Cheating and anti-cheat software

syl

Greetings!

I recently read a topic about the exploiting of ingame systems and bugs. While there is a concern about those topics, I also have concerns about the use of cheating software like chams, wallhacks et cetera and the combating of those wrongdoings.

Has there been any information given by Intrepid in how they are going to combat cheating and if they are going to use anti-cheat software?

As a second and third question to the community: What is your opinion of the use of anti-cheat software and the data that it may collect? And what punishment should people get for being caught in the act of cheating?

Wandering Mist

It would appear that right now Intrepid are using a third-party program called "Easy Anti-Cheat", which is quite a common piece of software used by a lot of different games. Maybe in the future Intrepid will develop their own custom-built anti-cheat software but for now that is what we have.

https://totalwararena.com/en/news/latest-news/cheaters-never-prosper/

Here is an FAQ detailing how it works. Assuming this information is correct I personally have no problems with it. As for punishments, I will leave that up to Intrepid to decide.

Viymir

I think the last Apocalypse update there was anti cheat software installed but cant remember its name. I personally think that anti cheat software and monitoring should be as strong as possible without being so drastic that it persecutes innocent players.

syl

wanderingmist wrote: »

It would appear that right now Intrepid are using a third-party program called "Easy Anti-Cheat", which is quite a common piece of software used by a lot of different games. Maybe in the future Intrepid will develop their own custom-built anti-cheat software but for now that is what we have.

https://totalwararena.com/en/news/latest-news/cheaters-never-prosper/

Here is an FAQ detailing how it works. Assuming this information is correct I personally have no problems with it. As for punishments, I will leave that up to Intrepid to decide.

I see. Yes, I found the link to EAC's Ashes page: https://www.easy.ac/en-us/support/ashesofcreation/

The problem I have is anti-cheat software reacting to innocent software like Discord overlays et cetera.
If EAC only scans the game's folder and saved files as they say they do on other games, that is fine. (Since code is usually injected to the game's files)
If EAC goes the BattlEye route of gaining access to all files, that would be a concern for me.

grisu

I can't say for certain but that easy anti cheat might be a gap closer solution.
There was a stream way back where they talked about exploits and measurements they are taking against it. One point, amongst others, they adressed was in game heatmaps that record every player actions and match it against "normal" behaviour.
I am pretty sure that goes beyond the capabilities of easy anti cheat, which is crap anyway.

insomnia

The punishment should fit the crime and severity of it

syl

@grisu Yes. An Intrepid anti-cheat solution is an interesting one. We'll see how effective that is.

Jahlon

EAC is only a part of what they are planning to use.

And the penalty for breaking the rules, cheating, duping, exploiting etc are serious....

...as in permaban.

Per Steven

syl

jahlon wrote: »

EAC is only a part of what they are planning to use.
And the penalty for breaking the rules, cheating, duping, exploiting etc are serious....
...as in permaban.
Per Steven

Nice

CrazySquiggle

What if you find a way to kill your teammates with something like traps or shoving them off a cliff and continuously do it? Should people be banned for being teamkilling ****?

Wandering Mist

whitedude31 wrote: »

What if you find a way to kill your teammates with something like traps or shoving them off a cliff and continuously do it? Should people be banned for being teamkilling ****?

In my opinion this is something that the community will handle in their own. Since there won't be any kind of cross-realm functionality, assholes who do stuff like that will quickly be identified and blacklisted by the community.

Damokles

whitedude31 wrote: »

What if you find a way to kill your teammates with something like traps or shoving them off a cliff and continuously do it? Should people be banned for being teamkilling ****?

Well lets just say that the dude will have it comming for him... Also: How will he continueto do that? "Fool me once, shame on you. Fool me twice, shame on me!"

I would bet that he will someday try to join groups and everyone will then know what kind of asshole he is tbh.

Azryil

whitedude31 wrote: »

What if you find a way to kill your teammates with something like traps or shoving them off a cliff and continuously do it? Should people be banned for being teamkilling ****?

To a point team killing can be a joke, I remember in WoW before the mimiron fight in ulduar there were attackable bomb npcs. A rogue in my guild found that he could use "tricks of the trade" to misdirect aggro of the bombs at other group members and get them killed during a break. It was fun for a while, but at some point it turns into griefing and that's when I think the problem could arise.

