Come on now man, like every mainstream PC developer is shipping broken garbage in 2020.
As I posted this I just remember DSfix and the one for Nier:A (special K?) alright fair
-
Ever wanted an RSS feed of all your favorite gaming news sites? Go check out our new Gaming Headlines feed! Read more about it here.
-
We have made minor adjustments to how the search bar works on ResetEra. You can read about the changes here.
[Ars Technica] Ring 0 of fire: Does Riot Games’ new anti-cheat measure go too far?
- Thread starter Deleted member 18944
- Start date
As I posted this I just remember DSfix and the one for Nier:A (special K?) alright fair
Cheating is rampant in competitive FPS. If you're above gold rank in Rainbow Six, every match is a dice roll as to whether one or more cheaters will be in your game.
And I assume you're implying most cheaters are based in China by saying region/ping filters will fix it? R6 already separated China into their own client that can't swap regions. The problem still remains.
not a bad idea actually, but I can see why riot wouldn't go for it.
Well I don't have. (And even files aren't there). Using Steam Controller exclusively.
Any program you give admin rights to which is usually every game that you install can do pretty much anything to your computer and any program you don't can still upload your My Documents folder to the internet.
If you don't trust the company then don't install the game.
If you don't trust the company then don't install the game.
In 2020, most games don't need admin rights.
(not that you need admin rights to access my documents)
Which is why the whole argument about "riot is going to use this kernel driver to scan my computer and steal my data" falls flat. They can already do that if they wanted to, and much easier.
It's only Riot who spoke anything about scanning & stealing files anyways, actual concerns of those who posted about it are totally unrelated.
Well they might have to do something if the backlash gets bigger.
That doesn't work. BattlEye, EAC and now this block any kind of virtualized environment which includes Wine and by that Proton. Valve is apparently trying to work with the providers of these ACs to work something out for Wine. Thing is there apparently are builds of these AC measures that actually work in virtualized environments because they don't try to sniff around at kernel level.
Valve was working with EAC before it was bought by Epic.
No news on that front
With this level of invasiveness? Nothing. With regards to what the AC is doing? Doesn't seem to be more advanced than VAC.
They are apparently still working on it (judging by some of the commits for Proton). Not only EAC but BattlEye as well I believe.
Does it uninstall properply when you uninstall the game ?
If only.
There goes the fog of war.
Wallhack and autoaim.
Edit: Oh, and he can even see their remaning health too.
No.
It's a separate uninstall. You have to look for Riot Vanguard to uninstall it.
Very much this, you don't even need admin permissions to steal a user's files. Either you trust the company or you don't.
That's really dumb. I thought their fog of war system was supposed to prevent some of that? Like, with their PVS system you would still expect to wallhack around corners, but that video has what appear to be cross-map wallhacks.
What if someone else uses it to steal files though? And website (or buys advertisement on some gaming website you trust) abuses that and one of speculative execution exploits prevalent in all modern CPUs (or random browser exploit)?
Maybe they didn't get it working quite right? Bad PVS calculation would cause more problems than cheaters.
This entire message from Riot kind of assumes that their best strategy to defeat cheaters is to continue a host-level game of cat and mouse, because there are no alternatives. This is not completely true.
They could use server-level analysis using Machine Learning and AI in general to analyze petabytes of data that can be collected on user behavior, and catch 99.9% of cheaters out there with fancy models and statistical analysis, with an increasing number of 9s after the decimal point as time goes on. They can also have meta-moderation by humans to catch legitimate false positives, as is done now.
Hackers can't easily compete with algorithms and datasets they have no eyes on, as opposed as any code running on a host's RAM. And this approach, while costly as it requires Storage and compute (CPU + GPU) resources would leave your computer alone, protected, unmarred by the potential of increased attack surface (or attack "depth" in case of privilege escalation exploits) of a kernel-level driver.
As far as the resource cost for RioT goes, I would suggest they figure out a way of outsourcing it to players (mini spark/cuda instances?) as they just so happen to have the necessary CPU + GPU resources, through a fortunate turn of event (AI loves GPUs!) and the data that requires analyzing requires no security as it's just non-sensitive game data. Think of it as something akin to bitcoin miners except you're "mining" cheater bans :D. It might cost you a few bucks every year on your electric bill, but least it doesn't require system-level drivers.
In my opinion, that's the way to go.
They could use server-level analysis using Machine Learning and AI in general to analyze petabytes of data that can be collected on user behavior, and catch 99.9% of cheaters out there with fancy models and statistical analysis, with an increasing number of 9s after the decimal point as time goes on. They can also have meta-moderation by humans to catch legitimate false positives, as is done now.
Hackers can't easily compete with algorithms and datasets they have no eyes on, as opposed as any code running on a host's RAM. And this approach, while costly as it requires Storage and compute (CPU + GPU) resources would leave your computer alone, protected, unmarred by the potential of increased attack surface (or attack "depth" in case of privilege escalation exploits) of a kernel-level driver.
As far as the resource cost for RioT goes, I would suggest they figure out a way of outsourcing it to players (mini spark/cuda instances?) as they just so happen to have the necessary CPU + GPU resources, through a fortunate turn of event (AI loves GPUs!) and the data that requires analyzing requires no security as it's just non-sensitive game data. Think of it as something akin to bitcoin miners except you're "mining" cheater bans :D. It might cost you a few bucks every year on your electric bill, but least it doesn't require system-level drivers.
