45 comments

[ 0.25 ms ] story [ 46.9 ms ] thread
I wonder how often wall hacks are actually used in high-level competitive play by cheaters vs ESP. ESP seems like the better route to avoid manual review flagging suspicious activity. Audible cues (which this currently does not mitigate, and I'm not sure it can) are things that can genuinely separate players by skill and you'd think someone running such a cheat just has very good hearing.

>CS2FOW uses static baked map geometry. Dynamic occluders such as doors, breakables, props, smokes, particles, and projectiles are intentionally out of scope for now.

Market window on Mirage just became more powerful on these servers :)

Very cool project nonetheless.

(comment deleted)
I didn't know what ESP was; from some googling, it appears to notify you when someone is aiming at you?
Yeah my bad for not defining it. "Extra-Sensory Perception", basically as you said I believe is the most common feature -- but in general I think encompasses cheats that generally boost your "senses". So it could use audio to visually draw on your screen/radar where the sound came from.

The screenshot in this repo is kind of similar to wallhacks, but you could imagine this could easily be extended to show dropped items and the 3D audio location: https://github.com/ryanjpwatts/esp-analysis

This has been done before in both 1.6 as well as Source. I helped with some of these implementations back in the late-2000s when I was playing professionally and I even tried to kickstart an anti-cheat hardware solution about a decade ago[1].. spent way too much time working on some of these problems. The main issue with occlusion was slightly increased latency, visual jitter because of interpolation (especially around corners), and a few other more technical problems[2]. It's good enough for public servers, but not tenable in serious competition.

Cheating has always been a problem in FPSs, and it likely won't go away. That's why premier competitions have always been on LAN.

[1] https://www.pcgamer.com/introducing-gameref-the-anti-cheat-h...

[2] Hard to fully obfuscate audio sources, hard to obfuscate hitboxes since you still need them for collision checking (e.g. if a grenade bounces off an enemy player behind a wall), and this is on top of the engine itself sometimes requiring actual entities, so you're stuck with these dummy entities in memory, and so on.

Valve also implemented this on CS:GO back in 2015 [0], and enabled by default in competitive servers, so I would consider it absolutely tenable (FACEIT, the platform used by competitive variants, had their own hand-rolled SMAC implementation, before using the 1st party solution, albei,t that solution was buggy). Why Valve didn't port this over to CS2, I will never know.

[0]: https://www.reddit.com/r/GlobalOffensive/comments/35zwwy/opt...

> so I would consider it absolutely tenable

Always confuses me why people speak so authoritatively on topics they aren't versed in. PVS culling is not even remotely comparable to occlusion culling, mainly because wallhacks are not relevant accross the map; in fact they are only useful when opponents are always well into your PVS range.

FYI: there are also some clever ways to get around PVS culling (mostly by inferring opponent position based on other indicators, like gunfire).

(comment deleted)
(comment deleted)
I was on the other side of this in League of Legends. They used to have a packets leaked information to the client about player position. The classic examples are for stuff like particle emission or spell usage. Well at some point they decided that they had enough and did a pretty major rework of their netcode to only send player positions when you were supposed to have vision on them (plus a tiny extra radius). That absolutely wrecked the determinism of the game, as small jitters would cause skill shots to hit you before they even drew in your game, players would become invisible as the packets arrived out of order. Particle emitters would bug out.

This stuff i way harder than people image. I think League eventually got it somewhat figured out, but it took a couple of years from what i recall.

I wonder why similar methods haven't been employed in MMO servers to help curb botting/cheating there. The impact of jitter and loss of smoothness in a tab-target game like WoW would be minimal (even in PvP), because it's always had a noticable level of artifacts like rubberbanding.
How would it help? MMOs generally don't need to know where things are right now since it's mostly static, no?
I haven't played WoW, but I played other third-person MMORPGs, and usually by design you can freely rotate the camera and see behind walls. The "fog of war" is simply a distance around the player. So they do implement this, it's just not nearly as complicated to implement as in an FPS.
I don't know how it'd be a huge advantage in MMOs, but in Ragnarok the bots used a re-implementation of the client and custom servers tested for differences and culling of entities by the original game client to ban bots (as they'd try to interact with entities that should've been culled)
my first thought was to have lots of hidden players running around that only you can see. The grenade thing kinda ruins it.
> Cheating has always been a problem in FPSs, and it likely won't go away. That's why premier competitions have always been on LAN.

And even then I heard of aimbots included in the gamer mouse that would 'infect'the computer when it's wired in.

