Years ago for educational purposes I decided to venture down understanding how easy/difficult it was to create a hack for Counterstrike.
After just a few hours of watching YouTube tutorials and translating what I could grasp from C/C# into JavaScript (the only language I knew at the time), I had a working Node.js executable that edited memory offsets (using data from hazedumper[1]), letting me see enemies through walls and auto-fire as soon as they entered my crosshair.
I obviously only tried it out on an alt steam account for fear of the infamous VAC ban, but no such ban happened. I only toyed with it for a few weeks as I then grew disinterested but that definitely left a sour taste in my mouth for the "effectiveness" of VAC if a script kiddie like me at the time could throw together something custom in just a few hours, I'm sure it'd be much easier now with ChatGPT...
I'll never understand what people actually get out of cheating in games. I'll admit I've tried it a few times just for giggles (way back in the Age of Empires II/MSN Gaming Zone days), but the novelty quickly wears off and then it's just not even fun anymore.
There must be some very interesting psychology behind this.
I've botted in a few MMORPG games and the appeal is that it's basically a new perspective on the game. Also makes it more of a technical challenge than a test of mechanical skill or free time / patience.
It still feels like a game in the sense that there's progression and rewards for progression. For example, learning how to read cooldowns means you can make smarter macros and double your income / cut kill time by half. There's even different "build paths" in that you can choose to go the memory reading build (fragile but reliable), network sniffing build (less fragile but expensive), or computer vision build (easy but unreliable and expensive).
From a technical perspective, the appeal is having an excuse to try out new stuff like SAT solvers, rules engines, or whatever ML thing I just learned about. It's also a good exercise in all the math and data structures + algos stuff I've learned but never use at dayjob. Optionally, building a UI to manage the bot is fun for the same reasons, an excuse to try out new frameworks / design choices / etc. It's basically another programming job but without the icky business / customer considerations.
Though I do agree that cheats in any PvP scenario is pretty lame. It has a much bigger negative impact on other players, and it's not as much of a puzzle (mostly aimbot and pathing). In comparison, PvE games are usually social and unless you're running a swarm of VMs, you're unlikely to affect the economy or otherwise inconvenience anyone.
Can't edit my comment anymore but for anyone that's played Factorio, it feels a lot like that. Both in the way you slowly switch out hand-fed systems for automated systems that build on each other and in how you get a unique base (bot) out of it in the end. Plus there's something exciting about beating the game in a way the devs didn't envision and one that other players haven't.
It's a technical challenge for the script kiddie making their own hacks, but from what I gather most PvP cheaters nowadays are paying (!!!) a subscription for their cheats.
It's pretty simple, nowadays the ONLY way to have fun in most multiplayer games is to win by any means. Outside of a few games like minecraft, every other game is designed around winning. 6 of the most played games on steam right now are some combination of competitive FPS / pvp survival or Dota 2. All of these games give you way more rewards for winning over just casually playing so over time the community is incentivized towards maximizing ELO, mastering the meta, and finding any ways to gain an edge on the competition.
I won't say it was better back in the 90s/ early 2000s but games had lobbies and people would just naturally drift around until they found one that satisfied their needs, be it playing more causally or for a more hardcore experience. Nowadays matchmaking is all controlled by the almighty algorithm which is just a glorified ELO/MMR system and dumps people together regardless of whether or not the game is "fun" for them. Worse yet "Quitting" is actively punished so you just have to stay in the game being frustrated and angry at your teammates until you lose. I always use pick up basketball as an example of how lobbies should work with people being given the choice of playing until they are tired/bored and punish trolls by excluding them forcing them to seek out another court or just start their own games.
Now that i have sworn off all competitive multiplayer games because i used to be a real fiend with several thousand hours in Dota 2 i have come to realize that as fun as the game is the fundamental failure of every matchmaking system is that your fun will always be dictated by how often you win because that's the only thing that is rewarded both in the game and by the community. If you look at any forum for these competitive games it's always the same complaints with people bemoaning that the balances is bad (AKA i don't win because if i did why would i complain), the game is too hard for newbies (AKA i don't win because the skill level is too high), and that the community is too toxic (AKA i don't win because i don't take the game too seriously and people get mad at me).
I'm much happier playing singleplayer games or exclusively cooperative games like Helldivers and Deep Rock Galactic and think most people would be too but they need to come to the realization that it's not the games fault per se but the underlying mechanics behind the matchmaking systems.
> fun will always be dictated by how often you win
Matchmaking is designed so that you win roughly 50% of the time (except for the very top), no matter how well you play. If you focus on playing better it's going to be a treadmill by design. OTOH some people accept that you're going to lose 50% of matches anyway, chill and keep to lower ELO.
Cooperative games do still have the problem that you either need to have friends with the same interests and gaming schedule as you (the last one especially gets more and more difficult with age and real life responsibilities), or you play with randoms and then all the same annoyances with multiplayer games that you listed apply.
Helldivers 2 was exceptional for this in my experience - I met some great people from matchmaking, both when I was playing with IRL friends and solo. I know it’s only a video game but it truly felt like a proper bonding experience when you were trying to save the last of your team, or when you harmonised in such a way it just felt tactically perfect.
I think you a misunderstand why people cheat. There is nothing "nowadays" about playing unfair. Minecraft is also a bad example, as it's also cheated, and botted to hell. If there is anything to gain in any context, and you get enough people interested, the people will try to maximize that gain, and some will not care about the rules, or the intent of the context.
I do agree about the conclusion though. The solution for the disappointment in online matchmaking is singleplayer, and multiplayer with friends. Both completely eliminate the bad actors.
I'd say the pendulum is swinging in the other direction -- Fortnite is bigger than most everything on Steam, and everything in that game feels like it's designed around you making progress through its battle pass in some incremental way. The world map has puzzles, there's a fishing mechanic, and it comes with a suite of non-combat alternate modes.
> nowadays the ONLY way to have fun in most multiplayer games is to win by any means
That’s quite the hyperbole, I play plenty of multiplayer games and I enjoy myself plenty wether I win or not. Granted, games like Dota, Counterstrike or Tarkov are designed for a certain ultra-competitive audience, that’s fine, but there’s plenty of choice besides, more than ever.
These competitive games might be at the top of the charts, but they are rather niche in the grand scheme of things. It's just that the kind of people that play these games, they end up only playing that one game for years for a few hours a day. But in reality they are a minority and there are many more players spread out among all other games.
I think you are projecting your motivation to play games onto others, there are many reasons to enjoy games other than just getting those fake points at the end, and not everyone is as sore for loosing.
In games where available weapons/gear depends on some global "level", this could be a way to get your desired weapons without having to grind for weeks/months. I guess a silver lining of "pay to win" games is that you can now pay to avoid that.
I remember trying to hack the levelling-up mechanism on Crysis 2 - it worked by sending your post-game stats (client-side) to a master server, so editing those stats in memory before that happens would work (there seems to be no tracking of stats on the game server side - even though they could've had the game server relay that to the master server).
Memory is fuzzy but I think I managed to level up to a stage where I got the weapons I wanted. For my defense this kind of "cheating" only "cooked the books" on the leaderboards and did not give me any actual advantage in-game.
I wish more games let folks choose to grind for things or just have everything unlocked without grinding. I already have a job, I just want to play a game without another grind. I know some people love the grind, but I don't, I much prefer the L4D style "play what you want, how you want".
It's a nice idea, but it won't be applicable to all games...
I'm thinking of Ark:Survival Evolved here, where the grind on 'official' servers is insane - for example taming a Wyvern required you to be online more or less every two hours for three days. On the unofficial servers these were downtuned so you could do things a bit more easily.
But when we briefly ran our own server and realised that we could use god-powers to get the stuff we wanted without the grind... it turned out there wasn't really anything of a game left.
The prequel to this game (which had a bit of a cult following due to its insane hardware reqs, but frankly the multiplayer gameplay is good and sorely missed) explicitly did not have any global leaderboard or score system - instead, the "leveling up" was per-game-session and it took merely ~10-15 kills (~20 mins on a busy server) to earn enough points to acquire all the weapons you needed.
For a lot of them, they aren't cheating, they are compensating for bad teammates, bad servers, other cheaters, bad hit reg, bad sound effects, bad whatever they can dream up.
Cheating is "this is my actual skill level if there wasn't so much bullshit happening to me"
Of course this is all a lie, but it's what they tell themselves.
This is only true for the people who use the cheats, not the people who make them.
For the people who make them it's an intellectual exercise, like solving a puzzle, it's an end in itself. That and the social credit it gives you among your technical friends.
At this point games like call of duty, especially warzone, is completely unplayable to me due to the massive skill gap. I spend more time in the game lobby than actually playing the game. Warzone is especially bad as you are kicked out when you die, no respawn. It makes for very frustrating gameplay.
I seriously considered cheating at some point just so that I can actually have some fun and get to the end-game without constantly fucking dying. But then I remembered there are other games that I also enjoyed playing, and then I stopped playing CoD.
My perception of the psychology is a malformed competitive drive. Competition is fun! But when it gets someone to the place of "Must win at all costs" it can be life-destroying. For the video game cheats, I think it starts out as "Must beat the other players", but then that gets (mostly) boring once they are actually are beating the other players, and it shifts to "Must beat the anti-cheat system."
I think you, and a lot of other people really overestimate the number of people for whom the technical challenge is why they cheat.
Seeing that the cheating industry is relatively large, and functions on a subscription basis; For the vast majority of cheaters the challenge is entering their credit card to get their cheat subscription.
These are people who want to win at all costs, other users be damned.
A bit, sometimes, maybe, for some. The only person you really need to compete with is your past you. The rest... it certainly leads to less happy life, unless you keep winning way more often than the rest.
And uncontrolled, it can very easily spiral into rather destructive personality patterns over time. Parents often fuck up their kids having them compete as much as possible, laying seeds for later issues. Competitive people always compare themselves to others, never happy with what they have, regardless of how much they achieved. Literal opposite of searching for happiness in life.
I don't know about your peers but I see this behavior often in high performance environment, high achievers with sad inner lives.
In single player games it is just another way to have fun. I mean, Minecraft creative mode is essentially equivalent to turning on all the cheats. It removes all the built-in challenge and then you come up with your own game.
It doesn’t seem very appealing to me, but I don’t think there’s any particularly interesting psychology behind it. Rather one could say I lack creativity and need monsters to motivate me to build anything.
Cheating in real competitive games is rude, though, for sure. But most people don’t play top-level competitive games.
Cheating in pseudo-competitive games like Overwatch or Dota is both rude and stupid. Because the game can just find people to match your cheat-augmented skill level anyway.
I was a cheat developer and I did hang out with cheaters and other developers. I'm surprised people in this thread haven't mentioned one big motivation for cheating yet. Plain old trolling, making other people mad at you, making them insult you in chat, etc.
There were TF2 bots that autonomously queued for the game's casual matches, spammed the chat, aimbotted and made the game generally unplayable for a while, you could host a bunch of them on a not so beefy computer and make them queue separately or together.
One of the features of those bots was streaming the chat logs from the matches into Discord/Telegram channels for cheaters/bot hosters to laugh at and make compilations of. It was funny and entertaining to see people having their moods ruined for no reason.
In game (TF2 specifically), when I see cheaters, they are usually also extremely annoying/purposely abrasive in other terms as well - frequent use of racial, transphobic, homophobic slurs, furry/anime/my little pony profile pictures, blatantly cheating while denying it, general smugness - they are trying to maximize the negative reactions they can get out of you. I'm really ashamed to have once been like that and I'm really glad that I grew out of it. It was absolutely not a healthy way to have fun for myself, and not a great community to spend time in (a lot of cheaters pretend to be extremely bigoted for a reaction, but some are genuinely like that). I met some genuinely good, talented people there, but they didn't stay involved with the cheating community for long, and eventually I left it too.
