Anti-cheat today is a stop-gap measure at best. For various reasons such as improved OS security and security concerns with this software, ring zero anti-cheat won't be around forever. Besides, it's a cat and mouse game where the vendor is the mouse.

We already have the technology now to do it better. A combination of only sending what info a client should have, and server-side checks. As soon as something like UT ships with that built in we can hopefully forget about this horrible hack we currently have to check for cheats.

> Besides, it's a cat and mouse game where the vendor is the mouse.

The goal of anti-cheat isn't to stop the world's most advanced cheaters. Those are already unstoppable because they now use Direct Memory Access over the PCI-E bus, so the cheats don't even run on the same computer anymore. However since those cheaters are few and far in-between they can be handled through player reports.

The goal is to stop the mediocre cheater who simply downloaded a known cheat from a cheating forum. If you don't stop those you'll get such a large wave of cheaters that you can't keep up with banning them quickly enough.

With the emergence of AI cheating, cheats don't even need access to memory anymore. The cheat can entirely run on mouse and screen peripherals and the computer will have totally no idea what's going on. The best you can do is behavior analysis. But it always comes with chance of misreports.

Direct Memory Access cheats will always perform better as they can reveal the location of an opponent before they're even visible on the screen.

Why are players who aren't on screen even in the client memory? The server shouldn't be sharing sensitive information.

Although that looks like an obvious solution on first glance it's not really technically feasible. Things like gunshots or footstep sounds are not visible to the player, but still need to be relayed to the client.

As far as I see the only way around not sharing anything that's outside of the immediate perception of a player is to have the audio and graphics be entirely rendered server-side.

You can minimize that to some degree (Valorant does this), but due to movement prediction/network latency you do have to overshare a little bit.

I imagine that most game devs just look at the incredible amount of work this takes to implement and complexity it adds, and decide to not bother. Valorant can do it because the game itself is low complexity, the developer has deep pockets, and also the added competitive integrity is valuable.

Game servers are complicated and have a lot to manage.

It's infeasible for the server to keep track of each player and do frustum and raycasting to every other player to check who can see who every frame.

Culling out of view entities also has the problematic effect of when a player spins around you now have to stream in several big chunks of world state in the few milliseconds before the user clicks to get that 180 no-scope.

How else would the game render the enemy player's sound around corners and in adjacent rooms without knowing their location for instance?

DMA hardware and cheats are getting more and more accessible. It's not just chosen few anymore

> Those are already unstoppable because they now use Direct Memory Access over the PCI-E bus, so the cheats don't even run on the same computer anymore.

Working on mostly server platforms, I had forgotten that IOMMU enablement (and, where relevant, enforcement) was not the default.

Consumer hardware and software is terrifying.

Not sure how that's relevant, unless you find it terrifying that owners of hardware have control over their hardware.

It's your IOMMU, you can do what you want with it. Maybe you need to write heaps of stuff to take advantage of it, but what's new there?

The only thing you're getting by saying "no IOMMU" is "I want any devices in my machine to be able to do anything, not just what I want them restricted to".

Okay, but he's specifically brought it up in the context of a computer's owner doing something that the software vendor (and also myself as another gamer harmed by cheating) would prefer he did not.

And if they want complete control, they can choose not to use a vendor and do it themself, for all the control they could want.

Hooray, freedom!

I have no idea what you're trying to say

> unless you find it terrifying that owners of hardware have control over their hardware

I mean that the presence or absence of an IOMMU doesn't impact whether owners of hardware have control over their hardware.

It just means that the owner of the machine is able to limit what memory the devices in their system are able to access, in the same way that MMUs limited what memory every process on your system could access.

In my world, we won't let a system boot with production credentials unless the IOMMU is enabled.

This is enforced by a greatly enriched TPM (and it's willingness to unwrap credentials). We have trust several layers of firmware and OS software, but the same mechanism allows us to ensure that known-bad versions of those aren't part of the stack that booted.

If I wanted secure games (and the market would tolerate it), I'd push for enforcement of something similar in the consumer space.

> they now use Direct Memory Access over the PCI-E bus

Do you have any good resources with keeping up with this kind of thing? Seems like a fun topic to learn about

As long as games are running on user hardware/OS, you'll always deal with cheating. Server-side checks and computation can only go so far.

For example: in competitive shooters (where cheaters are most prevalent) you can't have things appearing out of thin air. The client needs to know about things ahead of time to play sounds and to give other environmental hints.

Exactly, nothing short of streaming the entire game fully rendered from the server will stop cheats. And even then you can probably still do aimbotting with modern day computer vision.

