Anti-Cheat for Multiplayer Games

(funky electronic music) – Hi everyone, thanks for coming I’m Aarni and this is Simon, and we are Easy Anti-Cheat Sorry Just quickly first, something about us, why are we here Easy Anti-Cheat started as a third-party solution for Counter-Strike Now, an expert team of 14 people, and we have a long history of dealing game hacking In house, we have three dedicated teams We have one team working on client-side anti-cheat approaches, we have one team working on server-side player behavior analysis, and we have one team working on machine learning that kind of sits between these two teams and helps each other We’re currently working with around 30 games, many in the Steam platform from different genres like FPS shooters, MOBA, MMORPG, and so on So we see a wide spectrum in cheating In this talk, we’re gonna cover with what is cheating, who is doing it, why are they doing it, how is it done, and then lastly, what is anti-cheating? – Okay, so let’s talk about cheating We define cheating as gaining an unfair advantage Cheating has always been present in competitive activities Think of card games, monopoly, any sports, and probably everyone in this room has cheated at least once in their life even if it’s just for winning a game of monopoly against your bigger brother Cheating might also happen in gambling or anything with monetary incentives And if you compare online cheating versus offline cheating, it’s very different In an offline world, we have social structures, real world consequences if you cheat, while on the internet, not much of this is in place There’s anonymity and it’s really easy to hide that you’re cheating Also, over the years, cheating and online gameplay has become increasingly easier to do as the software became more available, more accessible As a result, we also see that player communities more often see cheating as something acceptable Let’s try this video, (clicks tongue) yeah This is a short video of someone more like rage cheating It’s accelerated just to make it easier to watch This guy is using many different cheats One of them is the chameleon hack, so you see that the player models, they change color depending on team and also visibility within the map There’s also an ESP giving information on player names, what weapon someone is carrying, the skeleton and so on If you watch really closely, then you will also notice that even though this guy is headshotting everyone, the crosshair actually doesn’t move So this is kind of a usability thing in the cheat, like making it more pleasant to just rage the server And you can see that clearly for the other players in the same game, this isn’t fun In cheating itself, the definition of an unfair advantage and what’s not allowed or what is allowed, it’s very game and context dependent We kind of put it on spectrum of types of cheats One is exploits, like pixel walking or stacking It’s generally not a big problem unless then in actual tournaments or competitive gameplay We also have a lot of automation cheats like macroing, automating a sequence of key presses In many games, it’s acceptable In some, it’s not In the same category, we also have aim botting, trigger botting, basically anything that automates user actions Overlays like we saw in the previous video You have ESP giving more information Then you also have things like radar hack, giving details on where people are located within the map, and then things like warning hacks, telling you if an enemy is aiming at you, if someone sees you and so on And then finally, you also have the type of cheats that completely manipulate how the game is played fly hacks, speed hacks, no clipping,

anything that really hacks into the game to enable you to cheat So why is this relevant? Basically, it’s all about the player What we want when making games is that people say it’s a great game, you get good reviews, everyone’s positive about the game Also, taking a quick look at the business model, players basically discover your game in the store, they play it, they get excited about it, they continue playing it, they also tell their friends and so on And these reviews, they will also help in accelerated acquisition of new players All of this is supposed to result in revenue, which you reinvest in either player attention through game content, game features, or then in player acquisition with advertising, or then alternatively, you put it into the next game you’re making Then what we don’t want to see is basically, is reviews like this Basically saying this game should be removed from Steam because of bad management, cheats, and bugs Most likely, this player will stop playing the game He will also stop telling his friends to play game, and eventually the bad reviews will lead into reduced player acquisition As a result, any good business model, it goes in cycles The more revenue you make, the more game content you can produce, and again the more revenue you make And when you end up in a kind of negative vicious cycle, it might be very hard to get out of it So if you look at who’s triggering this in terms of cheating Let’s first define some terms just for the sake of this presentation also We have hackers, providers, and cheaters The cheaters, they are the guys, the players, the users of the cheats, and they use software produced by hackers These guys, they create features, they create the injection techniques to inject into the game, and basically do all the R&D related to cheats And then in between, as a distribution platform kind of, like as a publisher, you have the providers They take care of the branding of the cheats, they do community management, they take care of the payment portals If they’re really big publishers, they might do localization to basically cover more