Back in the cs1.6 days there were servers that advertised as hacker servers. Obviously anti cheat was turned off, but the draw was that everyone was hacking and you could test your hacking skills. The goal was to see who had written the best hacking software. It was actually really fun and an entirely new way of playing the game.
The result, and the taboo method gives a thrill. It's a power trip essentially. It is also used to close the perceived skill gap, or get revenge. Some people enjoy a very uneven power balance - in games, this means that they like to get an overwhelming win, or "stomp". Sometimes skilled people achieve this by playing in a league that is much less skilled than their own, "smurfing". Technically not cheating, but it's usually against the EULA, and creates essentially the same situation.
All in all, it's just power dynamics, and lack of compassion.
even if everyone only tried it for a week, that still means there will always be a certain number of cheaters in games, because new players are always joining
I, quite literally, got a career! Started as a technical curiosity, gave me in-roads to very weird corners of the internet. Got to know many professionals I wouldn't have, otherwise.
Ultimately served as the most effective networking I ever did.
I never cheat in multiplayer (also because i don't like multiplayer with strangers), but i do cheat sometimes in single player games to speed up progress. I lack the time and hate the grind. If a game has a very easy or story mode i will happily select that one.
One anecdote: I "cheated" at EVE Online by writing an elaborate set of modding tools. Most of it was automation for really finicky tedious stuff like drone management, or automation for things like broadcasting your current target to other players in your party. I also hacked in workarounds for bugs in the official client. It enhanced my experience with the game a lot. On the other hand, lots of players were just botting.
I also maintained a browser addon for a while that had 100k+ weekly active users that added various features to a browser-based game. Eventually that game had such bad problems with botting and cheating that they had to introduce an anti-cheat system, and we basically got into a little arms race for a year or so where they'd add a new detection system and I'd circumvent it. Similar to the EVE Online modding it was things like workarounds for bugs in the game, improved UI, keyboard shortcuts, etc. Eventually they drew a line in the sand and said anyone using addons of any kind would get a permanent ban, so that was that.
I think the vast majority of cheaters are just in it to ruin other people's fun but sometimes people are violating ToS for a better or different experience with the game. It's unfortunate that the prevalence of malicious cheating means that anti-cheat technology also has to basically ban modding for fun.
Given that the paid cheats market is a huge business and the prices are not insignificant, I'm afraid a lot of adults with stable source of income are cheaters too.
Sad people full of insecurities and other complexes, compensating it on strangers (well, failing miserably but there is always those few seconds of dopamine kicks). Sounds about right.
It’s actually probably pretty benign psychology in my opinion.
Nobody on your own team is really gonna notice if you’re cheating unless it’s speed hacks or something. So your own team is hyping you up for being a god, and it feels good.
Plus a lot of people like you - trying it out for the novelty. Most people aren’t doing it, but seeing it once ever 20 games would probably be enough to drive you insane.
Because the average joe needs the sense of achievement. Lots of people have near zero success in life, or power above something, and this is their supplement.
Plus most of the modern multiplayer games, especially fpses, are centered around a few individuals who have skills above the herd or they are playing by different rules (meaning of this is up to you...) and everyone else is just filler so that these above average players can "harvest" them. Just like Bodybuilding. You have the top notch competitors who everyone tries to imitate. And that is what sells the supplements, while all they buy is an illusion that one day they can achieve the same physique.
So let's say you have Apex Legends where well known players show how they literally obliterate everyone else. So the matchmaking (which is deliberately shit) sends these "predators" to hunt the prey, who are essentially sheeps.
People watch these streamers and try to imitate or get to know how to be at the skill level they have (which is near impossible for several reasons, I'd rather not explain). So the whole business centers around these outstanding persons, and the sheep buy the shiny digital bullshit, thinking that might elevate them to the "bigname" monkey's level.
How did editing memory offsets auto-fire based on enemies entering your crosshairs? To my knowledge this would require some code hooking at least. (Or are you using "editing memory offsets" to mean "writing new instructions into the process' memory"?)
For Counter-Strike 1.6, source and GO your crosshair would change and indicate that you are aiming at a player. Not sure about CS2, but wouldn't rule it out either.
It's a bit slow, but you could grab the player ID, then check if the player is on your team or not and then fire. Either by sending a mouse input, or if I remember correctly by writing to a specific address.
However, with enough knowledge (which is mostly documented online) you could actually pull out the hitbox, skeleton and animation data and just run the line-box intersection step yourself. Easier to do internally by hooking in-game functions though.
There is a list of entities in memory, models have "bones" for animation purposes, knowing the address of entity in memory you can find out if it's an enemy player (compare team ids), where the head bone origin is, and you also can read the view angles of your own player to see where you're looking. The tricky part would be doing a ray cast to see that you can actually hit the enemy and not shoot a wall - internal cheats can just call builtin game functions, externals can't.
In Source Engine games, your inputs are stored in a struct ("usercmd", if I remember correctly) before being sent to the server in a client tick. You can modify that struct, a mouse click there is a bit flip on one of the fields. Rotation and movements are float fields. Modifying that struct makes your client send the "inputs" without a need to actually "call" anything.
I once tried an early GTA V multiplayer mod, pre-FiveM, that used .NET as a basis. They didn't apply any protection to their mod DLL though, and it was trivial to modify it in any way one liked with DnSpy.
I used it to completely automate a grindy task on a server complete with chat hooks, and automatic teleportation to sell the items and back. And also implemented a trainer of sorts with all sorts of functions. The networking didn't appear to handle the teleportation well, and to anyone else my character never moved.
I ultimately didn't use it as an advantage in any meaningful way, I only played to see how far I could mod it and stopped, but never used it against anyone, and stopped playing once I was satisfied with my ill-gotten gains rotting on my account.
Reported it to the devs afterwards, who seemed disinterested but did at least obfuscate the binary, but neglected to do the same to the client JS API loader, so I used that to inject custom client scripts and override server supplied client code.
I'm sure people could do more interesting stuff with BepinEx/Harmony these days, but I never had enough inclination in .NET to learn to implement those. But it was still really fun to twist the game around like that.
these days you can open the devtools for the web-based inventory systems and start sending malicious events straight from the console. filed as not-a-bug...
> I only toyed with it for a few weeks as I then grew disinterested but that definitely left a sour taste in my mouth for the "effectiveness" of VAC if a script kiddie like me at the time could throw together something custom in just a few hours, I'm sure it'd be much easier now with ChatGPT...
The thing is, VAC doesn't immediately ban you. Or anyone else. It's looking for suspicious patterns across hundreds if not thousands of players and collecting evidence over weeks if not months to make sure they got relatively low false-positive rates and don't end up banning people for a Windows update gone wrong... and additionally, it raises the iteration time for cheat developers as well, and that's the true point. Show cheaters immediately that they're spotted and the only thing you enter is an immediate arms race.
Your way of writing a cheat was probably detected but since no one else used it, VAC didn't trigger.
Blizzard's battle.net used to do that. They'd ban in waves. I imagine immediate bans would make it much easier for cheat authors to figure out which cheats were detectable and which weren't.
I haven't followed recently, but what I have understood is that clear known old public hacks can result immediate ban. For newest hacks they will gather cohort and then do them in wave. Thus making it harder to evade detection or notice what exactly was detected this time.
Unlikely. Last I looked, VAC only looks at a few gross elements, like the names of the DLLs loaded into the game's process. If you don't match a blacklisted name, you're probably not detected.
And user account names. At least at one point you could catch a ban for having an account named "catbot" when running on a linux box. Admittedly that was probably quite a reasonable litmus test in practice even if not in principle.
I'm surprised someone remembers this, considering how long ago it was, the fact that Valve publicly denied this later, and that most people (on the side of publications reporting that situation initially and outside observers on reddit and other platforms) didn't understand/didn't care for the difference between linux user account names (that caused the bans at that time), steam display names, steam account names and steam custom profile urls.
I have a suspicion that that was FUD spread by the cheat creators. Back then I decided to test that by creating a user named like that and running Steam from there. My account did not receive a ban.
It was real, but maybe the username wasn't the only data point they used. Considering that:
1. Brand new Steam accounts were banned after logging in to Steam client, before even launching any game
2. Replacing "catbot" in user accounts with a random string stopped the bans completely
3. A linux VAC module, dumped similarly to the method described in the article, had access to usernames - I think it was via a getpwent() call. It also collected some other info about the environment (I don't have that binary anymore).
You can probably agree that user account names played at least some role in the bans, even if they weren't the only factor.
* I can't provide concrete evidence for either of those three points as the events took place 8 years ago, feel free to not take my word for it. Maybe you can find someone else from that circle who still has dumped VAC binaries, links to the empty banned accounts or a clone of bot orchestration software repository with a commit that renamed the user accounts and stopped the bans. Maybe even chat logs from that era.
Anyway, at this point it's just a funny piece of tf2 cheating history that has zero impact on anything anymore. So you might as well think it was all fake and I'm just making stuff up, it doesn't matter.
If people want to test these kinds of exploits, you can do so on a server that is not VAC-secured. That won't risk your account being VAC banned. (Of course, if you really want to be sure, use a secondary account and a server that's not VAC-secured)
Arriving at college back in 2001 my roommate and I setup a CS server. A lot of the freshman were getting their own computers for the first time, and had not ever played computer games before so we basically kickstarted a CS community. I think it took about a month before a lot of them started cheating. It is kind of ridiculous how much of a plague cheating is on competitive gaming. Back then we would just observe the players and then ban their IPs. Which was luckily enough given how the campus network worked.
I am not a fan of the signature-based techniques used by VAC, et. al.
I've lost a few steam accounts to accurate but unintended (i.e., not actually cheating) detection of debugging tools attached to totally unrelated processes on the same machine. Having anything open like cheat engine or Tsearch while you join a lobby is a guaranteed ban no matter what. Ethical hacking and malicious hacking are indistinguishable from the perspective of this kind of machine-wide blind signature detection.
Statistical techniques can dramatically reduce false positives in cases like this. If someone at Valve had taken 10 seconds to review my stats during the detected interval, they should have been able to conclude I was not a threat to fair play.
> Having anything open like cheat engine or Tsearch while you join a lobby is a guaranteed ban no matter what.
I think a no-brainer solution here, which I am surprised isn't used, is to just immediately kick the account when a well-known signature, such as CheatEngine, is detected. If the program isn't even attempting to get around VAC, there is no point in doing the whole "delayed ban" thing.
Or even banning at all. As you say, kick out of an abundance of caution. Any serious attempt at rule breaking is going to involve at least some basic obfuscation so if that's missing it's a strong indicator of a false positive.
That said, my snarky response is "I hope you learned your lesson about the need to restrict proprietary software to a container at all times".
>If someone at Valve had taken 10 seconds to review my stats
It seems super reasonable when it's a one-off thing for your own account. When you think about making it into policy and scaling it up to 1000s of interactions, it quickly becomes unreasonable.
>Statistical techniques can dramatically reduce false positives
For a period of time, anyways. Until the statistics get gamed by the cheaters (e.g. adjust accuracy of your auto-shoot from 100% to 85% or whatever).
Computation isn’t likely prohibitive when using the bedrock of predictive models, linear regression, especially w some optimization. Could also vary observation time so you only need a prediction once every ten minutes or whatever
The real issue is the cost of false positive detection of cheating is negligible since the vast majority of positives are probably true positives—it’s the cost of doing anti-cheat business (minimal)
But yes cheats would be modified to just below thresholds of detection
I think this might be in reply to my first comment about scaling? If so, I just want to clarify that I was thinking more along the lines of scaling the customer service/ban appeal side rather than infrastructure.
If, for example, every ban had a component of someone at Valve taking 10 seconds to review in-game stats at the time of the ban, and then making a determination of whether or not those stats seem reasonably non-cheater-ish (pretty hard policy question in itself), the process would slow to a crawl.
