While some anti cheat supports Linux they're mostly useless as you can much more easily bypass them on Linux compared to windows. I guess enabling them for competitive games is one way to increase Linux users.
Is there really no way to make anti-cheat on Linux that can't be bypassed? I don't know much about this, but it seems very difficult to make an anti-cheat for a platform where you can make changes in the kernel.
I did a pretty deep dive into this recently, although haven't yet started any implementation work. As far as I can tell, the best strategy that preserves Linux's open-source and user-empowering ideals as much as possible:
- The game obviously needs to run as root, at least until large amounts of this stuff gets upstreamed into the kernel.
- We're going to be leaving the kernel and boot as untrusted, but injecting a hypervisor underneath the running kernel that is responsible for protecting most pages of game memory. This allows users to still run whatever kernel they want.
- The hypervisor sets up two sets of page tables, one that's only active when the game's thread is running and in userspace, one that hides protected pages and is active when the kernel or other threads are running. Note that game code itself needs to get decrypted into protected ram.
- The TPM of the system gets involved when we jump into the hypervisor to attest that the hypervisor is actually running, and the hypervisor then provides attestations to userspace that certain memory regions are protected from kernel or other thread access.
- Any syscalls will fail if they require the kernel to read or write pages that are protected. The game needs to allocate data that should be shared with the kernel into non-protected pages.
- When the game is closed, we can remove the hypervisor and Linux will be back to bare metal operation. This should be unobservable to the rest of the system.
This architecture preserves the ability of users to run arbitrary kernel modules, but does mean a hypothetical attacker can observe data that passes through the kernel (like draw calls/pixels). It's likely that a more complete implementation would also want some way for the hypervisor to attest to the accuracy of keyboard/mouse input and interface with iommu configuration like Windows KAC does.
The only game I miss when I moved to Linux was League of Legends. Everything else pretty much works. I get that it’s not worth it for them to deal with more potential cheating, but it’s a bummer.
I'm playing through wine (kegworks) on OSX but its no fairytale over here. TF2 over wine literally performs worse than native TF2 on my old dual core 2012 mbp. I'm having to use low resolution configs again. CS2 works OK but there are severe lagspikes that ultimately ruin the gunplay (a little more tolerable when it happens in tf2 but its there too). About the only game that works well in this setup for me is Mount and Blade: Warband. But I mean its a 2010 game... I can't even play bannerlord because of anticheat. Can't play chivalry 2 because anticheat. Can't play cities skylines 2. Most games that do work seem to struggle to get 40fps even on m max series macbooks. I'm not sure where the incompatibility is but its got to be in the software layer software given the specs on those max macbooks.
I just wish someone actually cared about this stuff at Apple. GPTK is not that useful. Rosetta 2 has some serious performance throttling going on somewhere in it (why is native macos cities skyline fps locked at 40fps...). Former mainstay native macos game devs from 10-15 years ago have zero interest publishing for the platform today, valve included.
I used to dual boot, but I that there are so many games on Linux, I just don't buy or play incompatible games. So EA lost a BF6 sale for being assholes.
It's funny that game makers make a fuss about anti-cheat not working on Linux but then publish Switch versions of their games. That platform has almost zero security and is commonly emulated with cheats even in multiplayer these days.
Cheats aside, are there any competitive games that include Uber-like rating system? Meaning that you'd need to provide feedback whether you'd play with your opponents/teammates again after a game.
Well, that's just silly. Hook up a Raspberry Pi as your keyboard, mouse input and video output and all the anti-cheat fails. Same (largely) for VMs, same for many emulators.
And if nothing works you can always build a robot pushing mouse, buttons, etc.
Of course you can raise the bar, but if anything has been shown it's that cheating is not something that anyone has been able to prevent yet.
In many situations you can also interfere on the packet level. Of course maybe you need to extract some key, but in many situations that's not exactly hard. And then you can hook something into network.