countries It’s important to differentiate clearly at least between hackers and cheaters They are not the same Cheaters use the hackers and hackers create the software Looking at cheaters, we identify some key profiles The most famous one, I guess, is the griefers These are the guys who will, on a Friday evening, buy a six-pack of beer, buy 10 game accounts, and just grief through every single one of them, rage hacking every server Luckily, this is just a minority of the cheaters I would say the vast majority are casual cheaters These are the guys who just want to make the game easier, more pleasant to play for themself They don’t necessarily want to ruin the experience for everyone else, and these are the type of guys who will also tend to cheat in every single game they play Then you’ve also got achievers, who want to win every competition They don’t want to get caught for cheating And then a group that’s often overlooked are the vigilantes and followers, as we call them Vigilantes are your type of player that fall victim to cheating, and then they go online, they google their own cheat, and they will just revenge for the harm done to them And then the followers, they are often your very passionate player base When things get out of hand, they just want to keep playing the game and they want to level the playing field so it remains fun for them Later on, when we talk about anti-cheat strategies, it’s also, think about these profiles because some of these players you want to ban and remove from your game forever, but others you just want to protect them from themselves and just give them a good experience Let’s do the same for hackers We only identify three key profiles First one is scripters This is the vast majority They copy, paste whatever they find They experiment a lot, they hack things together and just make simple cheats Then you’ve also got your senior hackers They are more professional, they make feature-rich cheats, they might commercialize them And these guys are often really, really good coders or professional reverse engineers,

or anyone with a really strong background in back software development And then the final category we see a lot is the researcher type These are guys who just, out of interest, they pick up the challenge to reverse an anti-cheat or to reverse the game, and they focus on producing proof of concepts rather than commercially viable cheats Then the providers, they sit in between It always starts with the open communities, where you get a lot of free cheats It’s very easy to access them, and when you’re a beginning game hacker, that’s where you get your initial knowledge of how things are done Then the cheat publishers themself, so they commercialize the cheats for the end user It’s often also relatively easy to access as long as you have PayPal or a credit card And these cheats, they go for anything between $5 amounts to something like $25 amounts And then the final category, they are the closed communities with private cheats It’s often really hard to get into those It’s reputation based You need to have references from already-existing members or a good reputation in other communities We also see things like you need to go to Skype interviews or send a copy of your passport so they know who you are when you screw them over And also, with these private cheats, there’s always limited availability So only the first 20 buyers or the first 100 buyers can buy them And it goes fairly expensive, something like $40 amount is not an exception And then in the same category, we also see the very private cheats where someone places a tender of anything between 500 and $1,000 to get a very private cheat These cheats are often very simple in terms of features, like just an aim bot or only a wallhack, but they are very private and they are supposed to be completely undetectable It is a business and it’s an industry, so it starts with public cheats, but it goes all the way to very exclusive, expensive cheats If you look at the big commercial providers, they are very often legitimate businesses They are registered in their countries of residence as a real company They pay taxes, they sometimes have management in place And checking the tax records of those companies, we see that a one-person hacker publisher can make anything between half a million and $1 million a year For teams, it’s generally higher Something like $1.5 million, quite standard We estimate the global market size is at least $100 million So it’s a fairly big industry, and it also explains why game hackers, they are often so incentivized and so motivated to continue supporting games because it’s basically, it’s their livelihoods It’s how they make a living So if you look at cheats next – So, cheats Cheating often starts while just playing the game normally, naturally So probably most of us played a game and then by accident found a game glitch, something that gives you advantage over other players For example, falling under the map and suddenly seeing everyone while they can’t see you or somehow become invisible to other players There’s also, while configuring games, you might find some un-ter-stik to the console variables or options For example, you find that the developer left accidentally a debug rendering mode which allows to enable wireframe rendering that also shows entities through walls Also, probably many people have tried modifying, for example, save game files on disk and loading the game again and seeing like, oh I have the, whatever, unlimited values These are usually relatively quick fixes Like, you can fix this quickly For example, enforcing the valid variable values for example, shipping the game without debug console at all and checking that, for example, if you remove text or file on disk, and it will give you wallhack effect for example, the game client can verify that this file must be loaded or otherwise, I don’t know, it can crash or prevent playing So there are also exist tools specifically designed to get around these restrictions For example, with cheat engine, it’s possible to modify the ammo held, experience,

