I have found over the last 5 years that it is impossible for me to take online multiplayer gaming serious in any capacity anymore. Cheating has become so rampant and so ubiquitous that I have no confidence in any online gaming match to be cheater free. If people are cheating then what am I even playing for? It's only fun for me when I know there is some semblance of integrity between the players, but nobody else seems to care. I don't even particularly care about being good or winning. You wouldn't cheat at tic tac toe despite the inherently low stakes of the game so it doesn't seem any different in any other video game.
I also have no trust in any sort of gaming related records of feats of ability. I've been deeply involved with gaming communities in the past where people would show off their world records. I would question such scores only to be flamed and then years later it is discovered they were cheating after all.
Really my only point is that I despise cheaters and any game that isn't single player or only between friends may as well not exist for me anymore.
I used to play competitive Search and Destroy on PC in Call of Duty. I clocked up a few thousand hours of online multiplayer play during a mis-spent 5 years as a student. I’d often get accused of cheating in casual online games - to the point where it became tedious to even acknowledge the accusations.
My point is: often people think others are cheating when in reality they are just really good because they have spent thousands of hours playing.
Big agree on this. I play a lot of Team Fortress 2, because it's absolutely timeless
Valve in their "infinite wisdom" decided to funnel the bulk of players into a matchmaking style multiplayer system, while relegating decades of player-run (and previously Valve run) dedicated servers to a "Community" tab that opens the old school server browser
Consequently the game has been absolutely infested and overrun with bots for the last couple years. They all play Sniper and aimbot instant headshot players on the enemy team, they're also programmed to steal a players username and steam avatar (because there is no throttling on changing that information live, even when connected to a game server)
Consequently the paranoia of most players means that even if you're just a "good sniper" (as someone with about 8,000 hours in the game over the last ~14 years) you'll almost immediately be the subject of a votekick. To which you have to get on microphone and plead "I'M HUMAN, I'M HUMAN!" and hope players don't automatically just vote to remove you
Back when I played Counterstrike and Team fortress classic in the late 90s I would occasionally get banned from a server. The only cheats I used were headphones and way WAYYY too many hours of play time. I couldn't even tell you how many tens of thousands of times I've been accused of cheating because "no one could do that legit". One person's skill is another person's cheater.
Having said that I've run into plenty of "hackers" and cheaters over my decades of online play. I steer clear of certain types of games as the player base seems more inclined to cheat.
Found an old screenshot of Counterstrike after I got auto balanced.
I have stood behind a friend (let's call him X) watching him play, and like you, he had this almost uncanny ability to one-shot targets. We were in a LAN game and there was no way he was playing with any bots or exploits, since he would sometimes take over from someone else's PC when they went for a break, and suddenly this person's handle would rack up tons of kills (then someone would call out, is that you, X, on Y's PC, darn it, and we'd all start laughing).
Sometimes I would get into a near trance like existence where I just had an uncanny ability to predict the location of my opponents. Sometimes I struggled to tie my shoes.
In high school some of us would play duke nukem 3d after classes were over. I would have to handicap myself with various restrictions to make it fair for the others. At the time I did not have a computer that could handle Duke nukem so the only playtime I got was at school.
CS has a mechanic that makes you miss the shots if you are moving during shooting.
Basically you have an acceleration vector, and this value makes your shots deviate if it's higher than zero. But it can be exploited (move the opposite direction before shooting, to cancel the acceleration vector), which makes it frustrating for players who do not train to exploit this mechanic.
It basically makes the game unplayable, because you have following 2 options: 1) play normally and get killed constantly which is frustrating
2) train to exploit this mechanic, which makes no sense
Every video game played at the highest levels tends to have this kind of weird execution barrier. Coming from CS mechanics to my current favorite of Planetside 2, I had to learn that movement meta wasn't so important, burst and range was. The automatic guns reset their bloom in durations of just a few frames, so if you are doing it right it doesn't actually look like you let go of the trigger, which is absolutely baffling if you are used to CS burst/tap and spread patterns. And all the guns are projectile based with unrealistically slow bullets which adds some unintuitive target leading and situational preferences based on whether you need faster bullets and sprint-to-ADS times or slow but powerful at range.
And when you get to learning those parts of the game, you always end up sitting down and drilling a small part of the technique for hours over the course of a few sessions, because that's the only way to get the right muscle memory.
It's unavoidable wherever games are doing abstract things: mouse/stick/button inputs are meaningful because of the context, not because they are the actual action being performed.
When I want a game that feels fully connected, I play pinball. Virtual games get close(and work great on a phone) but real ones let you nudge the machine finely.
That’s essentially what games are. They are man-made programs with their own rules and “exploits”/quirks that one has to master to the fullest if they want to be competitively good. For a while (I don’t play it anymore) I was a top 1%-ranked online player in PES (Pro Evolution Soccer) and once a fellow player laughed at the stupidity of comparing a game in PES to an actual soccer match, which I had to agree with.
My strategy comes mostly from the 1.6 era, and you are right that at the time it was mostly a matter of stopping to move, crouch and headshot.
I guess you can learn how to anticipate the deviation as long as it's static and dependent on your movement speed (e.g. not random), but that's still good right? It's a skill thing, not a luck one.
stopping and crouching make sense, however the mechanic is exploited in a way that doesn't make sense.
you basically move forward and if you see something you want to shoot, you move backward for a fraction of a second. that will cancel the forward acceleration vector much faster.
also another strategy is to find a place covered by a wall, and move left/right quickly. when moving from left to right, there will be a point when the acceleration vector is 0, and that is the moment to shoot.
Strafing is not an exploit, it's a core mechanic of CS. Playing "normally" is playing wrong. I should note I've spent most of my time in Gold in CS so I'm also not great at it LOL.
Brings back memories. Used to play waaay too much CS/TF with some work mates in the 90s. The 'problem' we had was we often played from the office after hours. And we had a DS-3 connection. 45Mbps, low latency connect at a time when basically everyone else was dialup. We got accused of cheating constantly; I suppose in one sense we were.
It's also frustrating when you're not particularly skilled are just having an unusually good performance. My K/D ratio hovered somewhere just under 1, but I had outlier moments in CoD where I would rack up kill streaks and end games 16-0 or 27-1. Being accused of cheating and then follow-through harassed via PMs was just exhausting and ate up some of the joy of performing well.
I always turn off text and voice chat as part of setting any game up. I don't care what others in a game have to say about, well, anything. I'm there to play. I rarely if ever look at the social tab of any game. One of the worst things to happen to games in the last 15 or so years imho is in game communications (second to only being able to play with a net connection). We used to use external apps like teamspeak and xfire and the like if we cared enough to talk to people, like if you were in a clan and needed to play cooperatively.
Well if you cheat you get to enjoy that feeling even when you wouldn't do well.
I honestly expect many of the people who go "nah I'm just that good" even in this thread are actually cheating. That smirk wouldn't feel any less good if you were cheating, in fact it'd be one more thing to smirk about.
On the contrary, I would get no pleasure from the salt if I were cheating. The pleasure entirely comes from feeling good at the game, so good that people feel the need to complain about it.
The absolute best I've ever felt in online gaming was when someone accused me of cheating after a particularly good round of TDM. Rode that high for at least a week.
Back in the day I used to play America's Army (dating myself here). I had figured out where to point and shoot a grenade at the beginning of a round and take out most of the enemy team. I don't know if others knew about this. I just figured it could be done and didn't take long to figure out where to shoot.
Well, if gamers gain that much satisfaction from other people's frustration, it's no mystery why they cheat too. I don't think that feeling is especially dependent on having achieved it "legitimately".
Who says they didn't believe it was possible? They just didn't think it was possible for you, i.e. that you did it honestly.
We all know cheating is a problem in online games, so it wasn't an unreasonable belief. It's certainly possible to play chess at Magnus Carlsen's level, but if I play against someone random online and they play at that level, then of course my default assumption is going to be that they're cheating, not that they're Magnus Carlsen.
I got that once in Unreal Tournament, but only because someone on the server didn't understand what relics were (items that gave you buffs of some kind). Still felt good, though.
I totally killed it on a particular server for Counterstrike (the oooold versions). It was the only server that had a map I really liked but my ping sorta sucked. But the netcode made it so that I could circle around people with an MP5 meaning I was very accurate and they had almost no chance to hit me.
If having a high ping is an issue that should simply be a kick. Most modern games generally have a way to prevent people with a high ping from playing. Lag compensation techniques also reduce the problem to some extent. I imagine OP is talking about CS in goldsrc which absolutely had bad netcode for high ping, still fun as hell though.
Nobody banned me. But yes players accused me of cheating of course. Back then I also didn't know what "netcode" is. Now in hindsight I know that the game gave an unfair advantage to players with high ping. Probably in order to make the game playable with internet connections common at the time. Blame Valve ;)
No cheating involved. Best ping I ever had at those times was 120-150ms IIRC. On that particular server it was more past 300.
I mostly played on an unstable terrible dial up (under 300ms was a fantastic day). When I played on a t1 line my K/D was always higher than at home. Maybe packet loss was my ultimate foil?
Do you still play ? Cheaters are a whole different league now compared to 10 or even 5 years ago.
It used to be script kiddies with aimbots downloaded from somewhere, nowadays it's cheat developers making hundreds if not thousands of dollars per month from renting cheats or selling carry services.
I remember joining games of Dark Forces: Jedi Knight in the '90s and finding someone playing as a TIE fighter. Like, a full size TIE Fighter, not a model scaled down to person-size. And insta-killing anyone who came near. Mind you, this is a (mostly) first-person shooter that doesn't normally have player-drivable vehicles of any kind.
That and similar ridiculousness were fairly common.
I actually didn't mind that stuff, it was funny enough to outweigh the irritation of not getting to play a real match. The ones cheating without making it overt were the ones who'd truly ruin a match.
> You wouldn't cheat at tic tac toe despite the inherently low stakes of the game so it doesn't seem any different in any other video game.
I don't get it, but people do cheat. They cheat in online games, they cheat at board games, they cheat at tabletop RPGs(?! and no, I don't just mean the DM fudging some roles in the name of fun—they have a screen for a reason) [EDIT] What I mean is, there must be some impulse to do it, even when the stakes are nonexistent and it might even ruin the fun for everyone. It's not even uncommon. I don't get it either, but it must be there.
Reminds me of joining a lobby of the original Modern Warfare 2 only to find that there was a cheater, but a generous cheater. All players were flying around in noclip mode, armed with pistols that shot giant explosive rounds. It was a blast.
If there are gonna be cheaters, I'd rather they do silly shit like that than just be using wallhacks, radar, or aimbots.
Some people get joy out of making other people unhappy. It’s not about winning, it’s about making others lose. Cheating in games is a very low stakes and easy way to achieve this. I’m no psychologist, but this is the only explanation I’ve been able to convince myself of.
Cheating has a rich set of reasons, and any one cheater may be doing it for a mix of them. For some it is to show power over other (like to make them unhappy in your example), for some it might be a sense of entitlement (I've paid for this game I should have the right to win it how I like), in some games there are people paying others (in game tokens or real world money) to level up for them and those doing the levelling up are using cheats to improve their profitability, and a number of other reasons.
Some people play for the socialization, some people play for the challenge, and some people play to win (ie, display their “dominance”). It’s just different personalities and values.
The latter group will often cheat if necessary as winning is the need and the priority. The talented ones usually end up in profitable pursuits like business and poker rooms. The losers (pun intended) will gravitate toward friendly competitions where people have their guard down and cheating is easy. At least that’s what I’ve seen.
The best strategy is to detect these people and ban them because appealing to values won’t work.
I suggest having a look at Deep Rock Galactic (http://deeprockgalactic.com). It's a coop-first game (that is, it's meant to be played with others, but can be played solo) that is PvE (that is, you & others are working together, against "the environment").
Missions are arranged into five difficulty levels ("Hazard 1", a.k.a "Haz1", the easiest, through "Haz5"). I've found that, when playing with random people, Haz2 or Haz3 gets you a good combination of players. Of course there are toxic players, but the proportion of them (that is, the number of toxic players as a percentage of the playerbase online at any given time) is low.
I think Haz4—more difficult than Haz3 but not Haz5—has a higher chance of toxic players. I avoid Haz5 as it's _extremely_ difficult for my skill level, but I understand the players who regularly do Haz5 missions are good folk.
Sadly co-op PVP is still no guarantee the game won't be ruined by cheaters. I love Monster Hunter: World, and you'll run into random players who have hacked gear that one shot the monster. Playing with friends, or running a dedicated server where you cultivate a community, are the only options.
Same in Fallout 76 which is a cooperative PvE casual game, enjoyed by the fabled middle-American casual gamer Mom. (And Dads, and anyone else who isn't playing for competition.)
