←back to thread

381 points mobeigi | 2 comments | | HN request time: 0.415s | source
Show context
LinuxAmbulance ◴[] No.41862747[source]
Excellent write up and solution. Cheating in video games makes for a wretched experience for those who don't cheat.

It's crazy how rampant cheating in multiplayer games, especially competitive ones has gotten. Ten years ago, I thought it was at an extreme, but it's only gone up since then.

Part of the problem is that for some software developers, writing cheats brings in a massive amount of money.

So instead of some teenager messing around making unsophisticated cheats, you have some devs that are far better at writing cheats than game developers are at preventing them.

It doesn't help that game devs have to secure everything, everywhere, but cheat devs only have to find a single flaw.

replies(2): >>41862854 #>>41865147 #
DJBunnies ◴[] No.41862854[source]
I think a better question here is: why is game code so exploitable?

A: laziness and cost. It just doesn’t matter the same way that baking code matters, I guess.

So they toss on some cheap anti cheat instead of architecting it safely (expensively.)

replies(11): >>41862902 #>>41862917 #>>41862922 #>>41862944 #>>41862966 #>>41863021 #>>41863103 #>>41863154 #>>41863221 #>>41863906 #>>41864021 #
colechristensen ◴[] No.41862966[source]
This isn't the better question.

When you have software running locally, you can arbitrarily modify how it runs.

Like an aimbot is a powerful cheat, and there's no amount of security that can prevent one from being used outside of an anticheat being able to look deep into what your system is doing, what it contains. The only way to prevent that kind of thing is to remove your control of your own computer.

replies(2): >>41863000 #>>41863090 #
jsheard ◴[] No.41863090[source]
> When you have software running locally, you can arbitrarily modify how it runs.

Well, you can on PC at least. Xbox and Playstation security has matured to the point that code modification in online games isn't really a thing anymore, the worst they have to deal with is controller macros most of the time.

replies(1): >>41863137 #
1. lagadu ◴[] No.41863137[source]
Until they get jailbroken that is. There is no such as a perfectly secure platform in which the user has complete physical control over it.
replies(1): >>41863161 #
2. jsheard ◴[] No.41863161[source]
The PS4 and PS5 have been jailbroken numerous times, but...

1) Their secure boot implementation has never been broken, which means you can't upgrade from an exploitable version N firmware to a non-exploitable version N+1 while persisting a backdoor like you could on older systems like the PS3. You're stuck at version N until another exploit is found.

2) They rotate the crypto keys used for online play with every new firmware so they can easily lock those old exploitable firmwares out of online play for good, even if they try to spoof their version number. There's no getting around not having the new keys.

Meanwhile the Xbox One took a decade to get even a limited jailbreak that allows arbitrary code execution inside the game sandbox, but can't escape the game sandbox to take over the kernel, and the Xbox Series systems have yet to be jailbroken at all on any firmware.

Hypothetically being able to break anything with physical access doesn't count for much in practice if the thing you want to physically attack is buried inside a <7nm silicon die, doesn't trust anything outside of itself, and has countermeasures against fault injection attacks. The Switch may well be the last big victory for console hackers, the writing has been on the wall for years now.