. so i'm probably just axe-grinding
| ;)
| aseipp wrote:
| Several reasons but one is that, a lot of games where
| cheats are super effective are places where you can have
| "silent" advantages like ESP, equipment data, silent aim
| adjustment for better headshots/tracking, etc. These rely
| on the ability to not be detected and are extremely subtle
| when compared to normal gameplay. The more subtle, the
| harder to detect. Little of this applies in a fighting
| game. It's largely a mind game, not a game of inputs or
| technicalities. You're on the same level, can see
| everything. The only hidden information is what
| moves/combos you have, your opponent has, and how much
| information your opponent has on you. You have to be able
| to read your opponents moves, and respond appropriately.
| You have to trick your opponent and bait them into a
| scenario that is in your favor. Attacks have definitive
| strengths and weaknesses, and certain baits are better
| against certain people. If you attack me, and I intercept
| your attack with a "crushing blow" that simply overpowers
| your attack -- there's nothing the cheat can do to stop
| that, short of just like, breaking the game and undoing my
| damage. If I bait an attack, and you do it, and I dodge it
| by laying on the ground -- it can't retroactively change
| your input. If I set you up for a combo and begin wailing
| on you, the cheat cannot generally stop that. These games
| have mechanics where certain inputs just can't follow other
| inputs, where inputs are buffered certain ways, where there
| are vulnerability windows, etc. Exploiting these are key to
| success and cheats can't stop these mechanics.
|
| An example is Tekken where I play as Lei Wulong. He's
| extremely uncharacteristic and idiosyncratic, to the point
| that if you fight actual Lei players -- it's immediately
| obvious that bots don't play the same. One of my friends (a
| newer fighting game player) particularly hates my playstyle
| and tried to scrim against Lei bots to practice, but
| instantly realized they play nothing like me or any other
| Lei. Lei is a rare character to play. So he had to just
| keep scrimming, really.
|
| Many fighting games also have literal handicap mechanics
| that might be seen as equivalent to cheating in some
| capacity, but for the same reasons, it doesn't matter. They
| are often there to level the playing field, which is
| considered fair. Basic Combos in Tekken allow even the
| simplest of players to pull off powerful moves like Wind
| God Fist, but it doesn't matter how easy Wind God Fist is,
| I can and will still beat them even with that handicap,
| with no special moves of my own, because I can just read
| their attacks and respond and punish all of them and set
| them up and bait them endlessly.
|
| That said cheating does happen but often it's the last
| thing on my mind. Bullshit characters that are unbalanced
| is where all the complaints go. ;)
|
| TL;DR Humans have distinct fighting styles, and fighting
| games are largely mind games once you get into them. Cheats
| that are subtle enough to avoid detection can often easily
| be outplayed because of it.
| zero_one wrote:
| There are bots for fighting games like the Rzr Infiltration
| bot for SFV and Smashbot for SSBM[1] which are good enough
| to take games off pro players. I'm not aware of it being
| abused at scale. Most people cheating in shooters or mobas
| aren't using full game-playing agents. They're using
| aimbots/skillshot scripts where you still need to move
| around and interact with stuff. Similarly, cheating in
| fighting games is typically done with button macros, so
| there's constant discussion on controller legality.
| However, button macros will only get you so far in fighting
| games, while an aimbot can get you close to the top of the
| ladder if undetected.
|
| https://github.com/altf4/SmashBot
| chongli wrote:
| _You wouldn 't cheat at tic tac toe despite the inherently low
| stakes of the game so it doesn't seem any different in any
| other video game._
|
| That's the difference. The stakes are way higher in video
| games. People pour thousands and thousands of hours into these
| games. They dream of going pro and joining one of the big
| teams. They dream of winning the big tournament for real money.
| They dream of having a popular Twitch stream with many
| thousands of viewers throwing even more money at them.
|
| Most fall far short of those dreams. Instead they throw temper
| tantrums and rage at their teammates over voice chat. Some get
| so frustrated about their lack of progress that they search for
| alternative means. That's where cheating begins. It's really no
| different from sports.
| AmVess wrote:
| There's the cheating, and then there's the fact that there
| are far too many man-children everywhere these days. They
| whine, complain, throw tantrums worse than toddlers do. It is
| absolutely painful to hear a grown man whining about
| something in a GAME.
|
| For instance, I played a free to play game. The servers just
| went live and it was the VERY FIRST MATCH of the game. It
| wasn't soon before one guy on our side was crying because we
| all sucked. I see this type of behavior everywhere.
| pixl97 wrote:
| >everywhere these days.
|
| Whenever you have a sentence that has 'these days' and is
| describing human behavior, just leave off these days.
|
| Humans have been cheating pieces of shit throughout
| history, especially when they are in a position where there
| is no recourse from the other parties in the transaction.