You could just do a basic automated review of stats. If someone has a 50% win rate and a 20% accuracy, they're probably not cheating - what's even the point of cheating if you don't win more often than chance?
> adjust accuracy of your auto-shoot from 100% to 85% or whatever
Sure - looking at K/D, accuracy, etc., is an important factor in a statistical model.
Statistics can also include: Map name, player transform on the map, keyboard and mouse events, GPU utilization, audio playback events, etc. These are all very high information time domain signals that can be correlated with the same from any other player.
After a certain point, I don't think it matters if it is publicly known what your signals are. The amount of information becomes overwhelming in aggregate. You can impose the curse of dimensionality on the cheater.
>Statistics can also include: Map name, player transform on the map, keyboard and mouse events, GPU utilization, audio playback events, etc. These are all very high information time domain signals that can be correlated with the same from any other player.
I don't think these are the type of stats the parent was referring to when they said "If someone at Valve had taken 10 seconds to review my stats".
But sure, those are all examples of statistics to start logging, analyzing, and cross-referencing. (I would argue most of the statistics you listed are of little to no use in identifying false-positives (or good cheaters), but I understand the point you're making with those examples.)
It would maybe reduce the false positive rate by some amount at an increased monetary (and complexity) cost to themselves. I think it would be well past the point of diminishing returns though. Setting up all the infrastructure, policy, processes just to reduce false-positive rates by a few percent, maybe?
I think I'll stand by "that's unreasonable" and "cheaters will game the statistics".
I understand the sentiment but I can't bring myself to think valve is to blame or should be doing more. Getting a case of "Yes officer, I have an NO2 bottle in my trunk, but what it is plugged to is not actually the air intake for my car but something entirely unrelated, if you just take 2 hours to dig around and take it apart you'll also realize this"
Thats such a bad example. Ofc you can carry NO2 bottles plugged into something, if its not air intake of your car, and investigation should happen finding you not guilty.
When you're accused of breaking the law, your accuser must prove you have broken the law. If they cannot, there are actions you can take to recoup your damages.
Valve can ban you for any or no reason with no means of recourse or refund.
Actually, VAC handles Cheat Engine and the like very well. You won’t get banned for simply having them open, only for having them attached to the game, which I think is reasonable.
I used to use CheatEngine on single player games that I ran through Steam, and I don't recall Steam having a problem with that at the time. Not sure if it's changed, but it was pretty reasonable.
Looking up some quick stats, Steam has 132 million monthly active users and 69 million people use Steam on a daily basis. Not all those games are using VAC, but just looking at CS2, it routinely has over a million players playing it.
Nobody is going to “take 10 second to review” anything with those numbers.
signature detection can also make a false positive if running under Wine or in a VM (that's for example why you can't play League of Legends or Valorant with GeForce Now anymore since Riot revealed their new anti-cheat...)
Back in 2000-2005 I was very active in a community centered around 20 or so modded Counter-Strike servers which I volunteered as an admin on. We were generally good about having at least one admin on each server at any given time to deal with cheaters. Occasionally someone wouldn’t be around though.
There was a period of time lasting about a month or two where a player with a name like BELT SANDER or ANGLE GRINDER or TABLE SAW hung around. They were pleasant and unremarkable, but they frequently used new Steam accounts and switched IPs.
This person definitely wasn’t supposed to be an admin, but if they were around when someone was cheating and no actual admins were there, they’d somehow elevate their own permissions and ban the offending player. We tried to figure out what was happening and to see if we could somehow stop them, but we never did manage it. They were somehow gaining rcon access to the host server. After a while we just shrugged our shoulders. They didn’t seem to be harming anything, other than our peace of mind about our security. Overall they were actually really helpful for stopping late night/early morning disruptions.
I used to write cheats for CSS & other Source games. Not sure if the original CS would have the same vuln, but iirc you used to be able to use an INetChannel::ReceiveFile function with path traversal to grab the server config. There were a few cool hacks around the file path filtering logic they added in my era that (combined with ::SendFile) enabled a fun period of arbitrary RCE on Source servers.
I knew one person who made a wormable payload for a game I won’t disclose which used that method. The methods are in engine.dll so it’s symmetric, clients would infect servers, which in turn infects more clients, etc. Around then was when I decided to start gaming from a VM lol.
> Around then was when I decided to start gaming from a VM lol
How?
Maybe I’m getting my dates mixed up but CS was released in the late 90 / early 90s and consumer virtualisation wasn’t nearly good enough to game in for another 10 years.
Consumer CPUs didn’t have virtualisation extensions and GPU paravirtualisation wasn’t available either in the early 2000s.
VMWare wasn’t even any good for just running Windows
2000 (I mean, it was seriously impressive tech for its time, but it was dog slow even for just basic basic things). So you’d be stuck with Xen for anything serious. And that wasn’t trivial to get set up back then.
Plus given the lack of drivers for virtualised hardware like soundcards and network interfaces, you’d likely be stuck with full fat emulation for those devices.
Maybe you would be the person to answer this. Back in 1.6 it was common to install amxmodx for use as admin software in game. There was a function in one of the menus that would open up a players disc drive on their PC!
I was an admin on a wc3 fun server back in the day and would do it to people for fun. Too young at the time to ever think more about how that was actually done or what security vulnerability that must have been exploiting! I always wondered how it was done.
This exploit has its origin in the Quake engine. I remember exploiting the same thing in CoD4 (2007) and I believe even the release version of Black Ops I was vulnerable. It was known as the ‘q3dirtrav’ vulnerability.
Interesting, a friend of mine did that in GMod, leading to the infamous 'cough' virus. (Yes, all the 'journalism' around this is wrong, and it's not the person commonly blamed for it).
I love this story. Feels like a modern take on one of those old "hidden master" stories where offending the quiet old man turns out to be a disastrous idea.
I stopped playing because I felt I could not trust other players, I was getting too paranoid. There were not that many blatant cheaters, but with closet cheaters, it's now very difficult to know if your opponent is better than you or cheating in subtle ways. It's a grey zone.
I guess it's the combination of a frustration of losing matches and the constant suspicion. I was constantly trying to probe things and watching replays, it ruined the game because I was always focusing on cheating.
Ultimately, I think most CS players don't really care about subtle/closet cheaters, so as long as they don't feel it, it's fine, the game keeps its high player count, so it's a good facade and valve is happy with that.
CS is a game I can really enjoy, until I couldn't anymore.
In one specific area, I think this was actually the point, and that was Minecraft servers.
Minecraft minigame servers were very competitive, and very shady, using every dark pay-to-win, gacha psychology trick in the book and even some new ones (in particular, pay-to-unban). They also had very public, competitive popularity rankings among themselves, which players actually used to pick a server.
So I'm pretty sure they also actually paid account stealers to go to competing servers and cheat. The account stealers didn't have any better ways to monetize their huge lists of stolen account credentials.
What makes me think this is the huge number of accounts who would cheat in obvious ways and immediately get banned for it. There didn't seem to be much effort to avoid bans, but when you can join minigame after minigame, and all of them have one guy who ruins it by cheating and immediately gets banned, I think that's economics at play, not just psychology.
I'm closing in on 3000 hours on cs2, and I often get accused of cheating, but I never have. You're definitely right about people being upset and thinking that someone is hacking. I'm pretty good at spotting "togglers" (people who turn their hacks on and off) but there are certainly times where it's really hard to tell, people can be very sneaky about hiding it. Then sometimes someone will call them out and they'll stop pretending.
It's been quite a while since I've seen anyone spinbotting though.
Same problem here. I doubt I'll ever touch an online competitive game ever again . Back in the 90s and even early 2000s cheating was different as people would be extremely blatant and it would sometimes even be funny watching people fly around in Halo. These days there is actually profit to be made through cheating by winning tournaments and streaming. Thus they now hide it as best as possible and even pay large sums of money for individualized cheat software. The game is now to cheat as best as possible without getting caught.
There is no way to guarantee all participants are legitimate so I am not interested. It feels like a complete waste of time putting in the effort.
As an early admin of the Steam forums it was always fun when people came on to say they’ve been false VAC banned. There was sometimes the grand denial of any cheating, then the “well my little brother did install something but I didn’t use it”, followed by silence as they gave up.
It's "just" an automatic update, like Chrome, etc.
It's one entry-point among others for RCE. If tomorrow NSA wants to gather any files on your computer, all they need to do is to ask Google to push an update for you through Google Omaha.
I'm really curious about this but searching for "Google Omaha" doesn't return anything related and the linked FOIA request is... just a request, which I assume anyone can write whatever they want in the request.
The request itself isn't very damning either. It just make references to vaguely worded "partnerships", and apparently uses that to imply that Google is handing over data. Even if we take that at face value, it says nothing about OP's claim, which is that NSA can ask google to serve backdoored updates.
>If tomorrow NSA wants to gather any files on your computer, all they need to do is to ask Google to push an update for you through Google Omaha.
They could in theory, but has this actually happened in practice? Pushing a rogue update isn't exactly a novel idea, but despite decades of government document leaks and APTs being analyzed, there's scant evidence that any government pressured a company to push a rogue update. Same goes for other threat models like "government pressuring CAs into issuing a certificate".
For CAs that'd likely get them kicked out of browser trust stores if someone detects it. And if it becomes known that a corporation pushes government-malware updates then that corporation would lose trust too.
So playing that card means moving the entire planet into a lower-trust equilibrium where everyone has to defend against that.
In a better-coordinated world the conclusion from that would be "let's not do that", alas on this Earth TLAs have shown that they're willing to burn the commons, forcing a response like RFC 7258.
Linux distros are vulnerable to the same supply chain attacks. Did you ever do a background check on your distro maintainers? How many of them have email addresses from non-democratic TLDs?
The other day I mentioned that it's not OK for games to be proprietary software and/or use unethical software like DRM (which tbh anti-cheats are as well). I got accused that I wanted game developers to starve to death.
I'll chime in here as a game developer: my upcoming release will be an NES cartridge[0] and probably a Steam app. I'll be adding no DRM, because I generally trust that folks that weren't going to pay aren't going to be converted by its presence, and that honest folks want to support my work. Whether the storefronts I release on add their own is up to them, and frankly I don't care.
Separately though, anti-cheat is another ball of wax entirely, and I have extremely mixed feelings in this field. Generally I favor "cheat detection should be serverside, don't trust the client" from a general security perspective, but... I can totally see a valid case in there, somewhere, for more rigorous clientside checks. Somewhere along that line though is rootkits and malware, and... well, no, please tell me up front that you loaded your game engine with these things so I can save my money and purchase something else, thanks.
[0] Using a custom mapper, which will help initially to discourage low-effort bootlegs at the very least. It's open source though, and will not be too difficult to add to emulators, at which point the dumped ROM should play fine on them.
> Generally I favor "cheat detection should be serverside, don't trust the client" from a general security perspective, but... I can totally see a valid case in there, somewhere, for more rigorous clientside checks.
Yeah...
The simple fact is, it's simply not possible to have completely server-side cheat detection simply because you'll be relying purely on heuristics which could very well be wrong. It's just not going to be possible to tell the difference between a cheater and a really good player.
For any cheat detection to work, it has to be client-side.
And the counter is fairly straightforward: any client-side cheat detection has been broken. You can't trust the client. It doesn't work, your server just thinks it works because it's lying to you now.
Client-side cheat detection can work for tournaments, but it's way simpler there: the tournament provides the hardware, and the players aren't permitted to install anything. This doesn't irritate me quite as much from a security perspective of course, because I am not about to log into my banking site on the presumably insecure tournament device. It's also imperfect: a sufficiently motivated pro player might bypass whatever locks you installed on the thing, especially if they get to spend any time with that device unmonitored.
Even better than that, tournaments have a way better cheat detection method anyway: point a camera at the player's hands. It's suddenly really, really obvious if they're cheating!
