Battledield now throwing an error because Valorant is already sitting in kernel memory. Time to buy your EA Battlefield PC but don’t forget your Valorant PC
Battledield now throwing an error because Valorant is already sitting in kernel memory. Time to buy your EA Battlefield PC but don’t forget your Valorant PC
Does anti-cheat even work?
kernel or no
Anecdotally, there seem to be fewer valorant cheaters than in counter strike.
Idk if that can be chalked up to “valorant uses kernel and cs doesn’t”, though. Probably not. And it’s still nonzero for valorant.
Client side anti-cheat (the one installed on your PC) will never work, it’s just fundamentally impossible. They can restrict user freedom as much as they want, but the hardware still isn’t under their control.
The only reason they push for those kinds of anti-cheats is because they don’t have to pay for the extra processing of server side anti-cheat, and they also get the benefit of a backdoor into your computer that you may never fully uninstall without buying a new computer.
… Or installing Linux.
flyes away
Linux isn’t necessarilly immune. A game could easilly ask the user to install a DKMS module or use their kernel image.
They don’t, but that would be the equivilant.
@defaultusername @Dremor
That statement is to easy. It all depends on how much permissions you give the game and in what kind of environment you execute your game. From sandboxing to inmutable root file systems there is a lot possible to exactly prevent this to happen.
I mean, it’s like saying Pentagon security can’t work because some skilled hackers can someday find a way to spoof / steal credentials. Security always happens on a sliding scale based on the value of the contents.
I think at the very least, they can take steps that inconvenience hackers sufficiently each update without harming players - they can’t make it impossible to hack on the client side, but they can’t make it feel not worth it for them.
The reason I sort of insist on it is that even with serverside checks for game logic like teleportation and instant kills, game engines still load the data for player positions which allow for wallhacks and aimhacks. Those checks can only happen clientside; you can’t even send mouse positions often enough to look for “snaps”.
At the least, I agree that modern coders have gotten very lazy about having the server verify basic actions. “Okay, player 22 deals 8000 damage to every other player in the server simultaneously? Okay.”
It only works in so far that it makes making cheats harder to create and easier to detect. But it will never fully eliminate or catch all cheats.
Proof is in cheaters existing on day one of battlefield 6 open beta. Client side anti-cheat will never work. It’s good to have some basic preventative measures client-side, but server-side anti cheat is the only way to properly prevent cheaters.
Unfortunately companies keep investing in garbage client side anticheat that just pokes security holes into our machines.
Only Valve to my knowledge is investing money into their server side anti cheat, no other big player is to my knowledge.
It needs to be a mix. Have your clientside anti-cheat look for obvious attack vectors, have your seeks serverside anti-cheat look for suspicious play, and let users report others. Then have humans review suspected cheaters and make the final call.
But that’s expensive, and off-the-shelf anti-cheat gives them someone else to blame.
I agree, there’s definitely some checks you can only do on the client and only some that work server-side. Ideally everything that can be checked on either, are checked.
Currently it’s just all wrong, the client-side can’t be relied upon as heavily as it is.
The benefit factor to the rootkits they install on our machines is nil. Just bloats our systems with garbage that is just waiting to be exploited by hackers.
You’re viewing from the perspective of what would be best for the playerbase. These decisions are made based on what’s the cheapest possible solution to have the playerbase shut up about cheaters so they wouldn’t drive away potential customers.
Good eye.
I would think there’s money to gain by keeping your players engaged longer by having less cheaters, but I guess theres also an incentive to keep just enough cheaters that you can steadily ban them for more game sales (not that I think that’s happening, i hope not).
Anyways they take our money, we expect whats best for us, within reason of course.
I doubt the revenue from sales to cheaters is that significant compared to the risk of losing players. I think the simplest explanation is that catching cheaters is hard (read: expensive), so they’re happy with catching the most obvious cheaters with off the shelf solutions (i.e. the Pareto principle).
Yeah as I mention I don’t really believe it either, just brought it up because it’s a thought.
And yup the simplest explanation is usually the right one.
I do wish they would stop invading our systems with their current anti-cheats (invasive ones) though, that’s the main thing I am worried about.
I refuse to play them. If they want kernel level anticheat, they can submit the source under the GPL to the Linux kernel devs for consideration, because that’s the only way I’d consider using it. No game is worth compromising my system’s security.
Web developers work this out years ago. If you want to put content behind a paywall don’t do it client side because it will get bypassed.
This was me working out of a tiny office. Yet apparently I was more advanced than AAA game developers.
That’s only proof that it will never be enough to stop all cheating. But if the metric is if it reduces cheating then that proves nothing. Not saying I have proof that it does reduce cheating but I would personally bet on it reducing it somewhat at least.
Valves anti-cheat doesn’t really do anything though, at least not in CS2. It does like to boot me from the game from time to time because I’m playing on Linux though.
True VAC alone is not great (nothing really is), but CS2 (in my opinion) has one of the best systems against abuse, even though legit players like myself can get stuck in low trust factor sometimes.
VAC, trust factor, overwatch (player report reviewing, not sure if this was discontinued) all work together.
Hopefully a big improvement is to come soon with the VAC Live agents that monitor games using AI to predict likely cheaters.
Valve obviously has a big interest in keeping cheaters out, because their skin economy makes them boatloads (literally hehe) of money. I think they are the only company going down this road right now of AI agents, which is unobtrusive to users and should hopefully keep up VACs high accurate ban rate (which is at least a good thing about VAC, when you are banned, in almost all cases, you were indeed cheating (low fase positives)).
I do recognize though that AI agents likely comes with a high cost and may only be implemented in other highly competitive games that make lots of money.
There probably exist other methods, but it’ll take more investment in designing adaptable systems that can work on many games.
Some of it does, some of it doesn’t, the critique is that kernel level stuff is way more than needed against most cheaters but not enough against the most dedicated ones, and it is invasive as hell.
The best anticheat is good netcode and server side checks. You can’t wallhack if your client doesn’t see behind the walls.