Diablo 3 nerfs Monk with 'drastic' rune change
Street Fighter 25th Anniversary Collector's Set announced
GameFly to publish iOS, Android games
Judge recommends US Xbox 360 ban in Motorola dispute
ArmA 2 'Day Z' mod patch adds sickness
Diablo 3 declared 'fastest selling PC game' ever
Spec Ops: The Line PC demo arrives June 19
ShootMania Storm preview
Daily Filter: XCOM: Enemy Unknown, LEGO Batman 2: DC Super Heroes
Red Orchestra 2 GOTY edition announced
Privacy & Cheating
by Steve Gibson, Jun 19, 2001 12:55pm PDTAnother discussion for the afternoon for you guys. We've lightly touched on this one before but I'm pretty curious what the general feeling is out there about privacy as opposed to stopping cheating in gaming. The simple question is this:
Q: Would you be willing to let developers have their games inspect and possibly send information about the hardware and software you are using while playing your game in order to help them better combat cheating? Given that the information would not be tied to you personally.A lot of developers out there are wondering about this. What concerns would you have about your privacy and why would it bother you if a game developer had that information. What if developers were legally obligated to never share any of that information and only to use it for internal development to improve their products. Would you still be opposed to this? Would you value the privacy of what you're using to play games over the possibility of a more cheater free environment? In what possible scenario would you allow your information to be sent?
Comments
I think the only way we'll see cheating stopped is to go to a mainframe model where all the game code runs on the server, and the client only sends raw keyboard and mouse data. So put in an order for that OC-192.
- client connects and asks to be 'frisked'
- server thinks up a random number, encrypts it using a checksum calculated from a legit game, embeds it in a tiny exe, and sends it to client
- client executes downloaded code (erm, not very safe)
- downloaded code checks out the running game in some bizarre way, calculates a checksum, and uses checksum to decrypt random number
- client posts decrypted number back to server
- server checks numbers match
to stop people disassembling the frisker and faking the reply, you'd need to change it every few days.
I guess you could break this if you hacked an x86 emulator into the client which ran the frisker in a sandbox, and redirected reads to a legit copy of the game running in another part of your machine ... but that would be pretty difficult.
http://slashdot.org/article.pl?sid=01/06/19/2039216&mode=thread
Great, now we're going to have scan our BIOSes for spyware in a year or two.
2) 99% of windows users install software in the 'default' place... as evidenced by 99.99999999999% of eMail viruses using the path 'C://Program Files/...' as the base of their mischief.
3) 99.9% of cheaters are Windows users, as 99.9% of people who write hacks are windows users. Bill Gates does not tolerate games being played on any other platform. He also makes sure that 99.9% of the computing public are clueless. (this is important!)
4) Given the above, more than 99.9% of the CHEATING public will install hacks in a pre-determined directory, for a game that is installed in a pre-determined directory.
5) Given that 99.9999% of the computing public does NOT store pr0n, MP2s, or illegal stuff in the directory that they installed game in, why, given a STRICT legal contract entered into by the game company (quite the opposite of the EULA) that they will ONLY look in 'c://program files/my company/my game' for files that do not belong there, would you object?
If you didn't want them poking around at all.. install in a different directory. This would preclude you from joining "pure" games, but you are safe from Big Brother... tho if you are using a MicroShaft OS, you've already given up heaps more than id Software could EVER get on you...
Why WOULDN'T you do this?
Thread Truncated. Click to see all 2 replies.
You have people out there who enjoy cheating for some reason or another. Then you have the people who get uptight about it. (Me being one of them.) Mostly because I'm trying to have fun and they're ruining it for me.
As far as someone scanning my computer for hacks/cheats? I don't like the idea. It's not a matter of me keeping sensitive data on my PC, nor being paranoid about people knowing what is on my machine *cough*pr0n*cough*.
It's a matter of scope. You can't limit it. Sure, today they're scanning your software so that you are not cheating. Next they're scanning for other software to see who their competition is. Then they're storing your passwords, they're snooping your windows registry for your name. Now all this seems harmless now, but eventually they will be able to correlate all of this and identify you. This is the same reason the government blacks out major portions of documents before they're released to the public. Simple, non-important information eventually can be pieced together to form a clear picture of Joe User, what their preferences are, where they live, approximate income.
The most rapidly disappearing possession in the world right now is privacy.
If you give someone an inch, they will continue to push at those barriers until you have nothing left to give them. If you do not protect the extremes, the next thing you know, the trivial before is the extreme to be exterminated.
This is the whole reason why pornography exists beside religion in protected speech/expression. If pornography goes, next its action movies, then anything they consider remotely offensive.
So protect what little privacy you have.
Thread Truncated. Click to see all 23 replies.
#1. So, collecting data about "other software you are using while playing your game" means specifically other processes running, but doesn't mean a wholesale rummaging through the Windoze registry? If so, yeah, sure, why not? But if you feel you need to know more than that, such as what we have installed, no, forget it. Playing your game in a cheat-free environment is important, but I don't plan to piss in a cup for you.