I think an overlooked approach is the snapchat model. Absolutely littered with client side integrity checks coupled with an automated obfuscation solution so that the checks in each binary end up being wildly different. Then you frequently push an updated binary and refuse to operate with out of date ones.
At least for competitive AAA titles I don't see why there couldn't be a daily update of the core binary. None of the assets would change so it wouldn't be a large update by any means. In effect it would prevent cheating by imposing impossible work and latency requirements on the tool authors.
The cost of doing this is employing at least one person with deep compiler knowledge who is capable of maintaining the automated system. Obviously that's far too much to ask of indie devs and is probably also out of reach for older titles in most cases.
This is of course all aside from the obvious and common sense but more expensive solution of player flagging, human review, and a binning algorithm (such as trust factor). Avoids needing to ban anyone in the first place and has the added benefit of being at least mildly effective against computer vision based botting solutions (for which there is fundamentally no solution).
Or just private servers and let the individual admins sort it out but god forbid players be permitted to run their own communities corporate might lose out on profit if that were a thing (can't risk another DotA after all).
Can't say for DRM, but there's much bigger demand to play a multiplayer action game without experiencing cheating than demand for a similar game that's not a rootkit. Cheaters are nasty. Devs make rootkit anti-cheats simply because there's no better alternative, not because they're evil.
We need to define nebulous terms like 'better'... to a company that's synonymous with what is 'cheapest' to their bottom line. To a player, that's a more effective anti-cheat.
To my understanding, the latter is much more effectively solved server-side, but is more costly for the company to run.
I'd rather play a game with server-side anti-cheat than player-side-anti-cheat.
All games are different, and for some game, this may be true, but what I, personally, have in my mind in a discussion about intrusive anti-cheats is a fast shooter with lag compensation like CS or CoD, and for them, this problem is not solvable only server-side.
CS:GO actually have heuristics and ML to flag cheaters server-side, but that's only another line of defense - the majority of defense is on the client-side anti-cheat. It's called VACnet, and its bans are temporary - most likely because of false positives.
There are countries that believed farming should not be profit oriented and curiously they happen to be the ones to have breadlines.
It is no coincidence that America and Japan, the two countries with the most draconian copyright protections, continue to be the dominant player in the game industry.
Profit motive and the ability to reinvest previous profits into future products is the greatest force multiplier in our planet’s history bar none. You can either suck it up like China did in the 90s and convert to a capitalist economy, or stay in the breadline forever. Oh, in this case, I mean play tux racer forever :P
Oh, I've heard this one before! Steve Ballmer, is that you? I thought we were past the 'open-source is communism' and 'cancer on intellectual property' times...
I'm surprised there haven't been more events of mods and tools being used as trojans. For all the concern about anti-cheat/DRM, PC gamers seem very selective over what sources of code they're running on their computers they scrutinize. There's an awful lot of users with "just enough" levels of knowledge where I think a tempting enough release with the right timing for a hot game could get a lot of installs.
What do you mean? There have been ton of stealers and RAT mods for games (and even for normal mobile apps too). It's absolutely a problem and a ton people fall victim to them.
Woah, cool to see a bit of how it all works. Seems similar to basic antivirus signature checking?
As a side note, a few years back, they had a GDC talk about a (then-new) machine learning based approach to catching cheaters. Regardless of how it worked out, I found it fascinating. The presenter delivered the problem and solution approach so well I'd still like to work on something like this some time. I think they're still updating this for CS2, so it would be really cool to see how far it's gotten now.
When VAC was originally introduced, CPUs only had 32bit architecture, not that 64bit hindered anything; but you could inject cheats in a near infinite amount of way, or have cheats read from memory directly, or have cheats do things especially through video drivers. Hell, glitching your nvidia drivers and setting things like Negative LOD Bias would allow you to see through textures in some cases (wall hacks)
It's been a cat and mouse game since the dawn of gaming and e-sports.
Fun fact: CS 1.6 competetive had what was called "Organner" when teams switched over from CAL to CEVO (first paid e-sports online league) and as well as ESEA which is acclaimed for its anti-cheats; the pro players you see/saw such as n0thing, summit-1g (not saying he did cheat, he wasn't pro in CS1.6, 1g was a pug team that meant 1st generation and a lot of us were in it) -- but everybody in the pro scene around that did cheat, or had cheaters on their team.
n0thing was banned from CAL rigorously for cheating in CAL-Premier and rejoined with complexity after ringing for other teams in CS1.6 matches (ban evading). he's admitted to cheating in CS 1.6, and found fame with Counter-Strike 1.6'd Evil Geniuses organization which encompanied the old compLexity roster.
These dickheads went on to make fortunes; not to say that they weren't good in their own respects, but people such as n0thing openly admit, and will admit if you ask them on the stream if they cheated in 1.6 to get to where they're at.
You could inject cheat codes through your mouse drivers at LANs and if you set a low FOV aimbot, it was undetectable: IE triggers when you aim at their chest, aims up to hit the head; and had advanced net code modifiers to land bullets in places you weren't aiming all together.
Knowing this, completely ruined the pro scene and wanting to watch these matches and personalities all together. To know how many legitimate players out there were passionate about these games, looking to go pro, and really enjoy competing at the highest levels couldn't because the skill gap was so significant, and then even more so because pro players had undetectable cheats.
Still to this day it is virtually impossible to detect hacks, however games such as DotA2 make it signifcantly harder to cheat by only sending frames/updates when it should; rather than old games sending all player data. I believe Valorant has a decent system but all in all; I helped run the leagues and the level and problem at which cheating was occurring, was known about, and not being able to prove what you know, would make you SICK if you ever enjoyed competing in e-sports.
Yet another reason why fighting games are the superior competitive scene. The only "cheat" you could realistically see at an offline event is macros, and the chances of a macro increasing your win rate are slim to none. And there are so, so many good offline events. Online there are more potential ways to cheat, but nobody really cares. Just blacklist the player and move on.
You can inject cheats directly in to the Xbox's back then directly through the fight sticks
You'd know though if somebody was cheating so not sure how crazy the SF scene had cheats but check out tool assisted; when I originally saw it I just put my head down
You cannot tell me fgs are "too complex" and then mention DOTA in the same breath.
I personally prefer watching a game that doesn't have downtime. Watching teams buy items and walk around is not interesting. So, so much downtime in all these big team games.
Can you even get a VAC ban these days? I feel like it just destroys your trust factor but doesn't actually ban you, and to be honest that seems to be pretty effective for isolating honest players from cheaters.
This isn't true, or at least it wasn't back in the day. The logic Valve seemed to follow was that VAC was "engine" bans. If you got banned in a GoldSrc game, you'd be banned in all games using that engine, but you'd be allowed to continue playing source games. The same was also true in the opposite case.
More importantly, this meant that getting banned in Modern Warfare 2, wouldn't get you banned in any other game, since no other games were released on that engine.
It would show on people's accounts though and in in Counter-Strike scrims and matches if somebody had a VAC ban on their record/profile you just kicked them if you could and found a new team to play.
So while engine specific, people still judged you, especially in pubs (public servers)
Been a _long_ time since I've played. Fucking cheaters.
nice write up! clear and informative. i was surprised to learn they roll it all in user mode, even though its not unbeatable its pretty good anti cheat, especially considering no kernel stuff (which can take shady or impractical turns for some other anti cheat ..)
Not quite CS, but I was part of a hacking scene that used to exploit C&C Red Alert 2, YR via Teds Relay and discovering the IRC lobby password being "supersecret".
Fun times were had as a script kiddie spawning the president and placing it in an IFV and just go demolishing the other players base with this fancy laser. But hey, I was 15 at the time.
Habbo Hotel too, being part of a "mafia" with a habbo multi hacker app; the flicker glitch that made your character blink causing lag. That and placing furni in rooms in the walls using ArtMoney filters. I discovered perl while messing with MSN bots; I miss those ages.
Others include NeoPets and Flash game hacking including RCEing the Money Tree claiming the loot before anyone else. Then I discovered IRC and Rx/PHAT botnets infecting via Windows 98 DCOM/NetSend exploits.
Tried it at school and next thing two of the colleges rejected my application, parents called and banished from using any computer in secondary school for the next two years. The college I went to was low-level polytechnic but the couple of the lecturers I had noticed my skill and homed me on a different path than being a BlackHat.
My moral compass kicked in and even now it's an itch I really want to scratch nowadays but PenTesting/CyberSecurity are too "prestigious" that the only chance is to fall in to.
So I've been an Sys/Unix Admin for past 18 years watching the world burn. I was using Linux (Debian/Slackware) when the kernel was at version 2 and Xorg was XFree86.
Luckily FreeBSD 8 gave me some fresh air after some IRC user rooted my box hosting my IRCd (on 56k) and did the honours of replacing Debian Linux with Debian kBSD. They left me a PM on IRC telling me to stay out of trouble and I've been using FBSD ever since. I'm 36. Never saw them again.
"Hey kid, stay out of trouble. btw your irc is down".
I will always remember that message waking up to a login MoTD with new root/password of some strange OS I had never used. I was angry that I lost my five botnet (T2 army) but I am grateful nowadays for it saving grace.
Not until many years later, I couldn't work out how they did until I came across of a backup of my early PHP3 script that allowed you to issue commands to the host. Apache was running as root and this was hosted in a public web directory (doy).
> Fun times were had as a script kiddie spawning the president and placing it in an IFV and just go demolishing the other players base with this fancy laser.
Oh. That's what happened to me. I always wondered where those lasers came from. I thought it was just a weird custom map.
Years ago for educational purposes I decided to venture down understanding how easy/difficult it was to create a hack for Counterstrike.
After just a few hours of watching YouTube tutorials and translating what I could grasp from C/C# into JavaScript (the only language I knew at the time), I had a working Node.js executable that edited memory offsets (using data from hazedumper[1]), letting me see enemies through walls and auto-fire as soon as they entered my crosshair.
I obviously only tried it out on an alt steam account for fear of the infamous VAC ban, but no such ban happened. I only toyed with it for a few weeks as I then grew disinterested but that definitely left a sour taste in my mouth for the "effectiveness" of VAC if a script kiddie like me at the time could throw together something custom in just a few hours, I'm sure it'd be much easier now with ChatGPT...
[1] https://github.com/frk1/hazedumper
I'll never understand what people actually get out of cheating in games. I'll admit I've tried it a few times just for giggles (way back in the Age of Empires II/MSN Gaming Zone days), but the novelty quickly wears off and then it's just not even fun anymore.
There must be some very interesting psychology behind this.
I've botted in a few MMORPG games and the appeal is that it's basically a new perspective on the game. Also makes it more of a technical challenge than a test of mechanical skill or free time / patience.
It still feels like a game in the sense that there's progression and rewards for progression. For example, learning how to read cooldowns means you can make smarter macros and double your income / cut kill time by half. There's even different "build paths" in that you can choose to go the memory reading build (fragile but reliable), network sniffing build (less fragile but expensive), or computer vision build (easy but unreliable and expensive).
From a technical perspective, the appeal is having an excuse to try out new stuff like SAT solvers, rules engines, or whatever ML thing I just learned about. It's also a good exercise in all the math and data structures + algos stuff I've learned but never use at dayjob. Optionally, building a UI to manage the bot is fun for the same reasons, an excuse to try out new frameworks / design choices / etc. It's basically another programming job but without the icky business / customer considerations.
Though I do agree that cheats in any PvP scenario is pretty lame. It has a much bigger negative impact on other players, and it's not as much of a puzzle (mostly aimbot and pathing). In comparison, PvE games are usually social and unless you're running a swarm of VMs, you're unlikely to affect the economy or otherwise inconvenience anyone.
