Anticheat without malware has been around for ages: simply don't trust the client. Even Minecraft servers manage it.
Instead of playing a constant game of cat-and-mouse trying to prevent forbidden code from running when you can just plug in a USB rubber ducky, put the logic server-side. Ban problematic behaviour, as opposed to methods that might result in problematic behaviour. It takes some ingenuity, but what are gamedevs known for if not ingenuity? (Well, apart from withstanding abusive working environments for long enough that they can be profitably discarded, traumatised, after they can no longer function as effectively as a green new intern… but let's focus on the ingenuity.)
As a Minecraft server operator, I can tell you there are plenty of client-side cheats that are hard to stop server-side. Also many players end up complaining about false positives typically caused by movement errors from internet lag on their end.
Also, all these anti-cheat methods are not supported by Mojang but are third-party plugins. Stock Minecraft Server hardly tries to prevent many of the hacks.
> Stock Minecraft Server hardly tries to prevent many of the hacks.
It would require stuff like server-side chunk culling, which doesn't jibe with the way Minecraft is designed. However, there's nothing stopping a new game from being designed like that.
I named Minecraft because it's fundamentally flawed for server-side anti-cheat (you're limited by a client that requires a lot of theoretically-unnecessary information, and doesn't send enough requests for you to provide this lazily), and people manage to catch enough cheating to keep things fun for everyone else. If you control both the server and the client, you don't really have much of an excuse.
> However, there's nothing stopping a new game from being designed like that.
Modern games do network culling. UE4 supports it out of the box. The _millisecond_ that information is replicated to the client, (which has to be before the client views it on screen to allow for hardware latency), a cheat will have access to it and will be able to act on that information. Even if you have the fastest monitor known to man, and no rendering buffering there's 6ms before you can draw the player on screen, or 1ms to poll your mouse/gamepad, so the cheat wins.
So don't let clients react on information until 8ms after they get it? If it's a game where you can't do that, collect probabilistic evidence on players until you have a lot of evidence that a player is cheating, and add them to the “we'll ban later, but let's mitigate the damage for now” list.
Cheating players are statistically distinguishable from really good non-cheating players most of the time – and when they're not, we're at the level of cheating where it's unlikely your anti-cheat will help, because they'd just fork out the €50 for cheating hardware.
> So don't let clients react on information until 8ms after they get it?
This just delays the problem by 8ms - you still have all the same problems, except you've introduced 8ms latency. The cheats are still perfectly accurate, and are responding to perfect information. If you could only delay the information to the cheat, then you wouldn't need to do any of this because you could reliably just boot out the cheaters.
> ollect probabilistic evidence on players until you have a lot of evidence that a player is cheating, and add them to the “we'll ban later, but let's mitigate the damage for now” list.
That's what anticheat providers already do already, and yet we still have that problem.
> We're at the level of cheating where it's unlikely your anti-cheat will help, because they'd just fork out the €50 for cheating hardware.
Hard disagree here.
1) if you have an algorithm which can statistally distinguish cheating players from non-cheating players enough of the time, I'm guessing you have an algorithm or model that you can point to that does that? Because as far as I'm aware, they _help_, but don't fix.
2) People aren't forking out for dedicated hardware to spoof mice en masee, but they _are_ forking out for kernel level cheats to bypass the userland detection.
Aimbots need no trust from the server. As long as the client knows things the player doesn't, and there isn't a chain of custody from the physical mouse to the server, you can cheat.
Why would a client need to know of such things? If the player can't / shouldn't know of something, then the client shouldn't either.
There are some interesting repercussions of this train of thought though. Take an enemy hiding in brush in an FPS game. The player would have line of sight to their hiding spot, and current games (I think) just leave it to the player's eyeballs' ability to see them through the brush. That's kinda cool in that it raises the skill ceiling and it's obviously immersive.
However, there's a whole host of reasons it's bad. First, there's the aim bots and other cheating it allows for. Second, what if the player has bad eyesight? So there's an accessibility issue there. Third, you get people doing a... lighter form of cheating where they turn their graphics settings down to the lowest setting (sometimes even editing INI files to lower them down below what is possible via the GUI) that would lower foliage quality, making it easier to see the enemy. Probably some other things too.
There are perhaps many interesting ways to fix this. D&D has their own way with random chance, but I can see players of skill-based scoffing at this, and I don't blame them. But I feel the current approach is lazy game design, and perhaps something interesting could be thought up.
because the alternative is server-side rendering of every frame, which would introduce unacceptable latency to input and also likely significantly reduce graphical detail, given the existing huge investments in consumer rendering hardware that have not yet been duplicated serverside
google stadia exists. nobody playing competitively uses it, and that's exactly the demographic that cares the most about anti-cheat
and, it still doesn't prevent computer-assisted input
Speaking as an avid Stadia user, I think this has a lot more to do with Stadia's library being garbage compared to the non-Stadia options. I can't imagine a reason an e-sport pro would want to go from the entire competitive ecosystem as a choice to just what's on Stadia. Even for casually competitive players, there's a massive lack of mainstream competitive titles on Stadia. Maybe the latency input is the problem but it seems like a big assumption with how miniscule the library is.
I'm very much a competitive fps player, i have low latency to the closest stadia server and I'll tell you: It's absolutely unplayable for me due to the input lag. I'm normally in top 1-2% and on stadia I'm closer to top 30% it's a huge difference.
I think you misunderstood my post, and considering the surprising number of downvotes on it, I wonder if others did too?
Can you explain further though? I don't understand your case. It sounds like an aimbot, which is what would be prevented by not sending the client more info than is needed.
