yea, if serverside checking of files was a posibility, either forcing use of base skins/models, then that would be kool. Also, if it was a server toggle, because i know there are some that would like to use different skins and such. Also, if there was a way to update that file, maybe a call function from the server, when a client connects it checks a dat file for a bit to bit comparison of the files, and if the file doesnt match, it either forces the file from the default location or disconnects user from server, but again, this should be a server side function, and it should also include seperate switches for models, skins.
[T:V] The answer to cheats
- Thread starter TreW_SoulJa
- Start date
CRC check is that check on files. In theory it works great, except when its not updated. See: Tribes 1.10 to 1.11 patch, I think thats the one that was created spesificly for the cheats. A cheatloader was made within 2 days of the 1.11 patch and the cheaters were back at it. In T2 most servers just disabled the CRC check, so you didnt even need to bother with a cheatloader. This is why I favor something to make cheating unbearable on said player using cheats. The cheaters will continue to crack the latest patch, and they'll be here a long time after the game is done being patched.
TreW_SoulJa
Veteran X
Validuz said:
If this is the best post against the idea...
1) it wont lag people if it's taking very low quality jpeg images, especially considering the minimum cpu already required for this high-end game.
2) the clients cant get around it because it's updated with encrypted code so frequently there isnt time to hack it, and even if there was, they'd have to be willing to re-hack it after every update
3) how is there a bandwidth issue? People who run servers generally have 'unlimited' bandwidth
To address RS's posts, yeah, i'm saying have this in addition to the already active anti-cheats, a la zAdmin. Of course this would be an option, but i'm assuming that if it's available, TWL would make a rule to have it on for matches (i'm thinking matches here, not pubs, anyway).
Also, like i said, and i dont really know the practicality of my suggestions as i'm not a programmer nor am i a hacker, but they could be stored locally within an inaccessable client-side file, on the immediate server's storage with the images being uploaded automatically upon disconnecting, or likewise with the Sierra master server.
Also, i'm not saying there needs to be scanners for the pics, im saying if someone suspects someone else of cheating within the alotted window of 48 hrs then all they have to do is look at the archive and they have an easy yes or no.
A reason you could eliminate the storage/bandwidth issues would be to simply have it stored completely client-side. Even if it were entirely unsecured, it would take a while to photoshop 2-3 screenshots of a tribes match. Hopefully longer than 48 hours, and most accusations occurr within 24 hrs anyway. People don't play matches that often so the personal increase in storage usage for the client would be minimal.
True, this couldnt eliminate autoaim but honestly you can tell when someone is using autoaim from demos.
pyrot3chnic
Veteran XX
Thats how punkbuster works.. the server takes a screenshot of the client's view and stores it.
If someone has an accusation, the admin can simply pull up the shots PB took and get a yes or no.
If someone has an accusation, the admin can simply pull up the shots PB took and get a yes or no.
hard code the restrictions on the models (dimentions x,y,z) so that any model will either be scaled or cropped to that size
or add the flag finder thingy from t2 if you want to make happy flag completely pointless anyway
aimbot/autoaim would still be useless(since everything takes a while to get there)
nofog might be a problem, but you can tell someones cheating when they snipe you from their base = kick, if it happens again, ban
tribes is not a game where cheats make a lot of a difference because theres no cheats that can really help you over skilled players
or add the flag finder thingy from t2 if you want to make happy flag completely pointless anyway
aimbot/autoaim would still be useless(since everything takes a while to get there)
nofog might be a problem, but you can tell someones cheating when they snipe you from their base = kick, if it happens again, ban
tribes is not a game where cheats make a lot of a difference because theres no cheats that can really help you over skilled players
pyrot3chnic said:
LOL, simply taking a screenshot of the clients view still tells you diddly squat about what or if the said person is using cheats. It would show the clients models/skins/hacks. Only what the server has in terms. So fuzzy logic here. What you would need to do is take clientside screenshots and send them to a server, but that would NEVER happen in an official game. There are security risk, the dev team has better things to do then check cheaters out, and there is a huge BW/file size issue. You are going to be take a SS at the resolution your playing at. so 1600X1200 at timed/random intervals soon adds up. Times that by the number of players, lets say a 1000 conservatively, x 3 SS per game at 30 minute games, x lets say 10 hours = 60,000 screenshots a DAY. and if it was a 1 meg file, which is low for that size SS, then a 60 gig drive would be filled in 1 day. Let alone the fact that no one is going to check all these screenshots. Lets be practical here. Please think before posting certian things like this rambling of a thread. Its very VERY impracticle.
