The fact that companies think client side anti cheat is a good idea is so insane. Maybe try designing your server better instead of blaming the operating system for not letting you control your users
this post was submitted on 31 Oct 2024
413 points (99.8% liked)
Linux Gaming
15335 readers
1 users here now
Discussions and news about gaming on the GNU/Linux family of operating systems (including the Steam Deck). Potentially a $HOME away from home for disgruntled /r/linux_gaming denizens of the redditarian demesne.
This page can be subscribed to via RSS.
Original /r/linux_gaming pengwing by uoou.
Resources
WWW:
Discord:
IRC:
Matrix:
Telegram:
founded 1 year ago
MODERATORS
Genuinely curious, because this isn't my area of expertise, but how do you design a server to be "better" if it has to trust data from a remote client?
Example, if the client is compromised - because as they've said, they have no way to "attest" that the kernel is not compromised - how would the server know any better?
If my Apex client tells the server I got a perfect headshot, how would the server know I didn't fake the data? Is there a real answer to this problem or are we just wishing they come up with an impossible solution?
My general understanding is that EA is 100% correct. Now, on the other hand, maybe the should just limit plays between Linux <-> Linux so people can at least still enjoy the game (I'm moving to Linux soon so I'll basically no longer be able to play the game, which is, as my primary gaming addiction, a huge loss I'm willing to take).
There's compromises EA could take, but I think the Linux market share is just too small for them to care to spend any resources - even though they're raking in billions (~$3.4 Billion) and could spare a few resources to find a good middle ground. Capitalism at it's finest.
How do they know you haven't trained an AI to get headshots? The cheats often break the bounds of what is realistic in games, whether it is allowing you to see through walls (server shouldn't be sending enemy positions that aren't in view), going too fast (server should speed check pplayer positions), getting items they shouldn't have (server should do inventory sanity checks), etc. Other than that, look for signs of automated movement/things unrealistically precise for a human to do. Eventually the cheating will just be moved to a separate air gapped computer running AI on the video feed. Client side is an invasive, broken, and malicious concept.
Just tracking trended data in general would be sufficient to defeat a LARGE number of common cheats. One of the very few use cases "AI" might actually work for in a positive way. But that puts the burden on the developers and server hosters, and it's much easier to just burden the players directly instead.
I'm fairly confident that developers already do this. When the "ban hammer" comes down it is probably after analysing data trends for players.
load more comments
(1 replies)
load more comments
(1 replies)
Servers often don't send player data that is outside of the immediate area of the player, but they have to for enemies that are nearby. If they walk around the corner and your client didn't know about it, then you'll be waiting for your ping time to even render the enemy. I.e. they walk around the corner and already shot you, then you see them suddenly appear a full players width away from the corner, and you die. Aka peekers advantage amplified.
Same deal with footstep sounds, bullet tracers, a player's shadow, etc. Your client needs to know where all this is coming from and it can't do that if it doesn't know the enemy exists and where. And that is a buffer zone for hackers to derive wall hacks from.
So basically, the overwhelming majority of servers do do all those things, since the late 90's. Hacks tend to work within those bounds. The most common, impactful and hard to detect cheats are based on providing perfect mechanical inputs. Aka aim hacks. Nothing about limiting info from the server can prevent that unless you also want the legitimate player to be unable to see their enemies.
load more comments
(2 replies)
load more comments
(3 replies)
Your core premise is broken. Relying on trusting anything from a remote client cannot possibly result in a fair game.
load more comments
(17 replies)
If my Apex client tells the server I got a perfect headshot, how would the server know I didn't fake the data?
Any game that works like that is fundamentally flawed and AC is nothing but an attempt at a cheap bandaid at best.
The client should be doing nothing but rendering and sending player actions to the server and the server should be managing the game state as well as running its checks on those actions. And when one client sends actuons that are weird and doesn't line up with it's internal game state it should kick the client immediately always deferring to what ITS game state is telling it, not the client.
The cheat in this case would send legitimate actions. Like maybe you, the human, would have missed the headshot, but your cheat corrected to the inputs that would have landed one.
load more comments
(1 replies)
Genuinely curious, because this isn't my area of expertise, but how do you design a server to be "better" if it has to trust data from a remote client?
Check the data on the server ("oh no, incredibly expensive"). Don't give any data to the client it doesn't need, like enemies around the corner ("oh no, now my game is so very laggy because caching and future position assumption just became impossible")
Example, if the client is compromised - because as they've said, they have no way to "attest" that the kernel is not compromised - how would the server know any better?
Now the server doesn't need to care. There's input? Validate and use it.
If my Apex client tells the server I got a perfect headshot, how would the server know I didn't fake the data? Is there a real answer to this problem or are we just wishing they come up with an impossible solution?
Now the client can go pound sand. Server decides if it's a headshot. Client only sends coordinates of origin and target. Lag? Sucks to be you, with or without cheat.
My general understanding is that EA is 100% correct. Now, on the other hand, maybe the should just limit plays between Linux <-> Linux so people can at least still enjoy the game
That would only create more work for the developers, all for the defacto expulsion of Linux users (Way less players at all times). The best course of action here would be the actual expulsion of Linux users. Also, EA is at most 25% correct. (Not a rational argument, I just very much dislike them)
(I'm moving to Linux soon so I'll basically no longer be able to play the game, which is, as my primary gaming addiction, a huge loss I'm willing to take).