Can't edit my comment anymore but for anyone that's played Factorio, it feels a lot like that. Both in the way you slowly switch out hand-fed systems for automated systems that build on each other and in how you get a unique base (bot) out of it in the end. Plus there's something exciting about beating the game in a way the devs didn't envision and one that other players haven't.
It's a technical challenge for the script kiddie making their own hacks, but from what I gather most PvP cheaters nowadays are paying (!!!) a subscription for their cheats.
It's pretty simple, nowadays the ONLY way to have fun in most multiplayer games is to win by any means. Outside of a few games like minecraft, every other game is designed around winning. 6 of the most played games on steam right now are some combination of competitive FPS / pvp survival or Dota 2. All of these games give you way more rewards for winning over just casually playing so over time the community is incentivized towards maximizing ELO, mastering the meta, and finding any ways to gain an edge on the competition.
I won't say it was better back in the 90s/ early 2000s but games had lobbies and people would just naturally drift around until they found one that satisfied their needs, be it playing more causally or for a more hardcore experience. Nowadays matchmaking is all controlled by the almighty algorithm which is just a glorified ELO/MMR system and dumps people together regardless of whether or not the game is "fun" for them. Worse yet "Quitting" is actively punished so you just have to stay in the game being frustrated and angry at your teammates until you lose. I always use pick up basketball as an example of how lobbies should work with people being given the choice of playing until they are tired/bored and punish trolls by excluding them forcing them to seek out another court or just start their own games.
Now that i have sworn off all competitive multiplayer games because i used to be a real fiend with several thousand hours in Dota 2 i have come to realize that as fun as the game is the fundamental failure of every matchmaking system is that your fun will always be dictated by how often you win because that's the only thing that is rewarded both in the game and by the community. If you look at any forum for these competitive games it's always the same complaints with people bemoaning that the balances is bad (AKA i don't win because if i did why would i complain), the game is too hard for newbies (AKA i don't win because the skill level is too high), and that the community is too toxic (AKA i don't win because i don't take the game too seriously and people get mad at me).
I'm much happier playing singleplayer games or exclusively cooperative games like Helldivers and Deep Rock Galactic and think most people would be too but they need to come to the realization that it's not the games fault per se but the underlying mechanics behind the matchmaking systems.
> fun will always be dictated by how often you win
Matchmaking is designed so that you win roughly 50% of the time (except for the very top), no matter how well you play. If you focus on playing better it's going to be a treadmill by design. OTOH some people accept that you're going to lose 50% of matches anyway, chill and keep to lower ELO.
I can see that working in a 1-v-1 game, but how does that work in a last-one-standing game? Each game would have 1 winner and N-1 players who lost.
On average you are the N/2 player to be eliminated...
[dead]
Cooperative games do still have the problem that you either need to have friends with the same interests and gaming schedule as you (the last one especially gets more and more difficult with age and real life responsibilities), or you play with randoms and then all the same annoyances with multiplayer games that you listed apply.
Helldivers 2 was exceptional for this in my experience - I met some great people from matchmaking, both when I was playing with IRL friends and solo. I know it’s only a video game but it truly felt like a proper bonding experience when you were trying to save the last of your team, or when you harmonised in such a way it just felt tactically perfect.
I need to hop back on that game.
I think you a misunderstand why people cheat. There is nothing "nowadays" about playing unfair. Minecraft is also a bad example, as it's also cheated, and botted to hell. If there is anything to gain in any context, and you get enough people interested, the people will try to maximize that gain, and some will not care about the rules, or the intent of the context.
I do agree about the conclusion though. The solution for the disappointment in online matchmaking is singleplayer, and multiplayer with friends. Both completely eliminate the bad actors.
I saw a forum interaction: "game is not fun, always losing" with the singular predictable response of course being "get good".
But if the complainant actually got good then all that did was reverse the roles...
I'd say the pendulum is swinging in the other direction -- Fortnite is bigger than most everything on Steam, and everything in that game feels like it's designed around you making progress through its battle pass in some incremental way. The world map has puzzles, there's a fishing mechanic, and it comes with a suite of non-combat alternate modes.
PC game market is also smaller than mobile games
> nowadays the ONLY way to have fun in most multiplayer games is to win by any means
That’s quite the hyperbole, I play plenty of multiplayer games and I enjoy myself plenty wether I win or not. Granted, games like Dota, Counterstrike or Tarkov are designed for a certain ultra-competitive audience, that’s fine, but there’s plenty of choice besides, more than ever.
These competitive games might be at the top of the charts, but they are rather niche in the grand scheme of things. It's just that the kind of people that play these games, they end up only playing that one game for years for a few hours a day. But in reality they are a minority and there are many more players spread out among all other games.
I think you are projecting your motivation to play games onto others, there are many reasons to enjoy games other than just getting those fake points at the end, and not everyone is as sore for loosing.
In games where available weapons/gear depends on some global "level", this could be a way to get your desired weapons without having to grind for weeks/months. I guess a silver lining of "pay to win" games is that you can now pay to avoid that.
I remember trying to hack the levelling-up mechanism on Crysis 2 - it worked by sending your post-game stats (client-side) to a master server, so editing those stats in memory before that happens would work (there seems to be no tracking of stats on the game server side - even though they could've had the game server relay that to the master server).
Memory is fuzzy but I think I managed to level up to a stage where I got the weapons I wanted. For my defense this kind of "cheating" only "cooked the books" on the leaderboards and did not give me any actual advantage in-game.
I wish more games let folks choose to grind for things or just have everything unlocked without grinding. I already have a job, I just want to play a game without another grind. I know some people love the grind, but I don't, I much prefer the L4D style "play what you want, how you want".
It's a nice idea, but it won't be applicable to all games...
I'm thinking of Ark:Survival Evolved here, where the grind on 'official' servers is insane - for example taming a Wyvern required you to be online more or less every two hours for three days. On the unofficial servers these were downtuned so you could do things a bit more easily.
But when we briefly ran our own server and realised that we could use god-powers to get the stuff we wanted without the grind... it turned out there wasn't really anything of a game left.
The prequel to this game (which had a bit of a cult following due to its insane hardware reqs, but frankly the multiplayer gameplay is good and sorely missed) explicitly did not have any global leaderboard or score system - instead, the "leveling up" was per-game-session and it took merely ~10-15 kills (~20 mins on a busy server) to earn enough points to acquire all the weapons you needed.
For a lot of them, they aren't cheating, they are compensating for bad teammates, bad servers, other cheaters, bad hit reg, bad sound effects, bad whatever they can dream up.
Cheating is "this is my actual skill level if there wasn't so much bullshit happening to me"
Of course this is all a lie, but it's what they tell themselves.
This is only true for the people who use the cheats, not the people who make them.
For the people who make them it's an intellectual exercise, like solving a puzzle, it's an end in itself. That and the social credit it gives you among your technical friends.
this discussion made me think of the people who build nukes vs the people that use them.
For the people that make them, they're largely making them for money.
At this point games like call of duty, especially warzone, is completely unplayable to me due to the massive skill gap. I spend more time in the game lobby than actually playing the game. Warzone is especially bad as you are kicked out when you die, no respawn. It makes for very frustrating gameplay.
I seriously considered cheating at some point just so that I can actually have some fun and get to the end-game without constantly fucking dying. But then I remembered there are other games that I also enjoyed playing, and then I stopped playing CoD.
My perception of the psychology is a malformed competitive drive. Competition is fun! But when it gets someone to the place of "Must win at all costs" it can be life-destroying. For the video game cheats, I think it starts out as "Must beat the other players", but then that gets (mostly) boring once they are actually are beating the other players, and it shifts to "Must beat the anti-cheat system."
I think you, and a lot of other people really overestimate the number of people for whom the technical challenge is why they cheat.
Seeing that the cheating industry is relatively large, and functions on a subscription basis; For the vast majority of cheaters the challenge is entering their credit card to get their cheat subscription.
These are people who want to win at all costs, other users be damned.
Maybe they think they're smarter than the others for using a cheat. "Outsmarting the system" etc.
> Competition is fun!
A bit, sometimes, maybe, for some. The only person you really need to compete with is your past you. The rest... it certainly leads to less happy life, unless you keep winning way more often than the rest.
And uncontrolled, it can very easily spiral into rather destructive personality patterns over time. Parents often fuck up their kids having them compete as much as possible, laying seeds for later issues. Competitive people always compare themselves to others, never happy with what they have, regardless of how much they achieved. Literal opposite of searching for happiness in life.
I don't know about your peers but I see this behavior often in high performance environment, high achievers with sad inner lives.
In single player games it is just another way to have fun. I mean, Minecraft creative mode is essentially equivalent to turning on all the cheats. It removes all the built-in challenge and then you come up with your own game.
It doesn’t seem very appealing to me, but I don’t think there’s any particularly interesting psychology behind it. Rather one could say I lack creativity and need monsters to motivate me to build anything.
Cheating in real competitive games is rude, though, for sure. But most people don’t play top-level competitive games.
Cheating in pseudo-competitive games like Overwatch or Dota is both rude and stupid. Because the game can just find people to match your cheat-augmented skill level anyway.
I was a cheat developer and I did hang out with cheaters and other developers. I'm surprised people in this thread haven't mentioned one big motivation for cheating yet. Plain old trolling, making other people mad at you, making them insult you in chat, etc.
There were TF2 bots that autonomously queued for the game's casual matches, spammed the chat, aimbotted and made the game generally unplayable for a while, you could host a bunch of them on a not so beefy computer and make them queue separately or together.
One of the features of those bots was streaming the chat logs from the matches into Discord/Telegram channels for cheaters/bot hosters to laugh at and make compilations of. It was funny and entertaining to see people having their moods ruined for no reason.
In game (TF2 specifically), when I see cheaters, they are usually also extremely annoying/purposely abrasive in other terms as well - frequent use of racial, transphobic, homophobic slurs, furry/anime/my little pony profile pictures, blatantly cheating while denying it, general smugness - they are trying to maximize the negative reactions they can get out of you. I'm really ashamed to have once been like that and I'm really glad that I grew out of it. It was absolutely not a healthy way to have fun for myself, and not a great community to spend time in (a lot of cheaters pretend to be extremely bigoted for a reaction, but some are genuinely like that). I met some genuinely good, talented people there, but they didn't stay involved with the cheating community for long, and eventually I left it too.
Back in the cs1.6 days there were servers that advertised as hacker servers. Obviously anti cheat was turned off, but the draw was that everyone was hacking and you could test your hacking skills. The goal was to see who had written the best hacking software. It was actually really fun and an entirely new way of playing the game.
This still exists in various games, it's called HvH mode
The result, and the taboo method gives a thrill. It's a power trip essentially. It is also used to close the perceived skill gap, or get revenge. Some people enjoy a very uneven power balance - in games, this means that they like to get an overwhelming win, or "stomp". Sometimes skilled people achieve this by playing in a league that is much less skilled than their own, "smurfing". Technically not cheating, but it's usually against the EULA, and creates essentially the same situation.
All in all, it's just power dynamics, and lack of compassion.
[dead]
even if everyone only tried it for a week, that still means there will always be a certain number of cheaters in games, because new players are always joining
I, quite literally, got a career! Started as a technical curiosity, gave me in-roads to very weird corners of the internet. Got to know many professionals I wouldn't have, otherwise.
Ultimately served as the most effective networking I ever did.
Same here :) Best learning experience of my entire life. Would recommend.
I never cheat in multiplayer (also because i don't like multiplayer with strangers), but i do cheat sometimes in single player games to speed up progress. I lack the time and hate the grind. If a game has a very easy or story mode i will happily select that one.
It's more of a thing in ranked things like Counterstrike, which are half game half unpaid job.
I did a lot of cheating back when I was younger. I mean, it was just fun being a dick and a god dominating the game
One anecdote: I "cheated" at EVE Online by writing an elaborate set of modding tools. Most of it was automation for really finicky tedious stuff like drone management, or automation for things like broadcasting your current target to other players in your party. I also hacked in workarounds for bugs in the official client. It enhanced my experience with the game a lot. On the other hand, lots of players were just botting.