I'm ordering a new laptop to work on LLM stuff, and while I thought about jumping through the hoops to get Linux running with secure boot...
I had a realization, it's a cold day in hell when someone else is going to tell me what I can run on my computer. All the latest multiplayer games are now requiring secure boot on Win11 as well
I'm actually wary of all these anti-cheats, they're literally hyperinvasive maleware.
I don't need gaming that much.
And if I do I'll stream it with Gamepass or another cloud service.
As most of you know, these anti-cheat systems are functionally equivalent to rootkits. There is zero visibility into how these privileges are used for targeted attacks. Due to geographic location of the large game companies this has a geopolitical angle. Fingerprinting of devices and the networks they are in provides a lot of metadata that is most definitely fed into their intelligence apparatus.
I'm curious, do they have to be? Would it be possible to boot the program + the anti cheat into it's own VM or something? So they know I am running on trusted hardware, but I know that the aren't reading my emails? Genuinely curious and don't know the answer to this.
At this point - you would think that cheaters could be detected on the server side by either training a model to flag abnormal behavior or do some type of statistics on the movement patterns over time - is a client-side anti-cheat really required?
Amongst the discussion of rootkits and anti-cheat, I would like to add that part of the reason it is necessary is caused by the game companies that took away the standard method of playing multiplayer -- players running their own servers.
It used to be pretty easy to just ban people from playing, now we're 100% reliant on their ability to do it. So we have anti-cheat which roots our computer, and still doesn't 100% solve the problem.
There are still plenty of games that use community hosted servers for multiplayer. I play some of them (Rust, for example).
First, cheating is absolutely still an issue in Rust. Sure, server admins can kick them out... once they have been discovered, verified by an admin, and kicked. The damage is usually done by then, and that is the best case scenario... often, the admins aren't available at that moment, because they are normal people who are not online all the time.
Plus, this means you have to search and find a good server to play on. That isn't always easy, and limits your ability to find a good game.
Second, lots of games I love to play don't make sense in the 'server hosted by a community member' model.
I love playing sports games... Madden, FIFA (now called FC), NBA2k, etc. The best way to play those games is often 1on1 against someone who is close to your skill level. It isn't fun to play against people way worse or way better than you.
The only way to do this in a way that lets me get a good game whenever I want to play is to have some sort of matchmaking system, that keeps track of how good i am and finds players who are about the same skill level. There is no way this would work on user hosted servers, and even if it did, why would a user hosted server be better at solving this problem than a company hosted one? You need a TON of players to be able to do good skill based matchmaking 24 hours a day.
I have been playing multiplayer online games for over 30 years. I started playing when I had to call my friend on the phone, tell him to tell his family not to answer the next call because it was my modem calling, and then hope to god my sister didn't pick up the phone during our game and break the connection. We had to develop a code to signal if I was actually trying to call him to talk about an issue; if I called and hung up immediately it meant I was voice calling and the next call he should answer with the phone.
I have played every iteration of multiplayer gaming. I played Warcraft II when you had to pay $20 to subscribe to Kali to use their virtual IPX service. I played local Counterstrike games at the college dorms on the local network (which was not even a switched network!) I run Minecraft servers for my kids on my local network. I have written multiplayer games for both peer-to-peer and server based multiplayer.
No, you can't recreate the modern convenience and pleasure of company provided matchmaking by going back to community hosted servers.
Interesting thing I noticed trying to play old versions of Call of Duty a year or two ago -- the oldest ones which supported hosted servers, there are still players, but once they switched to matchmaking either no one is playing or its so tiny you never get connected.
This ignore actual history: anti-cheats started on community run servers. Because the majority of admins are not dealing with cheaters it because they enjoy it, but rather out of necessity. I see everyone here appreciating good admins, not many people are going to be volunteering themselves.