For some reason, some players spend 3 figures at RMT sites for weapons that can few-shot the server-wide event bosses. There's no in-game benefit for this. The boss events are designed to entertain a half dozen to dozen players for 5 - 15 minutes. Insta death for the boss just means everyone has to wait longer for the next event.
Other players use a glitch in the game that lets them blanket the event zone with white explosions, so no players (including themselves) can see the event. The only recourse is to switch servers or just leave the event.
This phenomenon is interesting enough to have been researched:
"Results support the relationship between self-determination theory need satisfaction and enjoyment, and indicate that griefers enjoy their gameplay style as much as community-based players, despite the antisocial nature of the gameplay style resulting in differing levels of need satisfaction."
I've played 3000+ games of competitive Halo Infinite over the last year while climbing to top 1% and only had 1-5 games with noticeable cheating. It's nowhere near "ubiquitous and rampant". In the singular game with blatant aimbotters, it was actually a really close and exciting game because while their aim was perfect, their strategy and game sense was atrocious. So with good communication and coordination on our side, we were able to outsmart them and win.
Most people have no idea how to detect basic non-blatant cheats. Even simple low-FoV aimbots sneak past the vast majority of players. Good enough cheats are virtually undetectable by just human inspection.
The few people you saw cheating were probably frustrated enough with the game they decided burn their accounts and ticked enough boxes in their cheat menus to let them go out with a bang. It may of course be that you are particularly good at spotting cheats and Halo Infinite is just blessed to be relatively cheater-free. (I've not played it.) But I'd expect 1-2 orders of magnitude more games to have cheaters than your estimate.
You wouldn't cheat at tic tac toe despite the inherently low stakes of the game so it doesn't seem any different in any other video game.
That’s the difference. The stakes are way higher in video games. People pour thousands and thousands of hours into these games. They dream of going pro and joining one of the big teams. They dream of winning the big tournament for real money. They dream of having a popular Twitch stream with many thousands of viewers throwing even more money at them.
Most fall far short of those dreams. Instead they throw temper tantrums and rage at their teammates over voice chat. Some get so frustrated about their lack of progress that they search for alternative means. That’s where cheating begins. It’s really no different from sports.
There's the cheating, and then there's the fact that there are far too many man-children everywhere these days. They whine, complain, throw tantrums worse than toddlers do. It is absolutely painful to hear a grown man whining about something in a GAME.
For instance, I played a free to play game. The servers just went live and it was the VERY FIRST MATCH of the game. It wasn't soon before one guy on our side was crying because we all sucked. I see this type of behavior everywhere.
I've been that guy. It's hard to have fun in the modern "you will be FORCED to lose 50% of the time" matchmaking systems, compared to the small communities of the past. When I loved playing Halo 1 on the PC, you could actively chose how you were feeling that day, whether you wanted a very competitive match, or whether you just wanted infinite rockets with no shields so everyone's bodies are flying all over. You could have a relaxing game of chaotic fun, or you could load up a giant map sniper duel, or a very classic sidewinder CTF that requires teamwork and cunning and individual talent to make things happen.
Instead, every single game now is optimized for streamers, content creators, and a small "Professional" scene. So now, when a single popular youtuber wants a meme gun, the devs add a powerful slug to the double barrel shotgun and a red dot sight, so that youtuber can make a highlight reel of headshotting people across the map with a damn shotgun while throwing the entire tactical part of the gameplay out the window. The community spends 6 years complaining about a tactic that is basically just spawn camping, and the publisher gives radio silence, but there's a weird, niche tactic using your favorite character in the pro scene that is SLIGHTLY better than random in effectiveness, and you better believe that character is getting a hard nerf.
Now I boot up the game, and if I have a good match where I did better than expected, the system responds to that by putting me in a much harder game, where I'm expected to lose, because that 50% win rate must be ENFORCED. Even if you constantly improve at the game, you just get put in front of more and more talented people, wiping out any joy you might experience from your improvement. Meanwhile, you continually get destroyed by 12 year olds that don't have to cook dinner every night and have plenty of time to hone their skills. These systems are even implemented in """Casual""" game modes, which are then full of pro players on new accounts making youtube highlight reels.
So yeah, excuse my old man anger, I just literally lived through a better time. Right now it is impossible to sit down with my friends and enjoy a PVP game together, because casual multiplayer has been thrown to the wolves, often in service to memes.
But winning 50% of the time on average in 1v1 is the absolute sweet spot of matchmaking. It means you are always facing a fair challenge. Winning easily is just boring. Plus if someone is winning in excess, someone has to be losing in excess too.
I don’t understand the part about 12 years old. The game naturally shifts you towards players of your level. If you get destroyed, next game will be easier. Seems like you somehow feel entitled to winning.
Sorry but I think you might indeed be that guy. You are basically complaining that you don’t want to compete. You can play a solo game if that’s the case. They are perfectly good fun.
> Seems like you somehow feel entitled to winning.
Well, yes. If you spend hours and hours playing the game, I can imagine that at some point you feel like you should be getting better than most people.
This was definitely true for dedicated servers anyway.
So basically you are complaining that you don’t get to connect and smash opponents weaker than you and instead are faced with even competition?
Unless you derive an unhealthy pleasure in bullying people who pose no challenge to you, that’s seem like a net improvement. Facing no opposition is just plain boring.
Honestly, my already fairly low opinion of the average online video game player is not really being improved by our current discussion.
No, my problem is not being faced with even competition. My problem is being always faced with even competition.
In the past you’d know you were getting better because you’d start winning more often than losing. Conversely, you’d know you needed to get better when you were still mostly losing. This was all in games with a completely level playing field, so the only differentiator was skill (for me those games are tiberian sun, gta 2, warcraft 3 or unreal tournament).
This was, fun? I’d look up to the people that could defeat me.
Then the new generation of games, where you literally got advantages as you played more (Call of Duty MW2) things became crazy, because you’d need to play against people that had wildly different advantages. Matchmaking often isn’t very impressive, and you get matched with people much stronger than you.
Now, you just boot up the game, drop a few hundred 100’s of dollars, and start whacking noobs.
The few times I played Mario Kart or Splatoon online recently seemed very fair to me.
I have little interest in "serious" competitive video games. Most of them are not very fun to me. Plus, to put it bluntly, everytime I tried, they were shockful of abusive idiots regardless of the proefficiency level. Still, I don't remember finding the matchmaking particularly painful.
They are better than most people. Just not against most people they play against. Chess players also lose 50% of their games unless they're at the absolute top.
Usually there are ways to play besides the ladder, if you can find players willing to lose much more than 50% of their games against you. But for understandable reasons, those are hard to find. So people make new accounts and start at the bottom of the ladder again instead. (In many games, the publisher makes money off that, so they don't fight it too strenuously).
So, with the old system. If you sucked you knew you sucked and it was okay. Now there’s no feedback. You can suck and convince yourself you’re awesome, and everyone who is awesome still thinks they suck, except the top 5-10 players in the world.
I personally like matchmaking, but I get it. Sometimes I want to play people who are way, way better than me and “suck”. Like I used to.
The vast majority of people who rant against fair matchmaking systems, unfortunately, are not like you - they instead want to consistently play against people that are far worse than them, so they can repeatedly stomp the games and convince themselves that they're awesome.
The situation that you described is so incredibly uncommon that publishers will never specifically address it. This isn't good, but the general (instead of specific) approach of "getting rid of skill-based matchmaking" has so many more downsides that that's going going to happen either (and it would be very bad).
If I was a publisher I’d address it by making a micro transaction to temporarily add a boost to your MMR. So players can pay money to play better opponents.
Unfortunately, that doesn't work in any games where you play on a team, because then everyone else on your team is playing with a lower-skilled player, which makes the game much harder (and usually less fun) for them.
The only way you could implement this feature in a fair way (for both teams) is if you allowed an "MMR boost" when your entire team is a single party. And that would be fair! I'd support that feature, even if I never use it.
That doesn't make sense, in modern match making systems you see your rank and/or rating points, you get higher, perfectly fine feedback.
No one convinces themselves that they are great when they are can see that they are in the bottom division..
> It means you are always facing a fair challenge.
You'd think that, but no.
From my experience in overwatch, the system tends to favor win and loss streaks instead.
You'll get 4-5 wins in a row, where the enemy team had no chance. Then 4-5 losses where your team was hopelessly outclassed.
Maybe you'll get a couple of games that are close and feel fair. But not many.
Overwatch 2 (for me, at least) seems to be achieving a 50% win rate by alternating between matches where my team wins with no effort and matches where my team can't even get out the spawn room.
Which is obviously a bad way to achieve a 50% WR. It isn't the case that every matchmaking system that achieves a 50% WR is good (you can easily imagine cases where it's not, e.g. alternating matching you against very good and very bad opponents), but it is the case that a good matchmaking system much converge towards a 50% WR for the vast majority of players.
That's an argument for making the skill-based matchmaking better. It's not an argument for removing it entirely - that makes the problem far worse.
(alternatively, in extremely snowbally games like League of Legends, that's an argument for fixing the game balance such that wins and losses feel less like stomps)
> if I have a good match where I did better than expected, the system responds to that by putting me in a much harder game, where I'm expected to lose
No, the system puts you in an easier/harder game, where you're expected to play _with and against_ people of your skill level (including if you want to play strictly meta or if you want to play with only one hand or whatever).
I've been playing one of the most popular (for PC anyway) online game for 10+ years now and it only has skill-based matchmaking, in both ranked and casual mode. While plenty of people rail against the fairness of its matchmaking, I've rarely heard anything against the concept of skill-based matchmaking. It's the only kind of matchmaking that makes any sense to me. Why would I want to play against people that are way better/worse than me where I have no chance to have a good game either way?
While my friends no longer play it regularly, when they used to play we'd just... play however we wanted in casual mode. Why does it matter if some people are better/worse or meta/casual? You can play the most random stuff you want and you eventually get matched against people of your skill level. Or if you don't enjoy the current match for whatever reason (winning/losing too much, or trying too much/little), just go next and let matchmaking do its thing until you get games at your level, wherever that level happens to be.
If anything, your complaints sound to me like the developers care too little (rather than too much) about competitive balance/integrity across the entire playerbase.
The way this used to get solved, was that people hosted servers, and there was always an empty one lying around for people who wanted to play with their own group, or you could just go figure out if you liked the particular server community or not.
Then game companies took total control, made you play on their servers and introduced all these problems.
> when they used to play we'd just... play however we wanted in casual mode.
Well, when you're on a 5-person team on Counterstrike and your fifth player doesn't want to buy guns and even try to complete the objective, they just want to run around and knife chickens and hide in corners the whole game, it can be a little frustrating to the other 4 players.
Like, I get its casual, and you shouldn't necessarily expect everyone to always try as hard as they possibly can to win, but when one person not even trying to do the objective of the game it sours the experience for the other four.
But this is kind of true of any team-based game. Imagine playing Spades or Rummy where your teammate is just always purposefully playing junk and never even trying to play their hand properly. Or a baseball game where whenever the second baseman gets the ball he just throws it up in the air to himself and never bothers to get the runner out. Or baseketball where one person on the team just wants to try and spin the ball on their finger instead of playing the game. If you're trying to actually play the game, its going to be frustrating having a player like that on your team.
In causal its definitely forgivable to make mistakes and try something different, but if you're just in a casual match to sniff the proverbial flowers in the game you end up ruining the experience for your teammates. Ultimately in a team based match-made game all players really should at least try and observe the objectives of the match to some level, at least in my opinion.
It kind of sounds like a good bit of the issue you see is that you end up with an about 50% win rate on large timescales. Isn't this kind of an ideal outcome though? Its not like its statistically possible for the majority of players to have a >50% win rate. Wouldn't you having a higher than 50% win rate essentially mean other players have a lower than 50% win rate?
No, the ideal outcome is not a 50% winrate. The ideal outcome is to enjoy the time I spend playing. That is entirely disconnected from how good or bad I do on a given day.
The way my friend plays Rainbow Six Siege gets him killed every single time without fail. But following "the meta" is really not fun for him. Instead of being able to find a community where we can play with people who might not be as bad at the game as us but are interested in everyone having fun, he gets thrown into the same generic "Casual" pool as everyone else, including kids who play 24/7 and streamers on smurf accounts building a highlight reel. There's no room for playing around, for trying different things, for just playing unoptimally. If you do anything not in "The meta", then you lose, repeatedly, and then the system forces you against literal children to ensure you win often enough to keep that 50% winrate.
Like I said: In the past I could choose when I wanted to have fun, be lighthearted, and screw around by joining more casual servers. Then if I wanted to be competitive, I could join a more serious server, with more strict rules and systems, and play against both people much better than me, and much worse than me at the same time.
Now you have no choice, because everyone is in the same pool, so if you don't play "the meta" or do something nonstandard to have fun, you will be crushed, and then placed against terrible kids, and then placed against really good kids, over and over again. There's no room for casual gameplay because the "casual" section of matchmaking isn't casual.
