Automation and Scripting - An investigation into further abuses of BGS and Powerplay

Status
Thread Closed: Not open for further replies.

Maolagin

M
sollisb said:
Old news. These tools were all being talked about way back at the 'git gud while using G1 mats for G5 boosts' was a thing. Nothing was done then, doubtful it will change. To do so, would require a rewrite of the net architecture.
Click to expand...

Yeah, I want to push back on the notion that the sorta-P2P architecture E: D uses somehow makes it impossible to police client hacks. It would be one thing if the game were truly decentralized, but in fact every client has to check in with Frontier's servers with some frequency. We don't know exactly what data is being exchanged beyond the transactions we know about, but it's well established that if your network link goes down, the game will stop working within at most tens of seconds. So even if FDev don't want to use memory protection techniques (and they shouldn't, those techniques are both intrusive and rather brittle), it's possible to do quite a bit of behavioral policing of the clients.

For instance, we know the client periodically sends the detailed state of the ship (that's how your progress is saved) - by pairing this with reports on actions taken it's possible to detect a wide variety of memory injection exploits, because either the ship is in an impossible state (e.g. shields or weapons too strong), or the actions reported are inconsistent with the reported state (e.g. more damage done than possible for number of shots fired). For extra policing, it is of course possible to build this logic into the clients as well, so if an unmodified client sees suspicious data coming from another client in its instance, it can flag FDev's servers to take a closer look. It's also possible that FDev are doing all of this already, because none of this would be user-visible, although it would be odd if they could detect these injection hacks but refused to act on them.

The attacks that are truly difficult to defend against are wallhacks and such, that don't change any actions, but only give the user more information than they are supposed to have. But E: D isn't an FPS, so I don't think those are nearly as potent here, and don't seem to be what folks here are complaining about.

Schmack said:
Though I do care, the reasons given in the video of why I should care aren't compelling reasons. What if I don't care about the BGS? It's not the players who need to care. It's FDev who needs to care.

Why did this suddenly become important if it's been happening for a year? Why all the call to arms now?
Click to expand...

Who knows? Why does meme X trend today, but meme Y tomorrow? I do feel like there's been an uptick in people complaining about hackers across the gaming universe lately, so possibly we're just tapping into a larger perturbation in the gestalt right now.
 

sollisb

Banned
S
Maolagin said:
Yeah, I want to push back on the notion that the sorta-P2P architecture E: D uses somehow makes it impossible to police client hacks. It would be one thing if the game were truly decentralized, but in fact every client has to check in with Frontier's servers with some frequency. We don't know exactly what data is being exchanged beyond the transactions we know about, but it's well established that if your network link goes down, the game will stop working within at most tens of seconds. So even if FDev don't want to use memory protection techniques (and they shouldn't, those techniques are both intrusive and rather brittle), it's possible to do quite a bit of behavioral policing of the clients.

For instance, we know the client periodically sends the detailed state of the ship (that's how your progress is saved) - by pairing this with reports on actions taken it's possible to detect a wide variety of memory injection exploits, because either the ship is in an impossible state (e.g. shields or weapons too strong), or the actions reported are inconsistent with the reported state (e.g. more damage done than possible for number of shots fired). For extra policing, it is of course possible to build this logic into the clients as well, so if an unmodified client sees suspicious data coming from another client in its instance, it can flag FDev's servers to take a closer look. It's also possible that FDev are doing all of this already, because none of this would be user-visible, although it would be odd if they could detect these injection hacks but refused to act on them.

The attacks that are truly difficult to defend against are wallhacks and such, that don't change any actions, but only give the user more information than they are supposed to have. But E: D isn't an FPS, so I don't think those are nearly as potent here, and don't seem to be what folks here are complaining about.



Who knows? Why does meme X trend today, but meme Y tomorrow? I do feel like there's been an uptick in people complaining about hackers across the gaming universe lately, so possibly we're just tapping into a larger perturbation in the gestalt right now.
Click to expand...

Well there's a lot of assumption going on there :)

Let's take you example of ship-state being checked.. If we assume an online count of say 100000 players, that;s 100000 extra bits of information firstly being passed across the wires, and more importantly, 100000 extra checks required for every change the player makes. It is just not feasible to expect such 'policing'.

I am absolutely all for ridding the game of bots or hacks, but it has to be done transparently and efficiently. And my biggest problem is this;

To date, FDev have shown themselves to be entirely incompetent when it comes to software releases, bug fixing and indeed, community relations.

And to cap all this off, I remember a video a year or so ago, where some FDev techie was telling us they were already tracking ship states and shields etc. Looks like he was A: Lying, B: it doesn't work, C: they can't be bottomed fixing it, D: it's not happening.