| raspberry1337 wrote:
| This assumes that average human behaviour does not change
| over time, which seems quite unlikely to me.
| mrguyorama wrote:
| I've been that guy. It's hard to have fun in the modern
| "you will be FORCED to lose 50% of the time" matchmaking
| systems, compared to the small communities of the past.
| When I loved playing Halo 1 on the PC, you could actively
| chose how you were feeling that day, whether you wanted a
| very competitive match, or whether you just wanted infinite
| rockets with no shields so everyone's bodies are flying all
| over. You could have a relaxing game of chaotic fun, or you
| could load up a giant map sniper duel, or a very classic
| sidewinder CTF that requires teamwork and cunning and
| individual talent to make things happen.
|
| Instead, every single game now is optimized for streamers,
| content creators, and a small "Professional" scene. So now,
| when a single popular youtuber wants a meme gun, the devs
| add a powerful slug to the double barrel shotgun and a red
| dot sight, so that youtuber can make a highlight reel of
| headshotting people across the map with a damn shotgun
| while throwing the entire tactical part of the gameplay out
| the window. The community spends 6 years complaining about
| a tactic that is basically just spawn camping, and the
| publisher gives radio silence, but there's a weird, niche
| tactic using your favorite character in the pro scene that
| is SLIGHTLY better than random in effectiveness, and you
| better believe that character is getting a hard nerf.
|
| Now I boot up the game, and if I have a good match where I
| did better than expected, the system responds to that by
| putting me in a much harder game, where I'm expected to
| lose, because that 50% win rate must be ENFORCED. Even if
| you constantly improve at the game, you just get put in
| front of more and more talented people, wiping out any joy
| you might experience from your improvement. Meanwhile, you
| continually get destroyed by 12 year olds that don't have
| to cook dinner every night and have plenty of time to hone
| their skills. These systems are even implemented in
| """Casual""" game modes, which are then full of pro players
| on new accounts making youtube highlight reels.
|
| So yeah, excuse my old man anger, I just literally lived
| through a better time. Right now it is impossible to sit
| down with my friends and enjoy a PVP game together, because
| casual multiplayer has been thrown to the wolves, often in
| service to memes.
| Gordonjcp wrote:
| > whether you just wanted infinite rockets with no
| shields so everyone's bodies are flying all over
|
| I did a Quake mod a bit like that, infinite rockets with
| massive explosive damage that did very little to your
| health but blew you right across the map. You could take
| about four or five direct hits from a rocket if you were
| pinned somewhere but mostly you'd take falling damage
| from bouncing the hell off the skybox.
|
| Yes, it was stupid.
|
| Yes, it was more-or-less unplayable.
|
| Yes, it was as fun as it sounds.
|
| I should resurrect that, if I can still find the code.
| vel0city wrote:
| It kind of sounds like a good bit of the issue you see is
| that you end up with an about 50% win rate on large
| timescales. Isn't this kind of an ideal outcome though?
| Its not like its statistically possible for the majority
| of players to have a >50% win rate. Wouldn't you having a
| higher than 50% win rate essentially mean other players
| have a lower than 50% win rate?
| AmVess wrote:
| Average WR on these games is 47%. Ideally, the game
| should be designed with 50% as a goal by putting people
| of similar skills in matches with each other.
| serf wrote:
| only if you're trying to fulfill some player-psychology
| goal; skill isn't really partitioned that way in any real
| life scenario.
|
| that's exactly why casual multiplayer lobbies suck, it's
| a 'Find Now' magic button with no data other than your
| previous games, rather than a lobby where I , an expert,
| can join "Experts Lobby #3030", create a small friend
| network on that server, enjoy repeat sessions, etc.
|
| Yes, they tried to fix the social aspect with friend
| lists/etc, but they also got rid of the homeopathic
| solution of user self determination for the sake of
| making the game more onboard-able for novices and casual
| players.
|
| I say '... the game' a few times, you can apply these
| ideas to practically any modern multiplayer game out
| there nowadays that's even a bit popular.
| mrguyorama wrote:
| No, the ideal outcome is not a 50% winrate. The ideal
| outcome is to enjoy the time I spend playing. That is
| entirely disconnected from how good or bad I do on a
| given day.
|
| The way my friend plays Rainbow Six Siege gets him killed
| every single time without fail. But following "the meta"
| is really not fun for him. Instead of being able to find
| a community where we can play with people who might not
| be as bad at the game as us but are interested in
| everyone having fun, he gets thrown into the same generic
| "Casual" pool as everyone else, including kids who play
| 24/7 and streamers on smurf accounts building a highlight
| reel. There's no room for playing around, for trying
| different things, for just playing unoptimally. If you do
| anything not in "The meta", then you lose, repeatedly,
| and then the system forces you against literal children
| to ensure you win often enough to keep that 50% winrate.