Damn, sorry to hear that. It's always bad to leave something one knows because something's become unbearable. I wish you best of luck on your journey! (I'm assuming a lot, but why else would you switch despite your choice of use of free time?)
There's compromises EA could take, but I think the Linux market share is just too small for them to care to spend any resources - even though they're raking in billions (~$3.4 Billion) and could spare a few resources to find a good middle ground. Capitalism at it's finest.
On the other hand: I quite like it. It forces them to keep their grubby little hands from my kernel.
I do not like anything anti cheat. But I also don't really like cheaters, especially in online games, so anti cheat could be tolerated. The only thing is: nothing trumps my systems integrity. Definitely not online player satisfaction.
The server already determines if a shot's valid or not though. Once a client receives information on where the enemy is at, then the client can send message to the server that they are shooting exactly at that location.
load more comments
(1 replies)
load more comments
(1 replies)
The fact that this thoughtful comment was downvoted, while the computer illiterate reply was upvoted, speaks to the hive mind on this ~~subreddit~~. We all detest EA, but this guy has a legitimate point.
load more comments
(8 replies)
load more comments
(13 replies)
Aside from better server side detection, which is I agree is severely underdeveloped, I'd say that the next big step should be a much bigger reliance on reputation-based matchmaking, ideally across games. It would need to be built in a way that's not abusable by devs or trolls and should be as privacy-respecting as much as possible (as in, not having to validate with your ID South-Korean style), which isn't an easy task. Working properly however, it would keep honest players from seeing any cheaters at all with no client-side anticheat required at all, which would be nice.
Careful what you wish for because the next step after killing physical is cloud gaming only.
load more comments
(1 replies)
Just a reminder you can add a publisher to your steam ignore list such as EA or Ubisoft.
Edit: This video shows how
Wtf. I did not know this. Thx
load more comments
(1 replies)
Fuck EA
I've been praying for an Open source Apex clone that can be self-hosted. A man can dream.
load more comments
(6 replies)
If you accidentally ban linux users in three[1] different[2] banwaves[3], then linux was only halfway supported in the first place, even if they overturned (almost) all of those bans.
I think the real reason they did it was EA's financial situation. Since money is tight, the amount of resources they were willing to put into real linux anti-cheat probably dropped to "none at all," and now we're here. Otherwise other cheater-prone games like Counter Strike, Overwatch, Halo, The Finals, DayZ, Hunt Showdown, etc would have probably dropped/blocked linux by now too.
load more comments
(2 replies)
GET THAT REFUND!
NO TUX, NO BUX
you gotta contact EA about it, and something's telling me they're just going to quote some part of their ToC telling us to get fucked.
alright then flood them CC charge backs, let them explaining to their payment processor why everybody decided to do this all at the same time ;)
load more comments
(15 replies)
Cool, fuck EA.
This must be the drastic change to increase monetization they were talking about just yesterday.
K bye.
Who am I kidding? I never bothered with that crap.
Is this not the game I saw an article about like yesterday saying EA had missed revenue forecasts and EA stated a major overhaul is needed?
I guess step one is to restrict the player base more.
Classic "the beatings will continue until morale improves" corporate energy.
Someone did the math on Twitter.
There is about 2900 Linux gamers playing Apex.
So even if 100% of Linux gamers cheated it could in no way be the majority.
What I think happened is the dev team struggled to solve the problem so they used Linux as a scapegoat when leadership came down on them.
This sounds likely. Unfortunately, when the problem doesn't go away a few months from now, it's not like they'll reenable Linux support...
Does this have anything to do with the other Steam related headline I read in a post earlier: " Games now have to disclose kernel level anticheat on steam?"
It is nice timing but I believe apex is already well known for its anticheat so they wouldnt be disclosing whats not already known
load more comments
(2 replies)
Lame. :/ Guess I'm changing my review then.
How much fucking harder/extra work is it to maintain a Linux version of something? God damn, I don't even really use Linux outside of servers and I still think it's bullshit how little support it gets because it's like a Catch 22. Nobody works on it because nobody uses it; but nobody uses it because nobody works on it! (For gaming, anyway)
It's amazing how much actual change this one piece of hardware has done to bolster Linux's share of things, but it's still also just kind of a drop in the bucket.
load more comments
(1 replies)
This is really going to validate the anti-Steamdeck/anti-Linux gamers. It shouldn't.
"You can't play shitty MMO Battle Royale games if you're on a Linux PC!"
Fucking good. That's a feature.
It's also keeping people from even considering linux for gaming so I don't share your sentiment. Like it or not, these games are insanely popular. My gaming buddies won't even think of switching to linux until 100% of the games they play are working on it, and that include "shitty MMO Battle Royale" I'm sorry to say.
You need an internet break.
load more comments
(3 replies)
Well, I'm happy in a way i can't go back in it...
F. Them
They just can't stop killing this game, the last few updates have been dog shit and now they do this.
view more: next ›