As for the recent YouTube video, posting such a video and then pointing players to other sources only goes to raise awareness that there may be bots and exploits freely available, when the majority didn't know or were less inclined. It's a bit like posting a video of a hack to an ATM machine. Saying it's bad to use, but go here to get it.

I know I certainly went and checked to see how easily they were available after watching the Video.
 

Schmack

Schmack
Maolagin said:
Yeah, I want to push back on the notion that the sorta-P2P architecture E: D uses somehow makes it impossible to police client hacks. It would be one thing if the game were truly decentralized, but in fact every client has to check in with Frontier's servers with some frequency. We don't know exactly what data is being exchanged beyond the transactions we know about, but it's well established that if your network link goes down, the game will stop working within at most tens of seconds. So even if FDev don't want to use memory protection techniques (and they shouldn't, those techniques are both intrusive and rather brittle), it's possible to do quite a bit of behavioral policing of the clients.

For instance, we know the client periodically sends the detailed state of the ship (that's how your progress is saved) - by pairing this with reports on actions taken it's possible to detect a wide variety of memory injection exploits, because either the ship is in an impossible state (e.g. shields or weapons too strong), or the actions reported are inconsistent with the reported state (e.g. more damage done than possible for number of shots fired). For extra policing, it is of course possible to build this logic into the clients as well, so if an unmodified client sees suspicious data coming from another client in its instance, it can flag FDev's servers to take a closer look. It's also possible that FDev are doing all of this already, because none of this would be user-visible, although it would be odd if they could detect these injection hacks but refused to act on them.

The attacks that are truly difficult to defend against are wallhacks and such, that don't change any actions, but only give the user more information than they are supposed to have. But E: D isn't an FPS, so I don't think those are nearly as potent here, and don't seem to be what folks here are complaining about.



Who knows? Why does meme X trend today, but meme Y tomorrow? I do feel like there's been an uptick in people complaining about hackers across the gaming universe lately, so possibly we're just tapping into a larger perturbation in the gestalt right now.
Click to expand...
I don't think it's as simple as the meme X trend analogy. It think it's much more acute.

You could build a library from all the " ----> Solo" comments directed at people who raised this issue over the past year. Suddenly it's front and center. It's hard to win hearts and minds when much of the community has given a cold shoulder to people who complained about it before.
 

Han Zulu

Han Zulu
Maolagin said:
For instance, we know the client periodically sends the detailed state of the ship (that's how your progress is saved) - by pairing this with reports on actions taken it's possible to detect a wide variety of memory injection exploits, because either the ship is in an impossible state (e.g. shields or weapons too strong), or the actions reported are inconsistent with the reported state (e.g. more damage done than possible for number of shots fired).
Click to expand...
It might not work in the long run, since an easy way around it by the hacker/cheater is to make the game report "nice" data so the server is fooled.

For extra policing, it is of course possible to build this logic into the clients as well, so if an unmodified client sees suspicious data coming from another client in its instance, it can flag FDev's servers to take a closer look. It's also possible that FDev are doing all of this already, because none of this would be user-visible, although it would be odd if they could detect these injection hacks but refused to act on them.
Click to expand...
That's the only way that could probably work. The victim (so to speak) has to discover it and automatically report it. Wouldn't stop cheating in Solo though.
 
Last edited:

Khazid

K
You could always track data for all players for a time (shield strength, dmg outputs, travel distances and speed etc.) Then perform a relatively easy statistical analysis to find the clear outliers. That would be a first clean up (Shadow ban, or reset the account should be well deserved... ). Of course not every cheater will be caught as the more careful ones would try to mask their stats by keeping them reasonably close to normal values and if the number of people cheating this way is large, then statistically they would not be outliers.

Then again travelling distance and insta jump, should be caught as a clear outlier as someone that instajumps should be fairly obvious if travel distance from star in a certain amount of time can be tracked. Hard to think anyone uses insta jump once in a while or only 10% of the time for example. Shield strength, damage, agility, maybe not as easy.



SO, to FD project/product managers:

These things are those that are worth an investment in dev time, just put a 2-3 devs on it. You pushed most good features for after 2020. How will the game survive until then (and I m guessing late 2020...) is beyond me, if its current state is not even maintained. Yes, I do consider fixing vulnerabilities in the product to be proper maintenance, imagine that... Even if the game is so easy to cheat for years, now it's widely known, (I m glad I was not aware of the extent of cheating until now, ignorance, bliss and all that jazz) and any feeling of realism/immersion or whatever, is ruined for most.

