[DethNinja]

As a gamedev that develops online games I have to disagree that they are required.

Whatever type of anti-cheat you want, you can implement it at server-side with today’s hardware capabilities. However, that would increase server requirements and bandwidth considerably, and as companies don’t want to pay for that they install rootkits to people’s computers.

[AndriyKunitsyn]

I’m going to be Bill Gates for a second and ask for your definition of “can”.

If you mean they can implement a fully server-side anti-cheat without compromising gameplay experience and without requiring the player to have a super-duper fiber connection with 5ms ping to the game server - no. They certainly can’t do it, not for fast-paced online shooters at least, not in this day and age.

[neatze]

While I agree with you to a large degree, from my limited perspective there is one problem with server side cheating detection, such detection would be inherently reactive (eg. it will take few cheating actions, before it is detected by service side anti-cheat) versus on client anti-cheat that is deliberate (eg. cheats can be detected before game is initialized, potentially)

[Spivak]

And if cheating can’t be detected via statistical inference on the server inputs like texture hacks to see through walls?

[DethNinja]

You can actually raycast at server time and only send the location of players visible to client back. So wallhacks are definitely detectable on server side, in fact one of the games I’m making uses this system, it isn’t even that expensive.

[AndriyKunitsyn]

Scenario: I step around a corner. There are enemies behind the corner which I didn’t see previously because they were hidden behind the corner for me.

Will I see enemies behind the corner instantly, or do I have to wait for round-trip time for the server to acknowledge that I stepped out of the corner and tell me where the enemies are?

[DethNinja]

Wall scale would have to be reduced around 10% less for visibility check on the server-side, so that player view info would be sent without RTT problems especially for the cases you mention.

[AndriyKunitsyn]

This makes sense. However, what if we consider another scenario: a cheating player just staying behind the corner. He/she would have no problems receiving information about enemies behind that corner, so this would be much easier for the cheater to push the corner. Basically, the portion of the wall that you cut off for purposes of this visibility check can be considered transparent for cheaters, and opaque for legitimate players, putting legit players in disadvantage.

Can this happen in the game you make? If yes, do you consider this a vulnerability?

[DethNinja]

It definitely can happen, it is a vulnerability but an acceptable one:

1. There is no such thing as perfect anti-cheat solution with today’s resources. Even client side rootkit based solutions can be overcome.

2. My solution completely eliminates wall hacking at 90% of the cases, same can’t be said for the rootkit anti-cheat solutions.

3. Game can be designed to put corner campers to disadvantage. But honestly no need to think extremely deep about such cases, you would first release the game then check the player complaints about wall hackers. If it is a major issue then you can implement a double ray-cast solution for most reported players, use correct size wall for their ray-casts and ban them statistically. Even if you can ban players accidentally it wouldn’t be a huge portion of your player base.

[squeaky-clean]

This doesn't 100% fix the vulnerability. If your game has footstep sound effects the hack can detect the location of the audio sources playing footstep clips.

(I agree though that low-level anticheat also doesn't 100% solve cheating, and causes lots of problems for legitimate players. Just that cheating is always going to be a game of cat and mouse)

[a1369209993]

> the hack can detect the location of the audio sources playing footstep clips.

You don't need a hack for this; the whole point[0] of having footstep sound effects is that the player can detect the location of the audio sources playing footstep clips.

Edit: 0: well, and ambiance, but if your ambiance is impacting your tactical considerations, that's a game design issue in and of itself.

[xfer]

You also add a report system and do additional inference based on reports, add a system where random player review matches. When your multiplayer games become very popular and making you money, you have to put the effort in, not install rootkits on paying customers computers.