Why is anti-cheat always client-side? - eviltoast

Why is it not more common to implement anti-cheat on the server instead of the client? Is that not more secure? Couldn’t the server just check what vision a player should have and not provide any other information to prevent wallhacks or maphacks? Or check how fast it is possible to move to prevent speedhacks? Aimbot is a bit harder to detect I guess but what about the other ones?

  • Endorkend@kbin.social
    link
    fedilink
    arrow-up
    57
    arrow-down
    1
    ·
    11 months ago

    Doing anti cheat on the server can only check for symptoms of cheating.

    Doing anti cheat on the client can check for tools, attack vectors and the actual method of cheating.

    • LordOfTheChia@lemmy.world
      link
      fedilink
      arrow-up
      11
      ·
      11 months ago

      Also, server side anti-cheat computation costs the gaming company money.

      Though you’d think some forms of cheating would be computationally inexpensive to detect, like teleporting and such.

  • redcalcium@lemmy.institute
    link
    fedilink
    arrow-up
    37
    arrow-down
    1
    ·
    11 months ago

    Every time you double your servers’ cpu usage, you’ll double your server cost as well. If it were cheap I bet more companies would actually consider doing this.

    The ultimate server-side anti cheat would be running the online game like Stadia where the players basically stream the game, which is very expensive to run today but might be the norm in the far future.

  • Snot Flickerman@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    34
    arrow-down
    2
    ·
    11 months ago

    Couldn’t the server just check what vision a player should have and not provide any other information to prevent wallhacks or maphacks?

    Definitely not how that works. The server has no idea how to tell how the GPU on the client-side is rendering anything. The server is just doing server things, which definitely doesn’t include data on the “vision” of each player. There’s a lot less data being transferred than you assume here.

    All of these are way easier to detect client-side, because client-side you can actually check the code that is running.

    A server that checked all the code that is running would be a very, very slow game. Like imagine a chess game where it took five minutes for a move to register after making a move. Servers focus mostly on “player state” like, where are they, what direction are they looking, what direction are they moving, what buttons they are pressing, and a lot less on checking the code of the remote player. Once again, because checking literally every players code remotely would slow everything way the fuck down.

    • JeffKerman1999@sopuli.xyz
      link
      fedilink
      arrow-up
      13
      ·
      11 months ago

      I remember a long time ago it was on the server side that the hits were registered not on the client side. It had a funny feeling because you would have to shoot where the target was going towards instead of shooting where the target was. And that was done with 24 players in a server

  • TootSweet@lemmy.world
    link
    fedilink
    English
    arrow-up
    29
    arrow-down
    6
    ·
    edit-2
    11 months ago

    A lot of people in this thread are probably going to explain to you all the reasons why it’s necessary to do anti-cheat on the client.

    And they’ll be correct that it’s not really reasonable to expect a system where data is sent to the client only when it’s needed to render (in order to prevent things like x-ray vision and such) to be performant. (At least not in the most common and general case today, but more on that later in the comment here.)

    All that said, I very much believe that a lot of folks don’t suffifiently consider alternatives to client-side anti-cheating rootkits.

    And this is all going to be a hot take, so strap in.

    First off, an option that I’ve heard of is to require the client to send not just data like “my avatar moved to location X,Y,Z and has this velocity in this direction and etc etc etc” but also exact, specific keyboard and mouse inputs with timestamps. Then the server can a) validate that the given inputs at exactly the reported times produce the same location and velocity (this may involve running a copy of some portion of the client code on the server) and b) do better heuristic analysis on the inputs to detect things like aimbots more accurately. That would take more CPU on the server side, but it would go a long way toward making client-side anti-cheat rootkits less necessary.

    But aside from that if a tabletop boardgame brought out the worst folks who played it and made it easy to cheat to the point that the game had a bad reputation, that would reflect poorly on the game designers’ ability to create fun games with mechanics that ensure everyone has fun, right?

    So I have to wonder when a video game has either rampant problems with cheating or a draconian rootkit to lock down the client’s whole computer, how is it that people don’t ever consider that the video game designers should have put more thought into how to change the mechanics, incentives, or other design aspects of the game to avoid those issues.