|
| Like I said: In the past I could choose when I wanted to
| have fun, be lighthearted, and screw around by joining
| more casual servers. Then if I wanted to be competitive,
| I could join a more serious server, with more strict
| rules and systems, and play against both people much
| better than me, and much worse than me at the same time.
|
| Now you have no choice, because everyone is in the same
| pool, so if you don't play "the meta" or do something
| nonstandard to have fun, you will be crushed, and then
| placed against terrible kids, and then placed against
| really good kids, over and over again. There's no room
| for casual gameplay because the "casual" section of
| matchmaking isn't casual.
|
| The most fun we ever had playing Siege was getting a
| group of 8 people together to play "custom" games. The
| variability of skill was a huge and important part of the
| experience. We knew we had to carefully balance the teams
| for things to not be absurd, and we knew that playing
| "the meta" wasn't the best strategy in this case because
| you couldn't assume your teammates to play like perfect
| robots, giving you the freedom to try different
| strategies. This is also why people get so damn angry
| when you don't follow the meta and play like a perfect
| robot who has memorized all the strats, because if you
| don't, your team will most certainly lose. You could
| enjoy games you were bad at in 2001, because game design
| wasn't so aggressive about "perfect matchmaking" and
| "perfect competitiveness". I don't want my fun afternoon
| game to be a damn esport.
| metalcrow wrote:
| How did the older games actually accomplish this? I would
| guess that if you just throw people into a match at
| random, on average half are going to be better then you,
| and half worse. So random matches will end up a 50% win-
| loss anyway unless you're especially good or bad at the
| game (compared to the rest of the population). So if most
| of the game's playerbase is kids who can afford to play
| 12 hours a day, normal people like us would likely get
| worse then a 50% loss rate with the random system!
| aidenn0 wrote:
| Many games didn't have a global list of servers, so you
| just connect to a server you know.
|
| Even games that _did_ have a global list of servers, one
| wouldn 't necessarily always play on random servers, but
| have some favorite servers (often ping-based, which means
| geographically local, to some degree) and play on those.
| scrlk wrote:
| > How did the older games actually accomplish this?
|
| Using Counter-Strike as an example: no matchmaking system
| - relied upon community hosted servers offering a wide
| range of game modes (official and community created).
| More competitive matches (pick-up games) were often found
| via IRC.
| pie_flavor wrote:
| This is, ironically, one of the best reasons to try a
| battle royale game like Apex Legends. Once winning at all
| is put far out of reach, the psychological aspect to
| losing vanishes and you can have fun purely with
| gameplay. The extent of SBMM in a chaotic anything-goes
| game like Apex is one lobby for KDRs below 2.0 and one
| lobby for those above, and despite firmly being in the
| 'below' range it's never gotten old.
| izzydata wrote:
| When I was younger I probably would have thought it would be
| awesome to make money from playing video games, but now I
| feel like the activity changing from a hobby for fun into a
| livelihood has only been for the worse. This trend may exist
| for many other hobbies as well such as blogging or making
| internet content.
| spiffytech wrote:
| > The overjustification effect occurs when an expected
| external incentive such as money or prizes decreases a
| person's intrinsic motivation to perform a task. ... Once
| rewards are no longer offered, interest in the activity is
| lost; prior intrinsic motivation does not return, and
| extrinsic rewards must be continuously offered as
| motivation to sustain the activity.
|
| https://en.wikipedia.org/wiki/Overjustification_effect
| AlexandrB wrote:
| One of the things that drove me nuts about Overwatch 1 was
| the common demand from other players that you employ the
| pro-league meta when playing even at the lowest levels. A
| lot of players seem to imagine themselves as the next Ninja
| (or the Overwatch equivalent) in training and playing
| multiplayer in that environment is not much fun.
|
| See also this video about why it's considered rude to suck
| at WoW: https://www.youtube.com/watch?v=BKP1I7IocYU
| aaomidi wrote:
| Every gamer is a temporarily embarrassed pro?
|
| I wonder if that same analogy applies.
| nemothekid wrote:
| No; Overwatch 1 was unique in that a single player trying
| to do something "off-meta" meant all 5 other players had
| to play around that one player, and if you were losing it
| was very frustrating. The game's design and balance IMO
| was inherently toxic. Everyone "practiced" the "pro" meta
| so there was unspoken rule book on how people understood
| how to play the game. One person being off meta was
| almost like demanding the entire team play rugby when you
| thought you were playing football. The game wasn't
| flexible enough to allow individual experimentation.
| invalidOrTaken wrote:
| There was plenty of room for individual experimentation
| ---it was the _players_ who weren 't flexible enough.