Punkbuster for Team Fortress. BattleEye for Battlefield. EasyAntiCheat started for Counter-Strike. I even remember Starcraft Brood War ICCUP's anti-hack client. You can see this in modern community servers too. Face-IT and ESEA for CS2 have more anti-cheat, not less. FiveM, which modded GTA V for community servers, never worked for Linux even before they added anti-cheat to the full game, because they had their own anti-cheat, adhesive.
Admins for modern game servers are not going to be interested in turning off their anti-cheat. That just gives them more unpaid work for little gain.
Back in the "small communities on their own servers" people also cheated. It was never entirely clear who cheated and who was just good and/or lucky with plenty of false positive bans also. Nothing about this was "easy" in any way. Which is why anti-cheat tools like PunkBuster have been around for 25 years.
Instead of anti-cheat on the client side, which 'kernel level' anti-cheat still gets beaten, why not look at a wholly server-side statistical analysis of player stats?
Make the anti-cheat follow one of the key tenets of cybersecurity: never trust user input.
Should work reasonably well for first-person shooters.
You're ranked based on the game's inner metrics, calculated on the server, rather than player-visible ones:
- time from observation to target contact with crosshairs (inc. standard deviation, standard error)
- % of time successfully striking specific hit boxes
and so on (depending on the game).
These rankings don't affect your public rankings but do affect who you're match-made with, or games that don't have private server options. Eventually you'll only be match-made with other cheaters, or players so good they give cheaters a genuine run for their money.
For games that do have private server options it could be configurable to:
- flag the player to admins as 'suspicious' for investigation
- Start ignoring hits that would've otherwise been successful for statistical outlier behaviours (where the statistical analysis indicates a significant disparity between observed and known-human-like reaction times and behaviours).
It's so disappointing that the halo master chief collection still doesn't support split screen. Nothing compared to the joy of playing halo with friends in the same room.
The only multiplayer game I currently play is Beyond All Reason (a RTS game).
It's a free and open-source game, so creating a cheat client would be especially easy. But I've never encountered cheating.
I think there's a few reasons for this:
1) The playerbase is small and there is no auto-matchmaking, just a traditional list of servers. This results in the same group of people always playing together. People don't want to cheat when they're playing with acquaintances they see frequently.
2) Spectators are allowed in every game. The top-ranked games usually have several spectators.
You might think this would result in even more cheating, but in practice the spectators would prefer to watch a sneak attacks succeed, because it's funny. It's boring to be whispering the enemy secrets to you buddy on a private Discord, it's more fun to watch your buddy die in a surprising and funny way.
Also, the spectators can spot if a player does something that suspiciously well timed or lucky. The spectators see all, so they have the information needed to spot suspicious behavior.
3) Official servers create an official record of what happened in every game. The entire community has access to all the recordings. If someone thinks cheating is happening they can link to the official game recording on Reddit (or whatever) and everyone can see what happened.
4) An active moderator team reviews every report of cheating. There are official moderators that do the banning, but also volunteer moderators which can watch the recordings and create a trusted written account of what happened; this makes the official moderators have an easier job.
Hi, one of the BAR devs here. Glad to hear the tall praise for the project and even happier to hear you've been having a great time playing it!
One of the additional safeguards against cheating within BAR is the shared simulation that all machines connected to any given match have to perform. As the entire process is synced between all these machines, any mismatch is immediately picked up by other machines and the server hosting the match itself and results in an automatic booting of that player with the desynced game. If 15 machines can agree on an event happening in the simulation, and 1 can't, why should the 1 be trusted? This includes things like the economy reserves for a given player or the behaviour of their units, not just the physical simulation of the projectiles and their trajectories and hit registers.
Hello, CM for BAR here, nice to see it mentioned :)
As Zephyr says state manipulation cheats are impossible since they would lead to desyncing any online battle.
Since every user technically has access to the whole game state there are user side cheats possible, like LoS hack, but these are easily detectible (as well as spectator cheating) and very active moderator team makes sure anyone using them is perm'ad so it's not worth for people to try them and it's been super rare so far.
