[halfcreative]

I wish I understood better how anti-cheat works. When anti-cheat software gets flagged while running on linux, is the cause of the flag a viable route for other cheats? I'm so unfamiliar with the mechanics of anti-cheat that I'm not even sure if I'm asking a proper question.

[fermenflo]

The way I understand it (which isn't that well either tbh) is that most modern anti-cheat softwares run off of some Hardware ID (HWID). An amalgam of ids from your GPU, CPU, OS, Mac adress, and so on... that are somehow combined or hashed into some uniquely identifying ID. This is a bit harder to spoof than an IP address ban. And most are robust to gradual changes. Like Theseus' ship, if you change your GPU one day, OS the next, and so on... is it the same computer you should ban? Most HWIDs generated by games won't change until a certain number of those variables are messed around with.

Once again, I'm no expert but I think that's at least helpful.

[penagwin]

This is called hardware banning and is not "super" common in the PC world, usually they just ban accounts. I know overwatch does this HW bans, but no VAC protected game does.

Consoles generally ban by HW I believe.

[jandrese]

I'm pretty sure the mechanics of the anti-cheat are kept obscure to prevent cheat makers from adding anti-anti-cheat tech to their product.

[saagarjha]

They are but get promptly reverse engineered by modders and hack developers. Many of the core techniques remain the same.

[swarnie_]

Pretty much this, its intentionally kept as a blackbox.

[midnightclubbed]

Some solution are a blackbox to the game development team (and run as a post process during the game link or as a separate executable monitoring the game and system).

There is a huge and lucrative economy around cheat development that encourages a fair amount of paranoia from game developers.

[mischanix]

Many of the common tools used for cheating in FPS games create an in-game overlay used to provide the cheater with a UI for the cheat and to render hidden information (e.g. wallhacks) in the game world. This is often done by hooking the graphics API used by the game, and that hook is usually performed by replacing the pointers to the functions of the graphics API with pointers to the cheat's own functions. Since DXVK provides its own graphics API functions in a similar way, it can look similar to a cheat in the eyes of poorly-written anti-cheat software.

[zamalek]

Somebody might have been cheating on Linux, got caught and then has their data (loaded modules) used as a specimen for a positive result, thereby flagging all Linux players as cheaters. That, or EA has a whitelist of loaded modules.

That would excuse incorrectly banning players. It does not excuse upholding the ban:

> After thoroughly investigating your account and concern, we found that your account was actioned correctly and will not remove this sanction from your account.

I guess I'm reinstating my EA boycott, after all the progress and good will that they earned.

[tyingq]

A fairly good high level PowerPoint on the topic: https://www.slideshare.net/chrisma0/beat-your-mom-at-solitai...

The last page has links to more in-depth info.