I also maintained a browser addon for a while that had 100k+ weekly active users that added various features to a browser-based game. Eventually that game had such bad problems with botting and cheating that they had to introduce an anti-cheat system, and we basically got into a little arms race for a year or so where they'd add a new detection system and I'd circumvent it. Similar to the EVE Online modding it was things like workarounds for bugs in the game, improved UI, keyboard shortcuts, etc. Eventually they drew a line in the sand and said anyone using addons of any kind would get a permanent ban, so that was that.
I think the vast majority of cheaters are just in it to ruin other people's fun but sometimes people are violating ToS for a better or different experience with the game. It's unfortunate that the prevalence of malicious cheating means that anti-cheat technology also has to basically ban modding for fun.
I think those who use cheats are mostly school age kids who do it to troll people or to boost their self-esteem.
Given that the paid cheats market is a huge business and the prices are not insignificant, I'm afraid a lot of adults with stable source of income are cheaters too.
Sad people full of insecurities and other complexes, compensating it on strangers (well, failing miserably but there is always those few seconds of dopamine kicks). Sounds about right.
It’s actually probably pretty benign psychology in my opinion.
Nobody on your own team is really gonna notice if you’re cheating unless it’s speed hacks or something. So your own team is hyping you up for being a god, and it feels good.
Plus a lot of people like you - trying it out for the novelty. Most people aren’t doing it, but seeing it once ever 20 games would probably be enough to drive you insane.
> There must be some very interesting psychology behind this.
It feels good when you win! If you cheat, that just means you're smarter than the other player.
Winning is fun. Cheating makes you win.
Because the average joe needs the sense of achievement. Lots of people have near zero success in life, or power above something, and this is their supplement.
Plus most of the modern multiplayer games, especially fpses, are centered around a few individuals who have skills above the herd or they are playing by different rules (meaning of this is up to you...) and everyone else is just filler so that these above average players can "harvest" them. Just like Bodybuilding. You have the top notch competitors who everyone tries to imitate. And that is what sells the supplements, while all they buy is an illusion that one day they can achieve the same physique.
So let's say you have Apex Legends where well known players show how they literally obliterate everyone else. So the matchmaking (which is deliberately shit) sends these "predators" to hunt the prey, who are essentially sheeps.
People watch these streamers and try to imitate or get to know how to be at the skill level they have (which is near impossible for several reasons, I'd rather not explain). So the whole business centers around these outstanding persons, and the sheep buy the shiny digital bullshit, thinking that might elevate them to the "bigname" monkey's level.
[dead]
[dead]
It’s the ultimate meta play - it’s no longer you vs the game, it’s you vs the game developers.
I ran a botting SaaS for Aion years ago, and the constant cat and mouse was what kept me going at it.
How did editing memory offsets auto-fire based on enemies entering your crosshairs? To my knowledge this would require some code hooking at least. (Or are you using "editing memory offsets" to mean "writing new instructions into the process' memory"?)
Win32 API mouse input and trigger a mouse click in Windows when crosshair on enemy head (more likely when crosshair is within enemy head position).
That would require a lot more than editing memory offsets though.
No they just read the memory. The whole point of an external cheat is to only read memory. They can still use Win32 to send inputs.
How do you determine whether the mouse is over an enemy head? Is there some variable the engine maintains for that?
For Counter-Strike 1.6, source and GO your crosshair would change and indicate that you are aiming at a player. Not sure about CS2, but wouldn't rule it out either.
It's a bit slow, but you could grab the player ID, then check if the player is on your team or not and then fire. Either by sending a mouse input, or if I remember correctly by writing to a specific address.
However, with enough knowledge (which is mostly documented online) you could actually pull out the hitbox, skeleton and animation data and just run the line-box intersection step yourself. Easier to do internally by hooking in-game functions though.
There is a list of entities in memory, models have "bones" for animation purposes, knowing the address of entity in memory you can find out if it's an enemy player (compare team ids), where the head bone origin is, and you also can read the view angles of your own player to see where you're looking. The tricky part would be doing a ray cast to see that you can actually hit the enemy and not shoot a wall - internal cheats can just call builtin game functions, externals can't.
No experience, but I think the game seems to track it? The default crosshair seems to change depending on what you're aiming at.
Read the player position and camera from memory, read enemies positions from memory, use basic maths to detect if camera is pointing at an enemy.
or the game engine could track internally what the player is looking at (GTA does this).
In Source Engine games, your inputs are stored in a struct ("usercmd", if I remember correctly) before being sent to the server in a client tick. You can modify that struct, a mouse click there is a bit flip on one of the fields. Rotation and movements are float fields. Modifying that struct makes your client send the "inputs" without a need to actually "call" anything.
I once tried an early GTA V multiplayer mod, pre-FiveM, that used .NET as a basis. They didn't apply any protection to their mod DLL though, and it was trivial to modify it in any way one liked with DnSpy.
I used it to completely automate a grindy task on a server complete with chat hooks, and automatic teleportation to sell the items and back. And also implemented a trainer of sorts with all sorts of functions. The networking didn't appear to handle the teleportation well, and to anyone else my character never moved.
I ultimately didn't use it as an advantage in any meaningful way, I only played to see how far I could mod it and stopped, but never used it against anyone, and stopped playing once I was satisfied with my ill-gotten gains rotting on my account.
Reported it to the devs afterwards, who seemed disinterested but did at least obfuscate the binary, but neglected to do the same to the client JS API loader, so I used that to inject custom client scripts and override server supplied client code.
I'm sure people could do more interesting stuff with BepinEx/Harmony these days, but I never had enough inclination in .NET to learn to implement those. But it was still really fun to twist the game around like that.
these days you can open the devtools for the web-based inventory systems and start sending malicious events straight from the console. filed as not-a-bug...
> I only toyed with it for a few weeks as I then grew disinterested but that definitely left a sour taste in my mouth for the "effectiveness" of VAC if a script kiddie like me at the time could throw together something custom in just a few hours, I'm sure it'd be much easier now with ChatGPT...
The thing is, VAC doesn't immediately ban you. Or anyone else. It's looking for suspicious patterns across hundreds if not thousands of players and collecting evidence over weeks if not months to make sure they got relatively low false-positive rates and don't end up banning people for a Windows update gone wrong... and additionally, it raises the iteration time for cheat developers as well, and that's the true point. Show cheaters immediately that they're spotted and the only thing you enter is an immediate arms race.
Your way of writing a cheat was probably detected but since no one else used it, VAC didn't trigger.
Blizzard's battle.net used to do that. They'd ban in waves. I imagine immediate bans would make it much easier for cheat authors to figure out which cheats were detectable and which weren't.
I haven't followed recently, but what I have understood is that clear known old public hacks can result immediate ban. For newest hacks they will gather cohort and then do them in wave. Thus making it harder to evade detection or notice what exactly was detected this time.
Unlikely. Last I looked, VAC only looks at a few gross elements, like the names of the DLLs loaded into the game's process. If you don't match a blacklisted name, you're probably not detected.
And user account names. At least at one point you could catch a ban for having an account named "catbot" when running on a linux box. Admittedly that was probably quite a reasonable litmus test in practice even if not in principle.
I'm surprised someone remembers this, considering how long ago it was, the fact that Valve publicly denied this later, and that most people (on the side of publications reporting that situation initially and outside observers on reddit and other platforms) didn't understand/didn't care for the difference between linux user account names (that caused the bans at that time), steam display names, steam account names and steam custom profile urls.
I have a suspicion that that was FUD spread by the cheat creators. Back then I decided to test that by creating a user named like that and running Steam from there. My account did not receive a ban.
It was real, but maybe the username wasn't the only data point they used. Considering that:
1. Brand new Steam accounts were banned after logging in to Steam client, before even launching any game
2. Replacing "catbot" in user accounts with a random string stopped the bans completely
3. A linux VAC module, dumped similarly to the method described in the article, had access to usernames - I think it was via a getpwent() call. It also collected some other info about the environment (I don't have that binary anymore).
You can probably agree that user account names played at least some role in the bans, even if they weren't the only factor.
* I can't provide concrete evidence for either of those three points as the events took place 8 years ago, feel free to not take my word for it. Maybe you can find someone else from that circle who still has dumped VAC binaries, links to the empty banned accounts or a clone of bot orchestration software repository with a commit that renamed the user accounts and stopped the bans. Maybe even chat logs from that era.
Anyway, at this point it's just a funny piece of tf2 cheating history that has zero impact on anything anymore. So you might as well think it was all fake and I'm just making stuff up, it doesn't matter.
If people want to test these kinds of exploits, you can do so on a server that is not VAC-secured. That won't risk your account being VAC banned. (Of course, if you really want to be sure, use a secondary account and a server that's not VAC-secured)
>then grew disinterested
*Uninterested or just you lost interest. Disinterested means "not influenced by considerations of personal advantage."
Arriving at college back in 2001 my roommate and I setup a CS server. A lot of the freshman were getting their own computers for the first time, and had not ever played computer games before so we basically kickstarted a CS community. I think it took about a month before a lot of them started cheating. It is kind of ridiculous how much of a plague cheating is on competitive gaming. Back then we would just observe the players and then ban their IPs. Which was luckily enough given how the campus network worked.
I am not a fan of the signature-based techniques used by VAC, et. al.
I've lost a few steam accounts to accurate but unintended (i.e., not actually cheating) detection of debugging tools attached to totally unrelated processes on the same machine. Having anything open like cheat engine or Tsearch while you join a lobby is a guaranteed ban no matter what. Ethical hacking and malicious hacking are indistinguishable from the perspective of this kind of machine-wide blind signature detection.
Statistical techniques can dramatically reduce false positives in cases like this. If someone at Valve had taken 10 seconds to review my stats during the detected interval, they should have been able to conclude I was not a threat to fair play.
> Having anything open like cheat engine or Tsearch while you join a lobby is a guaranteed ban no matter what.
I think a no-brainer solution here, which I am surprised isn't used, is to just immediately kick the account when a well-known signature, such as CheatEngine, is detected. If the program isn't even attempting to get around VAC, there is no point in doing the whole "delayed ban" thing.
Or even banning at all. As you say, kick out of an abundance of caution. Any serious attempt at rule breaking is going to involve at least some basic obfuscation so if that's missing it's a strong indicator of a false positive.
That said, my snarky response is "I hope you learned your lesson about the need to restrict proprietary software to a container at all times".
>If someone at Valve had taken 10 seconds to review my stats
It seems super reasonable when it's a one-off thing for your own account. When you think about making it into policy and scaling it up to 1000s of interactions, it quickly becomes unreasonable.
>Statistical techniques can dramatically reduce false positives
For a period of time, anyways. Until the statistics get gamed by the cheaters (e.g. adjust accuracy of your auto-shoot from 100% to 85% or whatever).
Computation isn’t likely prohibitive when using the bedrock of predictive models, linear regression, especially w some optimization. Could also vary observation time so you only need a prediction once every ten minutes or whatever
The real issue is the cost of false positive detection of cheating is negligible since the vast majority of positives are probably true positives—it’s the cost of doing anti-cheat business (minimal)
But yes cheats would be modified to just below thresholds of detection
>Computation isn’t likely prohibitive when [...]
I think this might be in reply to my first comment about scaling? If so, I just want to clarify that I was thinking more along the lines of scaling the customer service/ban appeal side rather than infrastructure.
If, for example, every ban had a component of someone at Valve taking 10 seconds to review in-game stats at the time of the ban, and then making a determination of whether or not those stats seem reasonably non-cheater-ish (pretty hard policy question in itself), the process would slow to a crawl.
