this post was submitted on 11 Nov 2024
276 points (100.0% liked)

Gaming

30570 readers
405 users here now

From video gaming to card games and stuff in between, if it's gaming you can probably discuss it here!

Please Note: Gaming memes are permitted to be posted on Meme Mondays, but will otherwise be removed in an effort to allow other discussions to take place.

See also Gaming's sister community Tabletop Gaming.


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

Steam store pages received a new Anti-cheat field. Disclosure is mandatory for kernel-level anti-cheat solutions. And recommended for other anti-cheat solutions (like server-side or non-kernel-level client-side).

The field discloses the anti-cheat product, whether it is a kernel-level installation, and whether it uninstalls with the product or requires manual removal to remove.

Screenshot of anti-cheat indications

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 1 week ago (2 children)

Does anyone actually have a suggestion for a less intrusive alternative?
Do you realise how difficult and ineffective server-side anti-cheat can be?
Although it would be the only way to actually try and detect someone using a second machine for hacking/inputs.
All of this will become an increasingly uphill battle for the devs.

[–] [email protected] 6 points 1 week ago

Server side AC is hard, yes, but it's not less effective than client-side.... As it's security by obfuscation. If you can't genuinely detect from server view the difference between an human and a cheater, that means a cheater can create a cheat controller (either hid spoof or even mechanicallly moving a mouse) that will spoof the client side too.

NEVER TRUST USER INPUT.

[–] [email protected] 5 points 1 week ago* (last edited 1 week ago) (1 children)

Write it in language that obfuscates code by default (Rust does that) and then it obfuscates again. Or do it the Valve way. Even though is very easy to crack their anticheat (the hacks and DLL injectors are basically for free both on Windows and Linux), they have other measures in place. E.g. Votekicking players, Overwatch and matchmaking against other hackers.

[–] [email protected] 1 points 1 week ago (1 children)

where did you read it that rust obfuscates the code?

you want vmprotect and such for that

[–] [email protected] 1 points 1 week ago

If security analysts have issues decompiling Rust malware, then it's obvious that it obfuscates the code. All they could get was an ugly Assembly. You can try it yourself by downloading Ghidra/Cutter/any other compiler.