Cheating in Elite Dangerous

Status
Thread Closed: Not open for further replies.

Agony_Aunt

Agony_Aunt
hems303 said:
Naming and shaming no worries..agreed BUT the next part of your statement....WHY THE HELL NOT????? (if they have provided bona-fide evidence over and over!)
Click to expand...

Then its not on the word of the players but on the basis of the evidence provided. The PP said "or do I expect action to be taken soley on the word"
 

Agony_Aunt

Agony_Aunt
Falter said:
But, at the same time I mean...there were a lot of PVP'ers from certain "META" groups who ran the engineer bugs, heck even some of the big names calling FDev out for lack of action have well...very questionable actions themselves in game as well.

I do find it a tad ironic that some of the more guilty people are screaming at Fdev to take action when they've only literally been allowed to persist based on Fdev's refusal to do anything anyways.
Click to expand...

Heh, the irony is not lost.

People who live in glass houses shouldn't throw stones?
 

znôrt

znôrt
Commander Danicus said:
Sorry if this has been addressed - Znort - Is it easier to build cheat defenses for central servers or p2p?
Click to expand...

client 'anti cheat' is brute force. it restricts what is able to run on your client, so you can't do harm, and it checks integrity of information. the problem is that most of this is all based on heuristics (i.e., a bit fuzzy) and, more importantly, ultimately any client with physical access is exposed. a pc much more so than a console, but that's just circumstantial.

the smart way to approach this is to not trust the client in any way, by simply not giving it any opportunity to state managment. this means that all the state information is computed and kept where no client can tamper with it: a server it has only restricted access to.

of course the latter is way easier, the spectrum of attack vectors is much smaller, but the former should not be impossible depending on the requirements. for what it's worth, it has never sucessfully been done in a real time competitive multiplayer game that i know of.
 

Old Duck

Old Duck
MDHansen said:
No offense, but I'm not touching consoles with a blunt, burning pitchfork
Click to expand...
That's what my dad says about smartphones, and doesn't bother me at all. That said, smartphones and consoles are the future. Though I suspect consoles will evolve into very simple, cheap hardware for services like Google Stadia.

FWIW, I'm not thrilled about this new locked-down "everything is an appliance" future (I'm a open source guy myself), but I do think it is inevitable.
 

RELSPI

RELSPI
Old Duck said:
That's what my dad says about smartphones, and doesn't bother me at all. That said, smartphones and consoles are the future. Though I suspect consoles will evolve into very simple, cheap hardware for services like Google Stadia.

FWIW, I'm not thrilled about this new locked-down "everything is an appliance" future (I'm a open source guy myself), but I do think it is inevitable.
Click to expand...

Smartphones will obsolete consoles and PCs both, is my guess. In consumer fields, at least.
 

Chaparral

Chaparral
znôrt said:
client 'anti cheat' is brute force. it restricts what is able to run on your client, so you can't do harm, and it checks integrity of information. the problem is that most of this is all based on heuristics (i.e., a bit fuzzy) and, more importantly, ultimately any client with physical access is exposed. a pc much more so than a console, but that's just circumstantial.

the smart way to approach this is to not trust the client in any way, by simply not giving it any opportunity to state managment. this means that all the state information is computed and kept where no client can tamper with it: a server it has only restricted access to.

of course the latter is way easier, the spectrum of attack vectors is much smaller, but the former should not be impossible depending on the requirements. for what it's worth, it has never sucessfully been done in a real time competitive multiplayer game that i know of.
Click to expand...
Thank you very much Znort.

This may be a supposition, but it sounds like you are saying that state management is supervised in a more protected matter with a central server.

Less crazy about the only open option being pvp knowing these vulnerabilities with p2p if I understand you correctly.
 

rootsrat

Volunteer Moderator
rootsrat
ryan_m said:
Recently, hacking has become more prevalent in Elite Dangerous, with multiple players running into invincible ships each week. This had been a problem in the past but kind of vanished for a bit but has seen a resurgence lately that can't be ignored anymore.

What do the hacks do?
There are multiple ones out there that are public that are easily detectable by FDev and regularly result in bans for the users. These are not the ones we are concerned with.

In late August 2018, one of my guys gained access to a private Discord for an Elite Dangerous trainer that was above and beyond every public one available to date. The level of customization present in this one allowed users to tweak nearly any aspect of their ship beyond what is possible in game. Max power plant output with perfect heat management, significantly more powerful drives, more weapon damage, stronger shields, etc. Any module could be tweaked within this cheat.

As a final insult to injury, this hack is also apparently able to change HUD color better than any other utility, allowing separate color settings for the UI and radar icons. FDev have been asked about adding options for colorblind players and mentioned that it "wasn't possible."

What does this mean for Elite?
Since I am a PvP player, I'll go over the PvP impacts first and cover PvE after.

