410 comments

[ 3.3 ms ] story [ 341 ms ] thread
I wonder if Riot would consider building the scripting UI they show into some kind of training mode. It's a bit like the argument that no one would pirate if they content was easy to get for a reasonable price.

If players could train with the spell range circles, skill shot path projection, last hit helpers, etc in a sanctioned way, I wonder how much this would remove the desire to seek out the cheating programs.

Edit: I see they have a "training mode" already: https://na.leagueoflegends.com/en/news/game-updates/features...

> I wonder if Riot would consider building the scripting UI they show into some kind of training mode.

The game would probably be more vulnerable then, because now you have "cheat" scripts designed to work with the game.

> If players could train with the spell range circles, skill shot path projection, last hit helpers, etc in a sanctioned way, I wonder how much this would remove the desire to seek out the cheating programs.

People who cheat aren't trying to practice; they're trying to win games. There already exists a "practice mode" which lowers cooldowns and shows tower ranges. And it doesn't make sense to practice with cheats because it won't help you play the game without cheats very much.

>The game would probably be more vulnerable then, because now you have "cheat" scripts designed to work with the game.

That's possible. For example, World of Warships is a game where you fire big ship-mounted guns and must learn to take shell travel time and target relative velocity into account to hit moving targets. There used to be a cheat which did those calculations for you and showed you a reticle you could aim at instead. IIRC this cheat relied on code that existed within the game already and was just not used.

So basically the same reasons real warships developed rangekeepers resulted in a game targeting computer? :)
Dota has this as well.
Dota 2. And Valve made 2 big swings of banhammer for using addons which implemented that (turret ranges to be precise) and model change for trees to become mushrooms (sound silly, but that way the path between them is easier to see).
"I wonder if Riot would consider building the scripting UI they show into some kind of training mode. It's a bit like the argument that no one would pirate if they content was easy to get for a reasonable price."

Well, much like that argument being bunk, the idea that no one would cheat if it was for this is also bunk. People like getting stuff for free if they can, and people like winning, even if it means cheating.

This is a great technical breakdown of some modern high level approaches to common cheats. I think this the most transparent approach (even though the author admits leaving some detail out) to modern anti-cheat for massive multiplayer games. Good on riot for having an open dialogue about this. I don't think you'd ever see someone like Valve going a transparent route with something like this. (Not making a judgement on that decision, just an observation).
Is this really open dialogue? Correct me if I'm wrong, but basically all of the methods that they mentioned are pretty standard stuff. They had a few interesting twists on these ideas, but in general, things like source code encryption and shuffling memory locations seem pretty basic.
if you are familiar enough with the subject matter everything will seem basic.
Well I have to agree with op. Encryption and obfuscation started with early copy protection systems, even packers like upx offered that iirc. Measurements against memory manipulation have also been around for a while, I encountered them the first time when I tried cheating money in rollercoaster tycoon in 99 or whenever that came out. Obfuscating the network protocol actually seems more of a novelty than those two things.
Most anti-cheat methods stop working once the details are known. As someone else mentioned, there was a talk at GDC this year about one of their anti-cheat systems. The talk got into a lot of detail about how this particular system worked.
(comment deleted)
Because they all do the same so there is no need to share that. Riot is a recent studio, other studios have been doing that for years. As for transparent approach I'm not sure what you're referring to, players don't need to know that kind of things, there is no benefit sharing that to the public.
Fair context: I make cheats/utilities this exact game being talked about in this article, so perhaps my opinion on the subject is biased or even invalid.

I partially disagree about the transparency of this article, while they do explain most of their approach to anti-cheat (and that is pretty cool for them to do), they seem to leave out any mention of anything that could be controversial.

It suppose that it does make sense to not mention the implementation details of their anti-cheat, but I wish that they would be a little more transparent about how/when/what they snoop around and send to their servers. The current Mac game client for League Of Legends contains full debug symbols and it doesn't have Packman (the packer described in this article), which makes it quite easy to look through the symbols. Inside you can find all of the anti-cheat-related network packets, in specific:

PKT_C2S_EnumDrivers PKT_C2S_EnumProcesses PKT_C2S_EnumDrives PKT_C2S_EnumHandles PKT_C2S_EnumRecentFiles PKT_C2S_EnumModules PKT_C2S_ProcessorData PKT_C2S_SystemState PKT_C2S_ModuleLoadNotification PKT_S2C_SendModule PKT_C2S_ModuleResponse

Now, I personally expect anti-cheat to snoop around my system when I'm doing something shady like scanning its memory. However, if I was a normal user of the game, I would be a bit concerned to know that it might be sending my recently used file names, drive names, system driver names, currently running processes, processor information, system state, and even entire binary files that it automatically deems as "suspicious", to their servers.

Do you know if process information contains command-line information? Because that could totally contain someone's credentials...
Which is precisely why it is an antipattern for any program to pass it accept credentials as command line arguments.
I wasn't endorsing the practice.
Wouldn't that run afoul of GDPR?
The anticheat team at a videogame company might not know/care about this. This has definitely been the case with past European data privacy regulations.
Or it might be deemed reasonable. E.g. you may not film public road in the Netherlands because of privacy, but you may film the patch that your car stands on it if there have been car fires in your neighbourhood in the past month and you are concerned about your car.
> you may not film public road in the Netherlands because of privacy

So does this effectively make dash-cams illegal?

License plates contain personal data.
Not necessarily. GDPR isn't a blanket ban on collecting/using this info without consent, it's a policy that consent is required for non-essential collection/usage. You could argue that anti-cheat is essential for an online multiplayer game like this.

I think it's sketchy to collect this much info, but I don't think it's explicitly illegal.

It's a bit more complicated than that. You have to do a few things. First you have to tell the customer that you are collecting their data. Then you have to tell them under what lawful basis you are collecting their data. The user then has various rights (depending on the lawful basis you choose) to object, etc. If you must collect and use the data in order to fulfil the contract (i.e., there is no other way to do it -- for example you need to get their address in order to ship them a package), then you can just do it (as long as you tell them that you are doing it). For most other lawful bases, you have to allow them to object, in which case you have to stop using the data.

I think the real question is whether or not the information in question is personally identifiable information. If it's not, then GDPR doesn't apply. I think you could make a pretty strong argument that it doesn't apply, as long as you take pains to ensure that you can't identify the person from the information.

> I think you could make a pretty strong argument that it doesn't apply, as long as you take pains to ensure that you can't identify the person from the information.

That would entirely defeat the purpose of an anti-cheat system. You have to have some sort of personally identifiable information attached to the data being sent in to the server, otherwise how are you going to ban the cheaters? Even IP addresses are personal identifiers as far as the GDPR is concerned and even if they're not storing it long term, just sending the user data over the wire is enough to trigger the data collection portions of the GDPR.

Exactly this. The moment you send it via IP you have the IP address and therefore have PII data. And the moment you take screenshots you cannot not be sure what you collected.

This does go further beyond GDPR as it is imho an intrusion into the inner most personal space. I believe a German court of law would have a field day ripping this practice apart, if a case would be presented.

Esp. if they do not totally make it clear upfront what they are doing. In a way every layman is able to understand.

Instead of using an IP address to identify cheaters the game could assign a unique random generated ID to players. Then they could ban that id without using IP. I think this scheme complies with the GDPR if you take care of not binding that ID with other user personal information.
If you can identify a physical person with a unique identifier, it is PII according to GDPR, I believe.
You can apply a one way function to an IP to obtain an ID and then maintain a database of bad IDs. For example you could compute this ID by the SHA256(IP + secret salt). Since way one function don't allow you to recover the IP, the ID is not PII. If you detect an IP which has bad ID the connecting ban that IP from the game. I think this respect the GDPR, you don't maintain a list of IPs or any other PII.
I seriously doubt you'll be able to cheat the courts with silly tricks like this. SHA256 isn't any different from ROT13 here.
Any phone has enough computing power to just bruteforce a 32bit value in order to recover the original IPv4 address from a normal cryptographic hash in a practical timeframe.
The second you use this ID to tag data you're sending over to the servers, that ID could easily lose any claim to anonymity for the purpose of the GDPR because the anti-cheat system vacuums up a vast trove of information. All it takes is one email "Re: Claim for Your Local Psychiatrist Bob" or a document named "John Doe Jr - First Grade Book Report.docx" showing up in the titles of your open windows (that many anticheat systems send to a remote server) and boom, that ID and all of the data attached to it are now a radioactive liability.
> The current Mac game client for League Of Legends contains full debug symbols and it doesn't have Packman

Probably because the person writing these anti-cheating facilities isn't as aware of how to implement these on macOS.

Unlikely. More likely there's simply not a very large Mac player base for the game, as compared to Windows
>even entire binary files that it automatically deems as "suspicious", to their servers

If "deems as suspicious" means "whatever the server tells it to send" I would be very concerned.

How do they know you're not doing something shady if they don't actively scan...
Why do you think they have the right to know whether I'm doing something shady? Are they some kind of police? Did they get a warrant?
I don't expect software I use to scan my hard drives and exfiltrate data ("send samples") to their developers. That's exactly what malware does.

Companies just say it's for "security reasons" as if that somehow justified everything. When I read an anti-cheat software's privacy policy, I discovered it could scan my RAM, my files, take screenshots... They're basically trojans. It's not just game companies either. Banks here trick users into installing "security modules" that are actually kernel mode network monitors. I refuse to accept that.

