Funny how the most advanced anti cheat just gives version info and executables in one nicely human friendly package. No need for gimmicks when you the work speaks for itself
fwiw I couldn't find the endpoint in question for vanguard, but I did find for all the riot games
Apparantly BattleEye anti-cheat had an exploit where hackers could permanently ban any player they wanted. BattleEye allowed anybody to log in as a "game server" so hackers simply booted up a fake server, told BattleEye that "player X has logged in and is doing a bunch of suspicious stuff" and then player X's account was no more...
This BattleEye exploit demonstrates a classic failure of trust boundary definition - they effectively created a system where client attestation was accepted without proper authentication or verification.
That's scary. I have an old Steam account with tons of games and already got banned once due to a bug in anti-cheat software and for a while my whole account was marked with a cheater tag.
The bug was so widespread that developers eventually removed bans but I'm sure something similar could happen where problem goes undetected and it would be really hard to try to convince developers to lift a ban.
It's crazy that people allow this stuff to effectively run as root. One of these companies is going to have a vulnerability that lets other players run code on your machine in kernel mode.
Anyone who's attachment to gaming is low enough to let things like this effect their purchase decisions are already out. To the devs/pubs, those customers don't even exist in the category of potential customers. So they just worry about not pissing off the existing customerbase by changing the status quo too much or too fast.
Ehh, pretty sad there's almost no information on FACEIT anti-cheat. One of the most impactful out there. Wonder if it's just the invasiveness that separates it.
Valve can't replicate even part of it, while CS2 game modes are flooded with cheaters. Most people who chase competitiveness (which CS used to be all about – now it's also skins) just install FACEIT directly and ignore 90% of built-in game content.
Maybe Valve just doesn't want to make the game more difficult to install and sacrifice several % of their user base.
There's a number of good reasons not to make everyone run a kernel level anti-cheat. Linux (and therefore SteamOS) compatibility is a big one.
I think the status quo where anyone on any platform can access the vanilla game -- where cheaters may not even be a huge problem depending on one's skill rating -- and the most competitively-minded players have the choice to play on FACEIT, works pretty fine.
I do wonder what the 90% of built-in game content you're referring to actually is.
Forgive my ignorance, but why don’t game developers put more effort into limiting the amount of data accessible to the client (restricting it only to what’s reasonably necessary)? For example, couldn’t more movement physics be validated or handled server side? Cheats might still be able to read some data from the game process, but ideally, they’d be limited to issuing inputs like any other player, based only on the same visible output everyone sees. Is it cost? Does this model just not align with how the client/server split looks in games?
Meanwhile Vanguard can't even stop crashing every game when you have a slightly non bog standard gaming system, e.g. with more than one adaptive sync monitor, Hyper-V or WSL installed ...
It seems some versions of proton have anti-cheat compatibility patches, for instance for WuWA (still don't really understand why they need some anti-cheats, I have some ideas, but all are not wroth an anti-cheat).
25 comments
[ 5.5 ms ] story [ 48.9 ms ] threadfwiw I couldn't find the endpoint in question for vanguard, but I did find for all the riot games
Also, they linked this post that made my jaw drop: https://www.unknowncheats.me/forum/anti-cheat-bypass/667333-...
Apparantly BattleEye anti-cheat had an exploit where hackers could permanently ban any player they wanted. BattleEye allowed anybody to log in as a "game server" so hackers simply booted up a fake server, told BattleEye that "player X has logged in and is doing a bunch of suspicious stuff" and then player X's account was no more...
I'm sorry, why do we trust these guys again?
Can you elaborate? I'm unsure what a trust boundary definition means in this context and how it relates to attestation.
The bug was so widespread that developers eventually removed bans but I'm sure something similar could happen where problem goes undetected and it would be really hard to try to convince developers to lift a ban.
Anyone who's attachment to gaming is low enough to let things like this effect their purchase decisions are already out. To the devs/pubs, those customers don't even exist in the category of potential customers. So they just worry about not pissing off the existing customerbase by changing the status quo too much or too fast.
Valve can't replicate even part of it, while CS2 game modes are flooded with cheaters. Most people who chase competitiveness (which CS used to be all about – now it's also skins) just install FACEIT directly and ignore 90% of built-in game content.
Maybe Valve just doesn't want to make the game more difficult to install and sacrifice several % of their user base.
I think the status quo where anyone on any platform can access the vanilla game -- where cheaters may not even be a huge problem depending on one's skill rating -- and the most competitively-minded players have the choice to play on FACEIT, works pretty fine.
I do wonder what the 90% of built-in game content you're referring to actually is.
Unsurprisingly, I see he didn't have much to say about faceit and esea.
I think CSGO anti-cheats are a league above the rest (I'm not sure why, maybe because the scene is more competitive?)