Notice: You're about to read a High IQ post from Elite Human Capital, the following arguments you are about to experience will be repeated at the European Union Parliament for Stop Bricking Games. So please just understand the post instead of looking for rhetorical holes to argue about, a Mid IQ activity BTW.
This is one of the most relevant replies, it's a short one and it's not about "cheaters rights", it's hinting at a fundamental fact about computers, it's a technical truth: "My Computer, My Memory". It feels eerily similar to how Piracy will always exist because "A Computer Copies Data", it's futile to prevent a computer from doing the thing it's supposed to do, they can physically copy and mutate data and memory, always.
For Piracy, governments already applied their overly invasive, and probably unconstitutional laws against it, yet the practice still exists.
Everyone that actually "got ahead" on this issue are technical people who accepted this simple fact about computers, and just focused on providing a premium service, Steam has incredible download speeds that Pirates can't afford to do, because Pirates do it for free and most of them don't even have the courtesy to seed back, it's simply a solution based on reality.
Of course, there has been clever "technical" blocks like Denuvo, embedding malware (FitGirl) and so on, but they will be always be "cracked" because of that fundamental principle, the ability(freedom) of modification and copying of data and memory.
What seems to be a fundamental issue here is that absolutely no one has had this thought (My Computer, My Memory) when it comes to solving cheating.
The current standard for anti-cheat seems to be these background processes that are scanning for an "unauthorized" read of the current games memory, and of course this memory has to be "protected" because it contains way too much information about the current game, so obviously if you can just read it you get an unfair advantage, hold on to this thought.
This is what VAC does, but this solution has devolved and now we have an arms race of malware anti-cheat requiring kernel access to "stop you from reading memory", which will be cracked anyways because it's a futile pursuit to stop "My Computer, My Memory", you will keep getting things like DMA cards and so on because that precious memory is in there and you can just get it, it's like Maduro, you can just go to his memory address and get him.
Here's the important thought, once the client gets that memory from the server they can do whatever they want with it.
So what if instead of trying to prevent the client from reading that memory, that is already on his computer, you don't send that data at all.
One of the first things you learn about in a Client-Server Architecture is that The Server should NEVER EVER trust The Client, because the client can do whatever they want, and even send you mutated or malformed data back.
This is a fact that a 20 year old game like Runescape understands but FPS developers don't seem to get it.
Remember how kids used to download Cheat Engine and find the memory address for their gold on Runescape and set that to a billion, they are allowed to do that because it's their computer, their memory. HOWEVER, the server is not going to trust that snotty kid and will correct that memory once it sends the next packet: "No cheater child, you don't actually have 1 Billion GP, enjoy poverty,"
Valorant was advertised as a game specifically built to stop cheaters, but this just meant that it was going to have an overly invasive anti-cheat.
They still make the fundamental mistake of The Server overly trusting The Client. The entire cheating economy of Valorant is built on the fact that the game sends The Client data about the entire state of the game, when The Client shouldn't know that much about the current game.
Think about Object Permanence, The Client should be an infant with no object permanence at all, The Server could verify that based on the players position and their viewpoint they should stop receiving data about this enemy either because he ducked behind a wall or this enemy is practically on the other side of the map.
To truly solve cheating you would have to design a game with these obvious constraints, and still keep it low latency and make it work for peeking and so on, that's the actual solution.
There's such a lack of innovation that you still get the Classic Wallhack learning the position and even the bone animations of enemies that are miles away on the other side of the map, a proper Client-Server Architecture could have easily solved this.
Just watch any video of cheaters in Valorant or Counter-Strike 2 and think, "Should The Server be giving The Client that data when he's on this spot of the map?"
This post is becoming way too long to explain how you could counter Aimbots, but just think of the average accuracy rates and how cheaters easily deviate from it or how Chess Grandmasters can just tell when someone is cheating, you could build solutions based on those metrics, when The Client aims The Server is receiving that data, it could be trivial but most developers don't think of anti-cheat that way.
Think about Object Permanence, The Client should be an infant with no object permanence at all, The Server could verify that based on the players position and their viewpoint they should stop receiving data about this enemy either because he ducked behind a wall or this enemy is practically on the other side of the map.
To truly solve cheating you would have to design a game with these obvious constraints, and still keep it low latency and make it work for peeking and so on, that's the actual solution.
Even if you can't see them, they are still there. If they are running, shooting, and making noise, the client needs to know that and because it is directional the client will get data about their position too even if they can't see them. All your solution would do is turn wall hacks into passive sonar.
