| Yes. Basically cheats and anti-cheats became their own thing security-wise and huge amounts of effort are spent (by both sides) on this cat and mouse game. Although both cracking (as in "software cracking") and cheats were very similar security fields back in the day (both boiled down to reverse engineering) cheating has diverged enough (due to modern anti-cheats and anti-piracy becoming very different countermeasures) that I'd consider them vastly different nowadays. Some categories of exploits unique to games: - Aim hacking (pointing the mouse cursor to enemy heads) - Recoil/spread cheats (mouse compensating for weapon recoil or bullet spread) - Botting/botfarming (playing resource-intensive games automatically) - Wallhacking (showing players through walls, or making walls semi transparent) - Miscellaneous passive assistance (like overlaying a predicted path for a ball in a game, drawing precise location for footsteps/other player sounds, etc.) - Modification of game state (like sending your character's position at will, allowing you to fly or go through walls) Some of these have analogues in app security: - Botting detection is probably very similar in both MMOs and CloudFlare) - Hidden information is not very different from what we do in web apps (only send the state that the client needs and has access to) - Preventing game state modification is solved by having a strongly authoritative server (again pretty normal in app land) But even in those, what makes games very unique compared to other apps is that they're hard real time: you have hard requirements for each frame time; it's expensive to calculate in-server all things that a player should be able to see every single frame; packets take time to travel over the internet so you have to give it some slack (or enemies could pop out of nowhere when crossing doors); client sometimes needs information that you'd like to remain private (you need player positions even behind walls to provide 3D sounds)... Modern anticheats usually resort to just scanning the memory for running cheats, trying to detect a cheat reading/modifying the game memory, etc. but cheats have come to great lengths like having actual cheat hardware (DMA devices on PCIe[0]) that cannot be detected since it's running outside of the computer software. [0] https://blog.esea.net/esea-hardware-cheats/ |