Cheating in Elite Dangerous

Status
Thread Closed: Not open for further replies.
I've given a great deal of thought to cheating with bots, scripts and trainers.

It all boils down to Frontier securing the "ship". What I mean by this is that you can upgrade and engineer, but once your done, your ship becomes "locked" to that setting.

With all ships "set and locked", for the sake of this example, a "CRC or ACL" key lock is generated for each ship after upgrade or engineering. If you change the game code in any way outside of this which does not match the ship's "set lock" you would be considered cheating, and the ban hammer would hit you.

So, Frontier, since this is a suggestion for which "cheaters" cannot duplicate or change by any means, I now offer this on an open forum for you and all players to consider as a preventative measure which could be implemented and included as an upgrade.

This forum now has many threads with concerns over cheating in this game. I offer a solution which can be advertised to both legitimate players and potential cheaters.

Change the ship's "set lock" or if your ship does not match the "set lock", your out of the game.

o7.....
Strongly agree, this is pretty much what I suggested a few pages back but with different terminology.

FDev needs to have code checks that check current ship attributes against what is actually legitimately possible for that ship build. If the current values exceed the maximum possible values, player is cheating somehow. This solution works because it doesn't require FDev to create a new solution for every new hack that pops up; it will work across the board for ANY hack that modifies ship builds.

This concept can be applied in a variety of ways, for example, any time a ship jumps, there should be a check to see if the jump is actually possible based on ship build. Jumps of 5000ly would obviously indicate a cheat or hack.
 
Strongly agree, this is pretty much what I suggested a few pages back but with different terminology.

FDev needs to have code checks that check current ship attributes against what is actually legitimately possible for that ship build. If the current values exceed the maximum possible values, player is cheating somehow. This solution works because it doesn't require FDev to create a new solution for every new hack that pops up; it will work across the board for ANY hack that modifies ship builds.

This concept can be applied in a variety of ways, for example, any time a ship jumps, there should be a check to see if the jump is actually possible based on ship build. Jumps of 5000ly would obviously indicate a cheat or hack.
Correct. I read your post after posting my suggestion and I think we both are stating the same thing. Do a CRC value each time the player does something, and lock either the ship or account down to that value (which also checks what is possible ingame) and if that value changes outside what Frontier generated for you, and you must be cheating.

I have not yet found anything outside of the game, which affects the game directly or indirectly. None of the third party applications legitimately in use will do it. You must change the game code to effect the game, and doing so would change your assigned CRC value.

Note: I use the term CRC, because I think everyone knows what that is. For those who don't, here is the definition.

A cyclic redundancy check (CRC) is an error-detecting code commonly used in digital networks and storage devices to detect accidental changes to raw data. Blocks of data entering these systems get a short check value attached, based on the remainder of a polynomial division of their contents.

o7....
 
I'm asking because offline mode was promised in the kickstarter campaign, but DB later changed his mind. It angered many backers so much that they demanded to be refunded, if I remember correctly the Reddit thread had more than 10,000 posts. Pleas for offline mode didn't stop since then.

Edit: I wasn't burnt, I was disgusted by the PP when it came out.
The Reddit thread had 260 votescore and 600 comments

https://www.reddit.com/r/EliteDangerous/comments/2mhtjl Source: http://reddit.com/r/EliteDangerous/comments/2mhtjl/elite_dangerous_drops_its_promised_offline_mode/
 
It all boils down to Frontier securing the "ship". What I mean by this is that you can upgrade and engineer, but once your done, your ship becomes "locked" to that setting.

With all ships "set and locked", for the sake of this example, a "CRC or ACL" key lock is generated for each ship after upgrade or engineering. If you change the game code in any way outside of this which does not match the ship's "set lock" you would be considered cheating, and the ban hammer would hit you.
Strongly agree, this is pretty much what I suggested a few pages back but with different terminology.
Anyone who can implement this client side in a foolproof and trustworthy manner would immediately win a Turing award and become one of the most well known computer scientists in history. So good luck with that.

The primary problem (simplified) is that the client can send any CRC it likes, while in fact running completely different instructions rather than what the CRC would have been generated by.

That is why P2P is problematic and why we can't really have "proper" PvP (among other things) unless they completely change the architecture to be serverside oriented.
 
As well, it's one thing to identify cheaters with a system fair to all, but I also must point out, that there would also need to be a system for "appeal" or "due process". As with any system, there is a very, very small chance of a bug in any system, and if implemented, all players should be given at least one official opportunity to "challange" a ban decision.
 
