[kbolino]

Well, some of them are smart enough not to immediately log back in and spam "I'm the guy you just banned! Ban me again!" in global chat. And the admins, even paid ones working for big corporations, have finite patience and time.

Detecting cheating is not always trivial. Cheat bans often have to happen in waves rather than immediately in order to frustrate the cheaters and obfuscate how they were detected.

Sure, the cheater will eventually run out of IPs. But you might as well save both yourself and the cheaters some time and hassle and just add 0.0.0.0/0 and [::]/0 to your IP banlist right now. You will effectively end up with the same result if you're willing to chase every cheater across the address spectrum.

Spot IP bans aren't totally worthless but they're probably the least effective of the techniques I mentioned.

[stoltzmann]

>And the admins, even paid ones working for big corporations, have finite patience and time.

We're talking community servers here, not corporate ones.

>Sure, the cheater will eventually run out of IPs. But you might as well save both yourself and the cheaters some time and hassle and just add 0.0.0.0/0 and [::]/0 to your IP banlist right now. You will effectively end up with the same result if you're willing to chase every cheater across the address spectrum.

It's not going to end up with 0/0 as the final result. You're assuming that almost any address is available to the cheaters, but that's simply not true. By blocking datacenter IP ranges and Tor exit nodes, you've stopped most of the ways cheaters can easily change their IPs.

You ban their own home IP address, and what are their options? 1. They get a VPN and don't make it through because that IP is already blocked. 2. They hope their ISP allocates a random IP from a range, so if that works they come back and they instead get a range ban. 3. They get a residential VPN and start burning through those precious IPs.

You don't have to chase cheaters if you're running a server. You ban them once or twice and call it a day.

[kbolino]

No, we're talking about games with invasive anti-cheating mechanisms.

The proposed alternative was to just have "community servers where cheaters get banned" -- and I responded specifically to the "cheaters get banned" part. Yeah, if you could just ban cheaters forever, all would be well! But you can't, not at scale and not forever, at least. It's an ongoing, sizable problem.

You talk about "once or twice [...] a day" when the reality for major games is more like thousands of cheaters each trying thousands of times.

A lot of things that work just fine for small groups and niche interests utterly fail to scale to large groups and popular interests. When your scope of vision is the entire game--like it would be for the company making the game--something like "just have the cheaters go bother a different set of players each time they get banned from one server" is not a solution. In fact, it's a terrible practice that could destroy the reputation of your game.

Of course, community servers exist and work fine for many (esp. niche/older) games. Also, invasive anti-cheat gets applied even to some games where it's not really needed, and sometimes gets conflated (whether by players or game companies) with invasive DRM. However, the majority of games that have invasive anti-cheat requirements cannot simply remove the requirement, pass off the company's (usually paid!) moderation duties to a bunch of volunteers, and call it a day. Though, that may be an acceptable thing to do at the end of the game's ordinary life, instead of just shutting it down.

[Spunkie]

    > However, the majority of games that have invasive anti-cheat requirements cannot simply remove the requirement, pass off the company's (usually paid!) moderation duties to a bunch of volunteers, and call it a day.

Bull, they 100% absolutely can do that and their communities would be better off.

   > Yeah, if you could just ban cheaters forever, all would be well!

Again the only reason you think this is even necessary is because of giant corporate servers where players have very little to no control over who they play with.

I used to fund, run, and moderate private/community server across many many games. I can tell you from experience, being able to ban someone for even just 5-10 minutes is more than enough to send 99.5% of hackers fleeing to another unmodderated server, aka leaving your server, players, and friends alone to have hacker free fun.