Greetings, glorious testers!

Check out Alpha Two Announcements here to see the latest news on Alpha Two.
Check out general Announcements here to see the latest news on Ashes of Creation & Intrepid Studios.

To get the quickest updates regarding Alpha Two, connect your Discord and Intrepid accounts here.

All the anti-cheats hardly work. New World is full of dupes and hacks. How will AoC be different?

I have not played yet. I hope to join the next alpha.

Coming from new world there are tons of bots. AGS use EAC and it has a ZERO % chance to catch people using python scripts(image recognition).

There are active hacks all over new world. Ring1 hacks (kernel level exploits) are undetected by easy anti-cheat. They have been since launch. PvP is full of aimbotters.

Every FPS is full of cheaters.

How will this be different?

Will scripts dominate the crafting "minigame"

Will there be armies of bots gathering/fishing?

Will AoC be plagued by Dupe after Dupe after Dupe like New World? Another patch another dupe.

How will AoC insure items are not duped?

Comments

  • AzheraeAzherae Member, Alpha One, Alpha Two, Early Alpha Two
    They won't tell us how they intend to do this.

    You just have to trust it.
    ♪ One Gummy Fish, two Gummy Fish, Red Gummy Fish, Blue Gummy Fish
  • LudulluLudullu Member, Alpha Two
    If you're gonna be a part of alpha2 - go find as many dupes as possible and report them. And if enough people do that - that's one problem down (at least somewhat).

    As for bots, there'll be live GMs that will try and ban as many bots as possible. And I hope we, as players, will have good tools to report those bots. There's also the owpvp, so if you see someone who you think is really a bot - just kill them. You'll need to convince other people that your corruption came from a bot, but that's a whole different discussion.

    As for the deeper issues, Intrepid have said that they'll have tools that will supposedly counter those issues. Whether they work or not we'll only learn after release.
  • If they give info about how they protect the game against this, it gives info to those to want to corrupt it.

    All I hope is they have a good way of keeping track of it so they can at least see how prevalent it is, if it increases or decreases overtime with their patches, etc.
  • SolvrynSolvryn Member, Alpha One, Alpha Two, Early Alpha Two
    I have not played yet. I hope to join the next alpha.

    Coming from new world there are tons of bots. AGS use EAC and it has a ZERO % chance to catch people using python scripts(image recognition).

    There are active hacks all over new world. Ring1 hacks (kernel level exploits) are undetected by easy anti-cheat. They have been since launch. PvP is full of aimbotters.

    Every FPS is full of cheaters.

    How will this be different?

    Will scripts dominate the crafting "minigame"

    Will there be armies of bots gathering/fishing?

    Will AoC be plagued by Dupe after Dupe after Dupe like New World? Another patch another dupe.

    How will AoC insure items are not duped?

    There will be GMs on the server to notice any irregularities that a player is doing. So after the irregularities are detected a GM will act upon it.

    Like bots. Bots will be noticed and banned quickly as GMs will actively be looking for them.
  • BotagarBotagar Member, Alpha One, Alpha Two, Early Alpha Two
    This is a difficult problem that is much broader than just gaming.
    How do you ensure the integrity of your program when you can't trust the platform its running on (your pc). Quick answer is you cant.
    This is true for secure chat apps, banking apps to gaming.
    The ideal way to ensure game rules aren't broken is having as little rules processing happen on the client. The client should essentially be a rendering engine only, and all game state be given to it over the server connection.
    You also won't be able to (with an anticheat) combat someone with a python script that does image analyses and inputs commands the same way a human does. Intrepid however have said that they will have active GM's monitoring this, and I believe this is the correct course.
    In essence, the only way AoC will be cheater free is if Intrepid makes it so expensive for the original hackers to find the exploits that they don't try.