    A quick anecdote. There’s an open source Minecraft clone called “Minetest”. A handful of years ago, the developers announced they were adding client-side scripting to it. A lot of the players lost their absolute shit. “How can you encourage cheating like this?” And the developers were like “a) there are already scriptable clients in the wild modified by third parties so us not adding this feature won’t solve anything and b) things like x-ray vision are better solved on the server by, for instance, not telling the client which nodes are ore nodes until one face of the node is exposed - there’s already server-side scripting that can be used to do that.” Unfortunately the very vocal anti-client-scripting crowd won that argument just by being really loud and pitching hissy fits and the client-side scripting the developers added ended up pretty useless. (And keep in mind this even keeps single-player games from accessing the features offered by the client-side scripting effort.) And again, scriptable clients already existed in the wild.

    Now, it’s really hard to come up with game design principles that would deincentivise all cheating in all genres of games. But just a few ideas:

    • What if there was an FPS that just gave every player x-ray vision to level the playing field for everyone?
    • What if you made scripting the client to make grinding or aim bots a feature rather than trying to prevent that, but required that all bots play only on bot-allowed servers? Even if that couldn’t be perfectly enforced, I’d guess it would reduce the incentive to try to play unfairly with client scripting. (Plus if there’s a built-in client scripting system that reports what it’s doing, or for some architectural reason has to report what it’s doing to the server, it’s probably going to deincentivise hacked clients.)
    • Not all game designs can get away with not sending data to the client until the client needs to render it to avoid x-ray hacks, but you could certainly design a (fun) game that did allow for some version of something close to that. A team v. team FPS game where the entire map is divided in half with a big opaque wall that disappears two minutes into the match whereafter basically has line of sight to everyone else for the rest of the match. You could not send player location data for the other team’s players until the wall disappeared.
    • Make the games player vs NPCs rather than players vs players and predefine the NPCs’ paths.
    • I mentioned the Minetest “don’t tell the client which blocks are ore until a face is exposed” thing above.
    • Maybe player rating systems? To where if a player is obviously cheating, other players can give that player a 1-star review. Enough of those and they get put on the naughty players’ server.

    (I’d list some more ideas here but it’s 2:00am and I really should sleep. Lol. Maybe I’ll see if I can come up with more tomorrow.)

    Aside from that, I’ll say that, for all the talk about how server-side anti-cheat can’t really work well, I’d have to submit that… client-side anti-cheat doesn’t really work that well either. Folks regularly find ways around it. And there are companies out there that make anti-cheat software that have started to tip their hand about how much it doesn’t/can’t work by partially giving up on making bulletproof client-side anti-cheat that works (because that’s not that feasible), but by bringing lawsuits against people who break their client-side anti-cheat. (It’s the same trick they pulled with DRM, at least in the U.S… It’s not really possible to make DRM secure against the user who has physical access to the machine on which the DRM scheme is being executed, so instead of making DRM that works, they made laws to criminalize the breaking of DRM.)

    All in all, I wouldn’t personally play any game that required a rootkit. Don’t care how fun it is. That’s just straight up a deal breaker for me. It’s my computer, dammit!

    (And, even if the client-side anti-cheat wasn’t a rootkit per se, I still wouldn’t use anything required any client-side anti-cheat.)

        • Alto@kbin.social
          link
          fedilink
          arrow-up
          3
          ·
          11 months ago

          I’ll forever maintain it used to be one of the best f2p fps games in history. Yeah you had to grind a lot to get new stuff, but pretty much everything considered meta was unlocked pretty early. The wall hack mechanic was just so well done, especially combined with just how much you could tweak everything.

          I miss it.

    • FuglyDuck@lemmy.world
      link
      fedilink
      English
      arrow-up
      11
      arrow-down
      3
      ·
      edit-2
      11 months ago

      Maybe player rating systems? To where if a player is obviously cheating, other players can give that player a 1-star review. Enough of those and they get put on the naughty players’ server.

      Because that’s not incredibly easy to exploit. And even if it’s not intentionally malicious reporting… there’s idiots who seem to think them lossing means the other cheated.

      I’m reminded of my time in WoW- vanilla wow when T-0.5 was still the best gear yiu could reasonably get. Any how this fully geared T0.5, l60 warrior tried to gank my greens-and-blues geared l58 mage.

      He waited until I was drinking, for that free crit. I was OOM, cuz I was ape grinding mobs.

      I killed him using r1 frost bolt, frost nova and my wand. (Warriors at the time had zero ability to reliably gap close against any kind of mage.). Eventually he tried to run. He got but hurt from all the frost bolts I rammed up his ass.

