Rockstar Games’ servers have been under heavy fire from massive DDoS attacks in recent days, causing widespread login and connectivity issues for players of GTA Online. These attacks come in the wake of Rockstar’s recent implementation of BattlEye, a new anti-cheat system designed to crack down on in-game cheating, sparking backlash from a segment of the player base. Protesters, unhappy with the new system, have resorted to using distributed denial-of-service (DDoS) attacks to disrupt the servers, escalating tensions between the gaming giant and its community.
What if the cheat runs in the kernel? I am also against these extremely invasive anti-cheat measures, but it must be clear to everyone that the cheat developers and users have no qualms about this.
A user level AC can do shit all against that if the cheat runs in ring 0.
A) They can actually invest in server-side detection
B) Cheats running at ring0 aren’t invisible, unkillable maybe, but AC just needs to detect to ban/kick user
There’s no excuse for kernel AC, it’s just a cheap, lazy shortcut
Every rootkit ever disagrees with that statement.
I’m not deep enough in the topic to be able to judge this, but i would guess the needed extra hardware is simple not worth it. especially in games with many players or complex physics i would guess that could lead to considerable load on the servers.
Plus, server side is not able to catch things the client manipulates on his side. e.g. graphical data to make walls transparent. The server could at most catch the player abusing this knowledge, but if he is smart about it, the server has no way to ever notice.
Clarification, to the game client, the cheat has to interact with the actual game process at some point. Rootkits try to interact with other processes as little as possible until instructed otherwise
Nope, the servers are already beefed up to just handle the players and physics as-is, adding detection routines to determine “Hey, this player is flying 100s of feet in the air and there’s no flying in this game” would be like a drop in the bucket
Do you realize how much cheating just some server-side checks would cut down? The most egregious ones are the ones people complain about, and hate, the most. The ones who instakill you or fling you far above the map or shoves you underground. The “smart ones” can be taken care of manually based on reports.
There will never ever be a 100% cheat proof game kernel AC or not. Nothing is unhackable.
It’s all about doing it as cheaply as possible and offloading to a third party to handle so they can wash their hands
You would also think that Rockstar would want to stop those kinds of cheats just for greedy reasons. If there is some kind of ultra-powerful flying saucer item available, it’s probably something that they sell to players for money. At the very least, when someone spawns something like that, check to see if their account purchased it.
So much of the rest of the stuff could be handled using heuristics. The average player gets X headshots an hour, this player is in the 99.9th percentile. Maybe they’re just very good, but let’s flag that account and see if there’s anything else suspicious about their playing. That’s the thing about an MMO, you have vast amounts of data about players so there’s a lot of stuff you can use to see if something is normal.
I guess if they’re not doing it they’ve done some business calculations and decided that investing $X in techniques to ban cheaters won’t result in at least $X more in revenue from happy players who want to play more now that the cheating has been reduced. I wouldn’t be surprised if they’re counting on making money off the cheaters somehow – maybe they periodically do get detected and banned and have to buy a new copy of the game. So, the math now says you don’t want to be too aggressive about the cheaters because they’re a good, reliable source of revenue.