go around value enforcements, and bring up the debug console again And the only real fix here really is authoritative game servers and not shipping the game with debug options Common workaround is also to use code obfuscation, encrypting variables This will make using these tools a bit harder Also, an anti-cheat can prevent the underlying techniques that these tools use to work For example, when enabling the speed hack module for cheat engine, it will give an error The program will fail while it leaves the game unaffected So, how do you make cheats? Looking back my own history, how I got into programming was really through cheating I was playing Counter-Strike, it was one of my favorite games, and I saw some people were cheating I would go to these open cheat forums They had tons of tutorials, examples, you know, how to make really complex cheats to how to just compiling program because I had never, for example, installed Visual Studio in my life So, with just a couple of lines of code, copy, pasted of course because I had no idea what I’m doing, I was actually make a wallhack code, make because it wasn’t mine I had no idea how the game worked I actually didn’t even understand until later why the wallhack works It actually took me probably years before I looked into the actual game code and understood more how games work The big benefit of just using OpenGL, Direct3D, and these kind of dependencies around the game engine was that I could also port this really easy to the next game because most games are using OpenGL, Direct3D, for example, for rendering And I wouldn’t have to worry about things like you know, the first anti-cheats, self code checks that the early games at that point had already This is how, for example, this cheat looks here It’s around 20 lines of code in total, a few (mumbles) space, and then there’s, this basically the only thing you need for Counter-Strike, for example, or any other shooter game You just need to see enemies through walls and well Later on, I would want to do more, better cheats, more advanced cheats so I would learn how to do things like ESP cheats, using the game engine to pull information out of it to show player names, the weapons, draw nice rectangles around the players and so on At that point, I got into hacking the game engines because again, many games use the same engines so I could support two, three games with the same hack Another way, easy way, to programming and coding cheats is doing bot programs These programs, they automate the gameplay Usually they target the network protocol, or they send emulated input to the game window They read the pixels, and this way they are aware of the game state For example, here is an example of a bot program This bot is actually completely external Python script It has no real game code It doesn’t load the game itself So even though, for example, here the server actually validates the game client, and it kicks the left player here every 10 seconds The player will automatically just join the server again for 10 seconds If you just do this 24/7, seven days a week, you actually get really long in the game, really far For a real player, this just looks weird, this is not fun, and you just see zombies walking around and all the time disappearing in the game So what more advanced cheats can do is they can also start adding new features to the games For example, doing an in-game hack menu so you can configure the cheat while playing You can do nice overlays For example, one of the cool things you can do, IRC windows in the game, and many cheats, for example, they actually have a snake game with a cheat so that while you’re waiting on a matchmaking queue, you can kill time So there’s a lot of stuff like Pong games and whatever The easiest is, of course, is to inline patch the game code itself for example Or, for example, it uses OpenGL rendering function So you’ll patch the code, jump to the cheat code, you do the deed, and then you jump back to the original game code Another way of hooking things and hijacking the code flow of the game is to, for example, find the engine interfaces and switch these function pointers so instead of calling the original game code, they call the cheat implementation The benefit, for example, with interface hooking is that it usually survives better over game updates because the game engine usually

doesn’t really do drastic changes There’s a lot more techniques also to achieve same effect and basically take on through a lot of the game For example, playing tricks with exception handling, causing invalid game states, for example, writing on some dynamic data so that the game will crash, and then you have a legitimate exception handler that will fix the crash, restore execution, and process data that was in the function you were interested in You can also use things like hardware debug breakpoints that don’t actually change any pointers They don’t change any code They just tell the CPU that hey, when you’re reading this address or when you’re executing this address, I want an exception so I can handle it So there’s tons of more techniques like this They all have their pros and cons Next, injecting cheat features These techniques are also used to protect the cheat itself Usually, when protecting the cheats, they also go through kernel mode, so they use techniques like direct kernel object manipulation, interrupt hooks, system service hooks, virtual address descriptor hiding