These shady anti-cheating practices makes cheaters look good in comparison; similar to how copy protection measures make a genuine product inferior to the cracked version. If a hacker figures out the game's network protocol and writes his own client, he won't have to install a bunch of malware on his machine just to play the game. In my opinion, these developers are the real heroes.

So are you living out of that?
It's a good article but I'd hesitate to call this "modern"; this is circa-2006 AAA title security. Serious content protection is significantly more sophisticated than this.

(I'm not an expert but I've done some anti-cheating pentests before, and have seen literally all these primitives deployed on old titles).

Great writeup, and nice that they mention telemetry only once and work more with obfuscation than the usual process scanning, document scanning, blacklisting and reporting all back to shady servers, etc.

It's scary that one can easily get nasty anticheat software installed, even when playing only single player(!) games.

Buy Linux games on gog.com?
GOG should really be everyone’s first lookup when buying a game. They likely won’t have the new release you’re looking for, but when they do, you actually get the standalone executable.
League of Legends is an online-only multiplayer game.
I know, that's why I wrote about single player games. Many games have both and the telemetry for anti cheating is not needed for single player.
If you're talking about DRM like Denuvo, that's something else entirely.
I'd say there are very reasonable parallels between DRM and on client anti-cheat technology.

I mean, at it's most base, both technologies are there to subvert the owners wishes. Arduous people like me find such subversion to be unethical.

Not that I don't see the practicality, mind.

I don't see trying to ensure a fair playing field for all involved is unethical.
I feel like the industry would be better off being transparent about anti-cheat strategies and maybe even embracing open-source. Protecting "secret sauce" is basically admitting their anti-cheat are largely through obfuscation and can be defeated by knowing any details.
You obviously shouldn't rely entirely on security through obscurity, but obfuscation can absolutely be an important component of defense in depth.

Especially when your attackers own the hardware.

Or you could design the game mechanics so that client-side cheating offers little advantage... but that would probably require doing more than ripping off a popular mod of another game.
That's literally impossible. The entire point of the game is to have client-side input and for that input to be generated by a human and not a computer. There's no way to move that to a server.
I’m pretty sure their comment only really existed to dismiss LoL as a “copy of a popular mod”.
I'm merely saying that they could have avoided some of the issues if they designed a new game from scratch.
These problems are inherent to nature of being in the real-time PvP genre.

And AFAIK LoL was designed from scratch, it's Dota that actually based on the code of the WoW mod. Not that it matters today, that code is long gone.

I wasn't talking about the code.

Btw, you are thinking of Aeon of Strife (Starcraft mod). World of Warcraft hasn't even been released back then.

He's thinking of DotA, the Warcraft mod.
> Or you could design the game mechanics so that client-side cheating offers little advantage

Not possible in any sort of real-time game that involves reacting quickly to what your opponent does, or a game where user input precision is paramount.

I mean, that idea basically eliminates all first-person shooters, where aimbots run rampant.

> I mean, that idea basically eliminates all first-person shooters, where aimbots run rampant.

Indeed, mechanics that reward mechanical skill are more susceptible to abuse.

From the article:

> For example, some common techniques we see include helping players dodge skillshots, zoom out farther than they normally could, or perform perfectly executed combos to smash their opponents’ faces.

Scripting perfect combos can be mitigated by introducing more delay (i.e. backswing after using abilities/attacking), zooming out by giving the client less information about the game state. I can't think of anything that helps with dodging and skillshots.

Aside from strategy/RTS games, I'm not sure if thats even possible? How does is ripping off a popular mod relevant here?
And even in strategy/RTS games, I can imagine a client side rendering hack that removes the fog of war for instance.
That would assume the server is sharing the knowledge of other players through the fog of war.
You'd probably need at least some so that you don't lag every time the fog changes.
Increasing the server tick rate would help with that. AFAIK Starcraft, Dota2 and LoL all use 30Hz. FPS games usually use higher tickrates. Some fighting games enforce a constant amount of (input and network) lag to make the connection quality unimportant (up to a point).
Unfortunately there's a lot of jitter in real world environments, so you can't really rely on that. : \",
Agreed. Definitely not trying to say encryption is a poor strategy. But it does seem obfuscation is most of their anti-cheat techniques.

But the larger point I was trying to make is that all these studios are very secret about anti-cheat but they all seem to be fighting the same battle. Makes me wonder if the industry would be better off with cross-studio collaboration and open-sourcing anti-cheat libraries (that won't be defeated by knowing the details).

> open-sourcing anti-cheat libraries (that won't be defeated by knowing the details).

This doesn't make any sense. Anti cheat rely on the fact that it's not known. There is no such a thing as open source in the anti cheat world. It's all very secret for a good reason.

I'd curious to know what strategies make secrecy a necessity. I come from a WebDev background and open-source libraries are almost always always secure and safer then your own (due to the sheer amount of developers and ingenuity working on one repo). Admittedly, game development is a different beast and has to deal with far more client-code so I'm admitting my ignorance here.
The attackers are literally already able to run arbitrary code on the same machine, which is normally game over from a security perspective. Your secure webdev libraries also break under the same constraints.
> Your secure webdev libraries also break under the same constraints.

No argument there. Different design goals. But I still stand by quality of engineering that open source allows.

The attack surface is not only on the game but on the operating system that the client controls. I mean the game is just a process, the process runs on your computer, you control the computer so you can do anything.
But anti-cheat is largely obfuscation. Unless the host system is locked down (i.e. game consoles, systems with TPM-based verified boot), any state the game has access to is also going to be accessible to attackers.

You can limit what state the game itself has access to, but that's just one class of attack. It won't prevent aimbots, for instance.

It's the same reason why secure DRM is so hard. If the user has root, it's not a level playing playing field for developers.

That's good point and their random debuggers are definitely a clever obfuscation technique. And also not trying to say encryption is a poor strategy. The larger point I'm trying to make is that its possible being so secret about anti-cheat is to the industry's disadvantage. Feels like there is an opportunity for many studios to collaborate on anti-cheat tools and techniques (perhaps with open-source). For example, is Riot Game's packer/unpacker a specific solution to their codebase or could it be abstracted and open-sourced? This is a industry-wide problem and studios should be competing for the most creative and fun games, not the best anti-cheat.
I wonder if there's an optimization to be made about tolerating a minimum amount of cheating while being vociferous about the countermeasures? Along the same lines as "no such thing as bad publicity", having just enough cheating to piss off a few people and getting them to talk about it and the countermeasures seems like a great way to get free advertising and game engagement of players just curious to see who is cheating or the drama between cat and mouse.
Cheating is incredibly toxic in the community, even a whiff of it and people start labeling each other scripters etc. Riot does a lot of work to make their community suck less, lots of player leave or drop engagement because the community is toxic. With that in mind I'd imagine the optimal amount of cheating is less than what they can achieve.
We must have encountered very different online games and communities. Plenty of MMO's seem to have survived well known and endemic cheating without any additional toxicity in the community. No more toxic than the fake outrage when someone loses a loot roll in a dungeon or a pvp round. The "communities" and games usually seem brimming over with toxin with or without cheating. It's a good part of why I now avoid anything multiplayer.

Few seemed to actually care if the srever's elite guilds were using no wall hacks to get loot or someone was running with 6 chars receiving identical input, or botting their dailies overnight.

(comment deleted)
The toxicity comes from the focus on competition and the lack of repercussion when misbehaving. A guild kicks you out if your negativity annoys too many or the wrong members, whereas matchmaking has an infinite supply of teammates to abuse.

I agree with you that adding cheating to the cocktail of toxicity would probably not be significant enough to lose a large group of players. However cheating may yield a competitive advantage too large to be overlooked by the players.

Quite.

Personally I used to get more annoyed by queuing for a matchup and someone dropping so we're in a team one short, or by poor matching than cheating which was usually more of an eye-roll moment for me.

Resolution would have required GMs using a (temporary) ban hammer to bring some repercussion to all the toxic reports in the chat logs, not just headline anti-cheat sweeps and very rarely during tournaments. The resulting toxic anarchy seemed the obvious and inevitable result of games ignoring just about every behaviour. Which is why I voted by removing my wallet. :)

See you removed your wallet though, they'd rather you didn't remove your wallet at all, they'd rather you vote by reporting toxic players and keep your wallet around. ;)
I am skeptical that anyone has ever played a game because they were just curious to see who is cheating today.
Back in the day I would occasionally play counterstrike on low reputation servers to see all the cheaters. It was amusing for about 5 minutes.
In CS:GO, if you play a lot of the non-rotation maps (hostage etc,) and are high MMR you will quickly learn who is cheating. Many of them are the same people on many accounts, and you will learn who they are quickly. Personal experience.
That seems like a good "wonder", definitely not deserving of downvotes.

I'm pretty sure I want to play games in which there is no cheating though.

You could do handicapping, so in an FPS rather than allowing wallhack lower players get a call from control "someone is closing on your position [from the North"]". Or new players are 'fresh' and can move faster. You need to weight it very carefully though.

Yeah the downvote has become the "disagree" button sadly. I remember playing GTA-V on PS3 and early on people figured out some sort of (seemingly) underflow attack where they got billions of in-game cash, traded and gave it away, and were eventually wrangled in by the mods. I wasn't harmed by this, I thought it was ingenious of whoever found it, and got a good chuckle at the moral judgements the pregame messages displayed, for a game whose theme is utter debauchery. Other "cheats" where people found holes in solid objects and glitched to hiding places were pretty clever too.

