[advael]

That's ridiculous. A server only needs to be capable of running a single authoritative copy of the game and handling dead simple network requests to prevent every kind of cheating that matters except input automations, which you can't prevent reliably with a rootkit anyway. If you have a case where this isn't true, feel free to expand on it instead of just blindly believing it must exist. You don't need client-side control to make very powerful guarantees of systemic security in much more serious contexts than a game. You're not only doing special pleading, but you're doing it for a scenario that, as far as I can tell, has no theoretical reasoning and no examples, because you haven't provided any. I have to conclude it's imaginary. I gave you a good breakdown of what threat models I think exist and some sketches of technical solutions, like client separation and authoritative servers. I speak from both sound theory and experience implementing netcode here. Maybe you are too, but I can't tell from what you're saying, because again all I'm hearing is "nuh uh, sometimes you need it!" I see no why, how, or when in that argument. Is the problem you can only fix by having total control over the whole platform of every client in the room with us right now?

[DEADMINCE]

> every kind of cheating that matters except input automations

So basically, except the most common types of cheating.

> which you can't prevent reliably with a rootkit anyway

Yes, this is basically what I was saying when I said you can't stop cheating so long as the consumer has control of the hardware.

> instead of just blindly believing it must exist

Well, with respect, I think it is you who is blindly believing all cheating can be stopped server-side. I find that claim to be patently ridiculous.

> no examples, because you haven't provided any.

> all I'm hearing is "nuh uh, sometimes you need it!"

You're right, I haven't provided examples because this is common knowledge in the industry or to anyone that knows anything about trying to prevent cheating. I wasn't prepared to have to give a lecture to defend my point. But really, if what you are saying was correct, then all these companies must just be incredibly incompetent for not preventing cheating server-side, right? Because it's just so easy?

More than that, it's a very basic principle in security that if someone controls that hardware, most security can be defeated. The exception is stuff with DRM and things like a TPM where the consumer doesn't have full control, and that is the only way to truly prevent cheating. That's just a fact.

[advael]

So you're saying that the sole concern in anticheat software is macroing? Alright, do you need to control every peripheral connected to the computer as well? How can you guarantee there isn't a SoC on someone's keyboard that sends a bunch of signals that they didn't have to type? Maybe we gotta put a little spy chip in every copper wire sold in every country, just to be sure it's not connecting anything to anything else. You know, in case someone is trying to cheat

Anyway, the fact that industry giants want to be in the very lucrative business of controlling the computers people use and have made up all manner of silly justifications for it is not news to me, but I have no reason to believe them, and saying "well lots of people who I consider to have enough authority that you should take their word for it also believe this, take my word for it" isn't particularly compelling. If you don't expect to need to justify your position why even bother making the claim? I don't assign automatic unquestioned epistemic authority to you just because you claim to be espousing the consensus view of an industry, and it's an industry full of crooks built on an industry full of crooks in the first place

[DEADMINCE]

> So you're saying that the sole concern in anticheat software is macroing?

Can you quote where I said that? I'm certain I said no such thing.

Are you really reducing any client side cheat to just macros? That's either disingenuous or willfully ignorant.

> Alright, do you need to control every peripheral connected to the computer as well?

Ideally, yeah. Look at Playstations for example. People can't play with cheats running on the same OS interfering with the game because they don't have control of the hardware. They can still cheat with peripherals though, as the situation with the Cronus Zen showed, and so yes, to stop cheating control of the peripherals is needed. With a recent real world example to corroborate.

> Maybe we gotta put a little spy chip in every copper wire sold in every country, just to be sure it's not connecting anything to anything else. You know, in case someone is trying to cheat

You're trying to dismiss what I'm saying with hyperbolic sarcasm, but it isn't working and isn't funny. iPhones, Apple Devices in general, Nintendo devices, plenty of Android devices, game consoles, none of these give the consumer control of the hardware. They don't need a keylogger and transmitter to stop cheating, they just need for the cheaters not to have control of the hardware. Like I've been saying.

There is a reason GTA5 on console has no cheats and on PC they are rampant, and it isn't because Rockstar are completely inept at preventing cheats serverside, it's because that isn't possible.

> "well lots of people who I consider to have enough authority that you should take their word for it also believe this, take my word for it" isn't particularly compelling.

My stance isn't based on faith but detailed understanding. You have yet to support your position with any evidence, and so far your point is refuted multiple times over by real world evidence. Occam certainly isn't on your side.

If you want to support your argument you're going to have to do better than trying to dismiss mine as just being the result of an appeal to authority fallacy. Do better, or admit you had no idea what you were talking about and were just speculating/guessing.

[advael]

I actually listed three threat models for cheating in video games that I think matter, and then explained that for those broad classes as I described them, one was a solved problem (If players can change the state of the game in unintended ways directly, your netcode is not just bad, but worse than ready-made standardized solutions that exist), another is solvable with netcode (probably provably so. For example, garbled circuits protocols are a subset of zero-knowledge proofs and can be used to obfuscate domains as broad as any input a neural network is training on, and those are general function approximators about which we can't really make good structured assumptions about what information they will need), and the third is not even solved by a rootkit. You then quoted me about the third, input automation (I then shorthand this later as "macros"), and say

> So basically, except the most common types of cheating

So yes, I concluded from this reply that your concern is about macros, or context-free input automations. With good computer vision models we could also externalize certain classes of context-aware automation from the base system via a camera and an edge GPU on the external device, but this is exotic enough that I assume you're not worried about it. For macros, you can use a keyboard or mouse or joystick modified with a circuit to automate inputs that come from the device in a way that's indistinguishable from those generated by a human user, except perhaps approximately through forensic sequence analysis, which you could do in the network layer or on a server just as well

> You're trying to dismiss what I'm saying with hyperbolic sarcasm, but it isn't working and isn't funny. iPhones, Apple Devices in general, Nintendo devices, plenty of Android devices, game consoles, none of these give the consumer control of the hardware. They don't need a keylogger and transmitter to stop cheating, they just need for the cheaters not to have control of the hardware. Like I've been saying.