The most fun we ever had playing Siege was getting a group of 8 people together to play "custom" games. The variability of skill was a huge and important part of the experience. We knew we had to carefully balance the teams for things to not be absurd, and we knew that playing "the meta" wasn't the best strategy in this case because you couldn't assume your teammates to play like perfect robots, giving you the freedom to try different strategies. This is also why people get so damn angry when you don't follow the meta and play like a perfect robot who has memorized all the strats, because if you don't, your team will most certainly lose. You could enjoy games you were bad at in 2001, because game design wasn't so aggressive about "perfect matchmaking" and "perfect competitiveness". I don't want my fun afternoon game to be a damn esport.
Average WR on these games is 47%. Ideally, the game should be designed with 50% as a goal by putting people of similar skills in matches with each other.
only if you're trying to fulfill some player-psychology goal; skill isn't really partitioned that way in any real life scenario.
that's exactly why casual multiplayer lobbies suck, it's a 'Find Now' magic button with no data other than your previous games, rather than a lobby where I , an expert, can join "Experts Lobby #3030", create a small friend network on that server, enjoy repeat sessions, etc.
Yes, they tried to fix the social aspect with friend lists/etc, but they also got rid of the homeopathic solution of user self determination for the sake of making the game more onboard-able for novices and casual players.
I say '... the game' a few times, you can apply these ideas to practically any modern multiplayer game out there nowadays that's even a bit popular.
I got sucked into this with Heroes of the Storm, where I mistakenly bought into the belief that win rate was reflective of my skill.
I hate the games I lose because there is usually (9 times out of 10) nothing I can do to affect the outcome.
I hate the games I win because the win mostly comes down to how bad the other team is, or a superstar on my team, and I was mostly a spectator.
The games I enjoy are where it is a hard fought battle with decent teamwork that pushes me to my limits and beyond, and in those cases I don't care if I win or lose.
I've had 20 game winning streaks, 20 game losing streaks. Between the match making, smurf accounts, and weird balancing issues, it's very hard to know what is dictating the outcome. The psychology is so destructive if you place any value on the outcome.
I played HoTs for several years up to a bit after Blizzard stopped developing the game (2-3 years ago?). The match maker in that game has always been a hot mess. It was never fun to be given a team of F class heroes while the enemy team had the meta group composition. Even better where the matches were your team would be decent if not for the map you were given. At times it felt like the match maker was intentionally just screwing with you. After blizzard stopped working on the game the player pool shrunk noticeably which amplified the terrible MM problems. I ended up rage quitting the game after playing on average 4 games a night and losing every single one of them for a week straight. Most of the matches were lost at the loading screen due to a variety of reasons. No sense playing a game that just makes you angry.
When playing quickmatch there were certain heroes that you could play and force a win (assuming the map didn't fck you over). For me those heroes were murky and the lost vikings (and usually abathur). My TLV winrate was over 70% because I could just soak and PVE my team to a 2+ level advantage fairly quickly. Murky was a similar experience but I could also assassinate enemy heroes fairly easily.
Sadly those were the only heroes I played that consistently made me feel like I was effecting the outcome of the match. Getting +30 kills as valeera with no deaths and still losing cause you can't get your team to do any objectives is just infuriating..
In the hots casual 'lobby' aka quick match, you often don't have enough players of similar skill level, so the match maker tries to create balanced teams with quite a large mmr spread. There are many ways this goes wrong, but the end result is your winrate tends towards 50% because that's what the match maker is trying to do. It performs very badly at this and so you can have big streaks and bad quality matches for an extended period of time.
I had a week straight of terrible matches that were almost always lost at the loading screen. There's only so much you can do if the map is bad for the heroes on your team or your team has a terrible composition while the enemy team has a literal meta S grade composition. It didn't help that the match maker for whatever reason decided that I was good enough to take on two or more diamonds with the rest gold vs my team of me and silver/bronzes. One of those losses was a master with two diamonds and the rest silver vs me and some gold/silver players. It's hard to get people to play well when the loading screen shows a massive disparity in game skill.
Nearly every one of those matches I ended the game with the best stats and still lost horribly.
My favorite though were the team mates that threw at the start of the match or when my team would decide they would rather argue than play the game. Such a toxic experience of a game. Having one amazing match of great fun and teamplay just wasn't worth the 2-5 matches of absolute toxicity.
Also, I don't mean to come across more negatively than I actually feel. The game can be frustrating at times, and there could be improvements made to reduce those frustrations.
But overall, it's still possible to have a lot of fun and great matches enough of the time that it is still worth playing.
I'm around low diamond, which is definitely my skill ceiling. It relatively easy for me to assess higher diamonds and masters. It's also easy to asses plat players. Anything below plat looks very similar to me.
I would argue that the ideal outcome is to have fun. Phrased from a system design perspective: that the largest number of players possible experience games as often as possible which convey a sense of fun.
Winning is generally fun, but the interesting bit about using Fun as a guiding light in matchmaking design is that its a non-zero-sum game. Losing teams can also have fun. Maybe not as often, depending on the game and such, but its definitely a number larger than 50%.
I know this seems reductive and whatever, but I think its a really critical discussion that the gaming industry isn't having. Skill-based matchmaking and ELO are pretty tuned-in to, well, "skill" (whatever that means in modern gaming), such that you're pinned at that 50% rate to the best of the system's ability. Some would argue that this pinning actually results in less fun games, for two extremely valid reasons:
1) If the system is constantly adjusting to keep your win rate at 50%, you never have the opportunity to see yourself improve through the metric of your win rate. This effect is especially pronounced in games like Call of Duty, where the metric we're talking about is really something more like your KDR; if the system is engineered to constantly keep your KDR at 1.0, there's startlingly few metrics to judge your own performance by. Many games have tried to address this through the award of opaque ranks and badges; weirdly, Call of Duty doesn't, but some games do. In other words, your ability to feel like you're getting better is replaced by being told that you're getting better; many would agree that while it can feel good in the moment to get that badge, its less satisfying in the long-run.
2) A perfectly balanced skill-based match making system would reasonably want to keep every player's win-rate at 50%, over a long period of time (or, KDR at 1.0, or in Apex a win rate of 5%, or whatever is balanced for that game). But that isn't necessarily what happens over short periods of time; and players experience games in the moment, players aren't statistical databases of their entire gaming history with some title. Thus its normal to ask not just the win rate, but the standard deviation of that win rate. People play the lottery, and find it fun, for a very real psychological reason: fun can have an outsized impact relative to the odds of some game if the game has an abnormally high/unfair standard deviation of expected success. If you paid $1 for a lottery ticket, and you were guaranteed to the best of the system's ability to win $2 every 2 lottery tickets, no one would have fun playing the lottery (and the system wouldn't make any money, but that's beside the point). Yet; this is how SBMM is quite literally designed; to reduce the standard deviation of your performance as much as possible. Variety is the spice of life, as they say; but the better and more consistent SBMM systems get, the less spice the matches you play tend to have. Put another way; "popping off" for a game is supposed to be a fun, rewarding experience; but players are now universally trained to know that the system will actually punish you for being abnormally good in a match, by placing you against better players next game.
My overall point being: there's a gulf of difference between "players have to have an average aggregate win rate of 50%" and "all players should have an individual win rate of 50%", and systems which try to guarantee the latter can actually be less fun.
I also find it interesting to think about an ELO system which tries to operationalize the concept of Fun, to try and guarantee a Fun game for as many players as possible. What would that look like? Most simplistically, and probably ineffectually: ask players after the match "did you have fun?" A player's performance in the game influences their own skill rating; but a player's response to this question would instead influence every other player's "fun rating"; asserting whether or not the competitors (and teammates) were fun to play with; as well as signaling internal metrics to the development team for tuning of things like map, weapon, and game design.
That fun rating is a great idea, and something I was thinking of as well. The data science folks could have some fun figuring out what to do with it.
But for my own psychological health, just telling the matchmaker how I felt about the match would go a long way to taking the bite off a bad experience.
HoTs used to do that when I played. You would sometimes get a survey asking you to rank the cooperation of teammates, communication etc. Looking back I sure felt a lot less salty after a loss when I got one of those surveys. Unfortunately Blizzard did absolutely nothing with it.
Another lost opportunity due to a corporation being more concerned about the next quarterly reports than anything else..
HoTs failed miserably at both the fun part and the skill based match making.
Sometimes I had more fun losing but those were exceedingly rare cases that generally involved a friend or two in the group.
I still played the game chasing those rare highs where I actually enjoyed the experience. After losing 30something games in row spread out over a week of nightly playing I just rage quit. Even today years later the game's MM still pisses me off. Mostly because I found the game play mechanics to be fun and I miss the experience of the good games.
> whether you just wanted infinite rockets with no shields so everyone's bodies are flying all over
I did a Quake mod a bit like that, infinite rockets with massive explosive damage that did very little to your health but blew you right across the map. You could take about four or five direct hits from a rocket if you were pinned somewhere but mostly you'd take falling damage from bouncing the hell off the skybox.
Yes, it was stupid.
Yes, it was more-or-less unplayable.
Yes, it was as fun as it sounds.
I should resurrect that, if I can still find the code.
I forgot to mention in that example that it was infinite rockets, infinite grenades, no shields (so basically one hit), on beaver creek, Halo 1's smallest map, that was probably a couple thousand square feet total, with 32 players. Absolute, wonderful, fun for a while, chaos.
This is, ironically, one of the best reasons to try a battle royale game like Apex Legends. Once winning at all is put far out of reach, the psychological aspect to losing vanishes and you can have fun purely with gameplay. The extent of SBMM in a chaotic anything-goes game like Apex is one lobby for KDRs below 2.0 and one lobby for those above, and despite firmly being in the 'below' range it's never gotten old.
How did the older games actually accomplish this? I would guess that if you just throw people into a match at random, on average half are going to be better then you, and half worse. So random matches will end up a 50% win-loss anyway unless you're especially good or bad at the game (compared to the rest of the population). So if most of the game's playerbase is kids who can afford to play 12 hours a day, normal people like us would likely get worse then a 50% loss rate with the random system!
> How did the older games actually accomplish this?
Using Counter-Strike as an example: no matchmaking system - relied upon community hosted servers offering a wide range of game modes (official and community created). More competitive matches (pick-up games) were often found via IRC.
With the consequence that games were suffering through a much harder sink or swim in terms of popularity: the matchmaking puts the threshold for "sufficiently popular" much lower. I'm not happy about the matchmaking, but there isn't really an alternative.
Yeah I had a whole slew of servers saved that I would regularly play on. If I was in a serious try hard mood I had a selection of servers I'd check. If I was in a half as I'm drunk and want to play I had a group of servers for that. If I wanted to play the warcraft 3 mod I had servers for that too. Even had servers for off the wall stuff talked about above.
You would generally choose a server based on ping and population (many of which had custom maps or rule sets - like no sniper rifles in CS 1.6) then choose a team, but only if they had equal players otherwise you had to go to the one with fewer. In the servers I played at least, the better players were generally expected to swap teams if it got too one-sided. Otherwise people just get annoyed and go to another server. Admins would enforce rules around server culture just as readily as anything else.
Persistent servers mean they can have distinct cultures and you get your favourite servers and start to notice the regular players. This doesn't happen with matchmaking so much.
And I think the point about the 50% win rate is important - I am a person and my mood and skill varies day by day, but ranking stats are measuring the account not the player. Some days I wanted to stomp noobs, some days I wanted a challenge, and some days I wanted to turn my brain off and run fy_iceworld. You could also change your name at will if you were worried about your reputation due to any of the above.
Many games didn't have a global list of servers, so you just connect to a server you know.
Even games that did have a global list of servers, one wouldn't necessarily always play on random servers, but have some favorite servers (often ping-based, which means geographically local, to some degree) and play on those.
Whenever you have a sentence that has 'these days' and is describing human behavior, just leave off these days.
Humans have been cheating pieces of shit throughout history, especially when they are in a position where there is no recourse from the other parties in the transaction.
It’s a market for lemons [1]. You, the player, have no information about the teammates and opponents you’ll be matched up with. Therefore, over time, high quality and well-behaved players tend to exit the market, leaving only the cheaters and tantrum-throwers.
When someone tells me something that's been happening for a long time is suddenly going to stop happening, it's most believable when they present evidence that is the case.
Being that humans have been cheaters in one way or another in significant numbers. For example modern infidelity figures are around 25% based on surveys. Somehow I just don't think your statement here is backed up by observation.
> There's the cheating, and then there's the fact that there are far too many man-children everywhere these days. They whine, complain, throw tantrums worse than toddlers do. It is absolutely painful to hear a grown man whining about something in a GAME.
