| ▲ | ButlerianJihad a day ago |
| > The whole cheats paradigm You are limited in envisioning a game where the client device is being trusted for ground truth about the game. In client-server models, it is possible to limit trust such that many cheat modes and methods are impossible. Furthermore is the “remote GPU streaming” model like Stadia, which nearly obsoletes conventional techno-cheating, and likewise obsoletes kernel-mode anti-cheat. |
|
| ▲ | jjmarr a day ago | parent | next [-] |
| You can buy an autoclicking device or software that recognizes screen pixels of enemy avatars and instantly clicks to kill them. This works in "remote streaming" situations and is ~30% of the cheating dataset detected by Riot's kernel level anticheat: https://www.riotgames.com/en/news/vanguard-on-demand > A “pixelbot” is a computer vision cheat that injects player input for the purposes of aiming at heads or casting spells with perfect timing. Coming in “external” (hardware microcontroller) and “internal” (python script) varieties, pixelbots can be extremely impactful in VALORANT due to the low time-to-kill, sometimes just simply pulling the trigger for the cheater when an enemy enters their reticle (also known as a “triggerbot”). |
| |
| ▲ | iscoelho a day ago | parent | next [-] | | This isn't possible in Valorant. Their kernel module is extremely particular about input devices: 1) only allows a single mouse input device at a time 2) completely ignores virtual mouse input 3) flags "special"/"uncommon" input devices Their anti-cheat is actually much more involved and effective than most would assume. | | |
| ▲ | Hikikomori a day ago | parent [-] | | Websites that sell DMA devices also sell devices that merge mouse usb and hdmi signals that allows you to run the cheat on another machine and let it display en ESP overlay and do aimbot. It's likely that a naive implementation of such an usb device would be detected. But can you create such a device that uses a normal mouse usb driver and looks like a normal mouse? | | |
| ▲ | iscoelho a day ago | parent [-] | | At least in Valorant, DMA is becoming impossible due to IOMMU / Memory Integrity enforcement. The only option is becoming pixel bots. As for faking the input device: I'm sure it's possible, but I'm also sure that perfectly spoofing an input device is much easier said than done. Even if it is possible, all they have to do is make it hard enough to where the percentage of players cheating is at the point where you will rarely if ever encounter a cheater in your matches. As far as I'm aware, Valorant is one of the only games that has accomplished that. |
|
| |
| ▲ | pona-a a day ago | parent | prev [-] | | But really, if HID becomes suspect too, then why do you even need kernel level anti-cheat, if all you can do is behavioral detection? | | |
| ▲ | ChocolateGod a day ago | parent [-] | | If you're in the kernel you at least have raw access to the USB controller and input events, thus can try pick out real mouses from fake ones. | | |
| ▲ | pona-a 19 hours ago | parent [-] | | If the point of those events is to be registered by the game program, you already have all the data you need, otherwise you're building a keylogger. The most the kernel can try to tell you is what's plugged in, but the cheater can easily make the fake HID interposed between the real keyboard and USB. |
|
|
|
|
| ▲ | glitchc 18 hours ago | parent | prev | next [-] |
| User input is always sourced at the client device. There is no other source of truth, therefore any hacks that manipulate input will not be detected server-side. Additionally, using only the server state gives a distinct advantage to the better/faster connection. This was true in Quake 2, but games have become a great deal more sophisticated since then. |
|
| ▲ | Hikikomori a day ago | parent | prev [-] |
| Aimbot will always be possible, it only uses what you see. ESP/wallhack can be somewhat curbed and has already been done in cs and valorant, but it really only works well with small player count and simple geometry maps. Stadia is dead, but it and geforce now had way too much delay to be enjoyable for competitive games where anti cheats are needed. |
| |
| ▲ | iscoelho a day ago | parent [-] | | Aimbot is actually very solvable! 1) When DMA is fully blocked, Aimbot resorts to being a pixel bot. 2) Once you're relying on a pixel bot, all the anti-cheat has to do is "bait" the bot. After you click the bait a few times, you're banned. (: RuneScape is actually the pioneer of this technique. | | |
| ▲ | myrmidon 18 hours ago | parent [-] | | Baiting alone is not a reliable long-term solution, because it both interferes with competitive games (a lot) and because it requires you to basically stay on top of a captcha escalation (especially once cheaters limit themselves to "realistic" reaction time constraints), and this is a bad position to be in (because it means continuous effort for the developer). The most helpful approach in my view is to make fresh accounts expensive for cheaters so they can't iterate easily; if the game developer can extract profit from such ban circumvention attempts then all the better. | | |
| ▲ | iscoelho 9 hours ago | parent [-] | | You'd be surprised to know that this strategy works quite well! Pixel bots require a hardware fake display when faced with kernel anti-cheat. They also depend on color/pattern recognition, as AI is not yet capable of operating at the frame rates required for competitive games. That allows the bait to be seen by a bot, but invisible to the eye. If you are successfully baited and detected, you also get HWID banned, so it only takes once. This makes cheating via pixel bot unviable. On the contrary, DMA is so desired because it eliminates this risk. |
|
|
|