Karthos

wanderingmist wrote: »

whitedude31 wrote: »

What if you find a way to kill your teammates with something like traps or shoving them off a cliff and continuously do it? Should people be banned for being teamkilling ****?

In my opinion this is something that the community will handle in their own. Since there won't be any kind of cross-realm functionality, assholes who do stuff like that will quickly be identified and blacklisted by the community.

This is so wholesome I'm hesitant to point out that this isn't ever the case.

They just band together with the other malcontents and basically form the bad behavior version of Vultron.

Godbrithil

As long as no Hack-Shield is implemented, everything is great. ^^

syl

whitedude31 wrote: »

What if you find a way to kill your teammates with something like traps or shoving them off a cliff and continuously do it? Should people be banned for being teamkilling ****?

The community will handle that themselves. Intrepid could take action on repeat offenders, but at the end of the day it is only 'just another use of game mechanics', which I don't think should be bannable. At least not in this context.

Wandering Mist

@karthos perhaps. However, in my experience, when push comes to shove the community will develop their own etiquette that will push out many unsavoury types. Back before WoW introduced the automated group finder and cross-realm features, every server had their own unofficial forums that were run by the players. In this way it was easy to keep track of the assholes on a server and stop them from causing a problem.

consultant

I found some software to be innacurate. So chance to appeal should be in there. The one in Runescape looks like it is totally automated. And you can cause a bot alert by pushing the same buttons over and over again. Like in the case of an opener for your class and then never getting out of opener cause mob dies so if you are farming same mob will end up pushing the same buttons in same sequence over and over and there you have it bot alert.

Karthos

duebrithil wrote: »

As long as no Hack-Shield is implemented, everything is great. ^^

Hack Shield should die in a fire.

It didn't work in 2002, why should it working in 2012 or 2022?

JeanPhilippeGunghar

Sorry to put this on top, but all I ask is Shadow VM are compatible with whatever anti-cheat they use.

Noaani

JeanPhilippeQC wrote: »

Sorry to put this on top, but all I ask is Shadow VM are compatible with whatever anti-cheat they use.

Almost definately not - and that is ignoring the question as to whether they even change their anti-cheat between now and launch.

One of the main things anti-cheat software does is prevent people using virtual machines.

Now, it may be possible for Intrepid to set some exceptions for known services like Shadow - but I would be very surprised if they did.

If you are debating trying to use Shadow as opposed to building your own computer, and you want a safe answer today, build your own computer.

unknownsystemerror

Intrepid has spoken to this in the past. Some of their anti-cheat measures are known. Some are unknown (see what I did there?) I would look to the wiki as to what has been said before. But we do know they are planning to take very active measures to prevent RMT, botting, and those using clients that allow them to cheat or gain advantage. Whether your Shadow VM is supported or not is up to them, but odds are it won't be. A simple web search pulled this up as first result for me. While the post in question is a year old, doubt many of those issues have been fixed.

TLdr; (summary of the post, for those who don't want to read it in full):
- Shadow does not have 2-factor authentication (an absolute no-no for a cloud PC!).
- Shadow sessions persist even if you've changed your email address and password multiple times. Once logged in, the attacker can stay logged in no matter how many times you change your credentials.
- There is no way to log out from all devices. Even via shadow support a multi-day/multi-week(?) endeavor.
- Anyone who temporarily gains access to your email address can hijack your Shadow indefinitely without you being able to do anything about it.
- When recovering the password, there is no compulsion to change the password, someone can gain access to Shadow through your email account without you even noticing, because the old password remains.
- There are no notifications about unusual or suspicious activity in your account, probably they are not even recorded.
- Shadow support is not able to help you after a compromise, except to ban your account and forward the case internally, which means very long waits during which you will not be able to use your shadow.
- Opened tickets will still be sent to the old (in the worst case compromised) email address instead of the new one. This way, attackers can intercept your tickets and prevent you from stopping the accessing of the shadow through the Shadow support.
- Conclusion: for being an entire PC in the cloud, Shadow is worryingly unprotected.

daveywavey

unknownsystemerror wrote: »

Some are unknown (see what I did there?)