This reminds me of a discussion around 2 decades ago, where someone showed a picture of his "undetectable aimbot" for a turn-based artillery game: a ruler, a page of charts, and a handheld calculator; followed by a copious amount of discussion of whether that was considered cheating.

I hope this was for gunbound, lovers that turn based artillery game.

How exactly will it stop cheats? Any skill based game can still be cheated. Just analyze the video stream, or go even lower tech, point a camera at your screen. Many games can be effectively cheated like this. For eaxmple Aimbots in counter strike and peak human reflexes in dota/lol.

Surely the server can tell the client what sounds to play and what other environmental hints to do, just as well as the server can choose to tell the client where the other players are when they are in sight.

If the server says "there are footsteps from these coordinates" then it's telling the client there's a person at these coordinates.

Due to latency, the client has to at least do a little prediction.

Maybe, but I think that would've been done already if it was feasible.

In certain competitive environments framerate is definitely limited. Here [0] are the rules for Fallout 4 any% speed runs, framerate must be capped at 60FPS. AFAIK that rule applies to all games in this engine due to physics behavior. I don't follow tournament FPS games, but it wouldn't shock me if there are rules for competitive play there as well.

If you are asking why games like counterstrike don't have limits on online play, that's mostly a commercial question. Would those games be as popular if they limited performance to what was achievable for minimum specs? I certainly wouldn't want to play at 1920x1080 on my nice widescreen monitor, but setting the minimum to a $1500 monitor and the hardware to drive it would guarantee very few players.

[0] https://www.speedrun.com/fallout_4?h=Any-Full-game&rules=gam...

Edit:typo

Yeah and in real world people from different countries with vastly different economic backgrounds compete on the same stage, I think video games are fine.

This isn't exclusive to video games. Much of the improvements to world records in sports are due to improvements in gear, yet we don't consider those records to have been unfairly achieved.

Some games do impose limits though, for example Overwatch doesn't allow you to use an aspect ratio larger than 16:9 and selecting a wider aspect ratio actually cuts down on your vertical field-of-view rather than granting you more horizontal field-of-view. This lessens the potential advantage of ultra-wide monitors.

How would consoles be any more immune to computer vision based cheating? Instead of feeding the output to a spoofed keyboard & mouse, you'd just be feeding it to a controller input. I'm not really seeing any difference in technical challenge here, and you wouldn't even need esoteric hardware since console controllers are USB devices anyways.

Controller-based cheats have been around for awhile, like Cronus which allows scripted actions; reduced recoil in CoD, for example.

Sure, but that's because they're not protected. They could easily be protected.

Someone doesn’t know about the chronus zen or how big console cheating is!

Let’s just say that my finals experience isn’t the same as yours! ;)

They are often more convenient and secure. If you don't mind a single-purpose device that severely limits your ability to modify your experience. Better is subjective after all.

> Anti-cheat today is a stop-gap measure at best. For various reasons such as improved OS security and security concerns with this software, ring zero anti-cheat won't be around forever.

I think that traditional kernel-level anticheat is going away. But the reason is more that when CrowdStrike caused mass outage, Microsoft stated that they want to provide standard interfaces for security sensors, and forbid kernel-level access otherwise (and anticheat can be considered a kind of security sensor too).

If these interfaces become standardized then Valve/Linux could in principle implement them too.

It might be a cat and mouse game, but that doesn't mean we shouldn't be trying.

Any anti-malware software ends up ultimately being a cat and mouse game, but that doesn't mean we stop updating our signature updates.

The goal isn’t to stop 100% of cheats but the majority of them and that’s fine. Either way, it’s the only thing stopping me from playing the rest of my games on steamos.

Multiplayer games without dedicated servers is dead end anyways. I dont need a "anti-cheat" daemon hooking into kernel scanning files and other memory while playing a game. Communities in dedicated servers are much more efficient at moderating the player base than centralized match making ever will be.

This is where I'm at with gaming. Even outside of cheating, it's not fun to me to be dumped in a game with screaming children/manchildren. If I'm playing a game I want it to be with my actual friends. And then I don't have to worry about them running cheats because I trust them.

Once you get to match making, global ranks, etc it's just getting too sweaty and ruined by cheating/low trust/etc.

Communities with dedicated servers include anti-cheat though. Most people aren't interested in spending time moderating a player base: they'd rather just play the game. So server admins use anti-cheat.

You can see this in existing games with current games with community servers. GTA V's modded FiveM and CS2 Face-IT include more anti-cheats, not less.