The thing about aim bots is that they're quicker than you and they don't make mistakes. A monitor and a rendering engine will introduce up to 3-5 frames of latency (double buffering, refresh rates). Your client likely has the next 1-3 frames of data ready to go so it can do client side prediction/interpolation/smoothing, which means the cheat has access to that data. All of the data that's required to make modern games look and _feel_ good is the data you're talking about throwing away here
I guess it is the case where the info begs to the player, the player reaction time is in tens or hundreds of milliseconds (time to render the image, display it on the screen, player to see, move the mouse to aim and shoot) versus an aimbot that does not need to wait and can react in a few milliseconds. This is cheating if the cheater's aimbot is using an advantage normal players don't have (unless everyone is using aimbots and this is no longer a human-played game but a bot game).
Alternatively, you could provide the geometry without providing the semantic information. I'm not sure how viable that is, but it'd make aim-bots a bit harder.
> First, there's the aim bots and other cheating it allows for.
You can make an aim bot by connecting the output of your monitor to a hardware-emulated mouse. Unless the server can detect this, kernel-level anticheat is building a really tall wall with the door unlocked. (If it worked I wouldn't object so much.)
> Alternatively, you could provide the geometry without providing the semantic information.
Yes - cloud rendering. It's _a_ solution but comes with tradeoffs. Namely, it introduces large amounts of latency, and costs a dumpster truck of money.
> You can make an aim bot by connecting the output of your monitor to a hardware-emulated mouse.
Anticheat is a cat and mouse game, and raising the barrier to entry improves the experience no end. There's a _big_ difference between downloading and running an exectuable, and buying specialist hardware to cheat at a game.
Only a very small part of the rendering needs to be done on the server; notably, the camera could still move, and the client could still make the usual heuristic predictions about where things are, so it wouldn't feel laggy.
> and buying specialist hardware
If you have a streaming rig, you already have nearly all the hardware. Just add a Raspberry Pi Zero or something, and you're good to go. (But yes, the barrier-to-cheat is still higher… at the cost of also increasing the barrier-to-play-at-all.)
> Only a very small part of the rendering needs to be done on the server; notably, the camera could still move, and the client could still make the usual heuristic predictions about where things are, so it wouldn't feel laggy.
This is just nonsense.
The data that the client uses to make those heuristic predictions is the same data the cheats, so once you send that extra data over you've undone the benefit of not sending the client any extra info it needs, _plus_ youve added an intermediate network hop for your remote rendering, _and_ you've now required that your game has essentially a hardware DRM in the remote computer that you're rendering.
> If you have a streaming rig, you already have nearly all the hardware. Just add a Raspberry Pi Zero or something, and you're good to go.
The number of people out there who are spending thousands of dollars on secondary rigs to hook up emulated mice via a raspberry pi to run custom cheats has got to br vanishingly close to 0 for even biggest games in the world. Given that _these_ are the measures youre suggesting to bypass the anticheat, it sounds like they've sufficiently raised the bar to me.
When people writing AI driven hardware mice is a common cheat vector let's talk, but right now the cheat vector is people running cheats installed inside the kernel.
> plus youve added an intermediate network hop for your remote rendering
I never said anything about an intermediate network hop. It's not that expensive to cull a few tris, diff the geometry and then send it – especially if you can compress the information, which you can, because you control the client and server. (In fact, you likely don't even need to go down to the tri level to get the effect; all you need to do is turn locating obscured players into a computer vision problem.)
I don't know where this “intermediate network hop” comes from.
> spending thousands of dollars on secondary rigs
Think €60. An HDMI splitter, a USB HDMI capture card, a Raspberry Pi and a USB cable. Not that expensive.
> but right now the cheat vector is people running cheats installed inside the kernel.
It's functionally equivalent. Your “anticheat” is taking control of other people's computers, stopping a lot of people from being able to play the game entirely, because it was easier for the developers.
Thanks for a wikipedia article on networkiong basics. Believe it or not, I do have some experience in this area, I've worked on networked games on physics and gameplay for almost 10 years. The information you use to extrapolate (position + velocity) is the same information a cheat is going to use. If you have enough information to draw _a_ thing on screen, a cheat has enough information to say "fire at that thing".
> It's not that expensive to cull a few tris, diff the geometry and then send it
Multiplayer games are doing this aggressively already. This is an out of the box feature in UE4 and Unity. The second the client gets this information, the cheat has the information too.
> all you need to do is turn locating obscured players into a computer vision problem.
> I don't know where this “intermediate network hop” comes from.
You either send the positions to the client, along with an association for what it belongs to, or you render the _entire_ scene on a remote "client", which means streaming the video back to the end users device. The video streaming introduces an extra hop on the network as you now need to go from end user to streamed client to server, rather than end user to server. If you don't render the whole thing, at some point the client gets sent the information that it needs, and the cheat has it.
> An HDMI splitter, a USB HDMI capture card, a Raspberry Pi and a USB cable. Not that expensive.
Apolgoies, when you mentioned a "streaming rig", I thought you were talking about having a secondary gaming PC hooked up. Just because it's _theoretically_ possible doesn't mean it's actually happening though.
> It's functionally equivalent.
I fundamentally disagree. One of these (kernel level cheats) are readily being sold on the internet, available to anyone with a debit card/paypal/btc and a computer, and the other requires dedicated hardware, along with the knowledge of how to write these cheats in the first place.
> stopping a lot of people from being able to play the game entirely, because it was easier for the developers.
The numbers of people who are legitimately stopped from being able to play the game entirely are very small, but those people do exist, and it sucks for them. Your blame of `it's easier for "the developers"` however is untrue. It's not because it's easier, it's because (at least right now) it's necessary.
And how server-side detection of aimbot can look like? If the latter is not written by a retard, you're very quickly down to statistical detection. Which is also cat-and-mouse, but the cat is crippled.