When a company does not at least act on such issues, it results in a game that we feel is abandoned and investing time in it is simply not worth it. Assign resources on this issue. Show you care for the player experience. You have a core of dedicated community that like the game with all its quirks, but this is not a simple quirk. No one expects a game that is uncheatable, but put the effort to improve the situation. Communicate what will be done about it, do some damage control. Seeing no action or response on this, is simply disheartening.

Unless you genuinely believe there is no damage done by this. In that case at least be frank about it. I can hear something like "We have some diminished player count but that at the normal attrition rate we always had at this time of year, nothing shows the cheating uproar affected us. So, we can't really spare workforce for this, sorry." Not gonna make me happy, but at least it is a response.
 

DaveB

DaveB
I must admit I like the idea of your client silently flagging "impossible behavior" in others to FD when it happens in your instance. If nobody sees a cheat happening, then really the only person the player is cheating is themselves. (yeah, I know, BGS, PP, yadda yadda yadda.... but theres really no difference to YOUR gameplay if its a bot working against you in another instance or a bunch of honest players)

I think using all other clients to detect and police cheaters is a good and resilient way to go. It's something I've suggested in the past. However, if FD do decide to implement it, I expect to hear nothing about it at all. Were I in charge at FD I would indeed implement it and I'd say precisely NOTHING. Let the buggers wonder how the heck I caught 'em when I ban 'em.
 

bigity

bigity
DaveB said:
I must admit I like the idea of your client silently flagging "impossible behavior" in others to FD when it happens in your instance. If nobody sees a cheat happening, then really the only person the player is cheating is themselves. (yeah, I know, BGS, PP, yadda yadda yadda.... but theres really no difference to YOUR gameplay if its a bot working against you in another instance or a bunch of honest players)

I think using all other clients to detect and police cheaters is a good and resilient way to go. It's something I've suggested in the past. However, if FD do decide to implement it, I expect to hear nothing about it at all. Were I in charge at FD I would indeed implement it and I'd say precisely NOTHING. Let the buggers wonder how the heck I caught 'em when I ban 'em.
Click to expand...

Yea - wrong. Cheaters hurt everyone, solo or different instance.

You personally may not care, but there are plenty of folks who tend BGS like a garden (the freaks).
 

Ulon Yuanshi

Ulon Yuanshi
The other discussion thread on botting was closed with FDev asking to submit names and reports via the report system.
It's worthwhile to note that players don't have any other means to detect bots than the ones used in the OP this thread.

And given that this instance represents the most comprehensive reporting on botting in the game so far known to the community, it is surprising to see that the very same accounts are still used in the game, generating the exact same irregular traffic and influence movement patterns.

They have started targeting other groups and factions since then. They are also now using solo/PG exclusively, so there is no way to get definitive proof like 4 years ago.
 
Last edited:

ADAMtheWELSHMANz

ADAMtheWELSHMANz
Just re-read OP and I agree they seem to have done as much as it is possible to do from a players PoV.

I gather from the other recent thread on botting that not much seems to have changed.

This is very demoralizing news for anyone who is a member of an active BGS squadron like myself.
 

Ulon Yuanshi

Ulon Yuanshi
If we are expected to report bot accounts ourselves, we need to be given good enough tools. Only that would allow us to hand FDev the definitive proof they are asking for when reporting a botter. Otherwise there is little we as players can do. Either clean your own game up, or make the players able to do it for you.

It must be one of the two.
 

Riverside

Riverside
Ulon Yuanshi said:
If we are expected to report bot accounts ourselves, we need to be given good enough tools. Only that would allow us to hand FDev the definitive proof they are asking for when reporting a botter. Otherwise there is little we as players can do. Either clean your own game up, or make the players able to do it for you.

It must be one of the two.
Click to expand...

So report them & get on with your life, or retaliate with a burning desire for vengeance if you prefer :)

Of all the factions I have crossed paths with in the bubble the one that comes across as the most bot-like is pretty easy to defeat. Could just be players following orders with no real concept of why of course, I'm making no accusations ;)
 

Ulon Yuanshi

Ulon Yuanshi
Riverside said:
So report them & get on with your life, or retaliate with a burning desire for vengeance if you prefer :)

Of all the factions I have crossed paths with in the bubble the one that comes across as the most bot-like is pretty easy to defeat. Could just be players following orders with no real concept of why of course, I'm making no accusations ;)
Click to expand...

I wrote that in reference of the other botting discussion thread being closed. "Report names and include names" as if that every worked even once. It seems that botters get a shadow-ban of 30 days at most.

aside from that, you don't seem to understand the problem. Bot are not used to build anything. They are used to bring down anything players build. And they do so very quickly.
 
Status
Thread Closed: Not open for further replies.
Top Bottom