292
you are viewing a single comment's thread
view the rest of the comments
[-] conciselyverbose@sh.itjust.works 33 points 13 hours ago* (last edited 13 hours ago)

Your core premise is broken. Relying on trusting anything from a remote client cannot possibly result in a fair game.

[-] Evotech@lemmy.world 5 points 10 hours ago

It's not that simple. Especially not for real time shooters, latency is a killer.

[-] conciselyverbose@sh.itjust.works 5 points 10 hours ago* (last edited 5 hours ago)

It is exactly that simple. You already have to account for latency because everyone but one player (who you also can't trust no matter how many rootkits you install) is not the server. Having a proper server doesn't change that in any way.

Client side validation cannot possibly provide any actual security, but even if that wasn't the case and it was actually flawless, it would still be unconditionally unacceptable for a game to ever have kernel level access.

[-] Prunebutt@slrpnk.net 2 points 13 hours ago

Too bad the server at least needs the player input data.

[-] conciselyverbose@sh.itjust.works 9 points 13 hours ago

Yes, people can still cheat with a camera and manipulating inputs. There will never be a way around that.

But that's entirely unchanged by adding malware, that, even if it could theoretically work, should be a literal crime with serious jail time attached. Client side validation is never security and cannot resemble security.

[-] andyburke@fedia.io 0 points 12 hours ago

There are ways to detect and stop that, but they can and should happen on the server, not on the client.

[-] conciselyverbose@sh.itjust.works 2 points 11 hours ago

Only if you're OK banning real people.

[-] andyburke@fedia.io 1 points 10 hours ago

There are lots of options such that you can tune your false positive/negative rate. 🤷‍♂️ Tons of ways you can structure this depending on your game's tech.

[-] conciselyverbose@sh.itjust.works 1 points 10 hours ago

No options that resemble legitimate or evidence based in any way.

If a computer has the exact same input and output tools as a human, you cannot possibly do better than guessing. It is a literal certainty that you will ban legitimate players doing nothing wrong for being too good if you try, and it's unconditionally not acceptable to do so.

[-] andyburke@fedia.io 1 points 10 hours ago

Client side anti-cheat faces similar issues, and there unlike your server you don't control the hardware.

[-] conciselyverbose@sh.itjust.works 1 points 10 hours ago

I'm not sure why you think I'm saying client side is better when I called it malware.

There is no approach that is theoretically capable of doing anything at all to impact a camera and automated inputs, and there is no way of trying to do so that is acceptable. It's simply a reality of online gaming.

this post was submitted on 31 Oct 2024
292 points (99.7% liked)

Linux Gaming

15189 readers
720 users here now

Discussions and news about gaming on the GNU/Linux family of operating systems (including the Steam Deck). Potentially a $HOME away from home for disgruntled /r/linux_gaming denizens of the redditarian demesne.

This page can be subscribed to via RSS.

Original /r/linux_gaming pengwing by uoou.

Resources

WWW:

Discord:

IRC:

Matrix:

Telegram:

founded 1 year ago
MODERATORS