this post was submitted on 11 Nov 2024
275 points (100.0% liked)

Gaming

30568 readers
250 users here now

From video gaming to card games and stuff in between, if it's gaming you can probably discuss it here!

Please Note: Gaming memes are permitted to be posted on Meme Mondays, but will otherwise be removed in an effort to allow other discussions to take place.

See also Gaming's sister community Tabletop Gaming.


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

Steam store pages received a new Anti-cheat field. Disclosure is mandatory for kernel-level anti-cheat solutions. And recommended for other anti-cheat solutions (like server-side or non-kernel-level client-side).

The field discloses the anti-cheat product, whether it is a kernel-level installation, and whether it uninstalls with the product or requires manual removal to remove.

Screenshot of anti-cheat indications

you are viewing a single comment's thread
view the rest of the comments
[–] filcuk@lemmy.zip 3 points 1 week ago (2 children)

Does anyone actually have a suggestion for a less intrusive alternative?
Do you realise how difficult and ineffective server-side anti-cheat can be?
Although it would be the only way to actually try and detect someone using a second machine for hacking/inputs.
All of this will become an increasingly uphill battle for the devs.

Server side AC is hard, yes, but it's not less effective than client-side.... As it's security by obfuscation. If you can't genuinely detect from server view the difference between an human and a cheater, that means a cheater can create a cheat controller (either hid spoof or even mechanicallly moving a mouse) that will spoof the client side too.

NEVER TRUST USER INPUT.

[–] DieserTypMatthias@lemmy.ml 5 points 1 week ago* (last edited 1 week ago) (1 children)

Write it in language that obfuscates code by default (Rust does that) and then it obfuscates again. Or do it the Valve way. Even though is very easy to crack their anticheat (the hacks and DLL injectors are basically for free both on Windows and Linux), they have other measures in place. E.g. Votekicking players, Overwatch and matchmaking against other hackers.

[–] ReversalHatchery@beehaw.org 1 points 1 week ago (1 children)

where did you read it that rust obfuscates the code?

you want vmprotect and such for that

[–] DieserTypMatthias@lemmy.ml 1 points 1 week ago

If security analysts have issues decompiling Rust malware, then it's obvious that it obfuscates the code. All they could get was an ugly Assembly. You can try it yourself by downloading Ghidra/Cutter/any other compiler.