Administered by:
a game developer’s guide to beating cheaters:
- sell your game for money, even if its $5, just dont do f2p (making a new account after getting banned is easy, forking over money is not so much)
- let players run servers, they will moderate them on their own and provide a place for people to play without cheaters (this is currently the only way to play team fortress 2 without running into the cheating bots on valve’s matchmaking servers)
- hire human moderators that respond to reports and manually ban cheaters in official servers live (blizzard did this with world of warcraft and it is and was highly successful for defeating bots)
- copy counter-strike’s overwatch system (players have shown that they are more than willing to help crowdsource bans, it also doubles as additional entertainment for the players)
the solution isn’t to put a fucking rootkit on my computer. learn from the past, perhaps
theyre like "ok so we've destroyed the players ability to run servers on their own, made the game free, and we no longer have the ability for staff to join servers to inspect gameplay and manually ban players, thus, cheaters are absolutely rampant. how do we solve this? hmmmmm... I GOT IT! a kernel-level rootkit!"
@nano kernel level anticheats are designed to prevent against attackers willing to spend hundreds of dollars to cheat in video games
making the game cost money will not do anything for them
also its not a rootkit by definition
@Rairii @nano when i think of rootkit, i think of "system level code with malicious intent that runs all the time that tries to hide itself from being there", not "kernel code that i dont like"
the only thing that most kernel level anticheat fits is the former, with riot vanguard sliding itself into the "runs all the time" category
First 4 Internet's XCP driver ("Sony rootkit") was always called a rootkit - even if only by comparison at first - since it was reversed and posted about, despite it not being written with malicious intent
@Rairii @nano the sony driver was designed to run all the time, install itself without your knowledge and stop you from seeing it existed
also kernel level anticheats are no more harmful than shittily made hardware drivers when it comes to "bring your own driver" attacks (which, i think both should be held to much much higher standards to be allowed to run in the kernel, mind you). i do get the concern if the services responsible are installed already on a lot of systems
and i think this is the main issue i have with them. they are deliberately trying to hide from people (attackers and security researchers alike) trying to understand what they are doing, and yet they are running in the most privileged position it is possible for "legitimate" (ie, signed by MS) third party code to have
take battleye for instance, it took someone making a public devirt (with slight issues but still), and when i found out about that i found what was effectively a backdoor (to enable protected process rights in an arbitrary process) within a few minutes of looking