And you know what would be especially satisfying to do against these pathetic losers? Cheating against them and watch them rage.
Seriously, I don't think the "man children" and the people complaining about them are all that different. You were clearly not engaged in traditionally approved adult activities either, if you were there for the very first matches of a competitive computer game.
It's a voluntary activity people do to have fun and relax. There is no point in whining. Just go do something else if you are not enjoying yourself. Kids often don't realise that and get generally overinvested in things so we somewhat excuse their immaturity. It feels less tolerable when it's an adult doing it.
Doesn't matter. If you invest time in a game (maybe even in a competitive or "ranked" mode) you expect that everyone in your team is playing seriously. People who don't shouldn't play this mode or game. What you call "whining" is legitimate. If you don't play you are wasting your teams time, taking them hostage. Sometimes you can't leave a game because other penalties occur.
When I was younger I probably would have thought it would be awesome to make money from playing video games, but now I feel like the activity changing from a hobby for fun into a livelihood has only been for the worse. This trend may exist for many other hobbies as well such as blogging or making internet content.
One of the things that drove me nuts about Overwatch 1 was the common demand from other players that you employ the pro-league meta when playing even at the lowest levels. A lot of players seem to imagine themselves as the next Ninja (or the Overwatch equivalent) in training and playing multiplayer in that environment is not much fun.
Early on it was great. Anything went. Play 6 Torbjorn? Sure, why not. Come back a couple years later and some dude is complaining I'm not taking Quick Play seriously enough by not playing the meta and that this was "practice" for competitive.
No; Overwatch 1 was unique in that a single player trying to do something "off-meta" meant all 5 other players had to play around that one player, and if you were losing it was very frustrating. The game's design and balance IMO was inherently toxic. Everyone "practiced" the "pro" meta so there was unspoken rule book on how people understood how to play the game. One person being off meta was almost like demanding the entire team play rugby when you thought you were playing football. The game wasn't flexible enough to allow individual experimentation.
> No; Overwatch 1 was unique in that a single player trying to do something "off-meta" meant all 5 other players had to play around that one player, and if you were losing it was very frustrating. The game's design and balance IMO was inherently toxic.
To put it another way, the game was unique in combining meaningful teamplay and meaningfully distinct characters. I'm not saying you're necessarily wrong to say that's an inherently toxic point in the design space, but it's pretty tragic if that's true, because those both seem like good things that you want a game to have.
There was plenty of room for individual experimentation---it was the players who weren't flexible enough. Before role queue, any particular player could, at the drop of a hat, mid-match, mid-life, switch to another of 21 very different heroes. Hard for a game to get more flexible than that!
But in the end, it seems the players didn't want that, and instead wanted less flexibility for their teammates and the enemy team.
Blaming 5 other people for not understanding to play around 21 other wildly different heroes isn't flexibility in game design. Your are asking 5 other people to play a fundamentally different game than the one they have learned.
You couldn't "individually experiment" because fundamentally you needed team experimentation; you can't play Reinhardt in isolation, and subjecting your team to experimentation on your own whims leads to toxicity.
I think many people who go down the "I should be able to play what I want and people should adapt to me" don't realize they are being selfish in play style in a game like Overwatch.
I mean, it sounds like they were just bad at the game that Overwatch was. I learned to adapt around them, after all. I won't deny it was hard. But it was also very fun and rewarding.
Overwatch is a different, less flexible game now, closer to what I think most people thought Overwatch was, and apparently wanted. It is what it is.
> The overjustification effect occurs when an expected external incentive such as money or prizes decreases a person's intrinsic motivation to perform a task. ... Once rewards are no longer offered, interest in the activity is lost; prior intrinsic motivation does not return, and extrinsic rewards must be continuously offered as motivation to sustain the activity.
Some of the most cheat infested games are nowhere near having an "esports" competitive scene. I'd think that in actual esports games, where it can ruin your career to get caught cheating even if it was years ago in casual games, there'd be less "everyday" cheating.
It is, at least, supremely satisfying to pwn a blatant cheater.
One time there was a blatant hacker on the Markov server in the original PlanetSide (a TR player with a name like iIiIiIiiIiii) that was using some sort of time/speed hack to move and shoot at some large multiple of normal.
They were having a lot of fun camping inside towers to kill people spawning there, so I managed to camp out in one before they arrived and held a good corner with my trusty bolt driver (sniper rifle). I managed to pop them once on their way up the tower, and I think they were moving so fast that they didn't realize it'd happened until they got to the top. Just enough time to reload and switch angles for them to come back down.
I know the hacker was there to enjoy ruining fun for others, but they gifted me what was unambiguously the most exhilarating, triumphant, and memorable of the 25K+ bolt driver and 40K+ total kills I recorded.
IMHO, the only reliable solution is community-managed or "dedicated" servers where there are trusted admins that have the power to ban cheaters at their own discretion. I don't think this problem is solvable "at scale" in the general case. Unfortunately the gaming industry has spent the last decade taking power away from gaming communities and replacing it with proscribed matchmaking and map rotation - so the tools for community policing haven't advanced much beyond a "report" tool.
Another solution is the console approach where the platform is secured so people can't cheap. This approach does scale. The PC platform is still playing catch up. Someday multiplayer PC games will be able to prevent cheats from reading / writing its memory or injecting come into the process. They will be able to use remote attestation to prove that they are using the actual game client on not cheater operating system.
I've certainly ran into cheating on both Xbox Live and PSN. My friends who play Mario Kart and Splatoon online on the Nintendo side tell me it's quite bad there too.
The switch got hacked pretty badly so their platform is no longer secure. After doing some searching the xbox series and PS5 still look to be secure. While the PS5 has a jailbreak for early version I doubt it can play online games with such an old firmware.
I'm surprised ran into cheating. Perhaps the game supported cross play with insecure platforms?
That won't work against ML bots that take video input which is increasingly going to be a problem.
I also will never knowingly permit a program to run on my computer that performs remote attestation or otherwise uses my hardware against me. Neither will I accept opaque anti-cheat kernel modules. I don't want anything to do with malicious anti-user software.
>That won't work against ML bots that take video input which is increasingly going to be a problem.
You are getting into the territory of botting or letting other people play on your account than regular cheeting like what is described in this article.
>or otherwise uses my hardware against me
Proving the current state of your system isn't using your hardware against you. It is showing that your system is secure against cheats.
>Neither will I accept opaque anti-cheat kernel modules
If they aren't opaque they will be instantly bypassed
>I don't want anything to do with malicious anti-user software.
Cheats are antiuser software that can kill an entire game. Software that combats this threat is prouser.
> Proving the current state of your system isn't using your hardware against you. It is showing that your system is secure against cheats.
Complete doublespeak. It is using your hardware against you such that you will be denied service if the operating state of your system isn't to the service operator's liking. I want nothing to do with it outside of employer controlled devices being validated by the employer or my own devices being validated in such a manner by me.
> > Neither will I accept opaque anti-cheat kernel modules
> If they aren't opaque they will be instantly bypassed
Makes no difference to me. There aren't going anywhere near my kernel and I strongly recommend that other people take the same stance. The developers of such modules (and more generally just all software developers) are inherently untrustworthy as has been demonstrated on a number of occasions.
> Cheats are antiuser software that can kill an entire game. Software that combats this threat is prouser.
Cheats take advantage of buggy or poorly designed software. Software that combats that is pro-bad-developer. If it commandeers my machine in the process then it is decidedly anti-user. Write better software. Don't share state with clients if it's supposed to be hidden.
>It is using your hardware against you such that you will be denied service if the operating state of your system isn't to the service operator's liking.
It's up to the game's developer whether they allow you to join. Either you have hardware that can prove something the developer thinks is trustworthy or you just can't prove your system is trustworthy. Nothing is working against you. Either the developer trusts your hardware or they don't.
>Cheats take advantage of buggy or poorly designed software.
No, they take advantage of a poor security model. If your security model lets random processes read out the location of all of the players is that the game coded poorly or the operating systems fault for letting a cheat read that information? Being able to trust the code that the client in running instead of just the code that the server is running is powerful. It makes developing a secure system easier since it allows you to trust more.
Which is why secure boot and remote attestation is needed so that the developer can trust that you are not using a non preapproved kernel module not are you using a virtual machine.
Remote attestation doesn't work if i have permission to modify memory. My kernel module wont even show as loaded...
If you can modify sytem memory its trivial to bypass any checks the anticheat has. To the point where you simply modify the anti cheat in memory to say 'sure i've done all those checks'.
I can have secure boot of virtualized hosts, and still modify system memory from either
a kernel exploit or virtualised systems host. Cheaters absolutely would install crappy signed kernel modules to achieve this.
Okay, but it does work against a lot of other cheats such as the one this article is about. You are limited to only things that are physically possible to do.
If you think of the headcount for "private servers", and assume 0 overlap, then private servers tend to have in worst case, 1 staff member per 100 players. Can you imagine any large developer employing a team 1% of the size of their playerbase for community moderation? Wouldn't happen. More likely they have like 10 support people and 3 devs on their anti-cheat team for their million player game, so they need to rely on their technical measures and stick their fingers in their ears as to the existence of false positives and the inevitable loss of that cat and mouse game in long running titles.
I think what the parent meant by dedicated servers is letting the players runs the game servers on their own computers and then letting those players manage the servers they have created, so the game dev wouldn't have to do the moderation there.
That would also solve the issue of the game dev pulling the plug on the multiplayer mode a few years after release...
I think the future of gaming is to get rid of mechanics that computers are good at. Aimbots in an FPS are a common cheat, and they are pretty much undetectable with video analysis + a modded usb mouse providing the inputs. What I take away from that is that the next generation of first-person-kill-the-enemy games will simply rely less on aim and more on tactics and strategy; "press E to apply this debuff to this enemy" instead of "click the enemy's head to kill them". Overwatch is a good example of this style of game; you can be a top 10 player with garbage aim. (Aim is still a mechanic and people do cheat, of course.)
Wall hacks are another common hack; getting information that the game client has but that you aren't supposed to know. I think games will have to evolve to being "perfect information", just let all players see behind walls.
All in all, I don't see cheating as ruining gaming as a whole. Game designers will design games that are more difficult to cheat at, and hopefully there will be less cheaters ruining your matches. I would definitely play the can-see-behind-walls-and-aim-doesn't-matter FPS!
"I think games will have to evolve to being "perfect information", just let all players see behind walls."
Just don't send the data to the game client until the last moment. Currently the game server is literally telling your computer where the enemy is located behind the walls. Wallhacks can be made to be impossible with enough development effort.
In CSGO, there are HvH servers dedicated to cheaters where everyone cheats with their favourite software making it impossible to cheat as everyone is in the same conditions.
These cheats Valve banned for only give a small edge. Much less than the variance in skill between players. It's more like turning graphics low for better fps than an aimbot. If you don't care about being good or winning, you can just consider the cheaters to be better skilled players and be unaffected by them.
I enjoy cs go, and I can't recognize a difference with good aim and aimbot. So there is no difference with a cheater or a smurf for me.
All strategy games are like that. Cheating barely gives an advantage because the best cheats just reveal the fog of war but good players already know what's in the fog of war due to game sense, communication and scouting. So cheaters still lose.
The better you get, the less 'cheaters' you spot.
they are honestly rare, or very subtle.
Mostly because actually spotting cheaters takes a lot of game knowledge and experience. In FPS games anyone can spot a spinbot, but how you can be sure that someone uses wallhack? or aimbot that just slightly corrects the aim?
Without proper game knowledge you wouldn't be able to distinguish a wallhack from someone listening to footsteps, having info from teammates, and having a good map awareness.
It is very easy to cry 'cheater', especially without any actual proof.
Without knowledge that, for example in CS: spray patterns exist, even someone correcting them would look like a cheater to a newbie.
I spent about 300 hours lately playing new COD, and there was only one case where i suspected someone of cheating. One.
And i do play a lot of FPS, and played them for good 25+ years.
Try playing TF2. The cheaters aren't exactly subtle - instantly snapping from looking vertically upwards to headshot the instant you walk round a corner.
they were reading memory directly, so i assume that they were given more information than usual - maybe maphack-esque cheat, + information about gold/items of enemies that wasn't yet revealed.
It would seem like players had good map awareness, and would be really hard to spot.
> You wouldn't cheat at tic tac toe despite the inherently low stakes of the game so it doesn't seem any different in any other video game.
It takes a minimal amount of study, training, effort to be a perfect tic tac toe player. If you put a small amount of effort into it, you can get skilled enough at tic tac toe to never make any mistakes, to never end up with a result less than a draw. No amount of improvement will ever give you a better result.
Not so with nearly any online game, especially one with as high a skill ceiling as Dota2. You can always get better, there's always room for improvement, there's always someone better than you. If you could get just a little bit better, you will win more games, no matter how good you are.