I think cheating is kind of funny as long as it's not widespread or required to play the game enjoyably. I think anyone who gets offended about it is taking their video games way too seriously

I'll go on the record that I downvoted because I'm so tired of the constant drone of comments suggesting self-sabotage as a would-be dark pattern. If someone actually put a lot of effort into developing the idea, that might be interesting, but I just don't feel like "What if you shoot yourself in the foot for the publicity?" by itself is a substantial comment. It's a fill-in-the-blanks theory so unlinked to any particular phenomenon that it gets applied to everything.

For another example, somebody yesterday suggested that Amazon intentionally broke their website on Prime Day for the publicity. I downvoted that too. I do disagree, but more than that, I just don't think they add anything.

So you're not disputing that dark patterns are useful and effective, just that you don't like hearing them pointed out?
I don't know how you could possibly get that from "I'm so tired of the constant drone of comments suggesting self-sabotage as a would-be dark pattern." What I'm saying is that without a lot more development, there's nothing to suggest that this putative dark pattern actually exists. There is no reason to believe that self-sabotage is a beneficial act, but people constantly suggest it as one based on some magical thinking around "publicity." It has more in common with a conspiracy theory than anything else.
It's done all the time in the entertainment industry so it wouldn't be surprising to see it leveraged here. And even if its not being employed overtly, another way of interpreting my message is that these companies receive a net positive just by being in the "controversy" whether they intended to or not.

I have heard a lot more about the PS4 platform from all the clever hacks people have come up with than I have about the 360 or xbone, and if I were to buy a console it would likely be a PS4.

You're comparing things in a single player game to things in a highly competitive multiplayer game. Not the same at all.
GTA V's online mod is the reason why it's still on 5th place by current users in Steam. R* is selling virtual cash for it, so this type of cheating is hitting their revenue.
No.

It's bad enough that cheaters, after getting banned, will come to the game forums or reddit and make a ton of noise about getting banned "for no reason". All too often, you'll have a few people (though most of them probably on puppet accounts) that jump on the post and spread lies about Riot banning people for insignificant infractions, when the real cause was cheating.

You won't find any companies with competitive online games that turn a blind eye to cheating. If you consider a game with a cheater as being ruined for the other players, a very small number of cheaters can ruin games for a large portion of the players.

For a rough example of how the math works, let's say we have a game that is 5v5. If we have 100 players, 1 player cheating, and everyone plays once you end up with 9 players having their game ruined. That's 9% of players impacted by having 1% of the players cheating.

I'm not suggesting they tolerate it completely. Just that they make the game slightly "cheatable" then counteract it enough for there to be a known controversy.
How is it different than today? The game is slightly cheatable (scripters exist) and they are counterating it and getting some publicity out of it.

Being so good at anti-cheat that there is nothing to talk about seems like something so far away it's not worth thinking about.

But that said, I doubt the gains from allow "controversy" around cheating would outweigh the benefit of not having any cheating in the game. Not having cheaters is it's own talking point. Withing the competitive gaming community, cheating is already a major talking point and having little to no cheating is already a major selling feature.

No one is intentionally making it possible to cheat in their games. Cheaters and cheat detection/prevention are in a constant arms race. You can't just allow a little cheating. The people that develop cheats will share them and those cheats become more widespread.

Your whole argument is also based on the idea that there is no such thing as bad publicity. This is incorrect. If your game gets a reputation for being full of cheaters then people will leave your game and probably not come back. If the first time you hear about a game, all you hear is that it is full of cheaters are you going to head out to the store to buy a copy?

> You won't find any companies with competitive online games that turn a blind eye to cheating.

My experience is a little different: if I buy enough in game shizzle (be it free to play or games like WoW with a buildin store), I get away with murder.

> For a rough example of how the math works[...]

IMHO You are right about the math, but use the wrong parameters. Many game companies that accept additional currency actually allow their moneymakers to "bend the rules". No hard data, just my individual observations while using "tools" in different settings.

Blizzard is famous for a variation of this.

They will spend a few weeks/months detecting cheaters, but do nothing.

Then, they will ban many users of a given cheat at the same time. This creates press, which helps the message of "you will be banned if you cheat" spread further than if they had immediately banned each offender.

I'm not sure Blizzard does ban-waves for press. From what I've heard, they (and many other developers) ban in waves so it's harder for cheaters to establish causality. "I did this thing and got banned, therefore avoid doing this thing."
No. Because potential players are not just hearing about the game, but how it's broken and unfun because of cheaters.
I'd love to see a game where cheating and scripting is the primary means of gameplay. By default the game would present a very simple UI but players would be encouraged to write and share scripts enabling varying levels and types of functionality.

As a game developer your job then would be to write interesting enough systems for players to exploit to come up with interesting gameplay. I can imagine a scenario where different Overwatch-style "classes" emerge all built from the same basic game elements.

Not sure if this will scratch your itch, and I haven't really looked into it, but checkout https://screeps.com/ "The world's first MMO sandbox game for programmers"
Seems like this would devolve into a market for add-ons for your game. Let's assume that this game becomes popular. I'd claim that then most players would passively consume the leading open source solution(s), which are likely to outperform whatever any one person can do working in secret (or just tweaking the leading open source solutions). Software is copyable -- I don't think you can give a mechanical advantage to being the author of the software instead of a script kiddie.
As with any tool, it depends on the person using the tool.

Just because someone gave you a sword doesn't make you a swordmaster. You might kill somebody, but a real master of the tool, maybe even the inventor, is much more capable.

Someone who knows some piece of software knows when, where and under what circumstances it aids the most.

Which is why I pitched a modular Foss launcher/market to the Depart of Education for a 3d virtual training simulation grant. I never heard back from them...
Check out http://www.pwnadventure.com/

"Pwn Adventure 3: Pwnie Island is a limited-release, first-person, true open-world MMORPG set on a beautiful island where anything could happen. That's because this game is intentionally vulnerable to all kinds of silly hacks! Flying, endless cash, and more are all one client change or network proxy away. Are you ready for the mayhem?!"

"Pwn Adventure 3 was originally during Shmoocon 2015, from January 16-18, 2015. While the CTF is now over, we are still running the servers in a limited capacity so others can try it."

Recently (last week or so), there has been a hacker in PUBG who is using a flying car. I had never seen this cheat before, EXCEPT in "LiveOverflow" 's YouTube videos of pwnadventure!

https://www.youtube.com/watch?v=pzM4o6qxssk

In this series he managed to get his player to be able to fly.

I can't help but wonder if whoever that hacker is that developed the recent PUBG cheat, got his inspiration from pwnadventure and this series :)

I had a cheat back in Halo 2 for Vista that could make the Warthog fly. A flying car in a game is really not new
You might enjoy old school TradeWars 2002, which you play over TELNET nowadays. There are all kinds of helpers (e.g., TWXProxy, SWATH), and there are some pretty sophisticated scripts you can run (e.g., MomBot for TWXProxy). Ice9 is probably my favorite server (http://www.oregonsouth.com/ice9/), and there are others out there.
Reminds me of my childhood playing ROBLOX on various Script Builder games where users on the server could script with Lua. It was basically a race to who could script admin commands and completely own the server.
I got my start with computers hacking ROBLOX as a kid! We probably met each other. I went by Shanethe13 / Aeacus back then. If that rings a bell, you should hit me up :)

I actually work in cybersecurity now, directly as a result of ROBLOX. Shedletsky came across some of my work a few months ago, and we reconnected over dinner. It's a crazy small world sometimes.

That’s awesome! Name rings a bell actually, did you have any places? I made one of the build a raft games back in the day [0], was great fun to build games on there. I remember sometimes waiting around to get on Sword Fights on the Heights to get in the same server as Shedletsky hahah!

[0] https://www.roblox.com/games/7729765/BUILD-A-RAFT-AND-SURVIV...

There was some excitement for Notch's 0x10c for a while, an open universe space game where you would have been able to program your ship's computer. But according to wiki:

> The game was eventually indefinitely postponed because Persson found several creative blocks, citing the main problem as "it not being very fun to play".

Not quite the same thing, but there were a lot of cheat-only servers in counter-strike in the 2000s with anti-cheat turned off (it's optional if you run your own server). Since it was all cheats vs cheats, whoever had the best ones won. The game servers were often very scriptable and modded as well.
Those servers are still available in CSGO too. 3kliksphilip recently did a video[1] with someone who plays on one. Interesting insight into the kind of player who cheats.

[1] https://www.youtube.com/watch?v=gniSF1M9g_o&

Neat. I used to love the hack vs hack servers. The cheats were a bit more primitive back then, so I imagine hvh isn't as fun nowadays since all cheats are very advanced... I remember when xqz2 first came out - the first opengl-based client cheat for the half-life engine. It was simply a wallhack at first, and evolved to a primitive aimbot I believe.

Anyway, they started to get pretty sophisticated around cs 1.4 or 1.5. The real breakthrough was the client aimbot which hooked into the game (using function trampolines) rather than opengl, and was instantly fast, but it was still a little inaccurate because it used hardcoded constants for offsets from the center of the player model to the head. It eventually got a bit more sophisticated with hitbox aimbots I believe.

The next breakthrough was "nospread" which basically allowed you to fire your gun with laser accuracy. I remember how it worked - to make accuracy random the game used a pseudo RNG which was seeded with the game's current tick, that way the spread was shared by both the client and the server. The cheat calculated the future spread by using the game's next tick (current tick + 1) for the RNG seed and setting the player's view angle to the inverse of that. If you watched the player, it looked like they had a shaky crosshair. You could be bunnyhopping around with any gun and get insta headshots with 100% accuracy. Each gun had its own spread constant so these had to be hardcoded into the cheat, and adjusted based on whether or not they were crouching or standing.