Anyone who can implement this client side in a foolproof and trustworthy manner would immediately win a Turing award and become one of the most well known computer scientists in history. So good luck with that.

The primary problem (simplified) is that the client can send any CRC it likes, while in fact running completely different instructions that what the CRC would have been generated by.

That is why P2P is problematic and why we can't really have "proper" PvP (among other things) unless they completely change the architecture to be serverside oriented.
It's not client side. The CRC is generated by the Server for you, each time you make a legitimate game change, and then given to you before you play.
 
It's not client side. The CRC is generated by the Server for you, each time you make a legitimate game change, and then given to you before you play.
Then you are describing a serverside architecture, which is what I am saying is required to properly avoid hacks, combat logging, etc. This would require a complete redesign of the game's networking implementation, and will never happen due to the huge amount of work required and the fact no one really cares outside a few small groups (PvPers, Powerplayers aware that bots exist, etc). Phrasing it as "generate a CRC for the ship and banhammer any irregularities" vastly oversimplifies the fact it's a complete change in the game's implementation.

Moreover it really has nothing to do with CRC validation of a ship build or really anything like that. The crux of the matter is that the game's state model needs to be stored serverside, and any requests to change that state sent by the client validated at the server before being applied to the state model. Clients might do things like cache state for performance considerations, but ultimately the server's copy is what is used to resolve any conflict.

Currently (from my educated guesses), the state model is kind of spread across all clients and a bit on the server, and there's a bunch of spaget code that syncs stuff up, resulting in many opportunities for abuse.
 
Last edited:
I find the hacking to be a very low, self centered and completely immature thing to do. More so in ED then other game. There missing the point.

I started as well as many others before there was engineers in game and have watched the game evolve over time. It used to be harder to play. A 30 light year jump range was considered really good then. There was no engineered weapons period. Everything was less user friendly then now.

The most recent patches have made ED so much easier on new players, also never ever seen credits so easy to come by. Exploration is far easier now then it ever has been. With the engineer exp effects and guardian stuff, ships have never been so powerful....AND PEOPLE WANT TO CHEAT?

The hell with warnings and sending the to solo play were the still have an effect, kick there low asses out of the game perma, before the really do ruin it for everyone else.
 
I find the hacking to be a very low, self centered and completely immature thing to do. More so in ED then other game. There missing the point.

I started as well as many others before there was engineers in game and have watched the game evolve over time. It used to be harder to play. A 30 light year jump range was considered really good then. There was no engineered weapons period. Everything was less user friendly then now.

The most recent patches have made ED so much easier on new players, also never ever seen credits so easy to come by. Exploration is far easier now then it ever has been. With the engineer exp effects and guardian stuff, ships have never been so powerful....AND PEOPLE WANT TO CHEAT?

The hell with warnings and sending the to solo play were the still have an effect, kick there low asses out of the game perma, before the really do ruin it for everyone else.
I agree with your final assessment, however it doesn't matter how much easier it is now than in the past. If there was a new weapon or ship mod that made your ship 20% stronger, faster, cooler than it is now, even if you're fully engineered and have every other buff you can muster within EULA rules, many many players would fly to the other side of the galaxy to get it, because they want more. The asymptotic curve toward invincible bolt of lighting gets closer and closer as time passes. The cheat just closes that gap. They don't cheat to make it easier to win. They cheat to make it effortless, to not worry about losing at all, to crush their enemies, to see their enemies driven before them and hear the lamentation of their women.
 
Then you are describing a serverside architecture, which is what I am saying is required to properly avoid hacks, combat logging, etc. This would require a complete redesign of the game's networking implementation, and will never happen due to the huge amount of work required and the fact no one really cares outside a few small groups (PvPers, Powerplayers aware that bots exist, etc). Phrasing it as "generate a CRC for the ship and banhammer any irregularities" vastly oversimplifies the fact it's a complete change in the game's implementation.

Moreover it really has nothing to do with CRC validation of a ship build or really anything like that. The crux of the matter is that the game's state model needs to be stored serverside, and any requests to change that state sent by the client validated at the server before being applied to the state model. Clients might do things like cache state for performance considerations, but ultimately the server's copy is what is used to resolve any conflict.

Currently (from my educated guesses), the state model is kind of spread across all clients and a bit on the server, and there's a bunch of spaget code that syncs stuff up, resulting in many opportunities for abuse.
You are correct on several points, but I don't think the issue is one folks here don't care about. Just look at the thread numbers of those claiming so.