    I do hope though that during A2 they are open to white hat hackers and don't just shut them down from finding these exploits and patching them before release.
    xuoo3xnnh3ny.png
  • NerrorNerror Member, Alpha One, Alpha Two, Early Alpha Two
    edited January 2023
    Having live GMs will help a lot obviously, but I also think they need to have a dedicated anti-cheating team on the payroll. As in, that's all they do. It makes no sense to skimp on this. No matter how good the game is, if cheaters run amok, it can kill the game in a couple of weeks, and that's millions and millions of dollars down the drain and tens of thousands of pissed off players.

    I hope they also hire outside companies for pen-testing and grey and black box testing with a focus on cheating. Relying on alpha testers isn't enough at all.
  • novercalisnovercalis Member, Founder, Kickstarter, Alpha Two, Early Alpha Two
    Live GMs will help but we also need to be mindful, they can only do so much and they will have a lot on their plate.

    Payroll / budget is gonna matter

    At minimum, you assigned 3 GMs per server. Each GM has a shift of 8 hours, thus covering a full 24 hour day cycle.

    GMs are gonna have to do the following tasks, Respond to Tickets which includes:

    * Active Cheaters - catching them on the act
    * Following up on Exploits or someone who recently exploited, recreating said exploit and writing report / notes for devs to patch
    * Following up on Duping investigation, who duped, what was duped, and those involved
    * RMTers Investigation. Who is RMT, associated of RMT, chat logs of RMT and Buyer. Who is Buyer, Investigating Buyer chatlog, any connection with guild to see how wide spread this is. What was traded, etc.
    * Harassments / Threats follow up, speaking to both parties.
    * Upper management reports Start/End of day
    * Following up on CS Tickets complains
    * Handling Disputes potentially. Grey area rules players found to push the envelop.

    Now lastly - Bots:

    * Observing the bot 5-10 minutes
    * attempt to make contact and wait for respond 5 min
    * Checking Bot log, communication, association, IP Look up 5-10 mins
    * Writing up Report of action, if any is taken for appeal purposes

    Just the bot stuff alone can be 20-30 minutes. All the other stuff the GM will be doing can take 10 minutes to 1 hour or more, especially following potential RMT stuff.

    I believe Dupers/RMT/hackers will be higher on the priority vs a bot farmer.
    {UPK} United Player Killer - All your loot belongs to us.
  • IskiabIskiab Member, Alpha Two
    I think it’s hard to fight, Ive seen games try and fight cheaters and then people complain they’ve been incorrectly identified. Never happened to me, I’m pretty sure most of the complaints are from cheaters getting caught, but it’s hard to tell.
  • RabbleRabbleRabbleRabbleRabbleRabble Member, Alpha Two
    It is def hard to fight. It is an arms race. It does not seem that anti cheats or game devs can ever stay ahead of the hackers.

    I almost feel like the game has to be designed knowing that people are going to cheat. Like unique item ids from the start think Diablo 2. A global ledger of all gold generated from legit methods vs what is in circulation.

    Like the musket in new world. You throw an aimbot on that and its insane. So as a game design you need to develop classes/weapons knowing that people will use an aimbot if it gives them an advantage.

    Some of the worst things were the dupes.

    AGS should have been offering amazon gift card bounties for reporting dupes.

    Maybe these devs can offer shop balance for people who report dupes. Like $5k usd worth.

  • VillefortVillefort Member, Alpha Two
    Botagar wrote: »
    The ideal way to ensure game rules aren't broken is having as little rules processing happen on the client. The client should essentially be a rendering engine only, and all game state be given to it over the server connection.

    So true---so true.

    I'd hope that they ban not only the e-mail, but the phone number, credit card and also the authenticator ID for 2fa...so that it becomes more and more troublesome to create more bots.

    But I mean, there are whole departments and people whose career it is to detect and deal with these things---I imagine a branch of the cyber security department. I just hope the devs got cyber security involved early in the design...usually it's too late if it's an afterthought.



Sign In or Register to comment.