You could just do a basic automated review of stats. If someone has a 50% win rate and a 20% accuracy, they're probably not cheating - what's even the point of cheating if you don't win more often than chance?
Cheating to help someone else/your other account.
> adjust accuracy of your auto-shoot from 100% to 85% or whatever
Sure - looking at K/D, accuracy, etc., is an important factor in a statistical model.
Statistics can also include: Map name, player transform on the map, keyboard and mouse events, GPU utilization, audio playback events, etc. These are all very high information time domain signals that can be correlated with the same from any other player.
After a certain point, I don't think it matters if it is publicly known what your signals are. The amount of information becomes overwhelming in aggregate. You can impose the curse of dimensionality on the cheater.
>Statistics can also include: Map name, player transform on the map, keyboard and mouse events, GPU utilization, audio playback events, etc. These are all very high information time domain signals that can be correlated with the same from any other player.
I don't think these are the type of stats the parent was referring to when they said "If someone at Valve had taken 10 seconds to review my stats".
But sure, those are all examples of statistics to start logging, analyzing, and cross-referencing. (I would argue most of the statistics you listed are of little to no use in identifying false-positives (or good cheaters), but I understand the point you're making with those examples.)
It would maybe reduce the false positive rate by some amount at an increased monetary (and complexity) cost to themselves. I think it would be well past the point of diminishing returns though. Setting up all the infrastructure, policy, processes just to reduce false-positive rates by a few percent, maybe?
I think I'll stand by "that's unreasonable" and "cheaters will game the statistics".
I understand the sentiment but I can't bring myself to think valve is to blame or should be doing more. Getting a case of "Yes officer, I have an NO2 bottle in my trunk, but what it is plugged to is not actually the air intake for my car but something entirely unrelated, if you just take 2 hours to dig around and take it apart you'll also realize this"
Thats such a bad example. Ofc you can carry NO2 bottles plugged into something, if its not air intake of your car, and investigation should happen finding you not guilty.
… unless you plug it into your mouth
When you're accused of breaking the law, your accuser must prove you have broken the law. If they cannot, there are actions you can take to recoup your damages.
Valve can ban you for any or no reason with no means of recourse or refund.
Totally the same thing, yeah.
You're right that they're not the same thing. The government has a legal monopoly on the use of force. Valve sells games.
Actually, VAC handles Cheat Engine and the like very well. You won’t get banned for simply having them open, only for having them attached to the game, which I think is reasonable.
I used to use CheatEngine on single player games that I ran through Steam, and I don't recall Steam having a problem with that at the time. Not sure if it's changed, but it was pretty reasonable.
Never used it on Multiplayer games though.
VAC is only used in multiplayer games. (And even then, only in a limited number of games - https://steamdb.info/charts/?category=8)
> If someone at Valve had taken 10 second to …
Looking up some quick stats, Steam has 132 million monthly active users and 69 million people use Steam on a daily basis. Not all those games are using VAC, but just looking at CS2, it routinely has over a million players playing it.
Nobody is going to “take 10 second to review” anything with those numbers.
signature detection can also make a false positive if running under Wine or in a VM (that's for example why you can't play League of Legends or Valorant with GeForce Now anymore since Riot revealed their new anti-cheat...)
Back in 2000-2005 I was very active in a community centered around 20 or so modded Counter-Strike servers which I volunteered as an admin on. We were generally good about having at least one admin on each server at any given time to deal with cheaters. Occasionally someone wouldn’t be around though.
There was a period of time lasting about a month or two where a player with a name like BELT SANDER or ANGLE GRINDER or TABLE SAW hung around. They were pleasant and unremarkable, but they frequently used new Steam accounts and switched IPs.
This person definitely wasn’t supposed to be an admin, but if they were around when someone was cheating and no actual admins were there, they’d somehow elevate their own permissions and ban the offending player. We tried to figure out what was happening and to see if we could somehow stop them, but we never did manage it. They were somehow gaining rcon access to the host server. After a while we just shrugged our shoulders. They didn’t seem to be harming anything, other than our peace of mind about our security. Overall they were actually really helpful for stopping late night/early morning disruptions.
I used to write cheats for CSS & other Source games. Not sure if the original CS would have the same vuln, but iirc you used to be able to use an INetChannel::ReceiveFile function with path traversal to grab the server config. There were a few cool hacks around the file path filtering logic they added in my era that (combined with ::SendFile) enabled a fun period of arbitrary RCE on Source servers.
I knew one person who made a wormable payload for a game I won’t disclose which used that method. The methods are in engine.dll so it’s symmetric, clients would infect servers, which in turn infects more clients, etc. Around then was when I decided to start gaming from a VM lol.
> Around then was when I decided to start gaming from a VM lol
How?
Maybe I’m getting my dates mixed up but CS was released in the late 90 / early 90s and consumer virtualisation wasn’t nearly good enough to game in for another 10 years.
Consumer CPUs didn’t have virtualisation extensions and GPU paravirtualisation wasn’t available either in the early 2000s.
VMWare wasn’t even any good for just running Windows 2000 (I mean, it was seriously impressive tech for its time, but it was dog slow even for just basic basic things). So you’d be stuck with Xen for anything serious. And that wasn’t trivial to get set up back then.
Plus given the lack of drivers for virtualised hardware like soundcards and network interfaces, you’d likely be stuck with full fat emulation for those devices.
They said Counter Strike: Source, that's 2004-2013. I'm still curious though, if it worked at all performance must have been awful.
VMWare supported OpenGL passthrough well enough for the early Source games.
Ahhhh, that makes a lot more sense. Thanks
Maybe you would be the person to answer this. Back in 1.6 it was common to install amxmodx for use as admin software in game. There was a function in one of the menus that would open up a players disc drive on their PC! I was an admin on a wc3 fun server back in the day and would do it to people for fun. Too young at the time to ever think more about how that was actually done or what security vulnerability that must have been exploiting! I always wondered how it was done.
This exploit has its origin in the Quake engine. I remember exploiting the same thing in CoD4 (2007) and I believe even the release version of Black Ops I was vulnerable. It was known as the ‘q3dirtrav’ vulnerability.
Well, it was running the same engine (q3) even if heavily modified.
Interesting, a friend of mine did that in GMod, leading to the infamous 'cough' virus. (Yes, all the 'journalism' around this is wrong, and it's not the person commonly blamed for it).
I love this story. Feels like a modern take on one of those old "hidden master" stories where offending the quiet old man turns out to be a disastrous idea.
Another way in some games is to cheat even harder against the cheaters, like repeatedly insta-headshot-spawnkill them until they leave.
rcon_password admin123
I stopped playing because I felt I could not trust other players, I was getting too paranoid. There were not that many blatant cheaters, but with closet cheaters, it's now very difficult to know if your opponent is better than you or cheating in subtle ways. It's a grey zone.
I guess it's the combination of a frustration of losing matches and the constant suspicion. I was constantly trying to probe things and watching replays, it ruined the game because I was always focusing on cheating.
Ultimately, I think most CS players don't really care about subtle/closet cheaters, so as long as they don't feel it, it's fine, the game keeps its high player count, so it's a good facade and valve is happy with that.
CS is a game I can really enjoy, until I couldn't anymore.
In one specific area, I think this was actually the point, and that was Minecraft servers.
Minecraft minigame servers were very competitive, and very shady, using every dark pay-to-win, gacha psychology trick in the book and even some new ones (in particular, pay-to-unban). They also had very public, competitive popularity rankings among themselves, which players actually used to pick a server.
So I'm pretty sure they also actually paid account stealers to go to competing servers and cheat. The account stealers didn't have any better ways to monetize their huge lists of stolen account credentials.
What makes me think this is the huge number of accounts who would cheat in obvious ways and immediately get banned for it. There didn't seem to be much effort to avoid bans, but when you can join minigame after minigame, and all of them have one guy who ruins it by cheating and immediately gets banned, I think that's economics at play, not just psychology.
I'm closing in on 3000 hours on cs2, and I often get accused of cheating, but I never have. You're definitely right about people being upset and thinking that someone is hacking. I'm pretty good at spotting "togglers" (people who turn their hacks on and off) but there are certainly times where it's really hard to tell, people can be very sneaky about hiding it. Then sometimes someone will call them out and they'll stop pretending.
It's been quite a while since I've seen anyone spinbotting though.
Same problem here. I doubt I'll ever touch an online competitive game ever again . Back in the 90s and even early 2000s cheating was different as people would be extremely blatant and it would sometimes even be funny watching people fly around in Halo. These days there is actually profit to be made through cheating by winning tournaments and streaming. Thus they now hide it as best as possible and even pay large sums of money for individualized cheat software. The game is now to cheat as best as possible without getting caught.
There is no way to guarantee all participants are legitimate so I am not interested. It feels like a complete waste of time putting in the effort.
> To be continued
Unfortunately, doesn't look like the followup post (about analyzing the VAC DLLs) has been written.
Maybe Valve sent Moose and Rocco to have a conversation with the author (Caddyshack reference).
Better than moose and squirrel.
As an early admin of the Steam forums it was always fun when people came on to say they’ve been false VAC banned. There was sometimes the grand denial of any cheating, then the “well my little brother did install something but I didn’t use it”, followed by silence as they gave up.
Remote Code Execution like loading DLLs from a server and executing them sounds like malware.
It's "just" an automatic update, like Chrome, etc.
It's one entry-point among others for RCE. If tomorrow NSA wants to gather any files on your computer, all they need to do is to ask Google to push an update for you through Google Omaha.
https://epic.org/wp-content/uploads/privacy/nsa/foia/NSA-Goo...
Google and NSA have a "partnership".
Valve could also have such partnership in theory, through VAC, though unlikely in practice.
I'm really curious about this but searching for "Google Omaha" doesn't return anything related and the linked FOIA request is... just a request, which I assume anyone can write whatever they want in the request.
The request itself isn't very damning either. It just make references to vaguely worded "partnerships", and apparently uses that to imply that Google is handing over data. Even if we take that at face value, it says nothing about OP's claim, which is that NSA can ask google to serve backdoored updates.
>If tomorrow NSA wants to gather any files on your computer, all they need to do is to ask Google to push an update for you through Google Omaha.
They could in theory, but has this actually happened in practice? Pushing a rogue update isn't exactly a novel idea, but despite decades of government document leaks and APTs being analyzed, there's scant evidence that any government pressured a company to push a rogue update. Same goes for other threat models like "government pressuring CAs into issuing a certificate".
For CAs that'd likely get them kicked out of browser trust stores if someone detects it. And if it becomes known that a corporation pushes government-malware updates then that corporation would lose trust too.
So playing that card means moving the entire planet into a lower-trust equilibrium where everyone has to defend against that. In a better-coordinated world the conclusion from that would be "let's not do that", alas on this Earth TLAs have shown that they're willing to burn the commons, forcing a response like RFC 7258.
Valve has the same feature - it is deployed on more .ru machines than chrome.
I get chromium & firefox from my distro's repos
Linux distros are vulnerable to the same supply chain attacks. Did you ever do a background check on your distro maintainers? How many of them have email addresses from non-democratic TLDs?
If they want to publicly publish their exploit chain for everyone who uses the distro that's their choice.
how is this any different than the Google sells your data to Ads centre????
The other day I mentioned that it's not OK for games to be proprietary software and/or use unethical software like DRM (which tbh anti-cheats are as well). I got accused that I wanted game developers to starve to death.
I'll chime in here as a game developer: my upcoming release will be an NES cartridge[0] and probably a Steam app. I'll be adding no DRM, because I generally trust that folks that weren't going to pay aren't going to be converted by its presence, and that honest folks want to support my work. Whether the storefronts I release on add their own is up to them, and frankly I don't care.
