Doing anti cheat on the server can only check for symptoms of cheating.
Doing anti cheat on the client can check for tools, attack vectors and the actual method of cheating.
this post was submitted on 30 Nov 2023
57 points (100.0% liked)
No Stupid Questions
39299 readers
1002 users here now
No such thing. Ask away!
!nostupidquestions is a community dedicated to being helpful and answering each others' questions on various topics.
The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:
Rules (interactive)
Rule 1- All posts must be legitimate questions. All post titles must include a question.
All posts must be legitimate questions, and all post titles must include a question. Questions that are joke or trolling questions, memes, song lyrics as title, etc. are not allowed here. See Rule 6 for all exceptions.
Rule 2- Your question subject cannot be illegal or NSFW material.
Your question subject cannot be illegal or NSFW material. You will be warned first, banned second.
Rule 3- Do not seek mental, medical and professional help here.
Do not seek mental, medical and professional help here. Breaking this rule will not get you or your post removed, but it will put you at risk, and possibly in danger.
Rule 4- No self promotion or upvote-farming of any kind.
That's it.
Rule 5- No baiting or sealioning or promoting an agenda.
Questions which, instead of being of an innocuous nature, are specifically intended (based on reports and in the opinion of our crack moderation team) to bait users into ideological wars on charged political topics will be removed and the authors warned - or banned - depending on severity.
Rule 6- Regarding META posts and joke questions.
Provided it is about the community itself, you may post non-question posts using the [META] tag on your post title.
On fridays, you are allowed to post meme and troll questions, on the condition that it's in text format only, and conforms with our other rules. These posts MUST include the [NSQ Friday] tag in their title.
If you post a serious question on friday and are looking only for legitimate answers, then please include the [Serious] tag on your post. Irrelevant replies will then be removed by moderators.
Rule 7- You can't intentionally annoy, mock, or harass other members.
If you intentionally annoy, mock, harass, or discriminate against any individual member, you will be removed.
Likewise, if you are a member, sympathiser or a resemblant of a movement that is known to largely hate, mock, discriminate against, and/or want to take lives of a group of people, and you were provably vocal about your hate, then you will be banned on sight.
Rule 8- All comments should try to stay relevant to their parent content.
Rule 9- Reposts from other platforms are not allowed.
Let everyone have their own content.
Rule 10- Majority of bots aren't allowed to participate here. This includes using AI responses and summaries.
Credits
Our breathtaking icon was bestowed upon us by @Cevilia!
The greatest banner of all time: by @TheOneWithTheHair!
founded 2 years ago
MODERATORS
Also, server side anti-cheat computation costs the gaming company money.
Though you'd think some forms of cheating would be computationally inexpensive to detect, like teleporting and such.
Every time you double your servers' cpu usage, you'll double your server cost as well. If it were cheap I bet more companies would actually consider doing this.
The ultimate server-side anti cheat would be running the online game like Stadia where the players basically stream the game, which is very expensive to run today but might be the norm in the far future.
God what a dystopian future. But you may be right, even for single player games.
Anti cheat for single player games is a silly concept that game companies are way too eager for
Ah yes. So frustrating how Nintendo keeps patching all the fun hacks/glitches in tears of the kingdom.
I tried to set up Minecraft anti x-ray once And yeah it bogged down the server so hard
It's an interesting problem. If you render everything server side and just deliver a video stream to the client, like a GeForce now only tournament. That eliminates a lot of cheating vectors.
The issue then becomes ensuring you have equal latency to all the players. So no one person has an advantage. But you could add artificial latency in that circumstance.
There's no getting away from the fact that in a distributed network, ordering of events and ensuring simultaneousness is difficult. Peakers advantage is a real thing.
Server side rendering and streaming, advantages: people only see what they're supposed to see, the server has perfect registration of all activity.
Disadvantages: more latency for everyone, AI auto aiming is still an issue. Requires excellent networking for everyone
One other downside. Server rendering is much more expensive.