Smurfing (using alt accounts with lower ELO to get weaker opponents/avoid moderation) is probably the most prevailent type of "cheating" but there is a lot of active and passive countermeasures implemented so most players will rarely experience issues with that.
I actually really liked Crysis for its open maps where you can approach a goal using different tactics. It had a lot of flaws and I hated the alien ship along with everything after as it was way too linear. Though I really want to play it again but alas, no more Windows for me.
I don't understand why multiplayer games don't run more on the server. If the server runs the game, then sends to client only what it needs to display the game and play sounds, the client doesn't have more information than necessary and a whole class of cheats is eliminated. There is no need for a client to know where an enemy player is if the player won't be shown on screen (wall hacks).
I think World of Tanks runs this way, and I've never encountered much cheating on there.
It will be interesting to see how this evolves. It used to be that game developers could safely ignore Linux. But with a growing number of Steam OS, Steam Deck, and Linux + Steam users gaming, it's going to get increasingly more painful in terms of revenue to be telling those users "our game only works on Windows" and just miss out on the revenue and deal with the angry users, forums full of users complaining the game doesn't work, etc.
It might only be a few percent of overall users. But a few percent of a billion $ is a couple of tens of millions. That's a steep price to pay for anti-cheat code.
Anti-cheat is a necessity for an enjoyable game experience. If you are a casual who doesn’t care about game integrity, you probably aren’t the target audience.
I don’t want any cheaters in my games. I don’t care if a rootkit is required. Riot has a kernel level anti-cheat and it’s _really_ good. It’s so good in fact that it deters most cheaters from even trying. This is the dream for anyone who wants fair games.
I agree with you, but I think the best solution is just to let people run the game without anti-cheat, but they can only play with other people who also opt-out of anti cheat (or choose to allow themselves to be matched with people who opt-out).
Then people can choose to either accept they have to install a rootkit anti-cheat, or want to risk facing cheaters in return for not having to install the anti-cheat.
> If you are a casual who doesn’t care about game integrity, you probably aren’t the target audience.
Friendly reminder. 90% of games are not competitive multiplayer and don't need any anti cheat to be enjoyable.
My main entertainment is video games and books (no TV) in equal proportions so I'm far from "casual". I play zero competitive multiplayer due to the "communities" being invariably toxic.
Last time I played something like that it was Starcraft 2 when it was new. Enjoyed being called a stupid noob when I won.
I wouldn't be able to enjoy life with the knowledge there's a rootkit installed on my machine, developed by the same people that make video games, and hate all levels of accountability, riddled with vulnerabilities that could grant an attacker the same ridiculous level of permissions.
55 comments
[ 5.1 ms ] story [ 79.0 ms ] thread- The game obviously needs to run as root, at least until large amounts of this stuff gets upstreamed into the kernel.
- We're going to be leaving the kernel and boot as untrusted, but injecting a hypervisor underneath the running kernel that is responsible for protecting most pages of game memory. This allows users to still run whatever kernel they want.
- The hypervisor sets up two sets of page tables, one that's only active when the game's thread is running and in userspace, one that hides protected pages and is active when the kernel or other threads are running. Note that game code itself needs to get decrypted into protected ram.
- The TPM of the system gets involved when we jump into the hypervisor to attest that the hypervisor is actually running, and the hypervisor then provides attestations to userspace that certain memory regions are protected from kernel or other thread access.
- Any syscalls will fail if they require the kernel to read or write pages that are protected. The game needs to allocate data that should be shared with the kernel into non-protected pages.
- When the game is closed, we can remove the hypervisor and Linux will be back to bare metal operation. This should be unobservable to the rest of the system.