The last major breakthrough was "autowall," which would only shoot through a wall if it was a guaranteed hit. After this, cheats and hvh servers got more boring with marginal improvements only.

All of this got me into programming and I learned a lot, both about some game internals and operating systems. No ragrets

At this point it's less about the quality of the hacks, but how the players use them. Now that everyone can wallbang well map knowledge is extra important. You need to know where is and isn't safe to stand.

Wallhacks completely remove early game tactics too. Instead of having a game centered around information gathering each side is already completely aware of the game state. No being sneaky.

Sometimes people jokingly say that it would be cool if there was a second Olympics with steroid and genetically engineered participants. Concerns for player health and blah blah blah stops that from happening. Not in CS though! Crank the aimbots up to 11 and have em duke it out! I love it.

That makes sense. I haven't played in a hvh since 1.6 so I'm not up to date on the current scene. Back then, if you had the better cheats you basically outright won, it was an arms race rather than a competition. Good times!
(comment deleted)
Im not sure if this really fits, but you might enjoy Speedrunning. It can included a good portion of analysis of the game, including code analysis(if available), debugging, disassembling etc.
Something like this, but I wouldn't want to deter non-engineers from playing or feeling inferior to engineers. I still want to believe that fairness can be enforced and different skills and strategies can be competitive, not restricted.

It is unfortunate a negative perception for cheats is so universal some countries are insane enough to make it into their laws. Call me names but I perceive computer game[1] cheating as something that surely has a positive part. A lot of games are all about exploiting their mechanics (also called "developing a strategy" or "looking for weaknesses") to... err... win (or not lose). Cheats are the engineering solution to this, sometimes dull and non-imaginative, sometimes beautifully cunning hacks.

That is, unless we're talking about cheating griefers which I feel must be considered as a separate kind of people. Trying to gain advantage is natural for any player, depriving others of their fun is not[2]. If cheating makes grief (besides envy!) to other players I believe it means that it's the game mechanics that are flawed for allowing this. At least it's treated as a bug in all other kinds of software engineering.

Of course I recognize network lag is the enemy and computational complexity is another, so at least for anything fast-paced developers just have to offload calculations onto endpoints, sure. But still...

Oh, and I think this should be certainly possible for games where players don't compete. It's not impossible to believe a game where you can cheat yourself into gaining all the treasures of the world but that wouldn't mean anything and cheater would just deprive themselves of the fun. At the very least, the trend to try to shove anti-cheats into single-player games disgust me.

_____

[1] I'm not sure about other areas of cheating. Although I think I wouldn't mind seeing Cheaters' Olympic Games, allowing humans with any aids, robots and basically anything that is physically able to participate. That would be fun and probably awe-inspiring to see.

[2] Can we talk about cheaters' moral codex, haha? Do unto yourself only as you would have others do unto themselves too and stuff.

> I'd love to see a game where cheating and scripting is the primary means of gameplay.

Come to Sydney. Play Ingress with the ENL faction.

You might enjoy this video:

https://www.youtube.com/watch?time_continue=7&v=v0JHDr1oT0Y

It's about security training rather than gaming, but talks about using an approach where students were forced to cheat in order to pass an exam, as an exercise in getting into a mindset of finding the holes in a system and thinking like an adversary.

I got into developing by modding doom with a hex editor. Giving my SimCity virtually unlimited money. Cheating in a video game is fun and standard practice in my opinion.
Sure, but in a single-player, local context: do what you want and experiment.

League of Legends is a multi-player game, and a competitive one at that: you having fun by cheating is likely leading to another player not having fun, which is bad for the game (and Riot as a revenue-generating company!).

Cheating in single-player games is absolutely fun and a good way to introduce oneself to reverse-engineering. The key difference, though, is that cheating in multiplayer games can directly (usually negatively) impact the experience of other people playing the game.
It definitely is. I had tons of fun cheating on RuneScape. There were (and maybe still are) more than 3 botting platforms with friendly APIs for writing scripts. Being a computer savvy kid I wrote my own scripts, tested them, ran them overnight... It took Jagex nearly a decade to ban me.
Even if they move a memory value when it's changed they still need to have a pointer somewhere to it's new location. If you can find that pointer you can still read/write at will. This is actually one of the things covered by Cheat Engine's tutorial.
>We don’t share the state of other players if it doesn’t need to be shared, so we can avoid common cheats like “map hacks” (revealing all players on the map). >We let the server’s game simulation make the authoritative game decisions and generally don’t trust the information received from the client, which helps prevent common cheats like “god mode” and “disconnect hacks,” barring any overlooked exploits. >Our network protocol has been obfuscated, and we change this obfuscation regularly so that making a network-level bot is much more difficult.

I hope they are proud of doing the obvious. That's like having a webpage and bragging about escaping strings that you insert into a SQL table...

You'd be surprised by the amount of AAA games that do not do what was listed in the blog post.
It might seem obvious, but a lot of current PvP game engines still maintain global state of all players on the map and trust position info sent from the game client to all other clients. This has been the status quo going all the way back to the beginning of online gaming.
Riot's engineering blog is typically aimed at developers and engineers of all skill levels. They try to make all of their topics approachable. If you're a seasoned veteran, you probably won't get a lot of technical insight from these posts.
A lot of this information is written so that it's easier for laypeople to read and understand. Stuff like that may be obvious to developers and sysadmins like many of us, but to the common League player it might not be. Also, I doubt that they want to give away something more specific that would give a clue on how to beat their systems.
The first is not all obvious. Oftentimes, it's simpler to share entire game state to all clients, and let the client obfuscate information based on the player's context. Especially for building a better player experience for interpolation/network lag correction when the server connection may fail to keep up.

Additionally, it's non-trivial logic to determine what "needs" to be shared: eg, what do you do with a champ that's outside vision but using an ability that enters your vision? There are important and difficult design, architectural and logic decisions to be made at every level from the game data models to the server-side simulations to the clients handling of it.

These things seem obvious but are often not feasible for certain types of games (eg FPS) due to either latency or just the rate of events the server would have to resolve. This is why you're often stuck having to trust the client and implement complex checks for tampering.
The first point is actually something that game developers have failed to do in many cases. For example if they want client syncing to require transferring very little data, they may only send player inputs across the wire, meaning that each client needs to know everything, even if the final decision about game state is made by a server.
Yeah, the same many developers haven't escaped strings they inserted into SQL tables, leading to SQL injections. Does this mean if I don't do that I have a right to brag about it? If I wrote a post saying "look at me, I escape strings" the response here would be "cool story bro". This isn't any different.
Back in the day (2010) there was a cheat for LoL to make instant short-range teleports without cooldown, so they went a long path...
Great write-up. I'm my job we spend a lot of time dealing with hackers and cheats for our mobile and PC games.

We tend to see similar exploits across all our games (memory hacking, fake IAPs, etc) which lets us build an armoury of anti-cheat tools.

What I find most interesting is where hackers don't focus their attention. It took almost 4 years for them realise the encryption key for our assets was easily accessible using the 'strings' tool in Linux - once they found it we had a busy few days stopping modders from impacting legitimate players.

You're probably dealing with newbie reverse engineers, do you work for a triple A game publishing studio or an indie game shop? People who want to "mess" with games are usually doing it so that they can make a lot of money from it and therefore hunt big triple A games...the people I've seen do proper reverse engineer on triple A game to bypass ie. Blizzard's anticheat in World of Warcraft now all work for big "anti-virus" companies
The next step is to rewrite it all in Brainfuck.
I wonder, given that nowadays access to vast amounts of computing power on demand is easy, if it would be effective to generate unique builds for each and every player. Just like they already do, but tailored for each downloader. Which would get tied to an account, and to a given fingerprint.
What problem would that solve?
If I tell you right now that every single digital dollar will need to include the finger print of the digital printing press that created it. How would you be able to forge a new one without that fingerprint? You can't because every time you alter the digital dollar you create a new fingerprint that does not match the original digital printing machine.

This fixes a lot of problems with altering code and and extensions and modding. Does not fix memory changes but it can make it quite difficult because each memory change would have to be validated against the original fingerprint already registered on the server for your particular build.

I think he's implying a cheater's injected DDL would be tailored for a specific build, so if they shared it with others, it would be ineffective. And not only that, but based on how the Cheater.DDL is targeting the build, they could identify the account that made the cheat.
you are talking about a blockchain.

I have talked about this in many occasions to developer and they also agree that a blockchain to maintain a unique fingerprint of the game is very good to deter many attacks to modding and extensions to code, no matter the platform.

Being a blockchain would give exactly zero advantages over a traditional database.
yes it will. Because in a block chain, you can't change anything unless everyone agrees to it.

If you change that code, and place it back in the block-chain no other block will agree to your change and reject you.

As the game developer, I do not care if anyone else agrees to it. I am the ultimate authority. Thus, I don't need any kind of blockchain.
You seem to have several misconceptions about computing in general. This is not how any of this fits together.
This talks about common techniques for protecting Windows binaries but what about their Mac client? Are similar techniques also applicable to Mac?
I don't know much about OS X except that they use the Mach-O executable format (unlike PE in the article), but I know that the ELF format as used on Linux and many other unixes is similar in that it also has a section where the code resides, so they can encrypt only that part. And inserting checks into the code is also portable of course.

It would have been interesting if they had talked about different platforms, but alas, it's quite a superficial article...

Most of them would carry over, but would have to be changed slightly to match the system.
Unfortunately, their latest anti-cheat measures broke the ability to play on Wine.

Guess no LoL for me anymore.

