Steam games will need to disclose kernel-level anti-cheat on store pages
https://www.gamingonlinux.com/2024/10/steam-games-will-now-need-to-fully-disclose-kernel-level-anti-cheat-on-store-pages/They had the balls to add a mandatory kernel extension into a game that I've bought 10 years ago and that I wish to play in single player only.
I find it utterly ridiculous. As usual, piracy would have been the superior experience.
AFAIK, there's fewer cheaters on PlayStation current-gen than on PC, and I don't have to worry about anti-cheat kludges corrupting my "rig".
And realistically, some real non-cheating players will by chance just have similar statistics to bots, especially since the bots will start doing their best to mimic real players.
Also many players don't need to cheat all the time; just in that critical moment when it really matters. Didn't Magnus Carlsen say he only needs a single move from a chess computer in the right moment to be virtually guaranteed win? Something like that probably applies to a many people and fields. This is even harder to detect with just statistics.
Also also reminds me of the "you can't respond in less than 100ms, and if start the sprint faster than that after the starting pistol then you're disqualified"-type stuff they have in the Olympics – some people can consistently respond faster and there's a bunch of false positives. Not great.
Because if you force all the cheaters to hide well enough to look like "normal" players, no one will know, and the game feel will not be negatively impacted. Outside of the tippy top of competition where money becomes involved, it's kind of irrelevant if the game is technically fair, as long as it feels fair to everyone.
The difference is that IRL chess and a typical FPS game have very different availability of datasets. IRL chess has both fewer moves per game, and fewer games played in short succession than typical FPS games. Also, with FPS games there is a single metric to evaluate -- the shot landed or missed -- compared with chess where moves are ranked on a scale.
So I'd argue that it would be much easier to do a statistical model to predict a cheating aimbot than it would a cheating IRL chess player. I don't believe Magnus's proposition holds for prolific online chess players when they do dozens or more blitz/bullet games in a single day.
Didn't Magnus Carlsen say he only needs a single move from a chess computer in the right moment to be virtually guaranteed win
That's because he's an elite chess player. Him cheating once per game could make the difference between being number 1 or number 10 but either way he's up there.
But for you or me, cheating once per game wouldn't make a difference. We'd still be ranked as nobody plebs. To get ranked high enough for people to know our names we would have to cheat dozens of times a game, and experienced players would easily peg us as cheaters.
Try cheating on chess.com, if you cheat enough to make a meaningful difference their servers will automatically nail you with statistics.
Serial cheaters cheat just enough to give themselves an edge without making it obvious to the people watching them. By just looking at their stats, it can become very difficult (though not impossible) to differentiate a cheater from a pro player. This difficulty increases the odds of getting a false positive, necessitating a higher detection threshhold to avoid banning innocent players.
They try to make own matchmaking for possible statistical outliers so cheaters end up playing against each other. Of course, real good players can still get there and there are (at least used to) real humans on reviewing on those games to see if someone is actually a cheater. It is not a simple task, since you can cheat to be just slightly better than others and that is enough to be good.
So I think it is fair to say the there haven't been billions of dollars of research spent on this problem.
[1] https://www.dexerto.com/gaming/anti-cheat-study-reveals-chea...
At the end of the day someone could be using hardware "cheats" but you can get down to a pretty good spot to stop or disincentivize cheaters without running rootkits on their devices.
They even claim to be able to fingerprint players according their playstyle, thwarting all methods of ban evasion. Skepticism should be abundant here, but this one of the oldest tricks in ML: categorization/clustering. I'm cautiously hopeful.
This would be server-side by nature.
Also if your guns aren't _perfectly_ accurate then the aimbot can't actually predict much of anything.
Evolutionary pressures on cheaters drives them to get better.
Eventually someone finds a stable chink in the server armor and it is exploited en masse.
The goal is to make it inconvenient to cheat on average.
There’s probably some ratio of games with cheaters to games without cheaters that players can tolerate that governs this.