to basically hide the cheat from plain sight or all the memory scanners and so on These techniques are usually, are resourceful also for the cheat DRM to make reversing the cheat harder, to do hardware locking For example, when you download and run any page or private cheat, for the first time, they will lock onto your PC and the cheats have their own dedicated backends, which monitor the usage of the cheat If you run the cheat, for example, three times within five minutes, they will autolock the account An admin has to check what you’ve been doing For example, if they detected you’re on a debugger, they won’t stream the cheat to you anymore It’s game over, so you have to start again And actually, doing anti-cheat this is often the most time-consuming part Beyond this, the really advanced cheats, they are also often very well-designed software They’re modular, they have many features that you can just plug and play in The creators have strong knowledge of operating system internals, they have strong knowledge of the game engines They might have experience in creating games They hide deep in the kernel, they leave no traces, and they even use legitimate software to load their cheat in a way that makes the cheat invisible to the system, and again, harder to locate and reverse engineer For example, this image here, it’s from a vulnerable virtual box kernel driver, which has an unfortunate, quite complex exploit that allows you to write arbitrary memory in kernel address space So using this, some cheats, they load, for example, unsigned hack drivers, they disabled certain security measures in the kernel and there’s a lot of premade tools that automate this exploit and propser you, so you kind of like, plug and playing it So, anti-cheating – One of the key things to understand about anti-cheating is that there is no such thing as an unhackable game The cake is a lie (chuckles) The way we personally look at anti-cheating, it’s a strategy, and you need to carefully consider what’s creating the value of cheating Why are people doing it, and what’s the cost of cheating? If you can switch this risk-reward balance, then that’s how you stop cheating So if you look at how you reduce the reward, decrease the value Early in the game design, you already want to start thinking about anti-cheat philosophies and how to incorporate anti-cheat by design A really good example of this is Dota 2, where they use Fog of War and basically on the server-side already filter out all the player positions that are not visible to the player So a cheat cannot create a map hack for this game Other good examples are World of Tanks or War Thunder, where the bullet projectiles are calculated server-side, and if you’re cheating and aim botting, then they correct your behavior This works great in current PC games and on our end, we’re curious how this will go in VR because there you cannot really correct the gameplay itself Another one is game mechanics A really good example there is Rust by Facepunch Studios It’s a survival sandbox MMO game,

and there you have groups of people who are solo players spending days and days grinding, gathering resources, and building large bases These bases, they hold all the loot, and they have doors that can only be unlocked with key codes What players then started doing is to actually brute force these four-digit key codes, so either they would manually, with a lot of patience, go through all the possible combinations, or they would use something like AutoHotkey to automate this and just crack it within seconds How they solved it was to, like with this, with a very small game change Every time you input the wrong code, you would get an electric shock as a player The more you input the wrong code, the bigger the shock gets, and after something like five to 10 times, you die So this effectively killed all brute-forcing Next to reducing the reward, you can also think about how to increase the risk Again, some examples Something like game price I wouldn’t say it’s part of your anti-cheat strategy, but it’s anyway, one of the factors that really influence how people cheat in your game If they pay $60 for the game copy, then it’s very unlikely that they will get banned two, three times in a row because it gets really, really expensive Free-to-play or games that cost something like $20, they are way more vulnerable, especially if you do like Humble Bundle or if there are accounts on G2A that cost something like $2 or $3 Then you’ve also got account value itself Like Steam profiles, there people tend to collect a lot of games, they want to grow their reputation, they gain friends, they begin trading, and so on and so on And then when they have this label on this profile, with like one game ban, it makes them look really bad in the community For this, Valve actually provides several APIs to help in cheating, or in anti-cheating One of them is the RequestPlayerGameBan It’s really trivial to use It’s just one HTTP call to ban Steam profiles, like the one in the screenshot What they also provide on the Steam partner website is that you can configure your favorite anti-cheat, so then the anti-cheat can take care of all the API integrations Another one to consider is ranked matchmaking, tiered gameplay If players have to level up for several days before entering the more competitive player base, it means that when they get banned, it’s very tedious, it’s very time consuming, like it’s a grind to get back where they were So it easily gets boring to do it over and over again With some games, you see examples of the first 20 hours you need to play on a beginner server before you can enter the real servers You can also use this in a way that’s kind of a forced tutorial, which is interesting and fun for new players And then