[jasonjayr]

It's none of the game's business what other software my computer is running.

These checks have in the past been notoriously buggy, and can interfere with other operations.

This kind of crud is what remote attestation is for, and Microsoft should be responsible for developing it, not every different gaming company competing with each other for kernel access.

[m-p-3]

I agree, but at some point you have to decide if the tradeoff between the freedom to run whatever you want is worth the invasiveness of having an anticheat software analysing your system in-depth for cheating softwares is worth it.

In a way, it's true that it's none of their business which softwares you use, but it's also their business to make sure the multiplayer experience is fair for the entire userbase.

I guess that's the beauty of games consoles, where the execution of softwares is tightly controlled to minimize piracy and cheaters.

[adambyrtek]

Maybe that trade-off should be more flexible and dependent on the "league" a given player wants to play in. The criteria could be more strict for the "pros" where cheating can lead to significant gains, like professional athletes who have to pass regular anti-doping tests, but you wouldn't expect the same invasive checks from (for example) people participating in a charity run.

[hombre_fatal]

The problem with your idea is that nobody wants to play with cheaters.

Everything that makes the game fun is defeated by a single cheater.

So people are just going to choose between playing with 0 cheaters or go play a different game.

[waterhouse]

Years ago I read about some game service that detected cheating and put cheaters into games with other cheaters. The author said it was pretty effective.

[drewzero1]

Reminds me of Game Dev Tycoon's clever anti-piracy trick, where they released a "cracked" version of the game on file sharing sites shortly after launch. The "crack" disabled the copy protection but also changed the gameplay so that NPCs would pirate your products in-game and drive you out of (virtual) business.

[adambyrtek]

Good point, I haven't played games much since the late 90s and I'm returning to gaming only now (partially thanks to Proton), so my experience with multi-player is based mostly on modem or LAN parties with friends, where the social aspect helped to prevent cheating. I guess it's very different now when you can play with random people on the other side of the world.

[tapoxi]

Historically this is what game developers did, and the servers without anti-cheat enabled were rife with cheating.

When games switched from server browsers to matchmaking, they just defaulted to using the anti-cheat system.

[invokestatic]

Fwiw, my solution does actually take advantage of remote attestation, and if that is validated, a large part of kernel integrity checks are skipped. The problem is that many “gaming” consumer motherboards don’t ship with TPMv2 or secure boot, and we still have to support those computers.

[ajnin]

I understand that, fundamentally, anti-cheat involves taking some form of control away from the player. But when the solution involves deeply embedded hardware modules that take that control away globally, introducing their own host of problems, I think that goes too far, and the cure might be worse than the disease. As a player, I wish there was a way to make sure that the anti-cheat only runs when the game runs, and only checks stuff related to the game and nothing else.

[devwastaken]

How does tpm or secureboot assist in anti cheat?

[invokestatic]

When you can remotely prove that the entire boot chain has not been tampered with, it’s much harder to load cheat software in the kernel layer. Of course, still possible, just harder and easier to detect.

[google234123]

How does this address the fact that windows has 100s of badly written drivers that allow r/w to kernel? This seems to only stop the most advance cheats that actually execute at or before boot.

[invokestatic]

Secure boot addresses other specific security concerns that are unrelated to exploitable drivers. For instance, it eliminates a whole class of PatchGuard bypasses.

[kortilla]

Sorry to derail, but how often does anti-cheat development involve buying access to a cheat just for the purpose of reverse engineering it? Is that pretty much most of the time or is there enough evidence collected from logs to be able to infer what was happening?

[Spivak]

> It's none of the game's business what other software my computer is running.

I get the sentiment here but we're specifically talking about a mechanism specifically designed to detect other software that is used for cheating.

The alternative is a world where games will only run on machines with SecureBoot, a signed kernel with kernel security on, and only whitelisted signed modules.

There isn't a good solution for how to run games where the clients have to be semi-trusted on a hardware and software stack controlled by the user. If you give me total control over the environment in which a program runs I can make it do and believe anything.

[eptcyka]

Maybe the game servers could not send the whole game state to each client and validate input it receives from each client? Banning blatant aimbots is just a pure statistics thing. Also, you could just train ai to detect patterns of cheating via an adversarial model where you pit normal ai against ai that uses the cheats you currently detect via rootkits. Games should not be part of my ring 0.

[chc]

Game companies do take a similar approach to what you're describing, but still feel the need to run anticheat. If you ban aimbots based purely on statistics, you'll just encourage cheat developers to change the statistical properties of their aimbots. Cheats are a fairly big business — even detecting them with anticheat software in ring 0 doesn't seem to be a surefire guard against cheating.

[kaba0]

Well, if an aimbot is only statistically as good as a good human player, does it matter anymore whether the player actually plays or a good bot?

If it is only as good as a real player than it won’t be invincible and will be equivalent to playing with a few AIs in a multiplayer game - which already happens.

Also, I believe the exact mouse movement will not be the same for a human and an aimbot - so not only statistics can be used to ban players

[kortilla]

> Banning blatant aimbots is just a pure statistics thing.

So you have two choices here. You either ban the best players or the aim bots just behave with a success rate close to the best players.

[eptcyka]

If you can't distinguish between cheaters and the best players statistically, can the regular players tell the difference? Does it matter at all then?

And when I'm talking about statistics here, I'm not referring to the kill/death ratio, but rather all input data received from a cheater.

[krageon]

If a player consistently has a sub 100ms response time, it is a bot. There are plenty such values to be found that have clear superhuman markers (100ms on average is already realistically too low, so I'm being mild), and you can use those to detect cheaters.

[kuschku]

So, if you allow bots that behave exactly like humans, then what's so bad about that?

[Acutulus]

I remember playing a first person shooter called Red Faction on PC maybe 15 years ago. Through some poking around I (and many others) discovered that when a client joined a multiplayer game, the server would instruct each client to load a large .dat file local to the client containing presumably a bunch of global assets. Within that were numerous object, physics and game state variables in plain text ripe for the picking. The server would proceed to accept any .dat file that contained the necessary declarations regardless of their value.

I recall seeing players hovering in the air and spinning while shooting rockets out at hundreds of rounds a second. There was also a way to modify your files such that you could crash a game just by joining it. The experience was as interesting and fun as it was awful.

[pkaye]

What if they gave you the ability to disable anti-cheat checks but put you up against others who do the same?

[rkangel]

I play various games where they developers try hard to prevent cheaters and they still get through and ruin a small but significant percentage of the games. I can't imagine how crappy an experience it would be if there was no cheat protection at all.

[google234123]

It's the game'd business what you are running if you are ruining the game for other players.