As for server side network implementation, I don't think Frontier would have to redesign the network to implement this, as I have implemented a much broader system with tighter server and client side checks on account users with many more files checked than Frontier would require, for both government and corporate clients on existing networks without any downtime. The client noticed no changes and security was improved by an order of magnitude. I think you overestimate the changes needed and underestimate Frontier's capabilities.

I was using the term, "CRC" as a very simple example for folks here to understand, as you correctly state, it is the games state model that is the crux of the matter, and yes, it would be the server's copy used to resolve that state.

So, in conclusion, I have submitted suggestions to Frontier. I make suggestions here. It's easy to be a nay-sayer. It's much more difficult to be positive with suggestions, when the thread we discuss these things are filled with negative feedback on aspects of cheating. So, to do nothing, the cheaters win by default, and the more pervasive it becomes. I would also suggest that Frontier has an investment to protect in IP and Copyrights and although Frontier has not made a statement on the matter, I feel they take this matter very seriously and any changes they may make, may not be apparent or advertised, for security reasons.

o7....
 
as I have implemented a much broader system with tighter server and client side checks on account users with many more files checked than Frontier would require, for both government and corporate clients on existing networks without any downtime. The client noticed no changes and security was improved by an order of magnitude. I think you overestimate the changes needed and underestimate Frontier's capabilities.
I too have re-implemented many many things. Considering the stability of the initial 3.4 release (frequently invoked a kernel bug that hard froze PS4s requiring power cycle and often corrupting the local database settings file, with similar critical errors on other platforms) and errors in subsequent patches (e.g. PvP mass lock removed) I doubt they'd be rolling out fundamental major changes to the networking code as smoothly as you have in your endeavours. Here's hoping they hire you.

Meanwhile let's agree to disagree on the degree of risk and difficulty here, and see if Frontier ever actually changes anything, since this is what matters.

I feel they take this matter very seriously and any changes they may make
I feel they don't take this seriously and won't make major changes, since they've taken zero action on this and it's been a problem since day 1 (not this particular cheat tool, but clogging and various other things which all share the same root cause and solution).
 
Last edited:
We take this activity very seriously...
Don't take this personally Will because I'm not trying to ride you about it. You don't set policy. I have to ask though, what part of players getting at least three strikes and even then only getting shadowbanned (and let's not be coy here - that's been shown to be the action taken against people for at least three years that I can recall, referenced by e-mails that have been shared publicly and so on) qualifies as 'taking this activity very seriously'?

Very few people that I know would consider that to be 'taking it seriously'. Sorry but that's the truth.

It's not about how much effort is made to find them - I know most developers don't want people hacking their games. It's about what happens to them when they are found.
 
Getting banned to Solo isn't really a punishment if you only play Solo to begin with.

I played a little with with my mate for maybe an hour, the other 1949 hours are solid Solo play!
To clarify, Solo & shadowbanning are not the same. The idea of the shadowban is that the user is still able to play the game but their missions & stuff have no effect on the BGS.

For plenty of players they may not notice this or consider it a particularly bad thing but presumably it ticks the box of satisfying all those not shadowbanned that their work is not undermined by cheats.
 
Hello everyone,

We take this activity very seriously and [boilerplate PR]
4+ years in and combat logging is still running rampant. Bots unchecked in powerplay. Cheats on the rise. C'mon folks let's not kid ourselves.

The game implementation is the exploitable thing that is it and there will be no significant improvement. Just the occasional baddie caught once in a while as status quo has been since the start.

The longer code sits around accumulating usage and tweaks the harder that code is to improve. Plus there's no real profit to be had in it anyway so I can't blame FD.

The forum folks who complain about this (myself included) are atypical of users. 9/10 pilots would have no idea if they were killed by a cheater and I bet more than half don't even know what the term combat logging means.
 
To clarify, Solo & shadowbanning are not the same. The idea of the shadowban is that the user is still able to play the game but their missions & stuff have no effect on the BGS.

For plenty of players they may not notice this or consider it a particularly bad thing but presumably it ticks the box of satisfying all those not shadowbanned that their work is not undermined by cheats.
So people only playing solo and not caring about the BGS should be able to fast travel to Colonia and Beagle point without any repercussions?
Can we have this implemented into the game please?
 
Status
Thread Closed: Not open for further replies.
Top Bottom