This architecture preserves the ability of users to run arbitrary kernel modules, but does mean a hypothetical attacker can observe data that passes through the kernel (like draw calls/pixels). It's likely that a more complete implementation would also want some way for the hypervisor to attest to the accuracy of keyboard/mouse input and interface with iommu configuration like Windows KAC does.
I just wish someone actually cared about this stuff at Apple. GPTK is not that useful. Rosetta 2 has some serious performance throttling going on somewhere in it (why is native macos cities skyline fps locked at 40fps...). Former mainstay native macos game devs from 10-15 years ago have zero interest publishing for the platform today, valve included.
And if nothing works you can always build a robot pushing mouse, buttons, etc.
Of course you can raise the bar, but if anything has been shown it's that cheating is not something that anyone has been able to prevent yet.
In many situations you can also interfere on the packet level. Of course maybe you need to extract some key, but in many situations that's not exactly hard. And then you can hook something into network.
I had a realization, it's a cold day in hell when someone else is going to tell me what I can run on my computer. All the latest multiplayer games are now requiring secure boot on Win11 as well
I'm actually wary of all these anti-cheats, they're literally hyperinvasive maleware.
I don't need gaming that much.
And if I do I'll stream it with Gamepass or another cloud service.
It used to be pretty easy to just ban people from playing, now we're 100% reliant on their ability to do it. So we have anti-cheat which roots our computer, and still doesn't 100% solve the problem.
First, cheating is absolutely still an issue in Rust. Sure, server admins can kick them out... once they have been discovered, verified by an admin, and kicked. The damage is usually done by then, and that is the best case scenario... often, the admins aren't available at that moment, because they are normal people who are not online all the time.
Plus, this means you have to search and find a good server to play on. That isn't always easy, and limits your ability to find a good game.
Second, lots of games I love to play don't make sense in the 'server hosted by a community member' model.
I love playing sports games... Madden, FIFA (now called FC), NBA2k, etc. The best way to play those games is often 1on1 against someone who is close to your skill level. It isn't fun to play against people way worse or way better than you.
The only way to do this in a way that lets me get a good game whenever I want to play is to have some sort of matchmaking system, that keeps track of how good i am and finds players who are about the same skill level. There is no way this would work on user hosted servers, and even if it did, why would a user hosted server be better at solving this problem than a company hosted one? You need a TON of players to be able to do good skill based matchmaking 24 hours a day.
I have been playing multiplayer online games for over 30 years. I started playing when I had to call my friend on the phone, tell him to tell his family not to answer the next call because it was my modem calling, and then hope to god my sister didn't pick up the phone during our game and break the connection. We had to develop a code to signal if I was actually trying to call him to talk about an issue; if I called and hung up immediately it meant I was voice calling and the next call he should answer with the phone.
I have played every iteration of multiplayer gaming. I played Warcraft II when you had to pay $20 to subscribe to Kali to use their virtual IPX service. I played local Counterstrike games at the college dorms on the local network (which was not even a switched network!) I run Minecraft servers for my kids on my local network. I have written multiplayer games for both peer-to-peer and server based multiplayer.
No, you can't recreate the modern convenience and pleasure of company provided matchmaking by going back to community hosted servers.
Punkbuster for Team Fortress. BattleEye for Battlefield. EasyAntiCheat started for Counter-Strike. I even remember Starcraft Brood War ICCUP's anti-hack client. You can see this in modern community servers too. Face-IT and ESEA for CS2 have more anti-cheat, not less. FiveM, which modded GTA V for community servers, never worked for Linux even before they added anti-cheat to the full game, because they had their own anti-cheat, adhesive.
Admins for modern game servers are not going to be interested in turning off their anti-cheat. That just gives them more unpaid work for little gain.
Make the anti-cheat follow one of the key tenets of cybersecurity: never trust user input.
Should work reasonably well for first-person shooters.
You're ranked based on the game's inner metrics, calculated on the server, rather than player-visible ones:
- time from observation to target contact with crosshairs (inc. standard deviation, standard error)
- % of time successfully striking specific hit boxes
and so on (depending on the game).