They broke GPU passthrough setups as well at first. There was some community backlash and they rolled that back, and I believe they also mentioned they intended to work with the wine people on a solution for that as well.
How did it break GPU passthrough?

Then again I heard recent versions of VAC detect running under a KVM hypervisor and kick you out of CS:GO servers.

That's unfortunate to hear that VAC looks for KVM. I was planning on moving my gaming partition to just a VM and using GPU passthrough. It's how I have my work PC setup, figured I'd replicate it at home.
Sorry to be the bearer of bad news.

I plan to reverse engineer VAC sometime to figure out how the detection works.

"they also mentioned they intended to work with the wine people on a solution for that as well"

Be nicer if they'd just put the damn thing on Linux. They're already on Windows and Mac after all

They undid that.
No they didn't. Some people use a modified client, but that's super risky for a lot of reasons.
This might also prevent it from running on ARM laptops with win32 emulation.
I think the number of people playing LoL in wine could be stored in a uint8_t.
It's a lot more than that, actually. Not millions or anything, though.
Does it hinder Linux gamers who are using Wine? A lot of such anti-cheats can't figure out when Wine is used and ban Linux users. Some also ban custom D3D implementations like DXVK even if they are really correctly implementing the API.
Yes - it hit the news that LoL will no longer work on Wine or virtual machines because of these anti-cheat measures.
OK, then their anti-cheat implementation is bad.
Can't speak for Wine users, but VMs are working now. The workaround was found within days of the patch (they were just checking for the CPU feature "hypervisor"), and they actually ended up rolling back that check due to the community response.
Blizzard had a huge banwave for users running SC2 WoL under Wine.
Use blockchain.

It is a very simplified comment, but behind that you can expand the topic to include many advantage a blockchain can provide during multiplayer games.

EDIT: yes it is a very unpopular topic, but deep down many of you who are developers, know that blockchain can solve many of these issues with cheater.dll

How exactly would blockchain do anything that a regular database couldn't do in this instance?
sharing the altered code. If you share the code and its invalid it can be traced back to your account. Which you can only create if you are part of that chain as a registered user. That fingerprint changes as soon as someone tries to use their account and tries to validate against the chain. It does not stop the cheater, but it stops it from spreading the cheat and it is easy to identify the cheater.
NO. Again, a blockchain is not doing anything of value there that cannot be done easier and simpler with traditional methods.
(comment deleted)
Reason for downvote: you seem to have no clue about blockchain or cheater.dll whatsoever.
Blockchain is all I work on and you seem to not understand my suggestion.

cheater.dll needs to be loaded in memory along with the game. Correct, right? If the original build of the game has already generated an encryption key that is stored on a server or a distributed ledger using your account, then tampering with the origonal build in memory will result in generating and invalod key thus changing the ledger or the stored key on the server, and not matching the ledger. If this happens then it invalidates your build and the distributed ledger would need to updated, but since that is not allowed in this instance all ledgers would reject your change and flag the block and the account. Making it easier to find who attempted a change. Sure this can be done on a server but because of the tamper proof inherited by a distributed ledger it would make it harder for this code to be shared. The cheater can still change the code but it would not be able to share it.

How would it invalidate the build? How would the server find out the build was tampered with? Why would my hacked game add anything to a blockchain? I've followed blockchain tech closely since '13 and your comment makes no sense.
apparently not close enough.
> Blockchain is all I work on

Yeah I know a few more of those people and I don't understand how they're convincing innocent people that they need blockchain and that they should pay you money to implement 'the future'.

> If the original build of the game has already generated an encryption key

I'll take that to mean "if the server already generated a key, unique for each purchase, that is put in the game and also stored on the server."

> then tampering with the origonal build in memory will result in generating and invalod key

No, why? You never explained how you got from "distribute license key with game" to "invalid key when you modify the memory".

> thus changing the ledger or the stored key on the server

?!?!?! There are so many steps missing in your "explanation". Who says the game has internet? Who says the cheater didn't block the license servers? Who says the cheater didn't emulate what should have happened alongside his modified version and is submitting that to the server? Who says the cheater didn't cut out the licensing part altogether?

This is making zero sense so far.

> If this happens then it invalidates your build and the distributed ledger would need to updated, but since that is not allowed in this instance all ledgers would reject your change and flag the block and the account.

So... other game clients would see that your key is invalid, is that it? Not the licensing server hosted by the developers, but the other clients would be doing the blocking?

Alright, let's say it were so: there is a blockchain with all the license keys and your license key is computed as a hash of all your RAM memory contents. You submit this hash of your memory to other game clients when you communicate with them. Every network packet needs to contain this, or else they will refuse to process the packet at all. Other clients can look up valid keys in the blockchain.

Then firstly, you don't need a blockchain. What you're looking for is a relational databa -- scratch that, you need json -- oh wait, not even that. No, what you're really looking for is a plaintext file. What in the world does blockchain have to do with publishing valid license keys?!

Secondly, you have a huge list of valid license keys published, ready to be picked up by cheaters. Don't you think anyone is just going to look at that list, be it in blockchain format or in json or in plaintext, and replace their signature field with one of those keys?!

Thirdly, your RAM continuously changes. It's not as if you can play without getting a new signature a few million times per second, with each write operation to RAM. But let's say we only do it once per frame, so 60 times per second. Then you need to know what all the possible states are going to be... you know what, this is making zero sense. Tying some key computed from your game state to a license is nonsense.

I would think you're a troll but your messages seem just a little bit too long for it, it seems like too much effort... but I kinda do think you're a troll. The more I think about what you're saying, that's the only logical explanation.

IMO games should encourage ergonomic aids. Why allow the UI to be a limiting factor to how you want to play?

For example people used to talk about APM in SC2 as a sort of measure of how good someone is. Why should that be? It's a strategy game. Imagine if you could express your ideas effectively into actual game actions?

APM was certainly an impressive stat that conveyed the level of athleticism required for e-sports.

Of course, you're right, if the goal is who can strategize the best then APM shouldn't be a factor.

The playing field needs to be level though. Perhaps something like Formula 1 or Le Mans racing will develop for e-sports where people are allowed to fine tune their input with custom code with certain regulations for those inputs.

It's real-time strategy. So part of it is how you react to things, as well.
>IMO games should encourage ergonomic aids. Why allow the UI to be a limiting factor to how you want to play?

For the same reason that sporting organizations regulate the equipment allowed during play - the make sure the playing field is reasonably level.

>For example people used to talk about APM in SC2 as a sort of measure of how good someone is. Why should that be?

Because dexterity has historically been a basis for comparison in recreational competition.

>It's a strategy game.

It's a real-time strategy game, which is an important distinction. Chess is a strategy game, and by its design guarantees each player an equal number of moves. SC2 is a real-time strategy game which makes no such guarantees, and if you have the dexterity to execute your strategy faster than your opponent can respond to, you should be rewarded for that.

>Imagine if you could express your ideas effectively into actual game actions?

Imagine the cost of such an interface in today's society, especially compared to a regular USB keyboard and mouse. Now imagine you're a game designer. Do you want to build a system that explicitly favors those rich enough to purchase the best equipment, or do you want to spread your playerbase as widely as possible?

Perhaps in another few decades, we can start rewarding the people with the "best" brains, but as long as we exist in meatspace, people are going to want to test their meat-skills against each other.

> Imagine the cost of such an interface in today's society, especially compared to a regular USB keyboard and mouse. Now imagine you're a game designer. Do you want to build a system that explicitly favors those rich enough to purchase the best equipment, or do you want to spread your playerbase as widely as possible?

While I kind of understand the Ready Player One-esque issue here, I am thinking that most ergonomic aids would look more like software plugins for WoW or EVE than professionally developed HCI hardware.

If I were to be leading a game I'd just make it a requirement that tools were opensourced (hard to enforce in reality tbh) but at least that would help.

StarCraft is not just a strategy game. It is a real time strategy game. The focus on real time is why APM and micro etc are so important. Broodwar is my personal favorite game, on the surface it is easy to not know video games can be physically taxing.
(As a former high level StarCraft / SC2 player / caster).

It's not chess. That's why.

There is a real physical aspect to the game. Training your fingers to hit certain combinations quickly to execute build orders, and mix in micro is key. Pro players use hot packs to warm up their hands, or glasses to aid their eyes.

The game developer takes a lot of care to ensure the UI / hotkeys / peripheral setups are optimized for pro players.

Using external tools to defeat this setup simply isn't fair and diminishes skill built into the hands and muscle memory of players. Even at a mid-level of skill, people learn simple combos. For example, a Protoss player hitting "4+e" because that's where they have hotkeyed all their Nexuses and e is the hotkey to build probes.

Many responses are saying the same thing, so I'm going to respond to you ...

> It's not chess.

I agree it's not chess, and chess often has a time component to it. The realtime nature of a game doesnt mean you should have to be able to "move" in realtime, IMO it would be superior if it tracked more closely to your ability to react, intellectually, in realtime. That is, real time thought more than realtime motion. Ergonomic aids would help people to convert their thoughts into real game plays without limiting them to their body's capabilities. But I also admit this is my opinion and it's clearly an arbitrarily decided dividing line between how much should a game be about myelinating certain move patterns (spread out troops, cast a spell, select production groups) and how much a game should be about quality of thought in realtime (I see he made units X, How am i going to respond? I have many minerals, should I spend them on tech or units?) ...

I don't understand why you're so intent on doubling down here. There are other strategy games out there that focus on strategy more than micro mechanics. Why not play those instead?