I don’t like online multiplayer but instead of cheaters it’s because I just suck: most of the time almost everyone is just better than me, and it seems like I lose way more than 50% even with SBMM. I think it’s not just cheaters that are the problem, it’s skilled players who artificially lower their ranking so they can play against less skilled players and win more.
A really smart SBMM would solve both problems. One that not only prevents players from artificially dropping rank, but also hiding their skill and maintaining a lower rank; and perhaps instead of an ELO, also matches players with similar play-styles. Because then cheaters will quickly end up in a rank with other cheaters, and won’t be able to leave unless they buy another copy of the game.
There are bots for fighting games like the Rzr Infiltration bot for SFV and Smashbot for SSBM[1] which are good enough to take games off pro players. I'm not aware of it being abused at scale. Most people cheating in shooters or mobas aren't using full game-playing agents. They're using aimbots/skillshot scripts where you still need to move around and interact with stuff. Similarly, cheating in fighting games is typically done with button macros, so there's constant discussion on controller legality. However, button macros will only get you so far in fighting games, while an aimbot can get you close to the top of the ladder if undetected.
my take : you won't notice the cheaters because the modern fighting game genre is a DLC-laden garbage fire ; you're unlikely to complain about the cheaters ..
...but admittedly i've been turned sour by a few purchases recently in that genre .. so i'm probably just axe-grinding ;)
Several reasons but one is that, a lot of games where cheats are super effective are places where you can have "silent" advantages like ESP, equipment data, silent aim adjustment for better headshots/tracking, etc. These rely on the ability to not be detected and are extremely subtle when compared to normal gameplay. The more subtle, the harder to detect. Little of this applies in a fighting game. It's largely a mind game, not a game of inputs or technicalities. You're on the same level, can see everything. The only hidden information is what moves/combos you have, your opponent has, and how much information your opponent has on you. You have to be able to read your opponents moves, and respond appropriately. You have to trick your opponent and bait them into a scenario that is in your favor. Attacks have definitive strengths and weaknesses, and certain baits are better against certain people. If you attack me, and I intercept your attack with a "crushing blow" that simply overpowers your attack -- there's nothing the cheat can do to stop that, short of just like, breaking the game and undoing my damage. If I bait an attack, and you do it, and I dodge it by laying on the ground -- it can't retroactively change your input. If I set you up for a combo and begin wailing on you, the cheat cannot generally stop that. These games have mechanics where certain inputs just can't follow other inputs, where inputs are buffered certain ways, where there are vulnerability windows, etc. Exploiting these are key to success and cheats can't stop these mechanics.
An example is Tekken where I play as Lei Wulong. He's extremely uncharacteristic and idiosyncratic, to the point that if you fight actual Lei players -- it's immediately obvious that bots don't play the same. One of my friends (a newer fighting game player) particularly hates my playstyle and tried to scrim against Lei bots to practice, but instantly realized they play nothing like me or any other Lei. Lei is a rare character to play. So he had to just keep scrimming, really.
Many fighting games also have literal handicap mechanics that might be seen as equivalent to cheating in some capacity, but for the same reasons, it doesn't matter. They are often there to level the playing field, which is considered fair. Basic Combos in Tekken allow even the simplest of players to pull off powerful moves like Wind God Fist, but it doesn't matter how easy Wind God Fist is, I can and will still beat them even with that handicap, with no special moves of my own, because I can just read their attacks and respond and punish all of them and set them up and bait them endlessly.
That said cheating does happen but often it's the last thing on my mind. Bullshit characters that are unbalanced is where all the complaints go. ;)
TL;DR Humans have distinct fighting styles, and fighting games are largely mind games once you get into them. Cheats that are subtle enough to avoid detection can often easily be outplayed because of it.
> An example is Tekken where I play as Lei Wulong. He's extremely uncharacteristic and idiosyncratic, to the point that if you fight actual Lei players -- it's immediately obvious that bots don't play the same. One of my friends (a newer fighting game player) particularly hates my playstyle and tried to scrim against Lei bots to practice, but instantly realized they play nothing like me or any other Lei. Lei is a rare character to play. So he had to just keep scrimming, really.
Fellow Tekken player here (since 1994 in the arcade even have a full-size arcade stick so the play feels similar). You're right that most of the practice bots don't fight anything like humans. You can, for lack of a better word, "bully" them by executing short combos and pushing them to stay on defense by advancing and they're usually terrible at take down reversals (the consistent exception is King). This tactic fails against a skilled human player who will jump, dash, side-step, or even slip in a low kick. Humans will also make you chase them around the arena when they're low on health.
Another problem with multiplayer is that if you don't cheat but play well, people who lose to you can be so whiny and abusive. Not jut in game, but following up with nasty emails on the platform etc.
It sucks and I suppose things will only get worse as AI improves. The unfortunate thing with computers is once easy automation is available and there is a reward for winning, then these systems will attract cheaters, spammers, etc. Spam email, online game cheaters and the most recent example Clarkesworld Magazine that had to close submissions because so many people were using AI systems to generate low quality stories.
The only positive thing is maybe gamers will push for more local multiplayer options.
AI has actually been working against cheaters. Using server side measurements fed into an AI like OSRS does has drastically cut down on the number of cheaters. Mass amounts of data can be collected of users mouse movements that when fed in can detect cheaters using aim botting in FPS. Valve actually does some of this already as well to reduce the number of blatent cheating overwatch candidates in CS:GO.
Bots have been improving a lot in recent years. It may be that the future is not multiplayer but single player with excellent bots... maybe Sliders got the end times wrong :)
Agreed - I haven't played against real people for years. I've even developed bots for a few older games without much of a player base any more so I can continue playing them.
That's not exactly what I mean by serious. I only play games for fun and don't consider anything that occurs in said games important to my life. But I am not going to spend the time playing something that has cheaters as it reduces the value of the experience to nothing for me.
To me personally, this is a solved problem: Bring back peer-to-peer servers that you can set up to play privately with your friends and online social group. No more rampant cheating and easy remediation.
Game publishers won't allow this again because it they can't "control" it and it won't make them money. Fortunately, opensource games still exist :D
And then they push increasingly user-hostile things to try and solve the problem. No Windows passthrough VMs for those of us who don't want Windows touching our hardware, accidental bans because someone reports you for cheating when you weren't, and the team didn't analyze it well enough.
Personally, I'm mostly referring to Tarkov. I don't play anymore. I used to love it and try to convince my friends to get it, but that was years ago. I only play the single player mod on top of it now.
I've generally moved on to single-player and coop games now. Everything else is excruciating. And part of that is that I have less free time, so wasting it on being angrily competitive and anxious just isn't appealing to me anymore. I don't have time to be on-par with sweatlords.
I like to believe consoles fare better, so I disable cross-platform multiplayer on the PS5 for games that have this option. In any case I think it's better to be matched with people with the exact same hardware anyhow.
Based on what do you feel it has become rampant?
There are many people who feel that way because they haven't reached a level of expertise where they can understand why they are losing. I see this all the time in recaps where streamers die to me in game. They could clearly be seen or heard or inferred but to them its a total mystery and they report cheating.
I have run into cheaters but most games are fine, sometimes you even manage to kill a cheater, fun times.
All sports are like this. Welcome to Earth. Sorry.
I've known gamers that laughed at console gamers because of how much slower the systems were. Now, I have to wonder if they just weren't PC gamers for the sole reason of being able to run these hacks? Know the personalities of some of them, it would not shock me at all
I feel like I've "aged out" of online multiplayer gaming. I could pick up COD for maybe the hour or two of gaming time I have a day and immediately be dominated by those younger who have a vast amount of more time to hone their techniques. Or I could play something single player (or something that can easily be played single player like an MMO) that relaxes me after a stressful day at work. I choose the latter.
Except, ten years ago "older folk" COULD enjoy much less competitive online multiplayer experiences. I place the moment Call of Duty started spawning you randomly during team deathmatch as the marker. Instead of spawning in a safe zone with clearish "Fronts" to approach and attack and plan around. Instead, you spawn randomly, often with your back to an enemy, and half the time you spawn you instead have an enemy's back to you. I hypothesize that quick "yeah I got a kill" made the game more attractive to kids, and not allowing you to plan and implement any sort of individual strategy other than "click heads faster than the other guy" made online games more demanding in ability.
> This patch created a honeypot: a section of data inside the game client that would never be read during normal gameplay, but that could
be read by these exploits. Each of the accounts banned today read from this "secret" area in the client, giving us extremely high confidence that every ban was well-deserved.
Any speculation as to how this worked on a lower level ?
There are multiple ways to detect this. Hardware breakpoints were already mentioned, but they only work per thread, so if one is sniffing on your memory from another process or the kernel then these won't help.
The most stealthy and evil way I found was to allocate a page but never actually use it.
Windows lazily allocates physical memory for fresh memory pages when they are first used.
The detection is to periodically poll the page map from your process and check your canary pages via NtQueryVirtualMemory. If your unused page suddenly is backed by some physical memory then something happened to read from it! Bonus-points for putting such canary pages into places previously used for real game data.
This method is not foolproof: Anti-virus programs can read memory of all programs (but don't, Overwatch e.g. does not like this and crashes randomly due to this exact protection method). A bug in the program could also read from the page accidentally (e.g. out-of-bounds array read). But it's a /very/ good indicator that something is wrong when other cheat detection mechanisms also trigger.
Once you know how this works it's pretty easy to defeat unfortunately: Read the page map first, then avoid reading pages that have no backing physical memory, because those contain no useful data at best and are canary pages at worst.
Love this topic. I remember Everquest used to checksum areas of memory that were commonly modified from cheats. World of Warcraft used to (possibly still does, it has been forever since I looked at this) inject anti cheat code at runtime.
Obfuscation and deobfuscation is also super interesting. I think overall reverse engineering and figuring out how things work is one of the most interesting things in computer science.
World of Warcraft did something that I've always found delightful: hidden stenographic watermarking on all screenshots.
It took like a decade before anyone noticed, but all screenshots were very very very slightly modified to hide (in plain sight) a blob of data that gave the account name, date, time, server, etc.
Just in case a screenshot ever got posted and they really needed to know who took it and when.
Leaking user data to me is a betrayal of trust, incredibly distasteful, and probably borders on illegal (it ought to be imo). Note that this is fundamentally different than watermarking streaming content or other material that the user is not legally permitted to copy. Watermarking the game binaries themselves, for example, would be entirely different and perfectly acceptable from my perspective.
Kind of sad but funny to imagine like two or three nerds who got banned because they had messed with their kernel page fault readahead settings which just so happened to fault a sentinel page.
I used to work on an anti-cheat briefly, and migrated away form relying on Windows API to do this as the parent comment suggested, instead we used cache timing "attacks".
Antivirus was a concern but easily solved by the fact that cheats access memory many times a second, antivirus does it rarely if ever.
Oldest trick in the book, good luck faking the PE signature to match the vendor's certificate ;-)
(Jokes aside, the kernel does not provide any information about which application reads a canary page. It's best to just use this as necessary condition and take it with a good pinch of salt.)
I imagined the secret area contained fake details about the game, like adding an invisible fake street to a map. If the client refers to the fake street or any location within it, you can be certain the details about that fake street were obtained using cheats.
This trick is used to catch cheaters on minecraft, by spawning in fake diamond blocks that would only be visible to specific cheats (xray). If a user suddenly were to dig to these blocks, you can be reasonably certain there's something fishy going on.
Other way to think about it, is adding an invisible field to a contact form that is only hidden through CSS
VAC probably sets up a hardware breakpoint conditioned to trigger when the start of that memory region is read. When triggered, a function registered via AddVectoredExceptionHandler will be called. It probably just sets some flag somewhere indicating that the memory region was accessed before resuming flow. You can guard entire pages of memory using a similar approach (https://dzone.com/articles/memory-access-breakpoint-large).
Windows lets you configure guard pages where you get notified on access, normally used to detect stack growth and such. Although that should be an easy and normal thing to avoid for av/cheats.
Not helping as long as the page fault is triggered and handled by the process. You could just not do a regular read of the page though. No need for a VM for that, just call VirtualQueryEx and check MEMORY_BASIC_INFORMATION.AllocationProtect for the PAGE_GUARD flag.
I don't think it needs something deeply clever involving hardware breakpoints, sniffing for virtual pages backed by real memory or something like that. And probably that's why it is described as a honeypot.
It can just be something exposing a data structure that gives the player some unfair advantage and them watching the players that could only have achieved some very unlikely advantage in the game by exploiting this information.
In a FPS for example, if a player consistently anticipates their adversaries sneaking behind a wall, well beyond what would be dictated by probability laws, there's a very high chance that he is cheating in a way that allows him to "see" their adversaries behind walls.
Implementing what you describe sounds to me way more "clever" and less robust than the canary page approach described above.