ExiledByrd

Wandering Mist wrote: »

@karthos perhaps. However, in my experience, when push comes to shove the community will develop their own etiquette that will push out many unsavoury types. Back before WoW introduced the automated group finder and cross-realm features, every server had their own unofficial forums that were run by the players. In this way it was easy to keep track of the assholes on a server and stop them from causing a problem.

I found that just removed the unsavory types from the high end content and grouped them with the new players, which may not be the best place if you want longevity.

JeanPhilippeGunghar

Noaani wrote: »

JeanPhilippeQC wrote: »

Sorry to put this on top, but all I ask is Shadow VM are compatible with whatever anti-cheat they use.

Almost definately not - and that is ignoring the question as to whether they even change their anti-cheat between now and launch.

One of the main things anti-cheat software does is prevent people using virtual machines.

Now, it may be possible for Intrepid to set some exceptions for known services like Shadow - but I would be very surprised if they did.

If you are debating trying to use Shadow as opposed to building your own computer, and you want a safe answer today, build your own computer.

2k CAD is over by budget

JeanPhilippeGunghar

unknownsystemerror wrote: »

Intrepid has spoken to this in the past. Some of their anti-cheat measures are known. Some are unknown (see what I did there?) I would look to the wiki as to what has been said before. But we do know they are planning to take very active measures to prevent RMT, botting, and those using clients that allow them to cheat or gain advantage. Whether your Shadow VM is supported or not is up to them, but odds are it won't be. A simple web search pulled this up as first result for me. While the post in question is a year old, doubt many of those issues have been fixed.

TLdr; (summary of the post, for those who don't want to read it in full):
- Shadow does not have 2-factor authentication (an absolute no-no for a cloud PC!).
- Shadow sessions persist even if you've changed your email address and password multiple times. Once logged in, the attacker can stay logged in no matter how many times you change your credentials.
- There is no way to log out from all devices. Even via shadow support a multi-day/multi-week(?) endeavor.
- Anyone who temporarily gains access to your email address can hijack your Shadow indefinitely without you being able to do anything about it.
- When recovering the password, there is no compulsion to change the password, someone can gain access to Shadow through your email account without you even noticing, because the old password remains.
- There are no notifications about unusual or suspicious activity in your account, probably they are not even recorded.
- Shadow support is not able to help you after a compromise, except to ban your account and forward the case internally, which means very long waits during which you will not be able to use your shadow.
- Opened tickets will still be sent to the old (in the worst case compromised) email address instead of the new one. This way, attackers can intercept your tickets and prevent you from stopping the accessing of the shadow through the Shadow support.
- Conclusion: for being an entire PC in the cloud, Shadow is worryingly unprotected.

It has 2FA now.

SnowElf

Punishment should be harsh. I'm one for immediate bans or account wipes, but I suppose it depends on the severity of the crime. With any concept, people are going to find a way to cheat, inside or outside of video games.

Noaani

JeanPhilippeQC wrote: »

Noaani wrote: »

JeanPhilippeQC wrote: »

Sorry to put this on top, but all I ask is Shadow VM are compatible with whatever anti-cheat they use.

Almost definately not - and that is ignoring the question as to whether they even change their anti-cheat between now and launch.

One of the main things anti-cheat software does is prevent people using virtual machines.

Now, it may be possible for Intrepid to set some exceptions for known services like Shadow - but I would be very surprised if they did.

If you are debating trying to use Shadow as opposed to building your own computer, and you want a safe answer today, build your own computer.

2k CAD is over by budget

If you are willing to shop around, and consider last gen and/or second hand parts, that is plenty enough to build a computer more than capable of running Ashes when it launches.

This is assuming you know a little about computer hardware though, and are able to spot a good deal.

I recently built a friend a computer with an AMD 5800X3D, 64gb ram, RX6800 and 4tb SSD for well under 2k Canadian - that will be more than capable of playing Ashes when it releases. Factor in the Shadow subscription you are paying, and it will pay for itself in a bit over 3 years (I predict I will replace his computer in 5 years).