These rankings don't affect your public rankings but do affect who you're match-made with, or games that don't have private server options. Eventually you'll only be match-made with other cheaters, or players so good they give cheaters a genuine run for their money.
For games that do have private server options it could be configurable to:
- flag the player to admins as 'suspicious' for investigation
- Start ignoring hits that would've otherwise been successful for statistical outlier behaviours (where the statistical analysis indicates a significant disparity between observed and known-human-like reaction times and behaviours).
Even if cheats were used on the server, their
It's a free and open-source game, so creating a cheat client would be especially easy. But I've never encountered cheating.
I think there's a few reasons for this:
1) The playerbase is small and there is no auto-matchmaking, just a traditional list of servers. This results in the same group of people always playing together. People don't want to cheat when they're playing with acquaintances they see frequently.
2) Spectators are allowed in every game. The top-ranked games usually have several spectators.
You might think this would result in even more cheating, but in practice the spectators would prefer to watch a sneak attacks succeed, because it's funny. It's boring to be whispering the enemy secrets to you buddy on a private Discord, it's more fun to watch your buddy die in a surprising and funny way.
Also, the spectators can spot if a player does something that suspiciously well timed or lucky. The spectators see all, so they have the information needed to spot suspicious behavior.
3) Official servers create an official record of what happened in every game. The entire community has access to all the recordings. If someone thinks cheating is happening they can link to the official game recording on Reddit (or whatever) and everyone can see what happened.
4) An active moderator team reviews every report of cheating. There are official moderators that do the banning, but also volunteer moderators which can watch the recordings and create a trusted written account of what happened; this makes the official moderators have an easier job.
Link for others: https://www.beyondallreason.info/download
One of the additional safeguards against cheating within BAR is the shared simulation that all machines connected to any given match have to perform. As the entire process is synced between all these machines, any mismatch is immediately picked up by other machines and the server hosting the match itself and results in an automatic booting of that player with the desynced game. If 15 machines can agree on an event happening in the simulation, and 1 can't, why should the 1 be trusted? This includes things like the economy reserves for a given player or the behaviour of their units, not just the physical simulation of the projectiles and their trajectories and hit registers.
As Zephyr says state manipulation cheats are impossible since they would lead to desyncing any online battle.
Since every user technically has access to the whole game state there are user side cheats possible, like LoS hack, but these are easily detectible (as well as spectator cheating) and very active moderator team makes sure anyone using them is perm'ad so it's not worth for people to try them and it's been super rare so far.
Smurfing (using alt accounts with lower ELO to get weaker opponents/avoid moderation) is probably the most prevailent type of "cheating" but there is a lot of active and passive countermeasures implemented so most players will rarely experience issues with that.
I actually really liked Crysis for its open maps where you can approach a goal using different tactics. It had a lot of flaws and I hated the alien ship along with everything after as it was way too linear. Though I really want to play it again but alas, no more Windows for me.
https://www.protondb.com/app/17300
It might only be a few percent of overall users. But a few percent of a billion $ is a couple of tens of millions. That's a steep price to pay for anti-cheat code.
I don’t want any cheaters in my games. I don’t care if a rootkit is required. Riot has a kernel level anti-cheat and it’s _really_ good. It’s so good in fact that it deters most cheaters from even trying. This is the dream for anyone who wants fair games.
Then people can choose to either accept they have to install a rootkit anti-cheat, or want to risk facing cheaters in return for not having to install the anti-cheat.
Friendly reminder. 90% of games are not competitive multiplayer and don't need any anti cheat to be enjoyable.
My main entertainment is video games and books (no TV) in equal proportions so I'm far from "casual". I play zero competitive multiplayer due to the "communities" being invariably toxic.
Last time I played something like that it was Starcraft 2 when it was new. Enjoyed being called a stupid noob when I won.