Even if you can't see them, they are still there. If they are running, shooting, and making noise, the client needs to know that and because it is directional the client will get data about their position too even if they can't see them. All your solution would do is turn wall hacks into passive sonar.
If my wall hack became a shitty sonar that I couldn't rely on I wouldn't pay tree fiddy for it.
For example, cheaters usually turn off the "visual wall hack" but love to bind a pre-aim on their mouse that requires wall hack information, so in my hypothetical solution the hack would keep a "last known position" of the enemy just before he went behind a wall and The Server stopped sending his data, this pre-aim would erroneously aim to it when the target could be pretty much anywhere else, and only The Server knows.
It would require an actual redesign bottom up as I said, noises couldn't be positions that a sound would play on as that would leak an enemies position, The Server would have to calculate it and just send The Client what sound effect to play at this volume and louder on the left headphone for example, and a hack would only have that data to work with which would be much shittier.
Basically design the FPS on "feed them shit and keep them in the dark". The only issue I see is latency problems fucking with implementation but internet connections are much better now.
There's such a lack of innovation that you still get the Classic Wallhack learning the position and even the bone animations of enemies that are miles away on the other side of the map, a proper Client-Server Architecture could have easily solved this.
The main problem with your thesis is that what you propose doesn’t solve the issue. A second problem is that it’s already commonplace and has been for decades.
What you describe is how a lot of games DO behave, and have done for a very long time. You can go back to one of the origin first person 3D multiplayer games, Quake 1, and find that a fundamental technology that powered the rendering (BSP trees) implemented the ‘potentially-visible set’ (PVS). This provided a fast mathematical method of knowing ‘if a client is in zone X, he can see zones L, Q, and X’. The game server then did exactly what you describe - clients only received data about other players and item from the server if they were inside the clients PVS. Modern day engines do this kind of thing and more, since the computer power exists to do more expensive ray-casting checks for visibility they didn’t exist back then.
But regardless, it simply doesn’t solve the problem. Information about opponents far away that the client can’t see isn’t that useful to the player regardless of whether they’re cheating or legitimate. Opponents and items that are directly within the clients view, or just barely out of view, are the most useful data points on which a player can act. And if you’re thinking ‘just hide anything that’s barely out of view’, that’s not viable because of network latency. If you don’t send a client information about things that are just around a corner, then when they advance around that corner they’ll be viewing an item or person before the server has provided any information about it/them. That means you get players/items suddenly appearing from thin air at a position you already cleared. Not viable.
So essentially, when you install Valorant, it puts an anti-cheat on your computer that can brick your entire OS? Totally unacceptable, very bad practice.
I'm sure in an age where cars can drive themselves into lakes or trap you inside while you burn to death, a lot of people are desensitized to bad consumer practices, but just from an objective standpoint, no one should be able to sell a product this potentially damaging and invasive.
"B-But The Anticheat needs to be kernal because the cheating is kernal!!"
Then figure out a way to do it without access like that. It's your job. As stated before, banking apps on phones don't even have that sort of access. The lowest tech problem? The one that fucking redditors in TF2 managed? You votekick niggers who are cheating
But god fucking forbid the company nanny not wipe the ass of every zog-raped goycattle and expect you to actually take proactive measures to stop cheaters rather than a clanker jannie sweeping it up.
It's not a fucking software issue, it's an issue of not teaching basic fucking problem solving and raising retarded niggercattle that feel like they need to make excuses for a company that makes more money than most people see in their entire lives. That amount of money should be able to fix anything, but instead you get lazy fucking bootstrapped solutions that put your entire system at risk
"Erm windows had this before"
Yes, and Riot is now using it to force you to unplug hardware and acting fucking smug about it. Why the fuck should I give a single solitary rat's ass what Riot games thinks I should install on my fucking PC?
"Don't play riot games/install windows/cheat"
Not the point, it's the principle of the thing. It's Riot rubbing it's chinky corporate dick all over the shit I paid for with my money and expecting me to take it.
What you describe is how a lot of games DO behave, and have done for a very long time. You can go back to one of the origin first person 3D multiplayer games, Quake 1, and find that a fundamental technology that powered the rendering (BSP trees) implemented the ‘potentially-visible set’ (PVS). This provided a fast mathematical method of knowing ‘if a client is in zone X, he can see zones L, Q, and X’. The game server then did exactly what you describe - clients only received data about other players and item from the server if they were inside the clients PVS. Modern day engines do this kind of thing and more, since the computer power exists to do more expensive ray-casting checks for visibility they didn’t exist back then.