if you have done it 10, 20 times as a cheater, then it gets really boring One more is, oh yeah, so one other approach is actually focusing on the cheats themselves, but when you reduce the supply, you actually inflate the cheat price, which makes it again more costly And then this is where anti-cheat comes in Basically, all anti-cheats, they will detect cheats There’s many different ways of doing it One of them is statistics, which is a really great way of getting griefers out of the game All those who cheat very obviously, you can just kick them instantly or ban them The great benefit of this is that it’s also completely server-side, but then you hit the limits when your best players start to overlap with very smooth cheaters Another really common way is signature scanning This is very comparable to traditional anti-virus approach, so the process basically goes that the anti-cheat will collect the cheat, will make a signature, carefully craft it so that it doesn’t conflict or false positive, it’s legit software, and then during runtime, the memory will be scanned for these signatures It works great, but again, has also a downside of you actually need to know the cheats you’re looking for So then a third approach is to use heuristics, which is, you don’t actually look for specific cheats,

but instead of scanning for patterns, you just look for code flow behavior You look where do the system calls land, or how does the engine behave, and is everything normal like it should be played? And then this gives you indicators of is someone cheating or not And again, it has a downside, and that’s, it conflicts if there’s a rootkit installed or a virus, you might be triggered that way So in a way, none of these three are perfect, so you kind of want to combine them in different ways to close all the loopholes So for detecting cheats, for most detection methods, you actually need to discover the cheat first For this, by far the largest or the most well-known cheating scene would be US and Europe, and then also Russia, which is a bit more isolated So for there, it’s relatively easy to infiltrate and get those cheats and get signatures for them But then beyond that, you also have very closed communities or for us, we’re based in Finland, and we see a lot of cheat communities, for example, in Korea, China, Thailand, Philippines, any of those southeast Asian countries, which are, due to the language barrier and culture barrier, it might be hard to infiltrate and get those cheats So what most anti-cheats will do is that they allow players to report cheat binaries So when they are reported, they can look into them, reverse them, and so on Then also, manual scanning of cheat forums and cheat providers, trying to get those cheats, cracking the DRM, and going through all the holes And then finally, also modern anti-cheats start to move in a direction of machine learning, where you use the heuristics to just discover what could be a new cheat, what couldn’t be Like you start clustering outliers or border cases and heuristics and find that oh, here’s 100 or 200 players with the same strange-looking data, and then from there you look into if you manually can discover what cheats they were using Then also cheat prevention is one of the key things that you see in a lot of anti-cheat services, and there are several ways of doing it A very common one, which is always the first step, is to use code obfuscation That gets rid of a lot of the standard tools that are used to create cheats, but then the more advanced hackers, they will get around it There you also see a lot of, like the kernel anti-cheats, the kernel mode ones, they will sandbox the process itself, and prevent common injection techniques, and prevent, for example, that an external process can get a handle to your game process or that the process can read the memory and so on Then also an important part of anti-cheat is that you need to be able to update it constantly because it will always be under attack, so you need a good way of shipping updates Either this is tied together with game updates, or then independently, which you can do with most of the anti-cheat techniques Like when you use statistics, then you would change the server rules Signatures, you can scan the new database files Or then with heuristics, you can stream the modules that check the certain cal-tro Then also we know that a lot of studios are doing it themself We’ve heard many stories, so we thought of just including some really quick advice and some thoughts The first one is when you do it yourself, make sure to protect your company assets You want to isolate the machines on which you run cheats Also, the network, you want to physically isolate it And then you also want to always use a VPN so your IP cannot be tracked by cheat providers Also, make sure to protect your sensitive information Don’t log in on Gmail when you have a cheat running They might be able to get your email, your password, and basically steal all your personal information Same for Skype Skype stores the Skype logs on disk, so it’s fairly trivial to just collect them and upload them Things like payment data, they will get your credit card And then also with source code, some cheats, they might look for .c and .cpp files, and just upload them to their backends Also, when you begin doing this, make sure to scope and allocate the resources, and be ready for a never-ending battle And that’s part of, the next part is staying in control