Specifically - I wouldn't fancy writing the "consistently anticipates their adversaries sneaking behind a wall" heuristic you describe but the earlier post describes the API that already exposes the "has read canary page" functionality.
How does that work with latency? For example, if someone has extremely fast internet and a low ping, they are going to "see" around walls more often than opponents.
You can mark a page as inaccessible (not present), and then, in the page fault handler, note somewhere that it was accessed and then allocate it/make it readable.
you might not trigger the cheater-flag on a single access (because of, as mentioned, antivirus etc.) but if your page gets accessed over and over again, you can be quite certain that someone is reading it who probably shouldn't...
there was a convar in the game for 6+ years that let you see particles in the fog of war; 99% of cheats forced this convar on. source lets you request CVars from the client and the value, so they simply did that.
to be clear, this was not a honeypot, but they claimed it to be
Hmm, well I wouldn't permaban people for using a known... built in setting, even if it gives an unfair advantage.
_edit_
To whoever downvoted me later - I would consider it a bug if it was user settable without cheats. Similarly you could see trough smokes in CS for a long time by changing some video settings. You don't (usually) ban people for bugs.
Ah, yeah sounds plausible then. I somehow don't buy the guard page/hw breakpoint explanations. This also lines up with "[information] that wasn't visible during normal gameplay".
I'd do it by read-protecting the page, and install a fault handler that records the access and then unprotects the page (to avoid detection when the cheat causes the game to crash).
You could possibly query the OS for whether physical pages have been allocated or not. Physical pages would only be allocated on the first page fault, when the pages are read.
and dump in something like `report_when_accessed<std::list<player_info>> oops_here_are_all_the_other_players_and_their_position_i_am_only_for_debug_please_remove_me`. Your client will never, ever access this list: it's your honeypot. The moment you get any access on list[i], it gets noted down and reported (like sudo does, straight to the naughty list). Cheat makers will see this and, if it doesn't smell of a too obvious honeypot, cannot pass such a golden opportunity: literally free maphack, just locate where the player struct is in memory and read it all!
It doesn't necessarily have to be useful information. They mentioned they understood how the cheat application worked, so it's possible it was doing something like indiscriminately accessing certain memory regions; this would make it possible to detect without any changes to the cheating program.
This suddenly reminded me of how I was “cheating”.
Before the game starts each of the ten players gets to pick a distinct hero for themselves out of a pool of about 120 choices. This is over 10^20 distinct combinations! Each hero has some unique capabilities that combo with allies or counter enemy heroes.
I tried to train a “hero recommender” based on tens of millions of games.
It turned out that this is obscenely difficult because even the best AI training algorithms struggle with such highly noisy labels. A good hero combo might shift win rates by some positive percentage but have a single sample data point, which is a loss because of one stupid kid in the team throwing the game.
You also can’t naively simplify the problem into 2-hero or 3-hero combinations because this misses the “total team composition” metrics.
I found some research papers that were just a few months old at the time which covered this corner of the AI training space. Their conclusion were: “We don’t know either but it’s an interesting problem!”
I wanted to do this but never figured out where I could get access to the data. I think with setting up the inputs correctly to handle 0-5 heroes chosen per team it could work. Once you have a model you just need to rank remaining heroes by the expected win probability if they are included with the team. If you have a way to get data I would be interested.
There's a free API endpoint, you can get an API Key based on your Steam logon.
The problem is that it has been highly throttled, throwing 429 errors after just a few dozen calls. When I looked at it before it was "soft" throttled and would return data at a pretty decent rate. If I remember correctly I got something like 80 million game results downloaded in about a week.
The "ID" is the game ID, which is 570 for Dota 2. Hence the actual API endpoint is:
GET https://api.steampowered.com/IDOTA2Match_570/GetMatchHistoryBySequenceNum/v1
[1] It would be ever so nice if Steam provided daily batches in gzip files. That would be thousands of times cheaper for them to host, and much more useful for AI researchers.
Limit the problem to actual hero roles and positions and the problem becomes actually tractable and much less noisy. I seeded a crf with my own potentials and had it learn and it was pretty good on a random test set. Never tried it live tho
Does anyone remember when Warcraft 3 was in beta and got leaked? Pirates created an emulated Battle.net that could work with the beta assets and had matchmaking, ladder, etc. working.
Hundreds of thousands played. Blizzard released patches in beta that would, for example, spawn infernals to attack your town hall if it detected you were on the emulated server. This reminds me of that. Blizzard lost their battle, by the way, and people pirated WC3 all the way until release.
Along the same lines I loved the Serious Sam solution to piracy. They let you play but spawned an invincible enemy occasionally to ruin the experience.
The creator of Game Dev Tycoon, a game where you play as a small indie studio owner, created a patched version of the game and released it in piratebay. In this version after a while you would get an event that your latest game creation was cracked and uploaded to a pirate site and as a result your revenues would tank and you would go bankrupt.
C&C Generals had a thing where if you had multiple clients with the same CD key in a multiplayer game everything would be fine for a while, but 10 minutes into the game all the buildings of the people who duplciate keys would explode.
This happened a few times at LAN parties to my friends, some of whome gave each other the game by copying the install directory across. Took us a while to work out what the hell was happening.
These sort of protections are fine until they trigger on legitimate installations. Red Alert 2 has a copy protection mechanism that destroyed all of your buildings a minute into the game, but it is notorious for triggering on legitimate installations of the game. I've seen it happen in the original release (even on a fresh Windows install when I was attempting to resolve this issue), The First Decade rerelease, and the Origin release.
No idea, my first encounter with Serious Sam was a cheap Steam bundle so it never happened to me. They're really fun over the top games and hearing about that "feature" it made so much sense. The developers definitely prioritize fun over taking things seriously (no pun intended).
Oh I've played all the Serious Sams :) It's about the only modern 3d shooter series I can still stomach. Battlefield of Honor of Duty and derivatives take themselves too seriously and are too much for hypercompetitive dudebros.
Don't really get the idea behind fighting cheating in SP games - you just destroy the game for yourself.
In MP on the other hand you destroy it for others. Maybe some kind of telemetry + ML analysis could help here as the current methods seem to have holes in them that get found out eventually.
EarthBound took a similar approach with it's anti-piracy measures if you work around the obvious ones. There are far, far more enemies to make the game less enjoyable. They also added random freezes when entering certain areas. If you managed got to the final boss despite everything else, it freezes and deletes your save.
I had a pirated copy of WC3 available to me via a vulnerability in my school's AD setup which allowed me to access another student's directory where it was installed.
I would play it almost exclusively in a web design class I took. That class was where I learned HTML; that wasn't the focus of the class, not by a long shot, but it was the thing that captured my interest the most. I ignored everything else in that class in favor of the Wintermaul Tower Defense custom map.
Blizzard didnt lose the battle in terms of customer experience. Those people mostly played in servers like ggarena with low populations, kinda like WoW.
Custom games and ladder were usually clear, besides map hackers in custom games. Every few months things would be wack (remember the enemy workers are sheep hack?), but it was pretty fair
> Blizzard didnt lose the battle in terms of customer experience. Those people mostly played in servers like ggarena with low populations, kinda like WoW.
They most certainly did in this case. This was for the private beta of WC3, not the fully released game. Most people migrated to official Battle.net when WC3 was released, I know I did. They really wanted to keep their private beta private and polish it without the entire world looking in on it.
I was wondering about this as well. What exact mechanism did they use to detect the read? Something like mprotect would only trigger for the game process, not another process that snooped the game's memory remotely. I wonder if the cheat tool was really dumb enough to run in the same process as the game itself? That would be pretty amusing.
Or a use after free bug from an unlucky player. With millions (billions?) of account-hours over the honeypot period surely at least a few bans are outrageous coincidences
I imagine they'd probably agree with that assessment; they didn't say they were 100% positive that every single ban was deserved, just that this gave them a very high degree of confidence. I think this method is probably more accurate than most other anti cheat methods for online games out there, and it definitely is less invasive than most of the ones I've heard of. I have trouble thinking that this is a worse way of doing things than not addressing cheating at all or relying on much more invasive methods.
Meanwhile, Riot Games issued a warning to League of Legends and Teamfight Tactics players earlier this year that new cheats could be developed after source code for both games and the legacy anti-cheating software they use was stolen in a data breach.
As a past fan of League of Legends and Riot, this is a very typical response from them. Zero effort; meaningless notices. After years of playing, I quit permanently after reviewing my games and finding I was the only one not cheating in about 10 games in a row (that means I encountered about 90 cheaters in a row). This was before the code leak. God help the remaining legitimate community now. It's so obvious that Riot sees people as an obstacle to their money.
Seeing this news for Dota 2 warms me up inside. I don't play Dota 2 because I don't want to allocate the time to it, but it seems like they truly care about their community, at least to a much greater degree. Very happy news.
DotA 2 has got a system where each person has a community rating, based on some aggregate of your reports and interactions. If you have a good rating you get placed with others who have a similar rating. It's not perfect but my score has never not been maxed out and would say that solidly over 60% of my games are jovial and cooperative with people being communicative and friendly. I have friendships going on decades that started in that game, but also I continue to make friends to this day. I've got people in my book club I met on DotA last year.
I've played some league and it's definitely a very different community feel.
I also think that the fact that in DotA you are not able to surrender is incredibly important when it comes to the feel of the game and community. I think the single biggest mistake Riot made is allowing teams to surrender, it makes the game so much worse to even give people the possibility of giving up. DotA is a game you can win off a marginal mistake even till the bitter end, I'm glad the mechanics reflect that.
"after reviewing my games and finding I was the only one not cheating in about 10 games in a row" how did you know that all the other 90 people were cheaters?
I'm not sure if "cheat" is the exact word to use here. They were all bought accounts or in the process of being boosted.
One way to tell is by looking at a player's match history and seeing their account plays one or two champions for a while repeatedly getting MVP with 20/0/x, and then suddenly switches champions and either plays significantly worse or somehow playing even better depending on the ELO. The opposite is also true--consistently playing horrendously, then suddenly switching to different champions and steamrolling beyond their ELO.
There are networks of boosters and account sellers. Some people spend full time hours farming hundreds of accounts to level 30 for ranked play, and these accounts are purchased by other boosters who spend full time hours getting to Diamond+, to then resell. This is how you can find fresh level 30 accounts at the highest ranks--it's account farming.
When you analyze closely, the majority of the community is composed of these bogus Chinese account farms. Hardly anyone is actually playing the game. This problem goes all the way even to the Challenger level; streamers constantly deal with this problem and Riot doesn't do anything.
Even when League was having betting problems at the Grandmaster/Challenger level, of people betting against their own games and then "soft throwing" to make money, it wasn't Riot that did anything about this. It was the betting companies themselves that banned League from being gambled on their platforms.
I stopped following this scene around 2018-2019; basically right after G2/Fnatic started to be some of the most dominant teams, even compared to the best Korean teams (that's not why, just around that time).
It's disappointing -- but not surprising -- to hear all this, especially that it even affects the Challenger-level games. This does sound like the kind of issues they would have no idea how to deal with. Not that they don't care exactly but that they can't figure out how to handle it.
I use comments like this to remind me not to start playing League, despite really enjoying all the music Riot puts out and having Arcane on my watch list still.
It's really really really not bad outside of the top couple percent of players. Nobody cares much about the game in lower tiers, and the cheaters tend to rise through the ranks and/or banned pretty quickly.
> it seems like they truly care about their community
I continue to get good vibes from so much of what Valve does. It might just be good PR work from them but it seems like it goes beyond that.
- They maintain an online service which is used by millions, if not billions, of people around the world. They actually(!!) provide customer support for this service.
- They sell computer hardware, admittedly for the primary purpose of using the aforementioned service. I've never heard about any serious complaints about this hardware that are left ignored (this might exist but I haven't heard of it).
- They develop an online multiplayer game with community support. I almost never hear bad things about how this community is managed from members of the community. I guess this is the most likely to be just "good PR" but again, I don't tend to see these issues escaping community discussion as I would expect for hot-button topics.
In some sense this news was surprising and great (40k is I'd estimate, ~0.5% of the unique monthly players!), but the release was also a bit misleading. The part "With that goal in mind, we released a patch as soon as we understood the method these cheats were using" is just outright false - there are numerous open-source Dota cheat engines which have been around and in working order for many years.
The average Dota 2 player count over the last 30 days was around 396,000[1] so am I correct in understanding that at least 10% of all Dota 2 players were cheating in some way?
Since Dota is a free to play game I would point out that it is likely that cheaters almost always have more than one account to evade bans so I don't think 1 account = 1 irl user is always true.
Even for non F2P games it is usual for cheaters to use phished or hacked accounts that they buy for a few cents. There are also accounts that are tradebanned because they were used as bots for 3rd party trading websites and they are basically worthless after getting tradebanned.