I don't think "I want to play Starcraft but without micro" is a compelling argument for changing Starcraft. I actually think it's pretty selfish to make these demands. It's a reasonable premise for finding or even creating a new game.

SC2 was simply an example. Clearly this is about the set of many RTS games more than just one game. And to be upfront, yes, "I want to play Starcraft but without micro" is a decent representation of my gaming desires.

I may just go ahead and make such a game sometime and, I suppose, we'll see if anyone likes such a game dynamic. It would definitely introduce a very meta game where creating and tuning your "loadout" could matter greatly.

Tooth and Tail is pretty close to what you're looking for, perhaps.
With enough mechanical aides, the game balance breaks.

For example, SC2 has a very cheap unit called the roach. When burrowed, it can't attack, but regenerates health incredibly quickly.

It's trivial to write a cheat that will, whenever one of your roaches starts taking damage, causes it to burrow, and whenever it stops taking damage, unburrow.

The unit is balanced around human control - no human can, with perfect accuracy, choreograph burrows and unburrows of individual roaches in a pack of ~60.

With such a cheat, roaches punch way above their weight, completely breaking the rock-paper-scissors balance of the game.

I do not deny that the game mechanics would vastly change. The strategy would shift away from "How can I micro these roaches" vs "How can i effectively attack burrowing/unburrowing roaches" to "How can i ensure I get roaches" vs "How can I frustrate/prevent my opponent from getting them in the first place"... As an aside, ANY change to a game is going to disrupt the equilibrium in some manner and I assume would require human intervention to re-establish a "fun" gameplay.
> How can i ensure I get roaches

Which is trivial for any skilled player, because they are an incredibly cheap, low-tech unit, and passive base defenses are currently very good at fending off very early aggression.

> As an aside, ANY change to a game is going to disrupt the equilibrium in some manner

Yes, and sometimes, the equilibrium settles on an incredibly shallow, uninteresting game-space.

StarCraft is a game of a number of rock-paper-scissors cycles, all operating at the same time. Greedy expansion - versus rushing versus safe plays. Economy versus army versus tech. Roaches versus marauders versus zerglings.

Sometimes, due to patch changes, poor balancing, or because player skill improved, the game ends up stuck in a quagmire, where the risk/reward ratio for many of these options is completely out of whack. The game stagnates, and becomes incredibly unfun to play, and to watch.

Throwing a wrench into balance, by allowing auto-scripts, which have an incredibly uneven effect on the different units, mechanics, and races in the game is far more likely to push it into an unfun equilibrium, then a fun one.

Yes, but keep in mind this idea and thread is not about SC2 specifically. It used SC2 as an example of the class of games that I personally believe I would find improved by removing the mechanical aspect of the game allowing me to focus on the fun part -- Making decisions and giving instructions patterns more than "micro"
> I do not deny that the game mechanics would vastly change. The strategy would shift away from "How can I micro these roaches"...

It's kind of off-topic, but you will lose horribly if you actually try to win games on micro alone. People talk a lot about micro because it's flashy, but it's really just the icing on the cake. The pros can spend all their time showing off their icing skills because they all have solid macro underneath.

When I played in WoL, you could make it into master league (top ~2% of players) by: ensuring you were never supply blocked, spending all your money, scouting your opponent, and building counters. If you were efficient, you could do everything you really needed to with an APM of ~50.

>With such a cheat, roaches punch way above their weight, completely breaking the rock-paper-scissors balance of the game.

Against marines, sure. But against siege tanks/disruptors?

Sirlin's spiel about there being more counters than people think (http://www.sirlin.net/ptw-book/introducingthe-scrub) seems applicable here.

Yes, they start punching way above their weight against tanks, too. Even moreso if you throw in an auto-scatter script.

https://www.youtube.com/watch?v=IKVFZ28ybQs

What about tanks on high ground and out of reach? What if the roaches have to funnel through a walled choke guarded by some MMLib as well?

That might seem contrived, but there is a player whose job is to contrive it!

No, I don't think the next patch should include "improved" roach AI. But deep strategy games like Starcraft tend to have multiple levels on which to do battle, and you can often nullify an opponent's insurmountable advantage on one level by doing battle on another level. I honestly think that if super-roaches like we've been discussing were patched into the game, with no further changes made, winrates would stabilize around 50% in a few years (assuming everyone hadn't quit in disgust).

Now, that might not be the game you'd want to play. I'll freely admit I wouldn't want to play it. But that's you and me---perhaps whoever's into chess would love it. And "This would no longer be fun for me," while perfectly legitimate, is a very different claim than "the game balance breaks."

> ...deep strategy games like Starcraft tend to have multiple levels on which to do battle...

That's exactly the point; the "other levels" are macro, micro, and multi-tasking--the "realtime" components of an RTS game. (I consider positioning and scouting a factor of micro and multi-tasking respectively.) Those are the facets of the game that let you take two equally matched strategies, execute slightly better than the opponent, and thereby eke out a gradually compounding advantage.

If you remove those, the "deep strategy" of starcraft is basically just doing the one or two counterplays that you obviously need to do to survive. "He built too many early game marines so now I build banelings or I die." The strategic "if he does this, I'll do this, but then he'll do that" decision tree is very shallow in a game like brood war or sc2.

> What about tanks on high ground and out of reach? What if the roaches have to funnel through a walled choke guarded by some MMLib as well?

Then I'll be forced into one of a small handful of tictactoe-like responses: brood lords, vipers, doom drop on top of your army, or pull you apart with muta/nydus multi-taski... no wait. Just the first three options I guess.

Is it, though? Sirlin's scrub is a strawperson player that will not adapt to any changes in the game, instead asking that the game itself is changed to suit them. Running cheats is the ultimate scrub move - you change your play experience asymmetrically to benefit yourself rather than practicing at the game as offered to get better.

There are a ton of interactions in games that are degenerate if performed at TAS level. These aren't areas looking for disruption; they're just impossible to perform with human inputs and they confer game advantages that are not surmountable by non-assisted players.

The speed running community segregates TAS content from played content specifically because of this. You will not beat the robot that can perform a 60 input 1 frame trick that gives you a .5 second time save.

>Is it, though? Sirlin's scrub is a strawperson player that will not adapt to any changes in the game, instead asking that the game itself is changed to suit them. Running cheats is the ultimate scrub move - you change your play experience asymmetrically to benefit yourself rather than practicing at the game as offered to get better.

That's a fair point; I agree. But the ancestors are debating a scenario with sanctioned mechanical aids. vkou classifies them as "cheats" above, but I humbly suggest that he used the term improperly, given the context.

Also, remember that we're talking about RTS games, which have an S component as much as they have an RT component. OpenAI can beat Dendi in the early phases of solo mid, but can a team of AIs beat Navi in a full game of DotA? Perhaps they will eventually, but if they do, it will take a whole lot more than just reaction time.

> but can a team of AIs beat Navi in a full game of DotA?

Yes it can, especially Na`Vi (Dota-reddit jokes that AI won't play with Na`Vi because developers want to test AI with a pro team). There were matches with pro players last month. Players say that mechanics in 5v5 fight are perfect and the global strategy is there.

I won't say that the strategy has many states in Dota: it's the items and position on the map (by choosing one of the objectives).

It's not ready for the real Dota 2 tournaments though: AI was trained for the specific 5 heroes.

> Ergonomic aids would help people to convert their thoughts into real game plays without limiting them to their body's capabilities.

StarCraft is physical - that's critical to the entire genre (RTS/MOBA/etc). Without it, it's not StarCraft.

Improving your dexterity is a real part of improving your skill in a game like StarCraft. So using a program to do this for you instead is cheating.

It sounds like you want to play something like Stellaris, Sins of a Solar Empire, or any other 4X-style genre game.

Meh.

At the end of the day, "skill" is a meaningless term except in the context of a specific game. If Starcraft 3 came out tomorrow with no macro mechanics, no activated abilities, a pay-as-you-go economy rather than a pay-up-front one, then APM would be much less valuable and "skill" would mean something completely different.

Overwatch has this issue right now where players are complaining about Mercy, a character who is fairly simple to pick up and can provide a lot of value. What they ignore is that she was intended to be that way, and that the "skill" Mercy introduces is not lightning-fast reflexes or similar, but the strategic response to her presence.

I'm not campaigning for SC2 to be changed. But players' definition of "skill" generally shouldn't be trusted. Skill is what wins.

(comment deleted)
(comment deleted)
Games aren't really about getting you to solve a problem, they are about making something fun. Making something fun is a lot easier when you control the UI completely. Letting the users build their own UI places a lot of constraints on what you can build in the game and still be fun.
The game is 100% online. Could you have a piece of the networking protocol where the server sends little snippets of executable code over the network during the game that read some specific locations in memory, do some processing, and send the results back to the server in the next packet? You could do things like check the starting address and length of loaded dlls, or take the hash of some random span of machine code, or even random locations in the heap, all of which may or may not actually be verified on the other end.

You can use any number of obsfucation tricks to hide their purpose (if they even have one) and you could even randomly generate them. And since the server expects the response in the next client packet it would be literally impossible for a cheater to manually deconstruct them, and even be difficult for automatic analysis tools to have enough time to do anything meaningful with it.

You can reduce the security nightmare from the user's perspective by only allowing machine code that's on a tight whitelist. Allow it to read from anywhere, and only let it write to a dedicated little sandbox area with e.g. fixed addresses.

