Comment on Begun the kernel wars have
tourist@lemmy.world 11 hours ago
Does anti-cheat even work?
kernel or no
Client side anti-cheat (the one installed on your PC) will never work, it’s just fundamentally impossible. They can restrict user freedom as much as they want, but the hardware still isn’t under their control.
The only reason they push for those kinds of anti-cheats is because they don’t have to pay for the extra processing of server side anti-cheat, and they also get the benefit of a backdoor into your computer that you may never fully uninstall without buying a new computer.
… Or installing Linux.
flyes away
Linux isn’t necessarilly immune. A game could easilly ask the user to install a DKMS module.
That statement is to easy. It all depends on how much permissions you give the game and in what kind of environment you execute your game. From sandboxing to inmutable root file systems there is a lot possible to exactly prevent this to happen.
eBPF is probably the way with Linux IMO
I mean, it’s like saying Pentagon security can’t work because some skilled hackers can someday find a way to spoof / steal credentials. Security always happens on a sliding scale based on the value of the contents.
I think at the very least, they can take steps that inconvenience hackers sufficiently each update without harming players - they can’t make it impossible to hack on the client side, but they can’t make it feel not worth it for them.
The reason I sort of insist on it is that even with serverside checks for game logic like teleportation and instant kills, game engines still load the data for player positions which allow for wallhacks and aimhacks. Those checks can only happen clientside; you can’t even send mouse positions often enough to look for “snaps”.
At the least, I agree that modern coders have gotten very lazy about having the server verify basic actions. “Okay, player 22 deals 8000 damage to every other player in the server simultaneously? Okay.”
It only works in so far that it makes making cheats harder to create and easier to detect. But it will never fully eliminate or catch all cheats.
Some of it does, some of it doesn’t, the critique is that kernel level stuff is way more than needed against most cheaters but not enough against the most dedicated ones, and it is invasive as hell.
The best anticheat is good netcode and server side checks. You can’t wallhack if your client doesn’t see behind the walls.
Anecdotally, there seem to be fewer valorant cheaters than in counter strike.
Idk if that can be chalked up to “valorant uses kernel and cs doesn’t”, though. Probably not.
dogs0n@sh.itjust.works 11 hours ago
Proof is in cheaters existing on day one of battlefield 6 open beta. Client side anti-cheat will never work. It’s good to have some basic preventative measures client-side, but server-side anti cheat is the only way to properly prevent cheaters.
Unfortunately companies keep investing in garbage client side anticheat that just pokes security holes into our machines.
Only Valve to my knowledge is investing money into their server side anti cheat, no other big player is to my knowledge.
sugar_in_your_tea@sh.itjust.works 10 hours ago
It needs to be a mix. Have your clientside anti-cheat look for obvious attack vectors, have your seeks serverside anti-cheat look for suspicious play, and let users report others. Then have humans review suspected cheaters and make the final call.
But that’s expensive, and off-the-shelf anti-cheat gives them someone else to blame.
dogs0n@sh.itjust.works 5 hours ago
I agree, there’s definitely some checks you can only do on the client and only some that work server-side. Ideally everything that can be checked on either, are checked.
Currently it’s just all wrong, the client-side can’t be relied upon as heavily as it is.
The benefit factor to the rootkits they install on our machines is nil. Just bloats our systems with garbage that is just waiting to be exploited by hackers.
Goodeye8@piefed.social 5 hours ago
You're viewing from the perspective of what would be best for the playerbase. These decisions are made based on what's the cheapest possible solution to have the playerbase shut up about cheaters so they wouldn't drive away potential customers.
echodot@feddit.uk 7 hours ago
Web developers work this out years ago. If you want to put content behind a paywall don’t do it client side because it will get bypassed.
This was me working out of a tiny office. Yet apparently I was more advanced than AAA game developers.
dogs0n@sh.itjust.works 5 hours ago
Hopefully they start to learn from this at some point… they should realise that their current anti-cheat systems are not working as intended at some point right?
Battlefield will lose sales, every game definitely loses players because of cheater infestations. Lots of money lost in my eyes, is it enough to make them see straight?
CptBread@lemmy.world 9 hours ago
That’s only proof that it will never be enough to stop all cheating. But if the metric is if it reduces cheating then that proves nothing. Not saying I have proof that it does reduce cheating but I would personally bet on it reducing it somewhat at least.
dogs0n@sh.itjust.works 5 hours ago
It definitely reduces cheating, but mostly just by raising the bar of entry (not by that much as evident in day 1 cheats being present). I doubt it’s effectiveness though, since most games you can do some quick research and find $5 cheats that will go undetected (hell even free cheats can work if you do a little more research on doing the injection part manually yourself).
You can also never stop cheating, but the anti-cheat they install on your computer is just an extra attack vector for hackers, etc at this point, since it obviously doesnt work as intended.