That's the infamous "word.exe" CSGO scandal.
i remember you man, sad ur project didn't get much support, you're david titarenco if i'm not mistaken

    > Does it cause pop-in when peeking?
    The goal is early reveal, not exact last-millisecond reveal.
    CS2FOW predicts using movement and ping, reveals enemies slightly before exact visibility, and keeps revealed enemies visible briefly. This intentionally leaks a small near-corner window to avoid late pop-in.

This fails to address the main point of the "pop-in" issue relevant to fog of war systems, which is that it is the victim of the peek that gets the worst pop-in effect, the peeker much less so. The aagressive peeker gets the benefit of the early-prediction from the server since they're the initiator of the movement, whereas the victim only begins to receive the information after the peeker has already gotten two network roundtrips worth of early prediction.
(comment deleted)
What is the reason for thinking "early, not milliseconds" would not mean "early enough for the peeked/victim too?

Ultimately the server must decide when to "pop" players, regardless of client interpolation which can only happen after the pop. So why would the server delay the pop for one player?

This is good. However, it still sends info about the players ~200ms ahead which still makes you lose.
[delayed]
I'm fine as long as the game is somewhat evenly matched, and not fine if it's not. With or without cheating. Then whatever cheaters they can catch and shadowban, great.
Not just CS, I don't think people realize how prevalent cheating is in any multiplayer game. The issue is compounded by the fact that many high skill ceiling games are plagued by "micro cheats" being used by players that are already fairly decent at the game even without them, making it borderline impossible for casual players to tell if what just happened to them was a fair skill gap or someone cheating.

I don't play multiplayer games anymore for that reason. Too easy to go on an emotional tilt where you feel like you're suffering from paranoia and suspecting too many players of cheating. It's absolutely ruined competitive games for me.

Why hasn't valve poured a billion or two on fixing this concept and implementing it?
>Release Notes for 5/26/2015

>– Added trace-based visibility checks to prevent networking invisible enemy players.

https://blog.counter-strike.net/2015/05/11988

That's for Counter-Strike: Global Offensive - different engine.
They are forks of the same engine. Presumably this was ported as part of the CS2 update to CSGO.
Not sure - one of the other comments said it wasn't because Source uses BSP and Source 2 uses meshes.
Moving away from the technical solution space - I'm curious, have their been any games (or communities) with a high entry fee/deposit (e.g. $500 USD) to join kept in escrow and lost in the event you're discovered to be cheating?

There are plenty more questions like paying for mods/review, securing the money, paying for servers, etc.. but my basic question is if cost of entry exceeds cost of reward from cheating has ever been attempted in a game.

Apparently buying a new copy of a $10-20 game isn't enough to keep people away from cheats. Less so when there is prize money on the line or skins (e.g. CS2) worth $100k.

>e.g. $500 USD

I've seen private cheats for games with less-than-terrible anticheats charge that monthly, if not weekly. You're underestimating how much people are willing to pay to play with cheats, and overestimating how much regular people are willing to pay to play against players without them.

Yeah you'll deter legit players with the escrow way before you'll deter cheaters. It's a good thought but probably not going to work.
Csgo became free at some point, and I remember the amount of smurfing increasing a lot then. Have rarely noticed cheaters, but smurfs are just as bad if not worse. They do at least require new accounts to waste some time playing deathmatch to be eligible for competitive.
Why doesn't Valve implement this natively?
I think there’s a good possibility that they’re intentionally not fixing it, cheaters blatantly using wall hack are easy to root out and ban.
I wonder if it could spawn "ghost players" in places no player could be to detect reaction
Honeypot & statistics are a much more interesting avenue of anti-cheat to me. The most egregious cheaters tend to get banned the most quickly with these techniques (e.g. a 200-1 K/D ratio = a lot of samples per unit time).

When it comes to cheating in video games, I subscribe more to the Dune philosophy than the LOTR philosophy. The ends (experience) definitely justify the means. Making sure that all cheaters are punished ~equally regardless of the effect of their infractions is fantastic in principle, but I'd rather if we could simply remove the ones that are obviously & openly ruining the experience.

False positives suck, but there is no reason to pander to the .01% performers if you are trying to keep a multiplayer game community alive. Esports has demonstrated this is a terrible approach. We had community servers that would ban people simply for being too good before all the matchmaking stuff started up. The anti-cheat was vibes based and arguably superior to anything going on today. It wasn't "fair", but it was generally a much better experience as a player.

To me, the best anti cheat are the one you put in the game design.

There is only one 'fps' I play, it's called holdfast and is about Napoleonic warfare. Muskets are so inaccurate that having a wallhack or an aimbot would be complete nonsense.

There are still people who cheat in other way, but it's extremely limited.

Cheaters killed 90% of the multiplayer game to me.