Not really that expensive. With server rendering the GPUs can be constantly utilized for different clients or different activities. You only pay per minute of usage. GeForce now is I think $5 a month, which it's not much. If you pay AWS for their ephemeral tear, 5 to 10 cents per hour depending on the GPU you want.
When they're not being used for gaming, those GPUs could be used for AI training, model generation, a whole host of things. A GPU in your house probably isn't used 24/7, so that hardware is not being efficiently a moretized over a large scale of activity
Adding at least $5 a month to a game subscription is expensive considering a lot of them are 10-15$/mo. Note that this isn't just GPU expensive. You also need to calculate game logic on the server too which can also drive up CPU and ram expenses. This is not to mention that a lot of popular online games are freemium and will stand to lose a lot of players if they start charging a subscription.
Another way to word it is that the freemium model is incompatible with server side rendering.
Because the client side is the side where cheating happens.
Sure, but client side is also owned and run by the cheater. Do you really trust them to always run the anti-cheat honestly?
Anti-cheats are typically designed so that the user can't actually modify them at all. They install themselves deep into your system, sometimes literally in the form of a rootkit which basically runs parts of it completely invisibly from your OS, entirely.
Anti-cheats are typically designed so that the user can't actually modify them at all.
The problem is that these measures can be bypassed
https://guidedhacking.com/threads/how-to-bypass-anticheat-start-here-beginners-guide.9882/
But it is complicated enough that most people don't bother with it.
So is cheating, yet we still have cheaters.
Of course, which is why all cheating has been eradicated forever. Certainly no game with a rootkit anti-cheat has ever had a problem with cheating.
You can't check the source of cheating on the server side, as it is run on the client side.
You can't reliably check the source client side either, because the client side self-reports, and is where the cheat runs.
That's a statement in the same ballpark as "people who get vaccinated can still get COVID, so why get vaccinated at all".
Seriously, where do you even come up with that level of daft argument.
One of the most basic security principles is literally “never trust the client side.”
Nobody is making new COVID versions to get around the vaccine. COVID vaccines don't create a backdoor into your immune system that make you weaker against other viruses. The COVID vaccine actually works. That is a stupid analogy.
More invasive anti-cheats cause a brief dip in cheating, and then cheaters spread around a way to get around the new anti-cheat and everything immediately goes back to how it was. As long as the anti-cheat is being run on the cheater's computer, it will be bypassed and made irrelevant. People's desire to see something, anything done about a problem no matter how terrible the solution sometimes just makes things worse without even helping the problem, and I'm not okay with that.
Nature itself is literally making new covid versions.
And our immune system detects and fights most of them similar to how virus scanners can detect a virus it doesn't know. By detecting similarities.
If a new variant comes along that is so different from the OG virus that your immune system doesn't know what to do with it, they develop a new vaccine, which you have "install on the client side" by getting the vaccine, to protect you from getting sick from it.
If new methods are developed to cheat, the cheat engine gets updated to detect those too.
As for "brief dip", that's the only thing needed for a product launch.
If a game is rife with cheating day one, it'll fail.
If it only gets rife with cheating when people are already invested in it, the cheating is much lower priority.
That doesn't change that fact that at the server side, you're unable to detect most prevalent forms of cheating.
Wallhacks and aimbots are nigh impossible to detect on the server side.
Cool, keep taking your horse dewormer. I'll be over here not installing rootkits made by companies with terrible security practices.
They usually use both. Client side and server side detection together.
The problem isn't the check itself usually, but rather latency. If you shoot a player on your screen you want immediate feedback (client side), instead of waiting for a roundtrip to the server until the blood spatters.
There have been shooters where the server decides if a bullet lands. So on your screen you hit the player and then they suddenly survived. So most shooters switched to: If the client thinks it hit, it hit. Which does lead on the receiving end to running behind a wall and still dying. Overall it feels better than the alternative though.
The whole topic is pretty much game networking, it's a balance between doing it correctly (server side, slow) and faking to get it close enough (client side, immediate, easier to cheat, unfair if the player is laggy).