Also, how do you plan on banning said cheaters ? If your buying a product, only the servers themselves could ban the people, and a IP change and reinstall will more then likely fix that unless they use a very elaborate Key system in which each person has an individual key, but thats still impractical. I just dont see this happening from a Dev team point of view or a Server admin point of view. Sorry. If there was a simple server side CRC/MD check for servers that couldnt be cracked, and would output results into a nice small log file, that should suffice. Then we could use a Cheaters search via an ip checker or whatever, there is a project IP out there, and this could help the community to deal with cheating.
Last edited:
TreW_SoulJa
Veteran X
posr said:
1) we already said they'd have to be client-side shots
2) we said we could store them on the client's machine
3) the dev team wouldnt have to check any cheaters, the ladder admins or the team captains would
4) we're taking super-low quality screenshots which wont lag the high speed processors already required for the game
5) we already know that crc checks can easily be worked around
6) it's likely they will have CD keys
7) i doubt they'll perm ban players from ever playing the game, but the ladders/server admins can use the cd keys to ban whomever they want.
8) even without cdkeys, today's admins are pretty successful at imposing bans.
Those first 5 issues were already addressed if you'd read the thread more carefully, and the last 3 are common sense.
TreW_SoulJa
Veteran X
Previously i was only talking about matches, but this lead me to concieve of a way to watch individual players in public play.
This is more controversial but this is the first phase of this idea so feel free to tear holes in it and/or suggest better ideas.
Perhaps have the screenshot script be requestable by a server, and the upload to server capability also toggle-able on a per-player basis. That way admins who suspect various people of cheating can tag the individual players and review SS's if they want, or simply make them available to people who are accusing.
--Example--
An example would be if Special thinks this guy Bourbon cheats, he can ask sLaM to tag him. Then, if/when bourbon pubs on 5150 West it will produce at least X amount of screenshots from bourbon's POV, that will be uploaded to the 5150 W server when bourbon disconnects, or between maps, and erased from Bourbon's HD. Then sLaM can send the compressed, low-quality files to the inquiring Special so he can see for himself.
This is more controversial but this is the first phase of this idea so feel free to tear holes in it and/or suggest better ideas.
Perhaps have the screenshot script be requestable by a server, and the upload to server capability also toggle-able on a per-player basis. That way admins who suspect various people of cheating can tag the individual players and review SS's if they want, or simply make them available to people who are accusing.
--Example--
An example would be if Special thinks this guy Bourbon cheats, he can ask sLaM to tag him. Then, if/when bourbon pubs on 5150 West it will produce at least X amount of screenshots from bourbon's POV, that will be uploaded to the 5150 W server when bourbon disconnects, or between maps, and erased from Bourbon's HD. Then sLaM can send the compressed, low-quality files to the inquiring Special so he can see for himself.
pyrot3chnic
Veteran XX
one idea i had for preventing skin hacks, is disable it completely, and make annual skin packs if it wouldn't be too much trouble.
put them in one little package, release, and you're golden..
people that want to download them can, people that don't, don't have to.
put them in one little package, release, and you're golden..
people that want to download them can, people that don't, don't have to.
pyrot3chnic said:
^^^ - The thing is, we're not using a new engine any more, we're using the UT2k3 engine, and that is hacked all to shit. There has to be something, now I'm not saying that the screenshot thing is a good or a bad idea, in fact personally its a decent idea with some modifications... As for the argument of having to have someone monitor these shots, that doesn't become necissary, if there is an acusation of cheating during match play where it would matter then there is record to check up on. As for pub play, there needs to be a way as was mentioned before to discourage cheaters, its gonna happen, people will try and cheat and try to pretend to be l33t in the process. There needs to be a way to just piss them right the fuck off everytime they cheat.
llama's
Why try to add even more crap for Sierra to spend time on with this game.
HIRE PUNKBUSTER
It's their business to stop this crap and they do a pretty good job at it. It's better to pay them a little bit and get pretty good protection.. Than for Sierra to waste all their time screwing with it (ala T2 "browser") and detract from the game itself.
