• conciselyverbose@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    35
    arrow-down
    3
    ·
    edit-2
    5 days ago

    Your core premise is broken. Relying on trusting anything from a remote client cannot possibly result in a fair game.

    • Evotech@lemmy.world
      link
      fedilink
      English
      arrow-up
      7
      arrow-down
      1
      ·
      5 days ago

      It’s not that simple. Especially not for real time shooters, latency is a killer.

      • conciselyverbose@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        10
        arrow-down
        4
        ·
        edit-2
        5 days ago

        It is exactly that simple. You already have to account for latency because everyone but one player (who you also can’t trust no matter how many rootkits you install) is not the server. Having a proper server doesn’t change that in any way.

        Client side validation cannot possibly provide any actual security, but even if that wasn’t the case and it was actually flawless, it would still be unconditionally unacceptable for a game to ever have kernel level access.

      • conciselyverbose@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        12
        arrow-down
        1
        ·
        5 days ago

        Yes, people can still cheat with a camera and manipulating inputs. There will never be a way around that.

        But that’s entirely unchanged by adding malware, that, even if it could theoretically work, should be a literal crime with serious jail time attached. Client side validation is never security and cannot resemble security.

        • andyburke@fedia.io
          link
          fedilink
          arrow-up
          3
          arrow-down
          3
          ·
          5 days ago

          There are ways to detect and stop that, but they can and should happen on the server, not on the client.

            • andyburke@fedia.io
              link
              fedilink
              arrow-up
              2
              arrow-down
              1
              ·
              5 days ago

              There are lots of options such that you can tune your false positive/negative rate. 🤷‍♂️ Tons of ways you can structure this depending on your game’s tech.

              • conciselyverbose@sh.itjust.works
                link
                fedilink
                English
                arrow-up
                0
                ·
                5 days ago

                No options that resemble legitimate or evidence based in any way.

                If a computer has the exact same input and output tools as a human, you cannot possibly do better than guessing. It is a literal certainty that you will ban legitimate players doing nothing wrong for being too good if you try, and it’s unconditionally not acceptable to do so.

                • andyburke@fedia.io
                  link
                  fedilink
                  arrow-up
                  2
                  arrow-down
                  1
                  ·
                  5 days ago

                  Client side anti-cheat faces similar issues, and there unlike your server you don’t control the hardware.

                  • conciselyverbose@sh.itjust.works
                    link
                    fedilink
                    English
                    arrow-up
                    1
                    ·
                    5 days ago

                    I’m not sure why you think I’m saying client side is better when I called it malware.

                    There is no approach that is theoretically capable of doing anything at all to impact a camera and automated inputs, and there is no way of trying to do so that is acceptable. It’s simply a reality of online gaming.