Of course there are some server checks that are always easy: For example if a player teleports or moves around the map faster than possible? You can flag them for review or if it happens too often kick/ban them. As long as you're super careful about automatic bans (bugs exist).
Overall it feels better than the alternative though.
Client Side Prediction in combination with Server Authoritative Calculation should always be the correct option.
Basically, both the server and the client do the same calculation to see if a bullet hits. Then the server sees the client data and checks if it matches what the server calculated. If it does, then it ignores the client data and continues, otherwise it sends the correct data to overwrite the client. While the client waits for the server to check the data and send it back, it calculates the next frame based on previous server data such as previous enemy velocity, look angle, etc. The client is always slightly ahead of the server, but as long as the ping is low this isn't a problem (depends on network data bandwidth, but usually anything below 150ms ping is not really noticeable, as the ping from your eyes to your brain processing it, then reacting to what you saw is between 150ms-300ms.)
This feels bad for players with bad ping, but it doesn't have a negative effect on anyone else except cheaters that can no longer shoot you through walls or make impossible movements. And both of these are usually the fault of the client, as choosing a server with lower ping or simply not cheating will fix the problem immediately.
Client Authoritative Calculation, where the client tells the server the data to send other players, should never be used in a game where cheating would be a severe negative impact on the game, such as a PvP shooter.
Server receives "1" for "hit registered" as sent by "client". As a client I can shove 1s all day long, how will it safeguard that?
Server determines hit received. Client only sends shot fired and direction and such. Server could also calculate if shot and direction make sense based on location, last shot fired, etc.
I’m a dev but not a game dev so I have no idea if this is doable or too much for the server to handle.
There probably is a reason anti cheat on the client is still needed. On the other hand, isn’t this mostly to prevent wallhacking and such? That’s probably the hardest cheat to detect server side if it’s even possible at all.
Depends what you mean by wall hacking I guess. Shooting through a wall should not be possible by your proposed method, and it could be expanded to prevent the player moving through walls also.
Seeing through walls though is a different matter. How does the server know if I have rendered an opaque wall or not?
Personally I see anticheat as a problem to be solved socially, not technically. Just let people vote to kick, and anyone who is generally accepted to be hacking will be kicked. No need for invasive Spyware.
Just let people vote to kick
This system is easy to abuse, and historically when implemented will be abused.
I just want to say that the term 'rootkit' has been twisted out of shape when referring to anti-cheat. Rootkits are malicious. Software using low level privileges that require the user's consent to a EULA, and which is designed to be uninstallable by the user I would not consider a rootkit, just invasive.
Root kit by definition means software that grants root privileges to whoever controls it. Anti-cheat, especially kernel level anti-cheat, does just that. Parts of the anti-cheat used for genshin impact has been used on entirely different computers to disable antivirus programs.
Root kit by definition means software that grants root privileges to whoever controls it
That doesn't sound correct. That would mean sudo is a root kit, and I would be hard pressed to find people who agree with that statement.
I think it's very important to separate root and kernel mode. If you run an application as root, you are still running in user mode. Drivers and other kernel modules are running in kernel mode. There are a lot of differences with serious implications for system stability and security.
I don't call sudo a rootkit, do you?
Should've clarified that it's other users that are being granted elevated access, not the user sitting in front of the computer. Also, sudo doesn't grant access, you must already have access to use sudo.
Yes, I mean I understand why people use the term rootkit. But, at the same time it isn't good to dilute a term for something malicious.
At the same time, while I hate cheating in online games I barely trust game developers that are often on a crunch timeline, access to user mode on my system. I really don't want to give them access to kernel mode just to detect cheats. Also, it just means the next level of cheats just has to do the same, or get themselves in the hypervisor instead or hardware based anyway.
I don't play games that have kernel mode anti cheat (unless they've somehow installed kernel mode drivers without me knowing, every game installer wants admin to install these days it seems) for this reason.