This always seems obvious to me with F2P games. They create more and more complicated measures to detect cheats, but when it cost nothing (except an SMS service now I guess) to spin up a new account you aren't getting anywhere.
The old business model of just charging a lot of money up front for the game seems like it wouldn't have this problem to the same extent. You just ban their key and they're out $20-60. But that business model is less popular now I guess.
> The old business model of just charging a lot of money up front for the game seems like it wouldn't have this problem to the same extent.
The problem with such games exists as well but challenges are different:
- cheaters still have access to phished/hacked abandoned accounts that own the game that they can buy very cheap
- another way to get new accounts for cheap is to buy the games in countries where the games are cheaper i.e. argentina or turkey
- there is very little motivation from developers to completely stop the cheaters or slow them down (every banned account is a potential sale of new copy of the game) the developer benefits financially from cheaters continuing to evade bans
- the players hurt the most (who already bought the game and paid the developer) don't generate any new income to the developer and dont pose any risk to income generation unless they quit the game en masse (discouraging potential new players from buying the game)
It doesn't work for all games, but I was a big fan of Dark Soul's method of dealing with cheaters.
If your character or account was flagged for cheating, you were put into a public multiplayer pool/jail with all the other cheaters and would only match games other cheater.
It's clever because you never actually know what you did to get caught or if you have even been caught.
You can only suspect when you notice nearly everyone else you play with also cheats.
Wasn’t dark souls famous for getting you flagged as a cheater because a real cheater joined your game and dropped a hacked item? There were streamers doing this to ruin the play of ordinary players all the time
The common free to play guard is you need to play X number of unranked games before you can play ranked. The account is “paid” for with some proof of work.
I've had the idea that a deposit in free to play games would be sufficient. Put some amount of money in, say $20. When you are done with the game, you get the $20 back. If you cheat, you lose the $20.
Nowadays money is not a problem for full time cheat developers - they sell the cheats (often in a monthly subscription model) to the cheaters or they sell a service where the cheater joins you in the game and does all the cheating for you (so called carry services, e.g. in escape from tarkov a cheater joins your game, kills all your enemies and lets you take all the loot).
I have seen ads for cheats where a monthly cheat subscription costs more than a new copy of the game.
I learned something watching a champion, a world class cheater, discuss bridge. He played the game to outcheat other cheaters. Regular players were more like bots, but the cheaters, those were the real players.
Oh I get the fun of finding loopholes and subverting expectations, but paying someone else to play a game for me... Where does that get fun?
Edit:. I think I get it maybe. I play games to play them, and if I cheat it is to enjoy figuring out the cheat. I kind of get how having an advantage in the game would be briefly fun for the sense of power. But in single player games that wears off quick. My guess is some people enjoy winning more than playing, or the status of gear more than playing to get it. I don't understand that, but that must be it right?
I think you're right. Feeling like you are the pinnacle of the game, at or near the top of the culture you're immersed in is probably a rush. I'm curious if the programmers making the cheats generally get their kicks the same way.
396k is the average number of players during. The peak is seemingly 680k in last 30 days. Peak is the least number of players(accounts) there was during last month.
Million to two million would be my estimate of players. Still leading to 2-5% of player base. Which itself isn't small either.
It's also possible some of those accounts were created to be sold on on a marketplace. Online gaming marketplaces have traders with in-game items, credits, and even accounts for sale. It's especially big for online games where item duplication glitches allow some players to hoard hundreds-thousands of hot commodities. Accounts that have maxed out levels, achievements, and/or rare rewards (possibly via this cheat) can sell for hundreds of real world dollars.
Imagine a multi-player first person shooter game. There are complaints that some players are cheating to win matches. Many of these complaints include a common description in the experience: the alleged cheaters seem to "know" where the other players are, even when not within direct line of sight.
In this hypothetical game, there is a feature where, in specific circumstance, one player can in fact see on a map where the enemy players are located. Maybe this feature occurs when enemies are within a specific distance and shooting a weapon. Or maybe it occurs for a limited time when somebody on one team activates a drone and then that team can see the positions of everyone on the enemy team.
Regardless, there exists some function called "DisplayPlayersEnemy" that provides this feature. It's only supposed to be running in specific circumstances and otherwise is not active.
Unless, of course, some players figured out how to always have Function "DisplayPlayersEnemy" constantly running. This gives those players an obvious advantage.
So the developers decide to quietly release an update to the game to test this theory.
They create an alternative function called "DisplayEnemyPlayers". It does the same thing as the older "DisplayPlayersEnemy". And all the processes that had previously initiated the old function now initiate the new function instead. So the game continues to function just the same as it did before.
The developers keep the old function in the game, even though there's no longer any legitimate way to initiate it. It will still do all the things it did before, so if the function is initiated, it will seem to work as it did before. Except that the developers added a process to that function to identify when and by whom the function was initiated.
The developers release the update and then wait.
From the players' perspectives nothing has changed. Except that the cheaters are now about to fall into a trap. Some players did in fact modify their game with additional code that caused the old function to initiate when it wasn't supposed to. Since the old function is still in the game, their modifications have continued to work. Many of the cheaters did not notice that the old function had been modified and that a new function had been added. So these cheaters did not know to update their modifications to use the new function.
But since there's no legitimate way for the old function to initiate after the update, and since the old function now reports data to the developer, the developer knows who modified their game to cheat.
That also sounds like a classic mistake on the behalf of the developers: never trust the client.
The client should never be able to call a "DisplayEnemyPlayers" function, like _ever._ That should be calculated entirely server-side. The client should only ever know what the player could possibly know, and the inputs limited, checked, and sanitized to ensure that they're valid inputs based on the server's known player state, not the client's reported player state.
Of course, there's limited situations where the client can still do cheaty things despite your best intentions, like refusing to display smoke particles that should partially obscure another player and make it difficult to hit them (if they fully obscured the other player, the client should not receive updates about that other player), but aside from that and other "partial knowledge" problems, what you describe is a completely solved problem.
Often the design of the gameplay requires trusting the client.
Ie, foliage that partially obscures an enemy. There's no way to have this as a feature that doesn't require trusting the client to render the foliage properly.
Yeah I thought the client got a lot of this extra information for performance reasons more than anything e.g. only play enemy shooting sounds if the enemy is nearby - do all the processing on the client so that the server doesn't need to work out a matrix of who can hear who and send the appropriate message to each client.
It only said "Each of the accounts banned today read from this "secret" area in the client", it also said you can get banned if you read data from the game client memory.
Reading from that section was a necessary condition for this wave of bans, but they didn't say it was sufficient, and that they didn't do any additional checks.
The last content patch (that wasn't Halloween) was in 2017. They're planning a new content patch for this summer/autumn, and I'm cautiously optimistic they'll increase moderation prior to the patch to increase player engagement.
* You can set a read watchpoint using debugging APIs (ptrace);
* You could place the honeypot in a memory page(s) that has its read permission revoked. An attempt to read the page(s) causes a signal to fire. In order to not crash the application, the code would then handle the signal by making the mapping readable, before continuing execution as normal.
Other approaches probably exist too, these are just the two options I would personally try first.
There is also userfaultfds on Linux: they're a file descriptor on which the kernel will send fault events, and let a userland process handle the page fault.
So, e.g., you alloc a blank page into memory: it isn't mapped yet, so the first read will trigger a page fault. You register that page with your userfaultfd. You (Dota, here) never read from it. If the userfaultfd receives an even that the page is faulting, then it isn't Dota/you that's reading from it.
Judging from the comments it sounds like Windows has similar capabilities.
… there are all sorts of false-positives here. (Or with any honeypot, really.) Many are mentioned elsewhere in the comments…
> You can set a read watchpoint using debugging APIs (ptrace);
What kind of read is sufficient to trigger this? If dota makes a read watchpoint with ptrace, my cheat process calls the linux equivalent of readprocessmemory on the dota process, then dota gets notified by the kernel? So every time a process directly interacts with the memory of another process, the kernel has to look through a list of which processes have called ptrace and run some kind of handler? As an aside it seems like this would be bad for performance of the whole OS
If ptrace is a syscall and ptrace (according to wikipedia) allows one program to intercept and manipulate another program's syscalls, then couldn't I just launch my cheat first, have it ptrace dota, and intercept dota's ptrace call, so that the read watchpoint never gets set up in the first place?
The old saying goes (basically the same as with Malware vs Anti-Malware): Whoever loads first, wins. So you are right in theory, you could intercept any call that would allow you to detect malicious behaviour. That being said two things:
1.) Windows is a closed-source and really huge system. There are many places you will leave traces, and they change all the time. Getting it right is hard.
The super exotic theory would be a rootkit, in those cases not even windows can help you. But as with security, as long as there is easy money to be made (because most anti-cheat systems are simply bad), those very expensive solutions will be limited to selected few professionals.
I think throwaway40602 from the previous discussion had it right - there's a variable that clients can't normally set (dota_use_particle_fow) that allows seeing some particles/spells and allows guessing where the enemies are trough fog of war. You can even find open source implementations years back for this. It appears to be a popular feature in cheats.
They probably just query the clients to see if it's set. Querying client cvars from the server is already built in the game engine.
If true then the announcement just made it sound way more amazing than it is.
Could just be a simple property that existed on some game object, which was exposed in the interface but nothing in the game ever accessed the property. Then a getter would report the read to their backend. The cheat programs probably automatically read every property of these objects.
I'm no reverse engineering expert but I doubt cheats would actually call getters when they have access to the raw memory underneath.
Maybe lazy cheats do use that mechanism, but it's hardly a foolproof system. If this is how detection was done, I imagine Valve has targeted this detection system for a specific cheat tool/framework.
Yes I'm seeing now how unsophisticated and probably incorrect my approach is, clearly running into the limits of my understanding of compiled programs / cheat engines :)
Possibly - a lot of Source engine (and so probably Source 2 as well) plugins work by reverse engineering Linux/Mac builds of the games and building class definitions for in-game objects and calling the methods to get health/armor/ammo counts etc.
You could potentially use a timing-based approach - if the "first" read to the area is fast enough to suggest it has already been demand-paged in then that would indicate someone else already touched the page. Obviously there's lots of caveats, you can't guarantee a page won't be loaded in anyway without anybody touching it, and it also requires the cheat software to touch that section of memory even though it's effectively unused. If you had a good understanding of how the cheat software worked and went about probing your process's memory I suspect you could make it work though (whether the accuracy would be acceptable is a different matter).
Only way cheating will ever end if players have to risk losing a meaningful percentage of their real world wealth — and even then you would have accounts that get stolen for the sole purpose of being a throw away account to cheat with.
Could you just match-up players to similarly skilled opponents?
I'm not a player, but I assume people access Dota using the same account each time they play? Their win/loss record should produce a decent "skill" ranking. Those that are cheating will un/naturally do better, and eventually they'll just be playing each other.
It would be sort of like a shadow-banning. They still get to play, but real people don't have to come in contact with them.
Who cares if the cheaters play other cheaters? Perhaps it's a drain on the company resources? But if they're paying participants, does it matter?
I think they could even get those cheaters to pay for the non-cheaters. Say they pay a monthly fee (I'm not sure if it's the case for DotA? I don't play any games right now). You create a monthly challenge where you get a chance to get a month of subscription for free! But you make it very hard for the cheaters to get it, like a ration of 1/20 (either through shadow banning or by redirecting them to an almost impossible challenge).
Another alternative I thought, you could monetize cheaters by pushing ads to them whereas the non-cheaters don't get any ads.
And you could make it so that if you don't cheat for a while, give up all the items/experience you got while cheating, you're welcome back to the normal process. Just to keep them paying the monthly fee as they have a path to redemption.
I think they already do this with their matchmaking system.
I'm a bit out of the loop on Valve's newer games but at least with the older ones, if you were cheat banned you could still play but were just stuck playing on the servers without cheat protection (so basically cheaters got stuck playing with cheaters).
I wonder how they developed this honeypot in such a way that the magic page or region of memory was known to have been accessed by a cheat and not by, for example, an antivirus daemon.
I doubt they’re doing anything super clever with examining access to memory regions. From the way they use the word ‘honeypot’ and other comments here about cheating software setting team vision flags, I suspect they simply noticed some of their internal functions were commonly being used by cheating software. From there it’s simple: duplicate those functions, add “_legit” suffixes, find/replace all use of those functions in your code with the _legit-suffixed version, and add logging to the original function without breaking its functionality. You can even formally prove that the original function will never be called by legitimate clients with dead code analysis. Cheating software will go on using the original functions because they still work, not realizing that the core game logic functions they were using have suddenly become dead code with logging.
There's a variety of different parts, I can describe some.
* A flag on each CDOTA_Unit which includes heroes for example CDOTA_Unit_Hero_Weaver has a called m_iTaggedAsVisibleByTeam which allows you to tell which teams this entity is visible to, so you can tell if the enemy can see you or not.