Separately though, anti-cheat is another ball of wax entirely, and I have extremely mixed feelings in this field. Generally I favor "cheat detection should be serverside, don't trust the client" from a general security perspective, but... I can totally see a valid case in there, somewhere, for more rigorous clientside checks. Somewhere along that line though is rootkits and malware, and... well, no, please tell me up front that you loaded your game engine with these things so I can save my money and purchase something else, thanks.
[0] Using a custom mapper, which will help initially to discourage low-effort bootlegs at the very least. It's open source though, and will not be too difficult to add to emulators, at which point the dumped ROM should play fine on them.
> Generally I favor "cheat detection should be serverside, don't trust the client" from a general security perspective, but... I can totally see a valid case in there, somewhere, for more rigorous clientside checks.
Yeah...
The simple fact is, it's simply not possible to have completely server-side cheat detection simply because you'll be relying purely on heuristics which could very well be wrong. It's just not going to be possible to tell the difference between a cheater and a really good player.
For any cheat detection to work, it has to be client-side.
And the counter is fairly straightforward: any client-side cheat detection has been broken. You can't trust the client. It doesn't work, your server just thinks it works because it's lying to you now.
Client-side cheat detection can work for tournaments, but it's way simpler there: the tournament provides the hardware, and the players aren't permitted to install anything. This doesn't irritate me quite as much from a security perspective of course, because I am not about to log into my banking site on the presumably insecure tournament device. It's also imperfect: a sufficiently motivated pro player might bypass whatever locks you installed on the thing, especially if they get to spend any time with that device unmonitored.
Even better than that, tournaments have a way better cheat detection method anyway: point a camera at the player's hands. It's suddenly really, really obvious if they're cheating!
I think an overlooked approach is the snapchat model. Absolutely littered with client side integrity checks coupled with an automated obfuscation solution so that the checks in each binary end up being wildly different. Then you frequently push an updated binary and refuse to operate with out of date ones.
At least for competitive AAA titles I don't see why there couldn't be a daily update of the core binary. None of the assets would change so it wouldn't be a large update by any means. In effect it would prevent cheating by imposing impossible work and latency requirements on the tool authors.
The cost of doing this is employing at least one person with deep compiler knowledge who is capable of maintaining the automated system. Obviously that's far too much to ask of indie devs and is probably also out of reach for older titles in most cases.
This is of course all aside from the obvious and common sense but more expensive solution of player flagging, human review, and a binning algorithm (such as trust factor). Avoids needing to ban anyone in the first place and has the added benefit of being at least mildly effective against computer vision based botting solutions (for which there is fundamentally no solution).
Or just private servers and let the individual admins sort it out but god forbid players be permitted to run their own communities corporate might lose out on profit if that were a thing (can't risk another DotA after all).
that's where you turn and say: well, the game developer executives however...
In all seriousness, DRM/anti-cheats => rootkits/rats. Don't fall for it. Demand better.
Can't say for DRM, but there's much bigger demand to play a multiplayer action game without experiencing cheating than demand for a similar game that's not a rootkit. Cheaters are nasty. Devs make rootkit anti-cheats simply because there's no better alternative, not because they're evil.
We need to define nebulous terms like 'better'... to a company that's synonymous with what is 'cheapest' to their bottom line. To a player, that's a more effective anti-cheat.
To my understanding, the latter is much more effectively solved server-side, but is more costly for the company to run.
I'd rather play a game with server-side anti-cheat than player-side-anti-cheat.
All games are different, and for some game, this may be true, but what I, personally, have in my mind in a discussion about intrusive anti-cheats is a fast shooter with lag compensation like CS or CoD, and for them, this problem is not solvable only server-side.
CS:GO actually have heuristics and ML to flag cheaters server-side, but that's only another line of defense - the majority of defense is on the client-side anti-cheat. It's called VACnet, and its bans are temporary - most likely because of false positives.
It's unfortunate, but it is how it is.
There are countries that believed farming should not be profit oriented and curiously they happen to be the ones to have breadlines.
It is no coincidence that America and Japan, the two countries with the most draconian copyright protections, continue to be the dominant player in the game industry.
Profit motive and the ability to reinvest previous profits into future products is the greatest force multiplier in our planet’s history bar none. You can either suck it up like China did in the 90s and convert to a capitalist economy, or stay in the breadline forever. Oh, in this case, I mean play tux racer forever :P
Oh, I've heard this one before! Steve Ballmer, is that you? I thought we were past the 'open-source is communism' and 'cancer on intellectual property' times...
I'm surprised there haven't been more events of mods and tools being used as trojans. For all the concern about anti-cheat/DRM, PC gamers seem very selective over what sources of code they're running on their computers they scrutinize. There's an awful lot of users with "just enough" levels of knowledge where I think a tempting enough release with the right timing for a hot game could get a lot of installs.
What do you mean? There have been ton of stealers and RAT mods for games (and even for normal mobile apps too). It's absolutely a problem and a ton people fall victim to them.
now think about in kernal anti cheat doing that ....
Woah, cool to see a bit of how it all works. Seems similar to basic antivirus signature checking? As a side note, a few years back, they had a GDC talk about a (then-new) machine learning based approach to catching cheaters. Regardless of how it worked out, I found it fascinating. The presenter delivered the problem and solution approach so well I'd still like to work on something like this some time. I think they're still updating this for CS2, so it would be really cool to see how far it's gotten now.
https://www.youtube.com/watch?v=kTiP0zKF9bc
When VAC was originally introduced, CPUs only had 32bit architecture, not that 64bit hindered anything; but you could inject cheats in a near infinite amount of way, or have cheats read from memory directly, or have cheats do things especially through video drivers. Hell, glitching your nvidia drivers and setting things like Negative LOD Bias would allow you to see through textures in some cases (wall hacks)
It's been a cat and mouse game since the dawn of gaming and e-sports.
Fun fact: CS 1.6 competetive had what was called "Organner" when teams switched over from CAL to CEVO (first paid e-sports online league) and as well as ESEA which is acclaimed for its anti-cheats; the pro players you see/saw such as n0thing, summit-1g (not saying he did cheat, he wasn't pro in CS1.6, 1g was a pug team that meant 1st generation and a lot of us were in it) -- but everybody in the pro scene around that did cheat, or had cheaters on their team.
n0thing was banned from CAL rigorously for cheating in CAL-Premier and rejoined with complexity after ringing for other teams in CS1.6 matches (ban evading). he's admitted to cheating in CS 1.6, and found fame with Counter-Strike 1.6'd Evil Geniuses organization which encompanied the old compLexity roster.
These dickheads went on to make fortunes; not to say that they weren't good in their own respects, but people such as n0thing openly admit, and will admit if you ask them on the stream if they cheated in 1.6 to get to where they're at.
You could inject cheat codes through your mouse drivers at LANs and if you set a low FOV aimbot, it was undetectable: IE triggers when you aim at their chest, aims up to hit the head; and had advanced net code modifiers to land bullets in places you weren't aiming all together.
Knowing this, completely ruined the pro scene and wanting to watch these matches and personalities all together. To know how many legitimate players out there were passionate about these games, looking to go pro, and really enjoy competing at the highest levels couldn't because the skill gap was so significant, and then even more so because pro players had undetectable cheats.
Still to this day it is virtually impossible to detect hacks, however games such as DotA2 make it signifcantly harder to cheat by only sending frames/updates when it should; rather than old games sending all player data. I believe Valorant has a decent system but all in all; I helped run the leagues and the level and problem at which cheating was occurring, was known about, and not being able to prove what you know, would make you SICK if you ever enjoyed competing in e-sports.
Yet another reason why fighting games are the superior competitive scene. The only "cheat" you could realistically see at an offline event is macros, and the chances of a macro increasing your win rate are slim to none. And there are so, so many good offline events. Online there are more potential ways to cheat, but nobody really cares. Just blacklist the player and move on.
Reminded of the Super Pichu story where someone modded his ISO of Melee to increase Pichu's stats during a Melee tournament.
Fucking agreed. But if you check out street fighter on youtube with 'Street Fighter mike ross tool assisted' https://www.youtube.com/watch?v=pWS3Kq5p77k
You can inject cheats directly in to the Xbox's back then directly through the fight sticks
You'd know though if somebody was cheating so not sure how crazy the SF scene had cheats but check out tool assisted; when I originally saw it I just put my head down
Yea but boring or too complex, just not fun to watch. There is a reason CS and DoTA/LoL is waaaaay bigger :)
You cannot tell me fgs are "too complex" and then mention DOTA in the same breath.
I personally prefer watching a game that doesn't have downtime. Watching teams buy items and walk around is not interesting. So, so much downtime in all these big team games.
Csgo added it a few years ago as well. Works in fps games with simple maps.
Can you even get a VAC ban these days? I feel like it just destroys your trust factor but doesn't actually ban you, and to be honest that seems to be pretty effective for isolating honest players from cheaters.
> Being banned from all “GoldSrc” games
This isn't true, or at least it wasn't back in the day. The logic Valve seemed to follow was that VAC was "engine" bans. If you got banned in a GoldSrc game, you'd be banned in all games using that engine, but you'd be allowed to continue playing source games. The same was also true in the opposite case.
More importantly, this meant that getting banned in Modern Warfare 2, wouldn't get you banned in any other game, since no other games were released on that engine.
It would show on people's accounts though and in in Counter-Strike scrims and matches if somebody had a VAC ban on their record/profile you just kicked them if you could and found a new team to play.
So while engine specific, people still judged you, especially in pubs (public servers)
Been a _long_ time since I've played. Fucking cheaters.
nice write up! clear and informative. i was surprised to learn they roll it all in user mode, even though its not unbeatable its pretty good anti cheat, especially considering no kernel stuff (which can take shady or impractical turns for some other anti cheat ..)
Not quite CS, but I was part of a hacking scene that used to exploit C&C Red Alert 2, YR via Teds Relay and discovering the IRC lobby password being "supersecret".
Fun times were had as a script kiddie spawning the president and placing it in an IFV and just go demolishing the other players base with this fancy laser. But hey, I was 15 at the time.
Habbo Hotel too, being part of a "mafia" with a habbo multi hacker app; the flicker glitch that made your character blink causing lag. That and placing furni in rooms in the walls using ArtMoney filters. I discovered perl while messing with MSN bots; I miss those ages.
Others include NeoPets and Flash game hacking including RCEing the Money Tree claiming the loot before anyone else. Then I discovered IRC and Rx/PHAT botnets infecting via Windows 98 DCOM/NetSend exploits.
Tried it at school and next thing two of the colleges rejected my application, parents called and banished from using any computer in secondary school for the next two years. The college I went to was low-level polytechnic but the couple of the lecturers I had noticed my skill and homed me on a different path than being a BlackHat.
My moral compass kicked in and even now it's an itch I really want to scratch nowadays but PenTesting/CyberSecurity are too "prestigious" that the only chance is to fall in to.
So I've been an Sys/Unix Admin for past 18 years watching the world burn. I was using Linux (Debian/Slackware) when the kernel was at version 2 and Xorg was XFree86.
Luckily FreeBSD 8 gave me some fresh air after some IRC user rooted my box hosting my IRCd (on 56k) and did the honours of replacing Debian Linux with Debian kBSD. They left me a PM on IRC telling me to stay out of trouble and I've been using FBSD ever since. I'm 36. Never saw them again.
"Hey kid, stay out of trouble. btw your irc is down".
I will always remember that message waking up to a login MoTD with new root/password of some strange OS I had never used. I was angry that I lost my five botnet (T2 army) but I am grateful nowadays for it saving grace.
Not until many years later, I couldn't work out how they did until I came across of a backup of my early PHP3 script that allowed you to issue commands to the host. Apache was running as root and this was hosted in a public web directory (doy).
> Fun times were had as a script kiddie spawning the president and placing it in an IFV and just go demolishing the other players base with this fancy laser.
Oh. That's what happened to me. I always wondered where those lasers came from. I thought it was just a weird custom map.
[dead]