#2. This collected "information would not be tied to you personally." First of all, that's awfully hard to ensure when you have an IP. Moreover, if the game company's records are ever compromised, then poof! there goes the assurance of privacy. And doesn't this raise another issue related to what exactly you are trying to accomplish? If the idea is to fight cheating by gathering data, then there are other, less universally intrusive ways to do so: run a server and study the data, or (as Punkbusters claims to do) infiltrate the game-hacking community. But if the idea is to bust individual cheaters -- which clearly it should be -- then that sort of undercuts any notion of collecting data without "tying it to you personally," now doesn't it?
#3. Why not focus upon catching and punishing individual cheaters? Make part of the EULA a promise that you won't use cheats, and then enforce the EULA: suspend or ban "convicted" cheaters' CDs during the server authentication process. Sure, that raises all kinds of thorny issues of commitment (mainly financial but also ethical and legal) on the part of the developer and publisher, but hey, you're paid good money to make your game perform as promised at the point of sale. In an important sense, it throws this issue back on the doorstep where it belongs: yours. Not ours.
Draw two flat polygons, one of one random color, one of another. Stick one in front of the other. Render the scene and grab the framebuffer -- if any of the back polygon shows up, wallhack = on. If you light them fullbright this will work fine as long as the colors are dissimilar. You'd only have to do this for one frame, at random times during the game (since wallhack can be turned on/off), so it shouldn't interfere with anything. Random colors are needed so that an opengl proxy can't automatically detect them. You could even render them on top of the scene and stick them in the corner and make them small.
Thread Truncated. Click to see all 2 replies.
Hardware and drivers: yes, as long as i can choose to shut that feature down [and thus not join certain servers]
Software and other stuff: keep the fuck away from that, thank you
Besides, do any of you know just how much of your personal data is already gathered up by companies? Every time you log onto battle.net to play a Blizzard game, they are scanning your registry and who knows what else. It's right there in the EULA that people breeze past with the Agree button. They know what other programs are on your computer, your personal info including your e-mail address, and whatever else they like to gather. It is not too hard to put hardware or software info with a name and address. And you bet the marketing department will do it.
This is nothing new. Does anyone remember when RealPlayer was snooping on its users, sending to RealNetworks the music you like to listen to? Do you really think that Media Player is not/will not do something similiar?
With a cookie and your IP address that every website logs when you visit it, it is not hard for every website you visit to know exactly who you are and what page you came from.
Healthy paranoia is good...but it is a little late for it now. The invasion is already over and done with. Today, it is simple: you go online, you will be tracked; play a game online, you will be sending your personal information to the game company.
If you want to remain anonymous, stay offline and play single player games instead, which are much more fun anyhow.
Thread Truncated. Click to see all 5 replies.
just tell me beforehand. and use it only for the good.
Thread Truncated. Click to see all 2 replies.
[01'06'19'02'00]
heyheyhey
i got this killa up inside of me..
Uhm i still cant believe you guys dont listen to me, i have lots of suggestions for fixing the CS server for the very simple bugs and hacks, to start disable "showbriefing" so the Map briefings arent available to assist the bug i wont explain, and if you dont figuire that out then jsut disable spectator mode all together andlet people be unassigned. GO GET ADMIN MOD tos tart that can fix ltos of crap. and uh when do i get to be the admin? oh wait i know that answer, when my brute force hack finally picks the password. alright so im not that desperate. Shack rulez, wait what about norulez?
Anon,
jewC
[§ÄǦ\09\:13373Z1 4Ax0r- Wear sunglasses to play CS, improves your day vision.[hax]\09\]-happy hacking
Thread Truncated. Click to see all 9 replies.
PRIVACY = GOOD
It was alot more effective than the current vote crap.
Thread Truncated. Click to see all 35 replies.
in observer mode desplay a traceline from the gun to whatever he is aiming at. If people see someone aiming through walls, auto aiming super-accurate headshots it would be easier to catch people. maby print out some other info about the client such as speed, team, stuff like that. The only part of a client/server game that CANNOT be hacked are the people watching the game.
Thread Truncated. Click to see all 4 replies.
I cant understand why you guys wont let them see a little of you system info..
Its not like it will tell them your name and address.
All you'll be to them is a WON id# attached to that # will be info about your system, graphics, os, drivers, whatever.
What the fuck is so scary about that?
And dont say it will lead to even more intrusion...
Your all paranoid and you don't even know why...
Thread Truncated. Click to see all 9 replies.
even the hackers in their nfo's state if you want to play HL,CS.., online you'll need to buy the game
Thread Truncated. Click to see all 6 replies.
Hard Drive scanning = no way pal.
the only files they should need to check would be the files associated with that game.
scan the graphics drivers in use and any programs running when the game is started (or programs started during play).
are there any cheats good scanning like that would miss? Scan the game files for hacked models / maps / sounds / game code. Scan the graphics drivers for hacked drivers or asus l33t ch34t3r drivers... Scan the current program stack for other cheat programs, such as proxies or whatever.