The BSP Tree comes to mind as an algorithm that could be rethought so The Server could know what data to feed The Client, but it was implemented to solve the problem of being able to draw a 3D map on the "weaker" machines of the late 90s, people that inherited those engines never refactored it as an anti-cheat measure, if you see random cheating footage of Counter-Strike it looks like the entities work completely separate from the BSP, they are just entities that are constantly being sent, or the BSP Zones are way too big to work as an anti wall hack measure.
And for Valorant I don't think they use a BSP at all, modern games just think of "scenes", BSP is "too complicated" and it gets dropped because computers are more powerful now, the entities are not bound to anything at all, if you see hacking footage of that game you can see how they get the data of pretty much everything.
And if you’re thinking ‘just hide anything that’s barely out of view’, that’s not viable because of network latency. If you don’t send a client information about things that are just around a corner, then when they advance around that corner they’ll be viewing an item or person before the server has provided any information about it/them. That means you get players/items suddenly appearing from thin air at a position you already cleared. Not viable.
Yeah, If you had really tight "bounds" that actually occluded really well between the server and client, the engineering challenge would be to make it work with network latency in a competitive game, honestly it could be done as there are other other areas in the industry (not videogames) where people do something similar, a really compressed/packed format to send over the network as fast as possible.
Amusingly, the exact opposite is often a tricky problem for cheat software to solve: “How do I ensure my behavior doesn’t divulge that I am aware of things I cannot see?”. Still today one of the biggest giveaways that a player is cheating can be that they seem to possess knowledge beyond what was reasonable for them to have. A ‘random’ glance towards the exact position of an opponent’s head behind a wall in CS, or one hiding in a bush in FN.
To truly solve cheating you would have to design a game with these obvious constraints, and still keep it low latency and make it work for peeking and so on, that's the actual solution.
"To truly solve cheating, you would have to make cheating impossible." Thanks. You sound like someone who's prompting ChatGPT to bugfix without making any mistakes.
That isn't a true solution to cheating, anyway. It's one way to handle a specific feature within a specific context. It doesn't deal with aimbot, for instance.
The entire cheating economy of Valorant is built on the fact that the game sends The Client data about the entire state of the game, when The Client shouldn't know that much about the current game.
No, it's built on the value of cheating in Valorant, which is rank, boosting, prestige, difficulty, etc. Escape from Tarkov is even worse for it, because it has an in-game economy where 3rd-worlders can sell goods for real-life money. This is one reason why Tarkov gets even more aggressive cheating than Valorant does.
Designing a game to be less hackable is a thing. There's a reason Escape from Tarkov has had noclipping, telekills, item spawning, etc., and Valorant hasn't. Valorant was advertised as a game specifically built to stop cheaters, but it doesn't just mean it has an overly invasive anti-cheat. At some point, you have to recognize that the people working on these games have some amount of technical skill and that these problems are more difficult than you're making them out to be.
League and Dota are MOBAs that have an easier time withholding certain information from clients, which makes it more difficult to cheat through the FoW. It's been possible in some circumstances, like receiving information the moment the enemy jungler kills a camp or when a champion starts a recall. HotS, notably, does have a functional maphack because it's built from Starcraft 2, which also has the same problem.
That still doesn't solve other aspects of cheating, like orbwalking, cooldown tracking, skillshot aim, automation, etc. Some especially insane things can be done in Dota because it's more of an RTS with multiple units to control.
Also, certain exploits that require hacking, like Poppy killing people across the map.
Well, yeah, because all they did was change some flags in Windows that arguably should be on by default. They don't even need Ring 0 access to do that. IOMMU has been around for 2 decades.
Most of the complaints about Riot Games' tweet amount to tone policing, "the greater good", or finding new ways to bring up the same arguments people have already gone through.
As far as your argument goes, another way to achieve your goal is to force people to remote into hardware they don't have access to. If what you're going for is a trustless system, as it seems to be.
So essentially, when you install Valorant, it puts an anti-cheat on your computer that can brick your entire OS? Totally unacceptable, very bad practice.
No. Valorant and Vanguard are two distinct programs that are installed separately. The flags Vanguard adjusts can't brick your OS or any hardware or firmware, and only prevents certain devices from accessing memory they don't have access to in the first place. Avoid words like "technically" and "essentially," as they're disingenuous. You've already made one excuse not to read anything.