I am, as I said, well aware that tech companies are plunging us ever-further into a pervasive dystopian panopticon, which may sound like a silly thing to say about older game consoles, but not ones with cameras and microphones, and which may intercept network traffic, and which you have financial information tied to, and it is certainly not a stretch to say about phones. This is neither hyperbole, sarcasm, nor even subtext. In fact, it is the crux of our disagreement. If your conceit here is that I should accept this as inevitable and not oppose it at all, we have nothing to talk about. Really, if you're going to repeatedly insist that you have epistemic authority and it should exempt you from having to make any actual arguments, the least you could do is to keep up with the conversation.

Let's break this down since you seem confused. I am arguing here that your specific claim that you need this level of control to make a fair video game fails on its merits. Video games are here used as one justification for why it's good that your computer is being controlled remotely by a tech company instead of you. You are here acting as the advocate for that position, essentially that the price of freedom to control the device you play a video game is people cheating in video games. Your arguments so far are "This is the only way" and that this is "common knowledge in the industry", and then I guess a bunch of condescension about how my disagreeing with this premise automatically makes me naive or foolish*. You are correct that I haven't cited specific examples, because I am the one making the general argument, which I've defined in terms of three threat models I'm claiming exhaustively cover the ways someone could cheat at a video game that one could plausibly hope to prevent. Really, your job here is a lot easier, as all you need to be right is one (1) specific counterexample to my claim, a single case where it is definitely impossible to prevent cheating without controlling the computer of the game client, but where it is possible with that control. I'm well aware already that many video games implement "anti-cheat" measures this way, so I wouldn't count "Well they did it here and here and here" as counterexamples. To do this, you could point to a case where one of those classes of threats has no other feasible solution, given control of the server or even on the assumption that at least one player isn't cheating in a p2p context. You could even say "Actually you missed a whole kind of cheating in your threat model", and then demonstrate that it would still be cheating and that it requires a rootkit to accomplish, or something like that. But also, you don't need a counterexample. Maybe my reasoning's wrong somewhere, and pointing out something about it that falls down would at least be a starting point. Instead, you say "This is obvious, everyone knows this, I can't believe I have to explain this", which is you trying to use status in place of an argument. I don't respect that in almost any context, but even if I did, you have not established here and I have no reason to assign you this epistemic status. So in effect, you have not made anything resembling a compelling argument for your position, empirical or otherwise, as I said. As you said, you are under no obligation to, but if that's your tack, it's weird that you bothered to reply at all

*To be fair, I made a really similar argument in my first reply! It applies equally in both directions, and is pretty facile - a combination of an ad hominem attack and begging the question - in both directions. I wrote it in a tone intended to convey that it was more meant as partisan invective than actual argumentation, but regardless of whether you got that subtext, it's not exactly a pillar of my claim here

[DEADMINCE]

> Let's break this down since you seem confused. I am arguing here that your specific claim that you need this level of control to make a fair video game fails on its merits.

No, I'm not confused. You're just very simply wrong. No question about it, it's not a matter of subjectivity, you are 100% absolutely unequivocally incorrect on this issue.

I can only assume at this point you are incredibly stubborn. You clearly have a lack of experience and knowledge in this area, yet you are doubling down on your position, despite it being trivially shown to be false by numerous real world examples and very basic, irrefutable facts and logic.

But you're the type of person who thinks that you're right no matter what, and that all these game developers must just be inept, right? I feel that I've already wasted time pointing out you are wrong and I'm not interested in an is-not/is-too argument with someone that would rather write essays and argue semantics than have the basic decency to admit they have no clue about what they are talking about. No one's even reading this discussion anymore, is your ego really so great?

I won't be continuing this convo, but feel free to have the last word. Good luck.

[advael]

Dang you sure are great at saying nothing really confidently. I'm not even being stubborn here, you just refuse to explain yourself. Not only do I have no reason to care what you think, I don't even know what you think, except for "You're wrong." I've said it before and I'll say it again: Why bother to write a reply at all if you're not going to say anything meaningful? I can't even say your argument is ill-formed because you simply haven't made any such thing at all.

I honestly don't know what you're asking me to do here. You show up and say "Nuh uh you're wrong" and I say "Why?" and you say "I can't believe how stubborn you're being!"

What the fuck?

Like the one example you cited is an instance where even on a console this control-based paradigm didn't work, and your only conclusion was that this obviously means you need to control even more stuff, instead of even considering other approaches. It's a real "When your only tool is a hammer" type scenario far as I can tell

My days of thinking AAA gamedev must be a terrible culture in which to make software are certainly coming to a middle. This has downregulated my willingness to take "I'm an experienced gamedev" as an argument for epistemic authority in the future