      Decided there’s no way a level 58 should be able to kill a 60. Now. Here’s the thing I’m very much “red is dead” in games with pvp. So of course i camped his ass. One, it was basically free HKs, two, he tried to gank a lower level, three he tried to gank an OOm mage. And four? Did I mention the free HKs?

      In any case of course I got reported for haxxors. GM was like “dude are you camping him” I’m like “he started it… he could always get a friend.”

      (He did. An equally terrible hunter. It was almost adorable.)

    • r00ty@kbin.life
      link
      fedilink
      arrow-up
      5
      ·
      11 months ago

      Back in the day (CS1.5/CS1.6) there was a server addon called HLGuard. Where it did some basic checks to see if you should know about another player and not send info unless you need it.

      But, it wasn’t perfect, and you’d still get an advantage from wallhack and of course it cannot stop aimbot. You could perhaps “detect” likely aimbot though. But it did limit the power of wallhack.

      I actually tested it (of course on my own server with a friend who knew I was doing it). What it seemed to do was make sure you only really saw a player when they were very close to a wall where they’d become visible. But of course, close up things like needed to hear audio cues meant you’d often see them through walls anyway.

      Also I never measured it, but it must have taken a fair bit of CPU to make all these determinations for every player on every tick.

      For modern MMOs etc, they are usually VERY client authoritative because they’re handling thousands of players at once and really want to spend as little CPU time on each as possible. So, they will likely want anything they have to be client side.

  • jet@hackertalks.com
    link
    fedilink
    English
    arrow-up
    14
    ·
    edit-2
    11 months ago

    It’s an interesting problem. If you render everything server side and just deliver a video stream to the client, like a GeForce now only tournament. That eliminates a lot of cheating vectors.

    The issue then becomes ensuring you have equal latency to all the players. So no one person has an advantage. But you could add artificial latency in that circumstance.

    There’s no getting away from the fact that in a distributed network, ordering of events and ensuring simultaneousness is difficult. Peakers advantage is a real thing.

    Server side rendering and streaming, advantages: people only see what they’re supposed to see, the server has perfect registration of all activity.

    Disadvantages: more latency for everyone, AI auto aiming is still an issue. Requires excellent networking for everyone

      • jet@hackertalks.com
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        1
        ·
        edit-2
        11 months ago

        Not really that expensive. With server rendering the GPUs can be constantly utilized for different clients or different activities. You only pay per minute of usage. GeForce now is I think $5 a month, which it’s not much. If you pay AWS for their ephemeral tear, 5 to 10 cents per hour depending on the GPU you want.

        When they’re not being used for gaming, those GPUs could be used for AI training, model generation, a whole host of things. A GPU in your house probably isn’t used 24/7, so that hardware is not being efficiently a moretized over a large scale of activity

        • idunnololz@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          11 months ago

          Adding at least $5 a month to a game subscription is expensive considering a lot of them are 10-15$/mo. Note that this isn’t just GPU expensive. You also need to calculate game logic on the server too which can also drive up CPU and ram expenses. This is not to mention that a lot of popular online games are freemium and will stand to lose a lot of players if they start charging a subscription.

          Another way to word it is that the freemium model is incompatible with server side rendering.

    • ZephrC@lemm.ee
      link
      fedilink
      arrow-up
      8
      ·
      11 months ago

      Sure, but client side is also owned and run by the cheater. Do you really trust them to always run the anti-cheat honestly?

      • Chozo@kbin.social
        link
        fedilink
        arrow-up
        3
        ·
        11 months ago

        Anti-cheats are typically designed so that the user can’t actually modify them at all. They install themselves deep into your system, sometimes literally in the form of a rootkit which basically runs parts of it completely invisibly from your OS, entirely.

          • Endorkend@kbin.social
            link
            fedilink
            arrow-up
            1
            ·
            11 months ago

            The problem with the server only solution in that they can never detect the source of cheating, only the result of it.

            And detecting the result is inaccurate as there are perfectly natural network latency and other issues that can generate the same result as a cheat, as that’s actually how many cheats are discovered and implemented, by noticing that network latency or weird traffic creates an exploitable condition.

            You need to run it on the client side to see if the natural circumstances are happening or someone is using tools to cause the circumstances. The first isn’t cheating, the later is.

            You can’t detect from the server side what the client side is doing without running anticheat on the client side.

        • ZephrC@lemm.ee
          link
          fedilink
          arrow-up
          2
          arrow-down
          1
          ·
          11 months ago

          Of course, which is why all cheating has been eradicated forever. Certainly no game with a rootkit anti-cheat has ever had a problem with cheating.