Basically, if they solved noclipping for example it was an easy "don't trust the client" solution, but once people are hooked to the games memory you can see how Valorant gives out way too much information about player positions, unironically "prompting ChatGPT to bugfix without making any mistakes" would help here because Riot does literally nothing in the wall hacking case, the game gives you literally everything.
Its not disingenuous at all. It describes the reality of the situation as someone experiences it. If I have to completely reinstall my OS to get my computer working, as far as I'm concerned, you bricked my OS.
What's disingenuous is using pedantry and semantics to obfuscate the reality of a situation.
The essentials as I see them are:
1) You install a piece of software from a company.
2) You use another piece of software or hardware that company doesn't want you to.
3) To stop you, it functionally disables your operating system.
4) I believe that's wrong because no company should have that kind of power, because its ripe for abuse and infringes people's private property rights.
If you can point out an important piece of information that's missing from that equation, or what about that you think is wrong, that would be a valid argument.
Its not disingenuous at all. It describes the reality of the situation as someone experiences it. If I have to completely reinstall my OS to get my computer working, as far as I'm concerned, you bricked my OS.
What's disingenuous is using pedantry and semantics to obfuscate the reality of a situation.
The essentials as I see them are:
1) You install a piece of software from a company.
2) You use another piece of software or hardware that company doesn't want you to.
3) To stop you, it functionally disables your operating system.
4) I believe that's wrong because no company should have that kind of power, because its ripe for abuse and infringes people's private property rights.
If you can point out an important piece of information that's missing from that equation, or what about that you think is wrong, that would be a valid argument.
"as far as I'm concerned" is another way of being disingenuous in your argument. It allows for personal definitions rather than shared understandings of the same ideas.
1) You can install software from anywhere on the internet.
2) It's not just Riot Games. It's everyone else who chooses to play their games with Vanguard installed, as well. Valorant players do not want you to cheat in their lobbies.
3) Your OS isn't disabled. Disingenuous would be if you were to leverage your usage of the word "functionally" to redefine what you meant by "disable." Also, to stop you from what exactly?
4) If you believe certain parties shouldn't have control over your property, you shouldn't hand over control to them. Vanguard is very clear about how it operates, and what they did is well within the capabilities of "less privileged" software you've installed without consideration.
Property rights are what allow you to consent to installing 3rd party software capable of fucking your computer up in the first place. If you get a laptop from your work, you often aren't allowed to install programs as an administrator for the same purpose.
If you work at a business that requires you to use a mobile device, the business is obligated to provide you with one. You can also opt to use your personal phone as your work phone, and they'll cover your phone bill in exchange for installing their spyware.
It's not that Vanguard isn't a security risk or that people aren't goyniggers for playing Valorant, it's that I don't agree with getting in the way of people who want to play their slop with fewer cheaters, even if they may pay for it in the future.
I'm mainly annoyed by the people who don't understand what Riot even did, or who choose to engage in vicious amounts of tone and optics policing as a substitute for an actual argument.
Basically, if they solved noclipping for example it was an easy "don't trust the client" solution, but once people are hooked to the games memory you can see how Valorant gives out way too much information about player positions, unironically "prompting ChatGPT to bugfix without making any mistakes" would help here because Riot does literally nothing in the wall hacking case, the game gives you literally everything. https://youtube.com/watch?v=MEEOLjJZ-8Q:32
Your argument reminds me of microstamping. Microstamping is a way for the state of California to try to ban firearms by forcing firearm manufacturers to implement a system that is too costly and impractical to actually do with current technology, thereby banning firearm sales without having to say they're banning firearms, with the bonus of it all being under the guise of safety. I think the technology was ripped off from Judge Dredd (or 2000 AD or something before it).
It's not that a trustless multiplayer FPS is impossible; it's just very difficult to do with current technology. But as I said, one way to do it would be by forcing people to remote into computers they don't have access to.
"Response to tone" is a fallacy and not worth your time or mine. You're free to find me "disingenuous" if you want but it adds nothing to the conversation. Let's focus on the core points.
Based just on what you've said, the way you've described it, it's still horrific and wrong. No company should ever have the ability to fuck up your personal property through a backend and no contract can justify it. It's fundamentally wrong as a basic principle because the potential for abuse alone is too great for it to ever be risked.