| Before role queue, any particular player could, at the
| drop of a hat, mid-match, mid- _life_ , switch to another
| of 21 _very_ different heroes. Hard for a game to get
| more flexible than that!
|
| But in the end, it seems the players didn't want that,
| and instead wanted _less_ flexibility for their teammates
| and the enemy team.
| anigbrowl wrote:
| Another problem with multiplayer is that if you don't cheat but
| play well, people who lose to you can be so whiny and abusive.
| Not jut in game, but following up with nasty emails on the
| platform etc.
| pixl97 wrote:
| It's been 19 years since this was posted, and I don't expect
| the truth behind it will ever change.
|
| https://www.penny-arcade.com/comic/2004/03/19/green-
| blackboa...
| yamtaddle wrote:
| I remember joining games of Dark Forces: Jedi Knight in the
| '90s and finding someone playing as a TIE fighter. Like, a
| _full size_ TIE Fighter, not a model scaled down to person-
| size. And insta-killing anyone who came near. Mind you, this is
| a (mostly) first-person shooter that doesn 't normally have
| player-drivable vehicles of any kind.
|
| That and similar ridiculousness were fairly common.
|
| I actually didn't mind that stuff, it was funny enough to
| outweigh the irritation of not getting to play a real match.
| The ones cheating without making it overt were the ones who'd
| truly ruin a match.
|
| > You wouldn't cheat at tic tac toe despite the inherently low
| stakes of the game so it doesn't seem any different in any
| other video game.
|
| I don't get it, but people do cheat. They cheat in online
| games, they cheat at board games, they cheat at tabletop
| RPGs(?! and no, I don't just mean the DM fudging some roles in
| the name of fun--they have a screen _for a reason_ ) [EDIT]
| What I mean is, there must be _some_ impulse to do it, even
| when the stakes are nonexistent and it might even ruin the fun
| for everyone. It 's not even uncommon. I don't get it either,
| but it must be there.
| tester756 wrote:
| League of Legends is the game where cheating is rare as hell or
|
| hard to spot because it doesnt give as big advantage due to
| game mechanics/dynamics.
|
| Majority of cheaters that I've met were when I've been leveling
| new account
|
| Also:
|
| Today on HN we complain about cheaters
|
| Tomorrow we will complain about kernel rootkit from anti-cheat
| software and someone will argue that server-side should be
| enough :)
| CaliforniaKarl wrote:
| I suggest having a look at Deep Rock Galactic
| (http://deeprockgalactic.com). It's a coop-first game (that is,
| it's meant to be played with others, but can be played solo)
| that is PvE (that is, you & others are working together,
| against "the environment").
|
| Missions are arranged into five difficulty levels ("Hazard 1",
| a.k.a "Haz1", the easiest, through "Haz5"). I've found that,
| when playing with random people, Haz2 or Haz3 gets you a good
| combination of players. Of course there are toxic players, but
| the proportion of them (that is, the number of toxic players as
| a percentage of the playerbase online at any given time) is
| low.
|
| I think Haz4--more difficult than Haz3 but not Haz5--has a
| higher chance of toxic players. I avoid Haz5 as it's
| _extremely_ difficult for my skill level, but I understand the
| players who regularly do Haz5 missions are good folk.
|
| If you play DRG on Steam, and you ever see me online
| (http://steamcommunity.com/id/CaliforniaKarl/), feel free to
| ping me for a mission!
| helf wrote:
| I do not understand the appeal of cheating in MP games. What is
| the point of being invincible in a FPS or unlimited gold in
| something else etc? It takes all the effort and skill out of it.
| It's like it's a buncha 12yos who cant stand "to lose".
| jiggawatts wrote:
| This suddenly reminded me of how I was "cheating".
|
| Before the game starts each of the ten players gets to pick a
| distinct hero for themselves out of a pool of about 120 choices.
| This is over 10^20 distinct combinations! Each hero has some
| unique capabilities that combo with allies or counter enemy
| heroes.
|
| I tried to train a "hero recommender" based on tens of millions
| of games.
|
| It turned out that this is obscenely difficult because even the
| best AI training algorithms struggle with such highly noisy
| labels. A good hero combo might shift win rates by some positive
| percentage but have a single sample data point, which is a loss
| because of one stupid kid in the team throwing the game.
|
| You also can't naively simplify the problem into 2-hero or 3-hero
| combinations because this misses the "total team composition"
| metrics.
|
| I found some research papers that were just a few months old at
| the time which covered this corner of the AI training space.
| Their conclusion were: "We don't know either but it's an
| interesting problem!"
| sbdaman wrote:
| dotabuff.com does this on a broader scale (offers hero counter
| suggestions etc.) A better example is u.gg or op.gg which do
| this for LoL.
___________________________________________________________________
(page generated 2023-02-23 23:00 UTC)