      • Endorkend@kbin.social
        link
        fedilink
        arrow-up
        1
        arrow-down
        2
        ·
        11 months ago

        You can’t check the source of cheating on the server side, as it is run on the client side.

        • ZephrC@lemm.ee
          link
          fedilink
          arrow-up
          3
          arrow-down
          1
          ·
          11 months ago

          You can’t reliably check the source client side either, because the client side self-reports, and is where the cheat runs.

          • Endorkend@kbin.social
            link
            fedilink
            arrow-up
            2
            arrow-down
            3
            ·
            11 months ago

            That’s a statement in the same ballpark as “people who get vaccinated can still get COVID, so why get vaccinated at all”.

            Seriously, where do you even come up with that level of daft argument.

            • ZephrC@lemm.ee
              link
              fedilink
              arrow-up
              2
              arrow-down
              1
              ·
              11 months ago

              Nobody is making new COVID versions to get around the vaccine. COVID vaccines don’t create a backdoor into your immune system that make you weaker against other viruses. The COVID vaccine actually works. That is a stupid analogy.

              More invasive anti-cheats cause a brief dip in cheating, and then cheaters spread around a way to get around the new anti-cheat and everything immediately goes back to how it was. As long as the anti-cheat is being run on the cheater’s computer, it will be bypassed and made irrelevant. People’s desire to see something, anything done about a problem no matter how terrible the solution sometimes just makes things worse without even helping the problem, and I’m not okay with that.

              • Endorkend@kbin.social
                link
                fedilink
                arrow-up
                1
                arrow-down
                1
                ·
                11 months ago

                Nature itself is literally making new covid versions.

                And our immune system detects and fights most of them similar to how virus scanners can detect a virus it doesn’t know. By detecting similarities.

                If a new variant comes along that is so different from the OG virus that your immune system doesn’t know what to do with it, they develop a new vaccine, which you have “install on the client side” by getting the vaccine, to protect you from getting sick from it.

                If new methods are developed to cheat, the cheat engine gets updated to detect those too.

                As for “brief dip”, that’s the only thing needed for a product launch.

                If a game is rife with cheating day one, it’ll fail.

                If it only gets rife with cheating when people are already invested in it, the cheating is much lower priority.

                That doesn’t change that fact that at the server side, you’re unable to detect most prevalent forms of cheating.

                Wallhacks and aimbots are nigh impossible to detect on the server side.

                • ZephrC@lemm.ee
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  11 months ago

                  Cool, keep taking your horse dewormer. I’ll be over here not installing rootkits made by companies with terrible security practices.

  • Vlyn@lemmy.zip
    link
    fedilink
    English
    arrow-up
    8
    ·
    11 months ago

    They usually use both. Client side and server side detection together.

    The problem isn’t the check itself usually, but rather latency. If you shoot a player on your screen you want immediate feedback (client side), instead of waiting for a roundtrip to the server until the blood spatters.

    There have been shooters where the server decides if a bullet lands. So on your screen you hit the player and then they suddenly survived. So most shooters switched to: If the client thinks it hit, it hit. Which does lead on the receiving end to running behind a wall and still dying. Overall it feels better than the alternative though.

    The whole topic is pretty much game networking, it’s a balance between doing it correctly (server side, slow) and faking to get it close enough (client side, immediate, easier to cheat, unfair if the player is laggy).

    Of course there are some server checks that are always easy: For example if a player teleports or moves around the map faster than possible? You can flag them for review or if it happens too often kick/ban them. As long as you’re super careful about automatic bans (bugs exist).

    • RightHandOfIkaros@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      11 months ago

      Overall it feels better than the alternative though.

      Client Side Prediction in combination with Server Authoritative Calculation should always be the correct option.

      Basically, both the server and the client do the same calculation to see if a bullet hits. Then the server sees the client data and checks if it matches what the server calculated. If it does, then it ignores the client data and continues, otherwise it sends the correct data to overwrite the client. While the client waits for the server to check the data and send it back, it calculates the next frame based on previous server data such as previous enemy velocity, look angle, etc. The client is always slightly ahead of the server, but as long as the ping is low this isn’t a problem (depends on network data bandwidth, but usually anything below 150ms ping is not really noticeable, as the ping from your eyes to your brain processing it, then reacting to what you saw is between 150ms-300ms.)

      This feels bad for players with bad ping, but it doesn’t have a negative effect on anyone else except cheaters that can no longer shoot you through walls or make impossible movements. And both of these are usually the fault of the client, as choosing a server with lower ping or simply not cheating will fix the problem immediately.

      Client Authoritative Calculation, where the client tells the server the data to send other players, should never be used in a game where cheating would be a severe negative impact on the game, such as a PvP shooter.

  • yeehaw@lemmy.ca
    link
    fedilink
    arrow-up
    4
    arrow-down
    1
    ·
    11 months ago

    Server receives “1” for “hit registered” as sent by “client”. As a client I can shove 1s all day long, how will it safeguard that?

    • krimson@feddit.nl
      link
      fedilink
      arrow-up
      6
      ·
      edit-2
      11 months ago

      Server determines hit received. Client only sends shot fired and direction and such. Server could also calculate if shot and direction make sense based on location, last shot fired, etc.

      I’m a dev but not a game dev so I have no idea if this is doable or too much for the server to handle.

      There probably is a reason anti cheat on the client is still needed. On the other hand, isn’t this mostly to prevent wallhacking and such? That’s probably the hardest cheat to detect server side if it’s even possible at all.

      • Longpork_afficianado@lemmy.nz
        link
        fedilink
        arrow-up
        3
        ·
        11 months ago

        Depends what you mean by wall hacking I guess. Shooting through a wall should not be possible by your proposed method, and it could be expanded to prevent the player moving through walls also.

        Seeing through walls though is a different matter. How does the server know if I have rendered an opaque wall or not?

        Personally I see anticheat as a problem to be solved socially, not technically. Just let people vote to kick, and anyone who is generally accepted to be hacking will be kicked. No need for invasive Spyware.

        • xep@kbin.social
          link
          fedilink
          arrow-up
          3
          ·
          edit-2
          11 months ago

          Just let people vote to kick

          This system is easy to abuse, and historically when implemented will be abused.

      • yeehaw@lemmy.ca
        link
        fedilink
        arrow-up
        2
        ·
        11 months ago

        As far as I’m aware every action the client produces is reported to the server. If I push “w” the client tells the server “move forward X amount”. So as far as I’m aware, make most sense to have anticheat on the client side.

  • xep@kbin.social
    link
    fedilink
    arrow-up
    1
    arrow-down
    3
    ·
    11 months ago

    I just want to say that the term ‘rootkit’ has been twisted out of shape when referring to anti-cheat. Rootkits are malicious. Software using low level privileges that require the user’s consent to a EULA, and which is designed to be uninstallable by the user I would not consider a rootkit, just invasive.

    • ichbinjasokreativ@lemmy.world
      link
      fedilink
      arrow-up
      11
      ·
      11 months ago

      Root kit by definition means software that grants root privileges to whoever controls it. Anti-cheat, especially kernel level anti-cheat, does just that. Parts of the anti-cheat used for genshin impact has been used on entirely different computers to disable antivirus programs.

      • IHeartBadCode@kbin.social
        link
        fedilink
        arrow-up
        1
        arrow-down
        2
        ·
        11 months ago

        Root kit by definition means software that grants root privileges to whoever controls it

        That doesn’t sound correct. That would mean sudo is a root kit, and I would be hard pressed to find people who agree with that statement.

        • r00ty@kbin.life
          link
          fedilink
          arrow-up
          4
          ·
          11 months ago

          I think it’s very important to separate root and kernel mode. If you run an application as root, you are still running in user mode. Drivers and other kernel modules are running in kernel mode. There are a lot of differences with serious implications for system stability and security.

        • ichbinjasokreativ@lemmy.world
          link
          fedilink
          arrow-up
          8
          ·
          11 months ago

          Should’ve clarified that it’s other users that are being granted elevated access, not the user sitting in front of the computer. Also, sudo doesn’t grant access, you must already have access to use sudo.

    • r00ty@kbin.life
      link
      fedilink
      arrow-up
      1
      ·
      11 months ago

      Yes, I mean I understand why people use the term rootkit. But, at the same time it isn’t good to dilute a term for something malicious.

      At the same time, while I hate cheating in online games I barely trust game developers that are often on a crunch timeline, access to user mode on my system. I really don’t want to give them access to kernel mode just to detect cheats. Also, it just means the next level of cheats just has to do the same, or get themselves in the hypervisor instead or hardware based anyway.

      I don’t play games that have kernel mode anti cheat (unless they’ve somehow installed kernel mode drivers without me knowing, every game installer wants admin to install these days it seems) for this reason.