Yeah, but it's very time consuming/impossible to find similarly skilled players for a fun lobby. The only competitive game I care to play on Linux is Rocket League, which is nearly impossible to cheat at, so it doesn't currently have anti-cheat, but I wouldn't be surprised if Epic decides to put their beloved EAC in it at some point anyway, maybe even just because they hate Linux so much.

EAC has a Proton-compatible version, actually. Even if they enable it, if they use that version, it'll work fine via wine/Proton.

They really aren’t. I used to think that but I actually enjoy skill based matchmaking. It makes game availability better and faster and I don’t have to deal with 1 outlier absolutely stomping or overzealous admins or whatever. I like both approaches though for something like battlefield I think dedicated servers are better but for things like cod, siege, etc we need sbmm

It's also an anticompetitive red herring, at least for Epic.

They say they don't support Linux because it's too complicated to be worth the ROI. Really, it's that they don't want to boost a platform where Steam is far and away the default store.

This is especially relevant to note because Epic bought and owns Easy Anti-Cheat (EAC) one of the currently most popular anti-cheats in AAA.

ETA: EAC still supports Linux gaming today, but the rumors remain that Epic could remove that at their whim.

Epic are a hostile company.

Just avoid it.

Missing anti-cheat is a feature, not a bug. Linux not allowing games to install kernel malware is a good thing.

Linux definitely allows it.

This is problem for me and my brother right now. He's up at a remote job site and we want to play Siege or Apex together¹, but both require anti-cheat and don't support Linux. And I'm loathe to devote space on my SSD to Windows.

¹: Rainbow Six: Siege and Apex Legends, respectively.

>the major vendors don’t want to support it

The two most popular ACs by far are Easy anti cheat and Battle eye which have natively supported Linux for years, but it is entirely up to the game devs to enable it.

About 40% of all games with AC are working areweanticheatyet.com

There are rumours of next xbox generation supporting steam platform and 386 architecture. I know it's a bit off topic, but it could be an elegant solution to the cheating problem, gradually move to standardised consoles. This could solve the dma problem too

AFAIK most anti cheats such as BattlEye actually work under Proton, but the Game Developers have to write to the Anticheat vendor that they want to opt-in into allowing Proton.

Don't forget the ancillary applications that gamers want. If you follow Discord's website, you're gonna end up installing a DEB file manually. Then, every couple weeks, Discord won't launch until you go download another DEB file and install that. Oh, and good luck getting Discord screen sharing working on Wayland. I tried for hours, gave up, and switched to X11. So, just in Discord, we've already run into two hideous workflows that no Windows native is going to take in stride.

And certain types of games have a _ton_ of ancillary applications. For flight simulation, I rely on 2-3 additional contollers, some of which I am fairly certain either won't have driver support, or at the very least will have some major issues with the GUI and configuration.

Then, there are things like head tracking which are either another dedicated peripheral which may or may not get drivers, or a set of apps which feed from a webcam and output the signal to a standard driver that games know to check for.

Finally, most 3rd party add-ons have custom installers, and I'm guessing most of them won't have a working Linux version. So, while I'm sure it's possible to run, say, a vanilla X-Plane on a non-Windows installation with no peripherals/apps/add-ons, I just see a mountain of work to get a normal, heavily custom installation working.

Discord is shipped in a number of package managers (I don’t know the status for mainline apt repos).

I know that this isn’t an easy solution/doesn’t go against your argument, because it isn’t download-and-run simple, but discord’s version can be modified with no consequences in a build_info.json file. I used to do it manually, back when they updated it every once-in-a-while, but due to their current tendency to push updates every few days or so, I’ve made a few-line bash script to fetch the latest version (thank you httptap) and patch the file for me. For screen sharing, I use whatever current discord client on GitHub supports it for Wayland, which usually has the added benefit of not limiting quality and framerate options.

But yes, you do have a point, it’s not just ‘as simple’ as it is under Windows - when Windows works properly.

...why? Discord is available via flatpak.

It Just Works.

Tell Discord that!

Think about it from the POV of a Windows user, especially one who has never used Linux before, and especially one who doesn't know what HN is. To install a program, the first thing you're going to do is type "discord" into your browser, and go to their website. Discord's website doesn't suggest that there's a better option. It just gives you a DEB file.

Made the mistake the poster above did with discord did for years.

The package system is very important to learn in Linux. People have 12 ways to install an app, and they are far from equal.

interestingly, I have no issues with the anti-cheat within Marvel Rivals; however, games that embedded an anti-cheat prior to the steam deck popularity don’t work as you described (PUBG, apex legends).