Basically, you have to have the mindset that challengers, they will always appear There will always be someone who tries to crack your solution How do you deal with this? First one is to have community management Make sure when you have cheaters, acknowledge it to the players Don’t start denying it, and show commitment that you will fix this On the other hand, also avoid added publicity for cheating We usually don’t recommend to announce ban waves and those things because no number is a good number If you have a ban wave of say 12,000 cheaters, people will say that this is too much, everyone’s cheating in this game, I should cheat too If your ban wave is really small and you have something like 200 players that cheated, then you will get criticized that you didn’t catch everyone So it’s better to just keep going and players will notice in game when there are no more cheaters In the same way, also make no promises or claims because you can basically not promise like next week this will be fixed You can aim for it, but there’s no way to keep it, the promise And then also, make sure to keep the focus on game content With forums and Reddit, you don’t want the normal threads about the game itself, you don’t want them to get buried under an avalanche of cheat-related threads Better to aggregate, give them a platform where they can talk, but also make sure that the game content itself keeps getting focus Then in the game design phase, make sure to plan ahead Look at trusting the client as little as possible Again, it’s game-type dependent In a fast-paced first-person shooter, you might not be able to implement authoritative server design, but at least look at things like player health, player ammo, experience, keep all of those server-side And then when there are exploits, try to react as soon as possible Again, this shows commitment to the players and this shows that they can trust you as a game developer to take care of this problem And then for you personally, try and disconnect from the problem, especially if you’re involved with the actual game development Don’t engage in warfare There’s no point in going on Twitter and starting a flame war between people Also, try not to make it personal It’s a technical problem you’re solving It’s not necessarily a people problem And also, within the company, try to isolate the people who work on the anti-cheat from the actual game design, even though they need to talk to resolve some of the structural issues, you don’t want that your daily standard meeting revolves around cheating, and that everyone forgets that you’re making a game, not an anti-cheat And then finally, don’t underestimate because cheating is not solved overnight It’s always an ongoing thing And then, final takeaway Whatever you do, behave like a duck Always keep calm, show that you’re in control, show commitment, but on the background, just work as hard as possible to get it fixed So that’s all We still want to quickly thank the guys from Valve Anti-Cheat for having us here and thanks for listening If any questions, then shoot (audience clapping) – [Audience Member] Can I ask one? – Yeah – [Audience Member] A common cheat we see is speed hacks where people change the timing that the processor returns What’s a good way to counter that? – So the question was, how do you stop cheat engine from making the game go faster? – [Audience Member] Yeah, what they basically do is we call a function that asks, okay, how much time has passed since the last frame? And they override what that function returns – Okay, so there are a couple of ways to solve this You don’t really want to do anything like measuring how fast is client running or these kind of things What you can do is, example is preventing cheat engine from accessing game memory So if the cheat engine, as an external process, if it’s not allowed to access the game process memory, read or write to it, then it cannot hook those functions and return you bogus values Some other things you can do is, for example, like what was in the cheats pages about interface hooking You can also do things like you can redirect your own system calls to copied code that does the same thing So whenever your game client is calling, for example,

the query performance counter that, in this case is calling, it’s not gonna call the cheat engine’s speed (mumbles) hook because the code is actually just calling directly the native routines So this like, for example, one of the anti-cheat techniques that you can do, but I would recommend just preventing the memory accessing itself Maybe just one other thing still that you can do is because in order to write to memory like cheat engine, for example, hooking that functions, you need to be able to change page protections, so you take that technique away that they are not able to make the code page, for example, writable, then they are not able to place that hook there and take control Hopefully that made sense – [Audience Member] Yes, thank you – Hey there, can you guys give a quick summary of the service that you provide? Easy Anti-Cheat? – Maybe really quick because we didn’t come to advertise We’re basically an outsourcing service so that the key focus, we just wrap around the game process, don’t integrate deeply, but then we take responsibility of all the cheat-related problems So that’s also why we focus on a full stack We have a kernel driver for prevention, we do detection, and then on the backend we use a lot of different techniques to analyze gameplay behavior and also code flow behavior – And is that something that you work with the individual developers on or is it more like a blanket solution that’s applicable to a lot of games? – It’s applicable to many games, but it needs integration with the game itself, so yes we work directly with game developers to get it integrated – [Man In Plant Shirt] Okay cool, thank you – Thank you – Hello, my question was you mentioned that a lot of the games are server authoritative, like you said that that can stop a lot of the problems from happening, but do you run into a problem