(comment deleted)
If you restrict the machine code it makes it that much easier for me to write an emulator to execute your machine code and return the result. It might even be trivial. It is a never ending Ouroboros. You build a more clever mouse trap, I will design a more clever mouse. If I have all your code and am running it on my computer it will be a matter of time before I can back out whatever obfuscation or technique you are doing and undo it. You may have some hope in network delivery of graphics only. If I am not running the game client code, and just streaming the game from one of your servers, you have a chance at keeping your client safe.
"If I have all your code and am running it on my computer it will be a matter of time before I can back out whatever obfuscation or technique you are doing and undo it."

sure try to undo a block-chain and see what happens.

The code will be encrypted with a unique key that will need to be registered on the server with your account. Change that code and it invalidates your entire build along with your account. case closed.

Blockchains are not a solution here. This comment doesn't make much sense; your proposed solution is missing a lot of details.

If there was a simple solution to this problem there would not be insanely complicated packers that basically try to make their own instruction set.

If the player controls the CPU the code is running on, there is fundamentally no way to enforce they are actually running the code provided.
This is a very bad analogy, and you have misunderstood the problem to a huge degree.
I think you are missing my point. This concept in client computing security basically chains back to the halting problem. You can't /know/ what I am doing with my computer. You can build a very elaborate trap / obfuscation and it might be hard, really hard, to defeat it or circumvent it, but it is a certainty that I can. The block-chain has absolutely nothing to do with client code security because it has a network enforced mechanism. What the grandparent was suggesting was running some nugget of code in a little VM (or actually on my machine), computing a result, and then returning the result to the server to make a security decision. The problem is I control that machine performing that computation and your security decision as the server is based solely on the computation performed on my computer. A skilled reverse engineer will just hook your code in the right place, intercept that security check and have it return the right bytes back to your server, while still doing whatever client side cheats they wanted to do.

https://en.wikipedia.org/wiki/Rice%27s_theorem <--- this is all about program behavior and did the user actually run the code you sent them. Block chain is about "did I possess certain data" (such as a private key to sign a transaction) and not about "did I run certain code".

You are absolutely correct, but it occurs to me that CPU designers could actually implement a kind of RSA style memory fetch instruction. The CPU would generate a public/private key pair, where the private key is not accessible by any means. The client would send the public key to the server, which would in turn encrypt the memory location(s) that it wishes to inspect. There would then be an instruction on client's CPU which would accept that encrypted memory location and return the contents, without divulging location. The CPU could regenerate the public/private key values for each request. I can't imagine defeating that kind of scheme without hardware hacks. The more that I think about it, the more I wonder why no-one has done it before, because it seems useful. Probably there is something I'm missing...
How do you prevent the cheat doing a MITM attack and changing keys?
Yes, you are right. That's what I was missing :-)
The answer, and it has dark implications, to me, is Trusted Computing. Never let the user have full control. Do this key exchange on a base OS or some other VM the user can never touch (e.g. Knox / TrustZone). Still, we can exploit our way to this trusted OS and MiTM there, but it takes much more skill. With Trusted Computing the base OS can more simply install a "spy" to keep track of a games memory / code to ensure it is only ever loaded and executed from memory that is essentially made read only after the program is loaded but before it executes. The trusted OS verifies the program code, the OS, etc, and if it all checks out, let's the code run. Of course it goes back to the halting problem, but if the programs memory is unexecutable and modern exploit mitigation is applied the game is now in a considerably sturdier mouse trap :)
A server can't validate the integrity of the game remotely. A program on the user's computer must do that for you. You're trusting that the program will do what you expect it to do.

All one needs to do is modify the program to make it always tell your server the build is valid. Problem solved.

> emulator to execute your machine code

I think you missed a part. Namely that "It is allowed to read from anywhere". If it can't write anywhere but the sandbox, that just means it can't modify the game dynamically, just read its state. Which is plenty to verify whether the client has been hacked anywhere. You can read spans of .text to check whether code has been modified, you can read heap locations to check whether the state of the game is valid, and you can take all of that and hash it with a random seed included in the packet to set a high bar on the speed of any emulator. Your emulator would have to dynamically check every access to make sure it doesn't touch anything that has been tampered with, and change the reads to read from un-modified sections, while allowing it to view everything else accurately. Seems like a high level of effort for the cheater, for a low investment from the developer.

A sandbox can be a virtual machine, for all practical purposes indistinguishable from any "normal" computers ordinary players use. Of course this will lead to the never ending Ouroboros of more sophisticated detectors and more sophisticated virtualization, ad infinitum.

I've heard there are cheats that use hypervisors to stand above the operating systems and avoid kernel-level anti-cheats. I wouldn't be too surprised to learn about cheats that sit on a bus and use DMA to peek into anything they please (subject to the memory protections of IOMMU - again, this war doesn't seem to have an end) - they're probably impractical but not something that couldn't exist.

Hah. Are you me? That is what I always call the cat and mouse of cheat / anti cheat. (An Ouroboros) :-D
I've just read your comment above and then quoted you without the proper credit ;) Liked the naming.
I never claimed that this would be perfect. All security, especially the kind we're talking about here and the kind mentioned in the fine article is about the relative effort that the developer and cheater has to do to create the obsfucation and work around it, respectively. Making debugging harder doesn't make debugging impossible, it makes it more difficult and take more time. Adding random cheat checks on every rebuild doesn't make it impossible to find and remove them, just takes more effort and time. I.e. how much time investment do the developers have to put into making the workaround vs how much effort it takes the cheater.

I'm just saying this could be a relatively low effort on the part of the developers to create and a relatively huge effort on the part of cheaters to work around.

I really want to believe all this effort better be spent into fixing cheating. Either by tweaking game mechanics so cheating provides no meaningful gain (and just gets boring) or by tweaking other participating nodes (servers or other clients) into not accepting situations that should be impossible.

I don't know anything about LoL, though.

The article goes over all of these things, and LoL already goes to many lengths to invalidate as much cheating as possible. Their servers already don't trust data sent over the network and verify it independently, they already don't send information to a client that it doesn't currently require to render the frame, like the hidden locations of enemies, they're simply not sent so "map hacking" is literally impossible. The article has lots more details, I would recommend it.
I see. The problem is the server needs to know all of the values it expects. And if the server knows the values a cheat can figure them out too. For example, a cheat could hook OS functions and report on values in certain memory regions (e.g . the games loaded .text as some cached values). Same with reading heap locations, hook the memory read functions. Computing a hash doesn't have to be emulated, though, right? A cheat can just compute it with whatever data /should/ be there for the game state. This also means the questions the server can ask of the client are ones it can somehow model. So, this is imposing potentially restrictive requirements on any server software if it needs a non trivial mapping of the client's memory. I have chased down a lot of really bizzare and non-deterministic packers and cheat software like this and ultimately you can only make things so difficult due to Rice's theorem. To truly detect cheating you would practically have to run all the computations my computer is running, at which point you might as well just stream the game to me instead of letting me install it and run it on my computer. These sort of "check for a known good state" things can almost always defeated by appropriate function hooking. Ultimately, my computer is a hostile environment for your game and I have complete control of it. The traps a client running can only be so elaborate. I do agree things like this will take some time and increase the skill required to take them apart, but you would be surprised at how much harder some CTF competition reversing problems are compared to a scheme like this, I think.
I think what you are getting at is that it's impossible to 100% fully prevent cheating. This is true, but I don't think that's the goal; the goal is to make it difficult enough that it's not worth the effort. The value gained from cheating in a video game is low enough that the vast majority of people would not be willing to go through such lengths to do so.
The average user doesn't have to go to such lengths, they just subscribe to a cheat company that does. That's literally how it works today. Cheats are big business.
Okay, but my comment still stands: You don't need to make it impossible, just hard enough that it's not worth the effort. This applies whether we're talking about individuals or companies.

As an aside, I don't know anything about the market for game cheats. Do people really pay a significant amount of money for that?

People are diligent enough to crack Denuvo's wall-of-VMs approach for free, even though it takes 6-12 months of work to do it. How much effort do you think people will put into it when there's money on the line?

People pay enough money for cheats that cheat makers have their own pretty intense DRM set up to make sure they get paid. You're probably looking at $10/month for something entry level, going up to $50 or $100/mo for something exclusive (that will take longer to get you banned).

> The value gained from cheating in a video game is low enough

Many people made serious money botting MMORPGs and selling gold. It's so prevalent it accelerates the inflation of the in-game currency.

If people make it too difficult to hook into the client, cheat developers can always reverse engineer the network protocol and make their own custom client. This bypasses all client-side annoyances. They might even create a headless client that can be run on servers.

So as a cheater you intercept those snippets, lets them do their magic in a dedicated address space that has the same client code loaded?
So you're saying the cheater would have to run a duplicate, unmodified, instance of the game in parallel with the hacked version that the cheater is actually using, while correctly teeing networking traffic and mouse/keyboard inputs, and dynamically inserting the snippet results from the legit copy over top of the results of the hacked copy. That seems like a huge increase in level of effort from cheaters for a relatively small measure from riot. Seems worth it to me.
You are going to kick players off for a missed packet? Network connections have packet loss and game protocols are usually udp.
Nope, just like any other game state that will eventually have to be synced to the server the results can be synced later. But you can't just run it any time because it reads the state of the game as soon as it arrives.
It's pretty tricky to build a machine code validator to only be able to write and execute on certain areas... in x86, you have to take care of 'jumping in the middle of an instruction', that not only writes but also jumps are limited to your small area (because otherwise you will end up with something similar to ROP), etc.. I think Google Native Client did something like this, but it doesn't seem trivial.