The majority of encountered hackers use them in dumb ways that are brutally obvious. When you line up a volley of 5 PAs on an FDL, no matter how good the build is, you're going to be doing a ton of damage. When those shots land and the shields sit at 100% for the next 3 minutes after you're dumping volley after volley into them, that's pretty easy to catch, right? Those guys get reported and their names are spread far and wide pretty quickly.

The more insidious kind of hacker is one that knows about the game and can use this to their advantage. With a bit of knowledge about PvP builds, you could set up the hack so that it was basically undetectable by the opponents you were fighting. 5% more agility. 10% more damage. 20% more power output to let you run more power-hungry builds. Better heat management. Higher weapon breach chance/damage to snipe modules. Modify them just enough to give you a significant edge, while your opponent will just think you have a good build and can pip manage really well.

Situations like the ones above cast a shadow of doubt over every interaction with another unknown player.

In PvE, the effect is arguably more extreme because of the BGS implications. Infinite shields/ammo to farm CZs or tank wings of cops/ATR while grinding. Dropping off a T9 full of passengers at a station 100k ls from the star by literally just jumping into the system and dropping to normal space. Don't even have to make the journey. This would also allow AFK credit/mat farming.

What have you tried to do about it?
In early December, we took an export of the Discord along with screenshots and submitted it to FDev through their ticketing process. We got the standard canned reply, which is honestly what we expected. We understand that they cannot explain what they're going to do about it, so we just kinda moved on for a bit. It has been over 6 months since we submitted it to them and there has been no interruption in service or any additional facets of the hack becoming detectable. We have reached out directly to both Will and Paige, providing the same information. The same canned response was sent ("we'll pass it on").

The Discord is still active with scores of people posting every single day about how to use it and requesting new features be added.

What do you want done?
We want FDev to start being more heavy-handed and proactive with punishing hacks. The mere existence undermines the entire game. If you were to be caught hacking in Elite, here's what punishment currently awaits you:

What other online game allows you to cheat and get caught 3 ****ing times before you eat a perma, especially an online MMO? If Elite were a single player game, this is a very different conversation, but it isn't and this has implications for every single play style.

EDIT: Exigeous did a great video on this as well.
Click to expand...

While I usually disagree with your posts Ryan, this is the exception to the rule.

This affects so many aspects of the game and should be treated more seriously. Like so many times before - the pretty much complete lack of communication from FDEV with proven lighthanded punishments do not give me a lot of confidence.

This is extremely serious problem and - sorry Frontier - "we're doing something about it" ain't enough.

I understand a lot of information cannot be made public, but things like what actual punishment awaits cheaters and some numbers - how many you've caught or how many were banned in the last year due to cheating - this kind of information would be appreciated.

I've not heard of an MMO game before where cheating is allowed 3 times before perma ban. Ban to solo is frankly ridiculous, because as mentioned in the OP and as you very well know, BGS can be affected from solo as well. Elite is not about direct PVP for many of us and knowing that someone can do indirect PVP from solo while still cheating is really making me angry.

It's getting out of hand, or at least that's the impression. I sincerely hope major gaming news outlets will pick up on this story.

Dear FDEV - with all do respect: if you really are doing something about these cheaters, I think we - your community - deserve more that "we'll pass it on" or "we take this very seriously". We need proof, not assurance.

I certainly don't want to play a game where cheating is allowed (banning to solo is still allowing to cheat).

Very upsetting :(
 

TheSisko

TheSisko
This reminds me of the issues The Division had with cheats - it sounds like too much data is being held, or trusted, by the client:

www.theguardian.com

Have hackers and cheats ruined The Division on PC?

Ubisoft’s New York-based strategy shooter is the company’s most successful ever release – but players say the experience is being ruined by cheats
www.theguardian.com www.theguardian.com

“You get people just teleporting down from the tops of buildings in front of your face,” says Glenn Young. “They’ll sit up there watching the street, and because data about how much your character is firing is held client-side they manipulate that data. They teleport down when they see you, pump a couple of thousand shots into you in a fraction of a second – you obviously go down, they pick up your gear and then teleport away again. Or fly.”

The Division’s networking model has been blamed for this state of affairs, with some saying the game is doomed to hackers indefinitely because, in highly simplified terms, certain client data (from your PC) is trusted by the server (where everyone’s data is being combined.) This client data apparently includes rate of fire, position, health, and many other variables, which is why hackers are able to manipulate them. Most games process this data on the server-side, where it is much less susceptible to hacking.

I asked Glenn Fiedler, a game networking expert with 15 years experience who most recently worked on Titanfall, whether there’s anything to this. He explained that the key to the most widely used networking model for FPS games (the competitive gold standard) is that “the server is the REAL GAME and doesn’t trust what the client says they’re doing”. He reiterates the mantra of online game development: “Never trust the client”.
Click to expand...
 
Status
Thread Closed: Not open for further replies.
Top Bottom