In my opinion, that's the way to go.
That's actually trivial to beat. You can use the same techniques to train aimbots so that it only performs as good as say the top 2% of players. In fact over time you would end up with a skewed dataset with so many mediocre players being boosted through ML aimbots. You still need client side detection. You don't get hackers on current gen consoles - really, some kind of hardware solution is the only way to solve this problem.
That feature works collecting data and sending to developers, so if people have trouble with that they are not going to activate it.We already knew that BattlEye was doing this sort of thing, because Microsoft had to block systems from updating to the 1903 version of Windows 10 because its low-level driver was incompatible and causing Windows to crash.
That in itself should tell you all you need to know about this kind of anti-cheat software. It's the wrong approach.
Implementing ping and region filtering solves the majority of the problem in most games.
There is (was?) Game Monitor/TruePlay. I don't know if it was removed or the option to disable it was removed, but I don't see it in 1909.
An OS-level feature is probably the best option; however it concerns me that we'll see single player games use a feature like that.
Even if you aren't cheating, modified executables or software like Cheat Engine are essential tools for working around problems in many games.
And if people don't willingly activate I doubt any dev will force this.
The sandboxing on uwp was never meant to prevent this sort of cheating, as it does not block higher level applications to reaching in.
It's more about restrictions for applications to reaching out, so if this was an uwp game it would only be able to run system level processes if you allowed explicitly.
The true play feature works just by monitoring the processes. It won't prevent the cheating tohappen but it will warn the developer that when you were running the game some process inject stuff into its memory space for example.
That was never true. The encryption is a ms store feature, not part of uwp. And now applicable even for unmodified win32 games.
(though now there are apis that allows developers to expose any file they want for modification, just dunno if anyone is actually using it, as I assume devs are making the bare minimum to steer from their steam packages)
The model would only be trivial to beat if it only took into account your kill/death stats, or other basic things.
The model I am proposing would be much more complex. It would be trained (and regularly retrained) on real-life cheating datasets, with dozens or hundreds of variables being used to score the player as X% chance they are cheating. If X > 99.X % , the player is banned.
But wait, you say, where are all these resources going to come from to analyze the behavior and actions of 100k simultaneous plays?
Well, the algorithm will prioritize things like newer accounts, it will prioritize players showing abnormal skill discrepancies between movement and shooting accuracy, etc. In the end,they might end up with a few thousand high-risk players that will get virtually "stopped and frisked, except without the "stoppee" noticing it". I've also proposed a scheme to keep outsourcing cheat detection computing costs on the users.
The whole thing reminds me of those machine learning algorithms that could detect cancer. Cheaters are the cancer of MP games.
Of course, it's easier to do things the way Riot is doing.
Out of curiosity and not speaking about a game in particular. Wouldn't be better make an anti-cheat system at a hardware level? I mean, having a chip that controls that? Something like what happens with Netflix on Android.
I suppose it will hacked anyways, but it will be harder?
I suppose it will hacked anyways, but it will be harder?
Last edited:
In that context it would still be virtually impossible to distinguish between a new player hacking or an experienced player smurfing. There's also a massive discrepancy between movement and shooting accuracy in normal play too. Lots of players can hit headshots but have garbage game sense. Statistical analysis is a fundamentally flawed approach for detecting cheaters.
A hardware enclave like some sort of TPM is the real solution.
You would have to be an absolute fool to knowingly install this game on your computer.
Now being a fool myself I was just thinking I could do with a new Chinese rootkit on my system, the old one was getting a little musty.
Now being a fool myself I was just thinking I could do with a new Chinese rootkit on my system, the old one was getting a little musty.
Another new subreddit thread that got big today regarding this
old.reddit.com
Why Valorants Vanguard Anti-Cheat has to be changed ASAP
I am posting this in here, as my attempt to post it in the r/Valorant Subreddit failed by it getting removed immediately. I don't mind an...
old.reddit.com
For a guy who is an IT manager, he seems a little misinformed.Another new subreddit thread that got big today regarding this
Why Valorants Vanguard Anti-Cheat has to be changed ASAP
I am posting this in here, as my attempt to post it in the r/Valorant Subreddit failed by it getting removed immediately. I don't mind an...
First, the idea that a ring0 app can bypass the security policy on your phone is completely insane. Like, sure, if there's a vulnerability on your phone it could exploit it. I'm not sure you need ring0 on a PC for that though, but I'm not sure what the expected threat model is there where that's a concern.
And sure, more kernel mode software means a bigger attack surface, but that's overblown too. GPUs were a massive gaping hole for ages due to lack of stuff like an IOMMU (basically, anything with graphics card access could write back to anywhere in system memory), and we never had armageddon because of it. Newer hardware has fixed that up, but those massive modern GPU drivers still have vulnerabilities. His argument isn't new either - it's the same argument that it's not 'necessary' for anti-cheat to run at that level.
The rest of his complaints seem to stem from the anti-cheat being buggy and giving false positives, which is whatever. It's a beta. If the full release is like that, people will get mad and stop playing.
Also, the fact he doesn't know how to wireshark stuff coming out of his own machine is hilarious.