On the other hand, a way to bypass it could be that, when you detect one of those "executable code packets" has to be run, you undo all the injection/hooks in the game (so that you are really running a 100% unmodified process), and let the executable code packet run. After it finishes (you could detect this by a timer, page fault, etc. which can be handled by a different process in a different address space), you inject all the hooks again.

slightly related: The LoL end user client that they wrote with CEF(!) is one of the worst game clients I've used.

Edit: It's CEF not Electron

They don't use electron, but chromium embedded framework
It's crap, but at least it's better than the old one written in Adobe Air.
One of the things coming out of this is that legitimate coding within a game (for example teaching children how to code - a very important point for me at this point in life) is almost out the window

I love minecraft for their RPi version but beyond that, I don't know of any games that have that kids pull and can still be taught

it's something like "we used to turn on a PC and see a command line. now we have to jailbreak something"

you can still do so with most drm free singleplayer titles
What I wonder is how the encryption keys are stored. There are obvious ways to obfuscate keys, but at decryption time, the keys need to be exposed plainly in memory, don't they? So how do game makers like Riot prevent debuggers from discovering the keys and revealing them to everyone? Does every player have different keys?
A good solution will not only generate keys for each player, will even generate different keys for same player each time that player starts a new gaming session. Start game->generate keys for session->play game->throw keys away.
So I'm not seeing anything particularly novel here. In fact, I think most AAA titles do most if not all of these things today. It really just boils down to understanding your title's threat model and mitigating the threats.

I think the article missed an opportunity to talk about false positive rates, the workflow for users to get unbanned due to false positives (usually a very nasty process), performance, platform support (Windows, for example, has encrypted app packaging [1], anti-cheat monitoring [2], and protected processes [3] built in), and the privacy implications of uploading non-game-related Windows driver and process data.

[1] https://docs.microsoft.com/en-us/windows/uwp/packaging/creat...

[2,3] https://docs.microsoft.com/en-us/windows/uwp/packaging/app-c...

> It really just boils down to understanding your title's threat model and mitigating the threats.

Well that can be said for every product ever...

I do agree though, I did expect a little more real content. Not the "how anti-cheat works" because then we can find ways around it more easily, but like you said: reliability, performance, etc.

> usually a very nasty process

especially with how opaque the whole flagging is.

I understand why they do it and a game environment is not a democracy or a court of law, but it's hard to defend yourself when you do not have access to the evidences.

Videogame cheat developer here (although, not for the game mentioned in the article) -- The mentality of game companies is if the 'evidence' of the anti-cheat flag is made accessible to users, cheat devs will use the same evidence to overcome the existing detections in place.

The oft-used 'arms race' analogy for this would be like sending blueprints of your newly-fabricated weapons to the adversary.

I've always been curious about this, do you get paid, and if so how?
People love cheating so much they pay for the tools to do so.

The fact is 99 out of 100 banned users were actually banned for good reason and are lying about not cheating. Half of those will also dmit to cheating but beg for forgiveness as if they aren't quite literally destroying the game and everyone's enjoyment of it. That less than 1 percent that is truly innocent is nearly impossible to service because of all the noise.

Cheating definitely sours a gaming community, as does falsely accusing people of cheating. I left the original (circa early 2000s) Counter Strike community after being routinely accused of cheating. I have never once cheated in a online multiplayer game. But, some people just couldn't grasp that I was really that (comparatively) good & quick of a shot. Also, I don't think they realized that certain materials could be shot through with a powerful enough weapon. I probably had a bit of a leg up on most people, too, as I had state of the art hardware for the time (I had dual P4 Xeons, 3GB RDRAM & the best at the time GeForce AGP card in 2002) and a single to low double digit ping for most servers being on a university OC-3 line.
Your comment reminded me of a frustrating evening on bzflag.

Long ago I was using a custom Linux box with a slow GPU, and on one map no matter how hard I tried (and no matter how many fellow players watched trying to help me get the timing right) I simply couldn’t jump to the first level of a building.

I’d never experienced a hardware limitation quite like that.

Haha neat. That was probably caused by the physics engine running slower than needed. If you do a rough friction calculation based on the frame rate you will end up with more friction at 20 fps vs 40 or 60.
Really trivial question, just look at any big cheats and most work based on subscriptions. AimWare, Project-7, ...
If you wanna something more novel, look at this talk from Valve [0] on how they are integrating Deep Learning into their CS:GO cheater detection system (confusingly called Overwatch). It's not used to ban users, but rather to bring suspicious plays into their existing user-reviewed moderation system.

In general, this type of human/AI side-by-side feedback loop seems to be very successful, all the way from games to moderating content on the web.

[0] https://www.youtube.com/watch?v=ObhK8lUfIlc

Yeah, I remember seeing the anti-scanning measure in another game circa 2009. IAT hooks were hot then too. I wonder if they run a CRC on sections of the game code as well (also pretty trivial to defeat).
Is this approach similar to ones used in VAC (valve) or easyanticheat, or battleye?

Some of the above are notorious for consuming client resources. Easy anticheat is known for banning players in unrelated games that they cheated on. (E.g. cheat on pubg, get banned in a different game that you didn't cheat if both games use easyanticheat)

This is a great writeup but I'd love to see how 3rd party anticheat programs work

The best way to prevent cheating is by streaming games. Game streaming services are the future of multiplayer games. Edit: I mean cloud gaming like OnLive, not Twitch.
Not worth the latency cost IMO. They're fine for single player.
Latency to the server will always be higher, but player to player will be lower if server to server on the backend is better. Which has less latency? P2P from California to Europe or latency between streaming servers in California to Europe.
Aren't there massive video latency issues with this? People spend tons of money to get the absolute best frame rates and monitor response times, I can't imagine hardcore gamers wanting to have tens of ms additional latency in their gaming.
It levels the playing field and allows players to play with others around the world if streaming servers have better latency to each other than p2p.
The latency from the player to the server still exists though so I dont see how this is going to solve any problems.
You can have real-time games whose mechanics are designed around latency. My game is one example. In fact, I would assert that for now, you have to design around latency in real-time multiplayer games. Until round-trip latency for your entire userbase is below 40ms, it will be an issue.
I'd say 30ms, not not 40. Because a single frame is 16.6ms, so 30ms round-trip would bring one-way down to below one frame of latency (potentially with a small amount of jitter).
It sounds surprisingly high, but a lot of the population won't notice 40ms round trip. Some of it will know. It also depends on the game's mechanics. Not all games are FPS. Not all games have action significant down to one frame. Some of my favorite real time games involve making decisions about once every 5 seconds which will result in a turning point in another 15 to 30 seconds which will get you killed or leave you victorious.
> I would assert that for now, you have to design around latency in real-time multiplayer games.

Yeah but I believe they mostly do that with client-side rendering using the graphics card, and then reconciling that with what the server side "thinks" things should look like.

That sort of thing wouldn't be possible if you're just working with a video stream.

I'm not advocating working with a video stream.
I don't follow, how does streaming prevent cheating? Why would cheaters stream their own games?
I mean cloud gaming like OnLive, not Twitch.
Oh interesting, I wasn't aware that was a thing. That makes sense.
I totally see how streaming - and letting everybody be able to see your stream - would help the cause, but the sheer amount of players make this method quite ineffective. Yes, if it's one individual making good money off it; No, if it's pesky script kiddies ruining the game expierence.... I would think.
I mean cloud gaming like OnLive, not Twitch.
(comment deleted)
Doubtful. It just so happens that a well known intro to neural nets focuses on controlling GTA using only on screen data and simulated keyboard inputs. That basic principle is valid for any game and can be improved to an unlimited extent.

Furthermore, approaching the endpoint as a dumb video terminal is very limiting, almost any real time 3d game will have visible latency on almost any internet link. At the very least, mouse movement needs to be local, menu navigation, ideally also panning in response to user input. That means some game state will be available for a cheat.

Let alone the internet, the latency is noticeable in local networks.
This isn't going to work. Latency will make this dead on arrival for multiplayer games.
It depends on the particular game. You can make the game mechanics, such that round-trip latency doesn't really matter.
What part of cloud gaming prevents aimbots?

Identify enemy player's head, move mouse, click.

Here would be my solution: Either you don't have headshots, or you make aimbots a part of the game. Publish an API to let users have aimbots. Measure aimbot-ness by speed of aim, and have that status effect another stat, like "shield." ("Cranial shield feedback?") Manipulate that curve, such that the penalty only really kicks in for the truly superhuman.

Now 1) You've motivated the cheat-writing community to try and imitate very good human players, but no better. 2) Your game's mechanics de-emphasize the style of play that would've made aimbots op, making it just a player choice.

Also, not everything has to be an FPS.

Essentially, my game system is the low tech version of this. The game is just a dumb terminal for displaying moving objects, which are syncing to info streaming from the server. It's so simplistic and dumb, we can even enforce Fog of War. When an entity disappears, its tag and move information are simply not sent. The client then diffs it out of the set of visible things.
Any reasonable multiplayer game works like this. They mention it in the linked article: "We don’t share the state of other players if it doesn’t need to be shared, so we can avoid common cheats like “map hacks”. Essentially the client only has the information it needs to show the current state of the game.

The problem is then that the state available to the client (like position of entities) is easily accessible in memory unless you implement some of the countermeasures they describe.

Streaming (as video) makes this harder as you'd then have to rely on visual information only. While this of course is also solvable using CV, it's a lot harder than looking at memory directly.

The problem is then that the state available to the client (like position of entities) is easily accessible in memory unless you implement some of the countermeasures they describe.

Not a problem for my project. If you can't see it, the server isn't sending you anything.