←back to thread

We outsmarted CSGO cheaters with IdentityLogger

(mobeigi.com)
379 points mobeigi | 1 comments | 16 Oct 24 18:18 UTC | HN request time: 0.208s | source
Show context
snarfy ◴[16 Oct 24 19:21 UTC] No.41862807[source]
For UT2004, you can ban by player GUID (a hash of the CD key) or IP. With the game abandoned by Epic, a number of key generators have cropped up, which makes GUID bans useless. IP bans only go so far with VPNs costing $2 these days.

The main solutions we have today are IP ban + VPN blocking using a database of known VPN subnets and adding them all to the firewall, and a similar fingerprinting technique which scans their folder structure of certain system folders.

replies(12): >>41862963 #>>41863123 #>>41863371 #>>41864302 #>>41864313 #>>41864340 #>>41864577 #>>41865500 #>>41865762 #>>41866999 #>>41867262 #>>41885146 #
ghxst ◴[16 Oct 24 19:51 UTC] No.41863123[source]
This still leaves you wide open to cheaters using mobile data tethering and proxies. Have you considered more advanced network analysis? It's one of the areas I have an interest in (professionally and personally) so if you want any suggestions let me know.
replies(3): >>41863193 #>>41863298 #>>41866117 #
mouse_ ◴[16 Oct 24 20:08 UTC] No.41863298[source]
The tactic 4chan uses:

Regular IPs can post freely

VPN or mobile IPs (blacklisted) must pay for a key ($20/year) that allows posting from blacklisted IPs. Key is good for posting from one blacklisted IP, locked for 30 minutes, so users cannot share keys. That way, you can ban the user by their key, if their IP is public.

It's not a perfect solution but it seems to be the best they've found for such a situation so far.

replies(1): >>41864399 #
ryandrake ◴[16 Oct 24 22:18 UTC] No.41864399[source]
I mean, in this case it's 4chan so who cares, but I hope we are not very slowly moving towards a troubling world with lower classes of IPs and upper class IPs. IPs should be IPs should be IPs, it shouldn't matter whether it comes from an ISP, a mobile network, a VPN, or anything else, and we shouldn't attach some kind of IP caste to providers or countries. I think we really need Internet-wide IP randomization, where you can't just block a /24 or a /16 because they're in some icky ghetto. Yes, I know there is abuse, but if this is the alternative, it doesn't seem worth the cost in terms of innocent people losing access.

EDIT: Well, I guess the tribe has spoken. Pretty surprising. I think y'all are just assuming you'll always be the ones with the "good" IPs...

replies(5): >>41864645 #>>41866228 #>>41866862 #>>41867040 #>>41868665 #
1. autoexec ◴[17 Oct 24 06:07 UTC] No.41866862[source]
I understand how you feel but IP blacklisting is really the only tool we have. I'd much rather deal with that than some kind of forced state level verification/ID system where even pseudonymous browsing becomes impossible.

Blocking IP ranges by country or ISP is pretty much always going to have to exist as long as certain countries and ISPs turn a blind eye to abuse.

Even with as poor a solution as IP blocks are, it's the best we have and alternatives seem worse.