Also: With punkbuster in place before the game starts, have it working on the IP and the game key itself. As soon as a cheater is found and identified, perma-ban their IP and game key. FOREVER.
Pretty simple. You cheat once, you no longer install/play the game without buying a new one.
Why try to add even more crap for Sierra to spend time on with this game.
HIRE PUNKBUSTER
It's their business to stop this crap and they do a pretty good job at it. It's better to pay them a little bit and get pretty good protection.. Than for Sierra to waste all their time screwing with it (ala T2 "browser") and detract from the game itself.
Also: With punkbuster in place before the game starts, have it working on the IP and the game key itself. As soon as a cheater is found and identified, perma-ban their IP and game key. FOREVER.
Pretty simple. You cheat once, you no longer install/play the game without buying a new one.
Guys, preventing every cheat is virtually impossible. I don't know how punkbuster works, so I won't comment on that, but if you have to trust the client to prove it's cheating, then you are at square 0. If the client has to send a screenshot, it can be manipulated. You can have updates everyday to the exe, but the client can be patched to simply say "update received" when it actually did nothing.
Things we know:
Nofog won't work. Already discussed. Drop it.
If happyflag/permanent IFF works, Sierra will either do a zadmin-like patch, or someone else will do it and it will be accepted around the community to fix those two.
Other model hacks (redmines, etc.) are pretty much unpreventable.
No clue on autoaim.
Just remember, anything involving "the client does x" has a security flaw because you cannot guarantee that the client is sending valid information.
Things we know:
Nofog won't work. Already discussed. Drop it.
If happyflag/permanent IFF works, Sierra will either do a zadmin-like patch, or someone else will do it and it will be accepted around the community to fix those two.
Other model hacks (redmines, etc.) are pretty much unpreventable.
No clue on autoaim.
Just remember, anything involving "the client does x" has a security flaw because you cannot guarantee that the client is sending valid information.
Anyway:
Thats from a FStat server (Splatterfest of Azeroth) if you want to go look at it. I skiied around for a few with the happyflag on and it got really annoying. I cant imagine what a full server with the flags actively being grabbed would be like. Zadmin has this, I think, and it also has playermodels underground. Its all serverside so there is no way the client can get around it. If their model is larger than the standard one it will show through the terrain, or a flagfinder would show it.
Thats from a FStat server (Splatterfest of Azeroth) if you want to go look at it. I skiied around for a few with the happyflag on and it got really annoying. I cant imagine what a full server with the flags actively being grabbed would be like. Zadmin has this, I think, and it also has playermodels underground. Its all serverside so there is no way the client can get around it. If their model is larger than the standard one it will show through the terrain, or a flagfinder would show it.
KineticPoet
Veteran X
As a few people have pointed out, PunkBuster provides a lot of this functionality. Check out:
http://www.punkbuster.com/index.php?page=info.php
Or, if you're lazy, here's a list of major features:
http://www.punkbuster.com/index.php?page=info.php
Or, if you're lazy, here's a list of major features:
- Real-time scanning of memory by PB Client on players' computers searching for known hacks/cheats
- Throttled two-tiered background auto-update system using multiple Internet Master Servers to provide end-user security ensuring that no false or corrupted updates can be installed on players' computers
- Frequent status reports (highly encrypted) are sent to the PB Server by all players and the PB Server raises a violation when necessary which causes the offending player to be removed from the game and all other players are informed of the violation
- PB Admins can also manually remove players from the game for a specified number of minutes or permanently ban if desired
- PB Servers can optionally be configured to randomly check player settings looking for known exploits of the game engine
- PB Admins can request actual screenshot samples from specific players and/or can configure the PB Server to randomly grab screenshot samples from players during gameplay
- An optional "bad name" facility is provided so that PB Admins can prevent players from using offensive player names containing unwanted profanity or racial slurs
- Search functions are provided for PB Admins who wish to search player's keybindings and scripts for anything that may be known to exploit the game
- The PunkBuster™ Player Power facility can be configured to allow players to self-administer game servers when the Server Administrator is not present entirely without the need for passwords
- PB Servers have an optional built-in mini http web server interface that allows the game server to be remotely administered via a web browser from anywhere over the Internet
Wrong. Cheating is a critical problem that we will spend serious time on. We have been building things with that in mind since the start of the project.posr said:
