• Saik0@lemmy.saik0.com
    link
    fedilink
    English
    arrow-up
    31
    arrow-down
    2
    ·
    7 months ago

    but here’s a major issue:

    You’re acting like other games have never successfully ran server-side before. Hell the whole net engine doesn’t need to be server-side at all. But you can run server side checks on shit at the very least. A player being 100 ft in the air is likely a cheater… A player making a shot through impenetrable terrain is likely a cheater. Tarkov is missing these basics. Forget ESPs and other bullshit.

    • huginn
      link
      fedilink
      arrow-up
      3
      arrow-down
      1
      ·
      7 months ago

      If you should absolutely be checking for repeat issues and basics. Not trying to excuse that shit, just saying server side isn’t a silver bullet.

      • ShortN0te@lemmy.ml
        link
        fedilink
        arrow-up
        19
        arrow-down
        1
        ·
        7 months ago

        That is just wrong. For example, increased movement speed. Just check every couple of seconds if the movement that the player actually did is possible with the allowed parameters. Yes there can be bugs in that too, but not trivial to bypass when you validate every packages.

        It is resource intensive. But much more effective for things like movement then client side.

          • ShortN0te@lemmy.ml
            link
            fedilink
            arrow-up
            18
            arrow-down
            1
            ·
            7 months ago

            Every. Single. Serverside anticheat ever implemented has been defeated with absolute ease.

            Even if true (it is not) this does not proof anything other the that to less resources are invested in it. Client side Anti Cheat is cheaper because you just simply buy that product and yiu have not fix your broken game code which bately runs smooth anyway.

            Client side Anti Cheat goes against basic IT-Security principles. Every single packet that is sent from the Client to the Server is User Input. It is not to be trusted. You have to validate it.

            When you login to your Online account the check if your password is correct does not happen on your Computer. It gets sent to the server and the server validates it.

              • SexyVetra@lemmy.world
                link
                fedilink
                arrow-up
                7
                arrow-down
                1
                ·
                7 months ago

                Lol

                It STILL is impossible to verify everything server side unless you have a crazy powerful adaptive AI engine the likes of which still don’t exist today and you need to scale that for hundreds of thousands of concurrent players.

                Serverside anti-cheat requires AI

                You need to go out in the world (where the trees don’t have pixels) and learn about this stuff if you want to be in this field / pretend to argue about it. Instead you’ve conflated the facts that other people are telling you (this is a hard problem that takes effort) with the corpo propaganda (It’s expensive so It’s impossible)

                Also: Your llama-based waifu is not real. Good luck with your chat bot addiction.

                • AMDIsOurLord@lemmy.ml
                  link
                  fedilink
                  arrow-up
                  2
                  arrow-down
                  6
                  ·
                  edit-2
                  7 months ago

                  No, I’m not an AI technro, and this doesn’t have fuck all to do with LLMs, but with today’s sophisticated cheats if you want serverside anti cheat, that’s just a fancy way of saying behavior verification, and if you can do it without some sort of adaptive system then good luck mate

                  I also don’t give a shit about pretending to be in the game, mate I’m a developer and I would love nothing more than getting another degree and kissing this garbage field goodbye

                  • SexyVetra@lemmy.world
                    link
                    fedilink
                    arrow-up
                    2
                    ·
                    7 months ago

                    AMD is always hiring devrel. You get to fanboy, travel, vaguely consult on a bunch of cool titles before they come out, and it pays way better than actual gamedev. Same goes for all the other hardware manufacturers, as well as engine and Middleware companies. (Also yacht parties and drama if you swing it right)

                    I think you’re talking botting where I’m talking hacking. With botting, you’re right you do need “AI” where AI is the old heuristics and state machines AI. I still think anyone calling this AI in 2024 deserves to get clowned on. (And which I concede is not you).

              • ShortN0te@lemmy.ml
                link
                fedilink
                arrow-up
                7
                arrow-down
                1
                ·
                7 months ago

                All the input verification and processing of player locations is done on the server (at least in any respectable game), I can smell the fact that you haven’t touched a single line of multiplayer code in your life from here

                Those checks can be buggy ofc or do not cover all possible exploitable behaviors. But when there are implemented correctly you can not circumvent them. Similar to a Login form, bugs excist.

                A youtuber named CodeOverflow made two great series about game exploitation.

                EDIT: things like physical hardware hacks are also near impossible to detect reliably except for stuff like blatant recoil hacks

                Not talking about that. And Client side anti cheat does also not help here.

      • Saik0@lemmy.saik0.com
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        1
        ·
        7 months ago

        No they haven’t.

        No they haven’t created games with server-side net code? Yeah you’ve just outed yourself as having NO fucking idea how any of this works. Most MMOs are fully server-side to put that in perspective. Very few usable cheats exists for these games that are not detectable.

        Server side anticheats are absolutely trivial to bypass

        Server side checks/anticheats are IMPOSSIBLE to bypass short of an actual flaw in the system/code.

        You’re arguing that you can hack the code the server runs that you never see or know anything about. That’s absurd. Hell the game itself doesn’t even necessarily need to know that the server-side checks are a thing depending on the implementation. You can’t fuck with code you never even have a chance to directly interact with.

        Change your health in a ram editor… Server receives the state of your character… see it’s invalid to the game state and drops you from the lobby/game. Do it enough times and you get flagged as a cheater, account ban. There is no “bypassing” this. Considering that game states have to be broadcast to all clients anyway, the server already has to touch all the states submitted to it anyway. A quick check on some sane things is simple and easy. A reference check from last known location to current state location and seeing that you’re clear across the map or your y value is impossible… This is trivial to check.

        ESPs and other client side stuff is harder since you have to send game state information to the client at some point (including information on enemies)… but you could conceivably not send status updates about characters/objects that are not relevant to a player. That would cut the vast majority of usefulness of ESP hacks.

        The most important part of ALL of this discussion. Tarkov does exactly NONE of this. They check nothing. They enforce nothing. The client side anti-cheats in place are useless.

        • AMDIsOurLord@lemmy.ml
          link
          fedilink
          arrow-up
          1
          arrow-down
          6
          ·
          edit-2
          7 months ago

          Sure, the absolutely most blatant stuff can be detected, BUT

          Stuff like aimbots and wallhacks are still very doable even in the presence of serverside anticheat. And for MMOs, the cheats used are different in nature, autofarms and scripts exist

          Look at FairFight anti cheat for example, your fucking holy grail serverside garbage. People still developed aimhacks for it

          But what do I know, some Lemmy dweebs apparently cracked the fucking holy grail code of developing anticheats, you guys should send some job applications lmfao

          • Saik0@lemmy.saik0.com
            link
            fedilink
            English
            arrow-up
            4
            ·
            edit-2
            7 months ago

            Sure, the absolutely most blatant stuff can be detected, BUT

            No buts. Tarkov does NOTHING to address even the basic stuff. There’s no buts at all. You can’t say “there’s still hacks” when Tarkov is literally filled to the brim with hackers. Nobody ever claimed serverside is perfect. Quite the contrary. But holy fuck would the game be a fuckton better if they at least did literally ANYTHING.

            A serverside anticheat could absolutely detect impossible flicks (autoaim). Especially since they’re too consistent.

            But the point is that Tarkov has become a shit-filled game because of the rampant cheating.

            Fairfight is an interesting example to take. Siege is a much better game comparatively. It’s proof that serverside works… and can work in real time. Except you claimed that would be impossible.

            Edit: I’m calling Siege better in the aspects related to this conversation. You only run into cheaters on rare occasion. When I played Tarkov it would be damn near EVERY map.