* Particles (which affect things like Town Portal scrolls, Smoke of Deceit, attacking neutral camps, etc). There are some things that happen in the game that need to be sent to all clients (even if it's happening in the fog of war for this client), otherwise things would look weird if you were to suddenly get vision of these areas. There's a great explanation by one of the Valve Dota devs on this exact topic and why it's hard to solve: https://old.reddit.com/r/DotA2/comments/uywfxi/comment/ia85u...
* Some other cheat modules are able to see spells cast, so they can track cooldowns of spells (with indicators above each hero). They can also track cooldowns of specific events: when a player uses buyback there is a cooldown before they can buyback again, when Roshan is killed his respawn time is randomly decided within two bounds so you want to track those bounds.
- Tell you where the enemy is during TP. This is really useful for, for instance, Zeus, who has a stun (stops TP) that can be placed anywhere on the map.
- Show you where enemy has vision, which makes de-ward a trivial task, and therefore makes sure the enemy has basically no vision.
- Instant skill casting when an enemy comes into vision. Useful for heroes with instant stuns/silence, makes them be impossible to be jumped, basically an impeccable counter-initiate, but not always an advantage when initiating.
> Useful for detecting ward spots or incoming ganks.
This phrase makes me feel old, haha. No idea what it means.
As a programmer with no game dev experience what are the most common technical mechanisms used for cheating? Are they modifying outgoing network traffic on the fly or something like that?
Everything that goes is common sadly. This includes:
- Reading from and writing to memory (either by direct means provided by windows, by custom drivers, or by exploiting installed vulnerable drivers to bypass secure boot and such)
- Reading network traffic (particularly nasty because it can be done on a device where the game and Anti-Cheat is NOT running provided you get access to SSL decryption keys)
- Having an external device react to your video feed only (either "dumb" aka on colors, pixels shapes etc. or fancy with AI and stuff) and then react by a "faked" input device (mouse, controller, etc).
- Modifying game files (e.g. replace texture walls with transparent textures)
- The very easy way: Simply exploiting game bugs. E.g. you can cheat in Fifa on console (!) since years by doing stuff in the system menu. Fifa will just disconnect the game without giving you a loss for the match.
It's not really an age thing. If you don't know anything about Dota or the MOBA genre, these concepts will be meaningless.
Let's translate to the more commonly understood First Person Shooters. In a FPS, you don't know if someone is hiding behind a door. But with cheats on, the cheat program could be reading game data and know that someone is behind a door. It could highlight that person on your screen in a red color, that way you can see them even tho they are hidden.
It could also move your mouse cursor automatically for you so you get an easy headshot without even trying to aim.
Neither of these involve modifying outgoing network traffic.
I'm no longer in the game, but circa counter-strike 1.1 or 1.3, the typical way was using windows hooking API to load your hack into the running process. You could then simply use the freely available half life modding sdk to use the same structs and things like that. Network related stuff also happened, but I never paid attention to it.
Ward - object placed somewhere to give you vision around it
Gank - suprise attack basically, usually when a guy from one lane go to another one to suprise kill an enemy player
Are you arguing that cheaters should be allowed to run rampant in multiplayer games purely because that is how they want to use their software? Because at that point, there is no reason to even have multiplayer games.
I get the desire to go back to community hosted servers, but there are real tangible benefits to modern matchmaking systems, particularly for games with a competitive focus.
Nice move and it’s better that they’re open about it so that any wannabe cheaters might consider it. On the other hand, what is stopping cheaters from creating new accounts and trying to read data from the client with a new exploit or other means?
It seems like they haven't been overzealous and cross-referenced hits with other data. People are getting varying degrees of bans, and exploiters with several accounts are reporting that not every account has been banned. i.e. Valve are only banning when they are certain.
I imagine they are looking at the honeypot, and in-game actions that would be a result of the player having information they shouldn't.
Unlikely that they checked each of the 40,000 bans individually, but I imagine they devised a simple quantitative check that they could automate like "honeypot = true, check how far from STDDev player's dewarding accuracy was", then they spotchecked the highest confidence rates until they were happy to rollout the banwave.
But I imagine they tested the patch, like any other patch, and did not find evidence of any other access to that memory. You can never be 100% sure, but if that’s the standard, then how could any banned player be 100% sure cheat software wasn’t secretly installed on their system using nation state invisible rootkit capabilities?
Cosmic rays can be excluded by sampling. Say, someone triggering a guard page once or twice gets ignored, but consistent read activity whenever the user is playing is likely to be either an antivirus (which can be correlated and culprits identified) or a cheat.
Haunted players are either using that to their advantage or cursed. Do you really want to interfere with a curse? I certainly wouldn't, too much risk of it getting transferred to me.
I remember this... "Why It's Rude to Suck at Warcraft" and I feel like a lot of people want to be good so they cheat... they want to not be seen as bad, or a drag on their team.
But yeah... DotA, and League of Legends... some of the most toxic games out there. No community to speak of, just a bunch of sweaty try-hards who probably don't get out around humans enough since they're too busy playing these games.
>If you are running any application that reads data from the Dota client as you're playing games, your account can be permanently banned from playing Dota.
This is weird wording, Dota client stores data inside my RAM, on my hard drive, am I free to read what I want from my own hardware? They send me network packages and i send them back, so am I free to sniff my own traffic and examine it? How do they even detect this? I mean, if they exposed the data which leads to unfair advantage, it's their fault
A Chinese team called Knights were suspected of cheating with an exploit that might have been detectable through this honeypot method. However, so far, the whole team continues to play in the current major tournament that began yesterday in Lima.
The honeypot doesn't seem to have had anywhere near a 100% hit rate on users of a well-known exploit system. Lots of exploiters self-reporting that they have had some of their accounts, but not all, banned.
Valve have likely been fairly careful in reviewing the results from this method. It's a banwave after all, not an automated detection system that issues bans in realtime. Also worth noting that exploiters have reported game bans, account bans, and VAC bans, from this wave. So, the severity of the punishment seems to have been measured against some metric too. It's not a simply boolean of 'UserExploit=True', there's shades of grey involved.
Rumors (from Chinese community) also said that the honeypot was only implemented after Knights "incident". They could (would be stupid to not, if they did use) simply stop using hacks after they were in spotlight.
Popular antiviruses often have exclusions for particular processes in order not to trip anti-cheat / tamper-detection code, as well. Especially for well-known anti-cheat mechanisms.
Cheating is a lot more widespread than you'd think.
In the past (pre-internet/early internet days) entire companies were built just on selling cheats.
Competition drives people to it, especially since many players are kids and don't have better stuff to do. By competition I don't just mean in-game results, but also recognition for achievements (i.e. social competition).
This is why some of us are not giving up on the streaming gaming idea.
It doesn't solve 100%, but it definitely fixes this entire universe of "oops the client has to know a little bit too much about the game state" problems.
> A point to be made for remote competitions requiring it!
My current dream is a streaming-only arena shooter with various competitive modes. Something needs to fill that hole that UT2k4, OW1 and others have left behind.
I had a friend casually suggest a solution - similar to Valve's - for the 1% edge case in the streaming gaming scenario. An example of this edge case is ML bots that watch real-time video feeds of the gameplay to aim/click the mouse.
A possible solution is to inject "honey pot" information into the actual frames in order to bait the bots into taking extremely unlikely actions. Enough of these small tests over time and you can arrive at a statistical impossibility that the player is not cheating.
Absolutely no doubt a lot, can't check steam metrics right now but I just didn't expect so many people to be cheating. Especially with a pvp game. I don't see the point personally how you could feel good after. You didn't win.. your cheats won. Strange pov.
> This software was able to access information used internally by the Dota client that wasn't visible during normal gameplay, giving the cheater an unfair advantage.
I'm curious what this information was - does the Dota 2 client have access to all the game state including players hidden from view?
Don’t know about “all state”, but consider that the graphics are rendered client side, where the polygons are loaded into the GPU. The GPU checks for occlusion and renders what’s actually visible. The GPU is also responsible for shadows and reflections, both of which can come from offscreen or occluded objects.
For that to work, the client needs to know at least where every player / model / polygon is within some range and field of view.
As fast as the game moves and as much freedom as players have to change their position and heading, it’s likely that everything anywhere near the player is computed and sent to GPU.
So, there's a character in the game that has a passive ability that lets it recover HP faster if they are not being observed by the enemy.
That ability necessitates a function that checks for enemy vision, from heroes or from static observer wards that you can buy.
From an exploit perspective that is a huge boon to use for a variety of purposes. Lately it may have been used to allow exploiters to detect those purchaseable wards so that they can be countered and removed in gameplay.
Interesting. I would have thought such an ability would be implemented by increasing the HP on the server and then sending the new HP value to the client. But perhaps this is impractical for some reason.
I think it's a matter of network performance, and the visual bugs that you can create without due care in such a fast-paced online game.
Valve have commented on this hero's mechanics, and issued fixes relating to client/server-side interactions within the past year in fact. But apparently, the exploiuts still exist.
Their comments have been around how redoing such mechanics can cause undue lag between clients that need to be 'caught up with' as quickly as possible. Too long and a client could see something they shouldn't and get a competitive advantage. Valve don't want to have a server updating 10 clients on 10 different network connections if they can avoid it. The compromise is to do more client-side, but that leaves the system vulnerable to such exploits.
Considering that the game includes fog of war, and invisibility mechanics, visual bugs from these systems do crop up a fair bit.
Normally stuff like that would be done both client- and server-side, but the server would have the final say for shared game state purposes (which the client can of course ignore, but then it'll just desync).
I'm wondering what the client vs server is responsible for. I would have thought the server could have been responsible for adding/removing the buff where necessary.
Curious as to how health regen is done in general. The server must have some sort of understanding of what it should be otherwise clients could set it to whatever they want.
Not all state, but very often in networked game the client needs to know information of what is soon to be visible. Say two characters approaching each other with fog of war. For latency compensation it makes game feel better for this to be send to client sometime before client renders the other character.
How is data mining by reading from the client software memory "legit"? You are supposed to discover things by playing the game, not by doing things that are explicitly forbidden by the terms of service.
Even when it is tolerated, it is always "at your own risks".
I play much more World of Warcraft than I should but I'm not sure what kind of data mining you're referring to. I don't think Blizzard allows anything that can read the memory of the game while you're playing it. Are you maybe referring to the raid logs that people use? Those are just addons that write the raid combat log to an external file, and then someone in the raid runs a program that reads the log file and uploads it to www.warcraftlogs.com
If only Battlefield did the same.
Or force hard regional blocks between servers, blanket ban China. Release Cheaterfield for them, different kind of entertainment definition in that market.
there was a convar in the game for 6+ years that let you see particles in the fog of war; 99% of cheats forced this convar on. source lets you request CVars from the client and the value, so they simply did that. it has nothing to do with reading memory, but rather writing memory to allow you to see particles
if dota is anything like CS:GO, then most CVar-editing cheats are done by hooking the underlying functions instead of just forcing them. I distinctly remember the word on the street a few years ago being that manually writing to CVars was Dangerous Stuff To Be Messing With.
There are many reasons why a server must "over-share" in a game:
- Bob and Alice have different latencies and are walking toward eachother, lowest latency will have a huge advantage (there are of course mitigations for this in games, but it _does_ involve the client doing some of that work)
- There's rendering: Alice opens a door, behind that door was Bob but he will only plop into view later for Alice; which makes for a rather ugly and awkward experience in a game
- in the same vein, in a fog of war, people can very quickly change their line of sight -- server will want to share this information with clients before-hand
- As for data that is _always_ there: take 'aim-bots' which just harvest data from targets in your view and well, target them in the best order
Making a competitive multiplayer game is hard.
All that said, cheating is harder in streamed games. Client will send controller data, servers only send video streams; in this scenario you'd still have the aim-bot problem, but a lot of other cheats go away.
Because a letter is just a letter, and although we all know the nefarious meaning of that Z, it's still a generic letter. Same reason why nobody would have grounds for reporting you here for writing that (well deserved) "F Valve".
Valve has been historically quite comfortable with Nazis and white ethnonationalists on steam. There are limits, but Valve generally doesn't care about making sure steam/Valve games are friendly places to players. If it's not illegal, Valve isn't going to do anything about it.
I do not understand the appeal of cheating in MP games. What is the point of being invincible in a FPS or unlimited gold in something else etc? It takes all the effort and skill out of it. It's like it's a buncha 12yos who cant stand "to lose".
I also have no trust in any sort of gaming related records of feats of ability. I've been deeply involved with gaming communities in the past where people would show off their world records. I would question such scores only to be flamed and then years later it is discovered they were cheating after all.
Really my only point is that I despise cheaters and any game that isn't single player or only between friends may as well not exist for me anymore.