The problem of cheating in games does not weigh more than the users ultimate ownership of and control over their own property.
No one has a right to a business model.
They can do plenty enough server-side. It's not a blocking problem at all, it's just easier to take over all control of the users pc for your own convenience.
Everything, including all valid goals, is easier if you could just have the power to control whatever you want instead of having to cooperate and respect others and respect boundaries. It's no more valid than saying "Everything would be so much better if everyone would just do what I say.". Using that argument is invalid even if supposedly applied in service to some otherwise valid goal.
Now I'll ask: how do you detect someone wall hacking automatically? No human review and no false flags. Go!
If you think it's statistically likely that someone might be cheating, but you're not sure, you can matchmake them with other people who might be cheating.
You don't tell the client the location of anything they can't see.
* Play sounds from their actions * Actually be able to render them when either player comes around the corner without them obviously materializing out of thin air.
https://www.sciencedirect.com/science/article/abs/pii/S18759...
Games publishers have been bad actors in this space for a long time now. The genshin impact anticheat was used in a malware campaign. Rockstar was very misleading trying to imply their kernel driver not being compatible with the steam deck was valves fault.
I can't play certain games, because they don't run on Linux and even if they did, I am not gonna install a rootkit to run them.
Early first-person shooter games had this figured out (small servers with 20-30 regular players, the server admin could choose to ban you), RTS games have this figured out, many MMOs have this figured out (interact with non-friends sometimes, but they have to 'join your party', etc.)
Playing with random strangers on the internet who may want to grief/destroy your game, be incredibly toxic, or cheat against you in general.. that's the cost of playing with random people in a completely public forum.
Nah. Consoles were a decade late to the online gaming party, and online gaming on consoles (counting Xbox Live as the first concerted attempt) has only been around half as long as consoles as a product segment have existed.
Could I run windows as a VM guest under Linux and play Fortnite in that (with good GPU performance)? I don’t mind their rootkit running on some dedicated VM - I’ll just consider it my Fortnite unikernel.
(I’m also ok with the host OS being Windows or MacOS).
In practice, I'd settle for a peer Windows OS, like the WSL2 kernel, with the rootkit seperate from my main work one. Can I run two copies of Windows simultaneously as peers?
You basically let your guest OS use your GPU instead of the host.
Installing some random anti-cheat kernel driver is not the same thing, at all.
User space applications can't access hardware or physical memory. They can't bypass permissions enforced by the OS. None of that applies to hardware or kernel drivers.
Most people that use Nvidia. I specifically don't buy Nvidia graphics cards or laptops that use them in my Linux computers because they're not in-tree.
Back then I migrated to Archlinux and in all these years I only had problems with nvidia. Since then they are dead to me :)
- This is an abnormal case. Most hardware will work with in-tree drivers. Indeed, few vendors provide out-of-tree drivers for Linux.
- Nvidia is an established and reputable source. We aren't talking about some small hardware developer who doesn't have the resources to create secure drivers.
- Most Nvidia cards have in-tree drivers. There is a loss in performance, but the option usually exists.
They expose a kernel API to allow games to verify the state of the system, and they're knowingly installed by the user.
Personally I find both unacceptable: I won't play a game that requires me to install a rootkit, and I won't play a game where cheaters and bots run rampant, ruining the fun for everyone.
So hopefully there's a solution to this that doesn't require a rootkit.
(in theory, GTA online has had / still has huge problems with bots and cheats but still earns the publisher hundreds of millions a year)
One could argue that a game isn't critical but one could say it's critical to stop hackers.
If you were to take the stance that gaming isn't critical than with that logic you're then claiming multiplayer hacking is a feature of the game.
Doesn't do well for the community or the company. But nor do the rootkits do good for the consumer.
Some cheats are getting rather sophisticated now. There's an ever-increasing number of Pi-devices where the cheating is done externally.
It's never critical to stop hackers in a videogame IMO. We need to stop being so damn serious about gaming.