This isn't a matter of "bad communication." I understand what you're saying completely, and I still fervently disagree with it and I still find it ridiculous, greedy, evil and stupid. There is no way to describe this in a way that makes it anything but bad.
This is one of the most relevant replies, it's a short one and it's not about "cheaters rights", it's hinting at a fundamental fact about computers, it's a technical truth: "My Computer, My Memory". It feels eerily similar to how Piracy will always exist because "A Computer Copies Data", it's futile to prevent a computer from doing the thing it's supposed to do, they can physically copy and mutate data and memory, always.
Sure, your computer, your memory. You can disable IOMMU on your computer. You can disable all the firmware-level security you want. It's yours, after all. You can now expose your PC's anus to the bathhouse of the internet. You can download chinese_malware.dll and put it any directory you want. You can buy a Russian Банк RAPER card, plug it directly into your PCIe slot, and see what it does. Have at it. What you can't do now is connect it to Riot Games' servers. My server, my connections. I can require you to have your device-level security enabled to connect to my server, or you can piss right off.
Riot Games has no obligation to let your pozloaded butthole into its world. What people are complaining about is they want it both ways. They think Riot Games should have to allow them onto its servers to play its games without playing by its rules. It doesn't, and it won't ever. If you disable the OS and firmware level security features needed for a malware-style cheat device to stay connected to your machine, Riot won't let you into its game at all.
That's what people are mad about.
They aren't mad that they can't put any old device they want into their machine - they can.
They aren't mad that they can't run any software they want - they can.
They aren't mad that they can't use a computer without firmware-level security & device checking - they can.
They aren't mad that 3rd-party software requires ring 0 privileges - the cheat requires ring 0 privileges.
They're mad that they can't do these things and connect to Valorant servers. But that's not your server. You have no right, moral or legal, to connect to it. You can probably, with a little effort, hack Valorant to run the way you want, but then you'd also have to hack it to connect to your own server, same as people have done with the old Call of Duty games. But that's not what people want. They don't want to use $6000 malware to connect to their own servers. They want to connect to Riot's Valorant servers. As others have pointed out upthread, you can run all these cheats on Tarkov, no problem. But people don't want to cheat at Tarkov on Battlestate's servers. They want to cheat at Valorant on Riot's servers.
To truly solve cheating you would have to design a game with these obvious constraints, and still keep it low latency and make it work for peeking and so on, that's the actual solution.
You obviously slept through the rest of your CS classes, because the very next thing you learn is high latency is a fundamental property of the internet, and the only way to give the client a low-latency experience is to do as much latency-sensitive work client-side as possible.
"Response to tone" is a fallacy and not worth your time or mine. You're free to find me "disingenuous" if you want but it adds nothing to the conversation. Let's focus on the core points.
It wasn't a response to tone. I saw you leaving backdoors in your argument, and I thought you were going to use them. Instead, you intend to blow right past everything I say and misinterpret what I write.
The way I'm describing things and the way you're interpreting them are two very different things, and it's becoming increasingly apparent that you aren't interested in having an honest discussion.
You aren't consenting to the company fucking up your personal property. I didn't say that. By installing Vanguard, you've consented to the risk you're taking on as a (hopefully) informed consumer: that this is someone else's software, and that it is doing certain things to make it more difficult to cheat while playing their multiplayer video games.
Riot Games is liable if a Vanguard update results in tangible legal damages. It just hasn't happened yet. Making DMA hardware unviable for cheating doesn't qualify, unless you can point out where it says otherwise.
That's fine to believe. Don't install their software. What makes Vanguard bad isn't because Riot Games owns it. It's because it's closed-source software with privileged access and an internet connection. There's plenty of other software that behaves like this. Vanguard isn't unique.
This is still, according to you, in line with your basic principles. Vanguard has the same potential for abuse as any other software you install, given the same privileges and properties.
Its behavior isn't unknown, and it doesn't operate maliciously. It's still risky software to have, but it's not inherently any different than other Ring 0 auto-updating software you may install just because it's for a game or company you may not like.
Can't wait for the first genuinely bricked machines due to a fucked up anti-cheat update or someone abusing existing anti-cheat to trigger unintended behaviour. No game is worth giving third party anti-cheat access to your kernel.
reading this thread has for the first time made me desperate for all the engineers in the room to please fucking attempt to understand the business and financial angle
It's moments like these that I am eternally grateful that I lost interest in multiplayer over a decade ago.
Now excuse me while I play some more Factory Autism Games.