where a lot of games are made client authoritative? Where a lot of the work is done on the client, and then we just tell the server what we did as opposed to the server being authoritative and telling the players what’s happening? In the sense that, it’s easier to code something client authoritative than it is server authoritative So do you run into that problem a lot where a game engine or a game might just always be doing something client authoritative when they could actually fix it by being authoritative on the server instead? – Yeah, we actually, we see it quite a lot Especially in older games, you see it quite often I think it’s also a typical early access thing to do because you want to iterate your features really quick, get feedback on them before polishing them and implementing them properly So in those cases, we see developers tend to just implement it on the client If they get good feedback, then they do the whole thing – Overall, it would be better for anti-cheating in the future, in general if we all just went to a server authoritative model and we could get people like that, that’s what I meant – Yeah, most definitely – [Man In Beanie] Thank you very much – And to that also, especially when prototyping, usually things are done in client-side and later on move server-side Then one thing to remember also, for example, if you’re doing first-person shooter game, because the player needs immediate feedback of what is happening when they shoot something, so there for example, usually the engines then have to support for things like lack of compensation, predicting, and so on, and one thing that we’re not sure about how to do it yet is for example, with VR games, in many games you see that when player goes to bad position, the server moves him back, and it’s completely fine, but if you are inside a VR experience, I’m not sure what will happen if you suddenly move in the room But that’s probably something that, you know, some guys are probably already working on it – [Man In Beanie] Thank you very much – Thank you – Hi there Do you guys have any advice for developers on what to do when they encounter false positives and they’ve banned people due to a false positive when they shouldn’t have been banned? – Just unban them as quickly as possible – [Woman] Okay (Simon laughs) – Yeah, and then communicate about it, and explain to player why this happened Yeah, it’s a tricky thing because, it’s one of the things we also see with detections in general and why we try, it’s part of the reason for prevention because when you detect people and you need to ban them, then you always run the risk of false positives no matter what method you use Like statistically, there can always be a false positive or the signature scan can be poorly crafted and trigger legit software Or then the heuristics, they can just also trigger something very unusual So in that way, prevention is always better – Hi there

I’ve run into an issue where many times I feel like I’m creating a lot of latency by trying to do a server authoritative way of anti-cheat Are my fears actually, I’m trying to find a way to not be afraid to authorize the player because I feel like I might be creating too much overhead, and I’m creating more latency, especially when there’s a huge distance between players or something like that I’m basically asking am I being afraid for nothing or is that actually a legitimate fear to have? – I would say you’re not being afraid for nothing Depending of the engine of course, but usually you can assume that whatever you see in the code, someone else is also seeing So if you have for example, like okay, I have this compromise, or there’s this loophole, if it’s related to for example, user authentication, it’s really important to fix it Someone will find it It’s really important not to underestimate that And then for example, some compromises might be something that maybe no one would try, and I would do compromises in the places where it doesn’t directly impact the game or others don’t really see it, but then think critical things like, for example, shooter deciding how much damage I’m gonna do to the other player It’s guaranteed that that’s gonna be the first thing they test – Even the opposite, the victim deciding it ’cause then it’s, a God mode is fairly easy to implement So it’s better to have it server-side – Hello, thanks for the talk So once upon time, I made Half-Life mods and Source mods, and of course, all those Counter-Strike cheats were just, people just used them in my game, which was great, but as a mod developer, you really have no bandwidth for like doing anything about that What might you suggest for people with limited resources to deal with this with? – Well, in that case, of course, we’re as an anti-cheat company, but then you actually want to outsource it to save time on the actual game development – Right, but mods don’t make you money – Oh yeah, right. (laughs) Yeah – Is there anything that’s like within the scope of a single developer that you can do to not eliminate, but reduce somehow? – Well there, I would look whatever use or whatever you choose to do something that you don’t have to spend so much time on yourself on it so that it doesn’t become your second job I think that would be my advice – And some basics, like obfuscating some parts of the code That might help a lot already Running something like VMProtect or Themida I would say – Maybe in the community, maybe there’s some guy who might be unfortunately hacking it again, but usually it’s ’cause they’re also really passionate about the game, so maybe someone wants to prove that, hey, I can actually protect the game, I know the engine You never know – Well, thank you – [Simon] That’s all, okay, thank you – Thank you (audience clapping)