The servers "cheat definition" files would need to be on autoupdate... kinda like how virus definition files can be autoupdated...
and of course, make the cheat checking a server side option... so people can run pure (cheat checked) servers or open servers were people can use custom models / sounds or whatever...
Keep your filthy noses the hell out of my machine.
look at xp
Thread Truncated. Click to see all 2 replies.
If I recall, this happened for some time on Q2, as well. The avilablility is cheats is known, yet it's pretty rare that you see it...
Now CS, well, the odds are that a populated server has someone using some form of hack. Could we look into why games like these have more cheaters per capita (CPC)? Is it really an issue that we need to be concerned about?
"There's always a LAN party."
Woah lots of green.
Thread Truncated. Click to see all 18 replies.
1. Scan your HD/CD drive looking for known cheat software (the program would have to be updated weekly/monthly and it better be a small file that's transparent when you download while connecting to a server)
2. Scan your HD and verify your graphics drivers have not been tampered with.
3. Scan all game files/dirs to make sure the main files have not been tampered with.
4. Everything that is sent to the server should be logged and readily available to end user to see exactly what they are sending. Information being requested should also be in the EULA.
I really don't think any of that is so horrible, and I really doubt that it's a slippery slope leading to other terrible voilations of privacy.
Does anyone see how companies can exploit this information?
Thread Truncated. Click to see all 4 replies.
1. A very detailed description of exactly what data will be transimitted, how it will be checked and that it will not be stored for any longer than the duration of my current game.
2. Make it optional during online play, and of course have it non functional during single player.
3. During online play, have normal servers, and pure servers. If you log onto a pure server, it will pop up a box stating that in order to play on this server you must allow the game to run a quick survey of your system and send this report to the server.
There is no reason to store any of this data permanently.... and if the data isn't stored for longer than the duration of your game, that will go a long way to easing peoples privacy concerns
[sarcasm]
never could such a piece of software be hacked to send off information that is not actually from your system.
[/sarcasm]
man oh man and here I can see there are people who think that this will actually work ?! Any piece of software can be hacked. ANY PIECE OF SOFTWARE.
Since at some level there will always be software involved, it will always be hackable.
booyaka
Thread Truncated. Click to see all 9 replies.
Thread Truncated. Click to see all 9 replies.
Thread Truncated. Click to see all 14 replies.
Video drivers and GL extensions: yes
Other hardware-related data: no
Ok here is the very simple solution: No.
There is nothing you can do against some cheats, in paticular client one... but developers can figure out a god mode from the server side (if someone is supposed to be dead or not is sometimes so damn obvious).
Getting more info from my computer? Nope... that's my private data. I am not cheating... actually I haven't bought a PC games for one FULL year... so I don't have a fucking idea how to even cheat in CS... but I did meet a lot of people cheating in Quake1... including me a few times.
The only reasons you guys are so damn concerned about this is because you feel you bought the game and therefore you are entitle to a ONLINE gameplay without anyone cheating. Moreover the game was written by your favorite company, who may lose some customers after these customers are annoyed by cheaters. Give me a damn break. It is still a game. If you can crack winzip, a game should be fairly easy. In case you don't remember, graphics, design, gameplay, network... are something developers work most of the time. You surely don't want to see them wasting all their time on anti-cheater techniques. If you do, you end up with a realllly looooooooooong project, style daikatana.
Cheating in life is worse than in games. In games you can kicked/ban. In life you py a fine/go to jail. Going to jail is like being kick and ban not only from the game, but all games and internet. Think again before saying something dumb like cheating in games is worse than school. The only reason people are worry about you cheating in school is because you are not learning as much as someone not cheating. The only reason people are worry about you cheating in game is because you are "destroying the fun of some 15 players". The first case is bad cause it affect all the class average, and your IQ. The second case is not important, cause only 15 players care about it.
If I were all of you, I would cheat in CS because everyone is.
I don't believe that the Internet has any rule cause it belong to nobody. If it does, ... oh shit... all of you are not legit since you have been downloading some MP3s.
Thread Truncated. Click to see all 9 replies.
The Corporate Republic continies to entrench itself.
How do you protect against the possibility that the first response to something like this could be to hack the OS to lie to the application?
Second, what's in it for me to allow a company to know about my hardware? I've been lied to too many times now by companies that have tried to turn something that was supposed to reduce costs for me into a profit center. What about the case of e-toys where extraordinary hoops had to be jumped through to prevent the sale of information that was promised to be private once the company went out of business? Who is to say that someone will be a white knight next time this happens?
Considering the deplorable licenses, such as the UCITA, that software companies already cram down our throats in order to use software, and the excesses that the MPAA, RIAA, and Microsoft have shown themselves willing to undertake to ensure that their greed supercedes any right to fair use that we might have, I am no longer inclined to let any company have any information about my machine, since it has been proven that any information handed over can and will be abused.
Make a better vote system and cheaters won't get very much playtime anymore. Especially if it bans them for an hour or more.
Thread Truncated. Click to see all 2 replies.
Game hardware.
No longer can you edit the software aspect, cuz its hardencoded onto a pci or simmilar device..
Thread Truncated. Click to see all 2 replies.