You may still have to ban them from certain elements of your game, like player economies (auction house, etc). But the more legitimate their experience looks the better.
The idea is that instead of fully banning them and triggering the next iteration of the arms race, you trap and release them into a competitive arena for cheaters. It's actually fun for them to compete with each other at who can cheat the hardest and no one else gets hurt. We hooked them up with a community rep. They found bugs and generally improved our security. Everyone won.
There's no way to win with an adversarial approach to cheating IMO, not when you let the client run on their machine
The item that marks you as a cheater might have been a drop in another invasion, I don't remember. The point remains, once the cheaters realize you have a separate cheaters' matchmaking system, they will weaponize that too.
I believe they can do it completely passively, so you’re kinda screwed if it happens to you :( This is sadly the nature of trusting what clients send you: a hacked client can send whatever it wants and the “anti cheat” in Dark Souls sadly seems to simply just check if an item should be possible, meaning a cheater can trick the game into punishing non-cheaters. Luckily this hasn’t been a problem for me on console, but it certainly does suck on PC :(
There's no winning against cheaters as long as you trust the client. (And it's possible to do it on consoles too, just more rare as the tools are readily available on PC.)
> And it’s possible to do it on consoles too
Sure, but the barrier to entry is higher, so its not done as often. I’ve never noticed someone who was obviously cheating (which doesn’t mean I’ve never encountered any, but if I have, they’ve never been so severe as to do the things mentioned here or for me to notice it)
If a cheater can make items appear out of nowhere, that's not an automation cheat, that's a security vulnerability in the server that should be fixed.
Other games that use (IMHO) broken protocols by trusting the client can't reliably use hellbanning, and I don't think they can reliably do anything.
So everyone's getting hellbanned, at which point no one is hellbanned...
League of Legends has a server in the middle, thus isn't broken, players can't give each other fake items, and hellbanning will work.
I've played online games for many thousands of hours over the past two decades and I can count the number of times I encountered a blatant cheater on my hands. Every time it actually happened people had a good laugh about it and either hopped servers or banned the person cheating. Sure I have probably unknowingly encountered a bunch of map and wall hackers but I didn't know so it didn't degrade my experience. For all I knew those players were just better than me, plenty of those around. Having played with some extremely high level players in various games, it actually feels like the good players are using map/wallhacks more than the actual hackers because they have such good gamesense.
On the other hand, I have been accused of cheating more times than I have actually for sure encountered real cheaters. It isn't fun when a server turns sour because everyone is accusing each other of cheating and getting salty over nothing.
Of course, if cheaters are allowed to completely run rampant this isn't the case. But any game with a modicum of community power to enforce rules won't have that problem. The major places you reliably encounter cheaters are non-private servers and matchmaking services that have essentially been abandoned by the developers.
People with hacked 999999999-damage guns warp in, splat everything and even if they dont steal all the loot, they make the entire game pointless.
You couldnt do anything about it but leave. There was no ban system users could appeal to.
Though some fun memories were had with cheaters in other competitive games, like coordinating to try to take down or hide from literally invincible opponents.
Not only is it not fun, it's discouraging. And it's one of the big things that led to me quitting the game.
I have also often wondered if cheaters choose other regions than their own to exploit in, hence why little ol' Australia gets so many of them.
Some are simply curious experimenters, others are trolling, others want to make videos doing the impossible etc.
I wish there was another path out of this mess than the current arms race. It would be interesting what effect would result in providing a sandbox mode where cheating were allowed to see if it would reduce cheating in general population.
If a player is flagged for cheating, they could take on an "aura" in the game. Maybe different types of auras for different types of cheating or for the types of events that took place around the cheating. It could grow stronger with more flags or fade with time. Fine-grained detection of auras could be a sought-after perception skill.
The in-game community could decide how they want to treat different types of cheaters. You could see interesting things like self-segregation or vigilante organizations.
You still have to intervene a lot to block gold farming bots or whatever, but I think you can keep the vanilla players and most cheaters happy.
0% means you make as little progress as possible, level up as few times as possible, pick up as few items as possible, and otherwise avoid progress other than completing the objective.
100% means you pick up every item, finish every quest, etc...
any% means you do whatever you have to in order to get through as quickly as possible.
That said, there are different levels of glitches, exploits, and external tools allowed in different speedruns. TAS (Tool Assisted) speedruns would probably appeal to this crowd.
For instance this run of the NES Super Mario Brothers games where all four games use the same controller inputs and finish in the same second. (Host says 3 games, but it's really 4.)
A friend of mine that was cheating hard for a period on CoD 4 only did so for the fun of it and had no intention to ruin the game for the rest players.
I wonder if cheaters are as likely to pay for that stuff as non-cheaters?
2) You ban them.
Frankly I think a zero tolerance approach to
cheating makes sense and sends a more
serious message. It still looks bad if cheaters exist even to other cheaters, for example a shadowbanned streamer, and makes it harder to take your game seriously.
Trying to keep someone banned is much much harder problem than finding them to ban in the first place.
> It's actually fun for them to compete with each other at who can cheat the hardest and no one else gets hurt.
This part reminds me of 'Open' Battle.net for Diablo 2. Everyone used hacked items in pvp and just tried to have better fake items than their opponents.
Days are crucially important in a game's development cycle. This is because the modern review style is structured around "first impressions", since interest in a game is an L-curve: the first person to get a review out can sometimes claim a lion's share of ad-revenue from possible viewers.
This means preventing cheating "on the order of days" can protect your game's review scores during the most critical review period.
It'll also randomly kick you from games for having various programs installed or running. Programs such as VMware. You have to disable all VMware services or PUBG will kick you randomly for using "unauthorized applications." God forbid you have any VMs running, that might amount to a ban (seriously).
Worse still is that when you take your complaints to their social media, or in anyway speak ill of it, you get hordes of fanboys saying that you shouldn't install anything other than games on your PC or you're a dirty cheater. "Oh you want to do things _other_ than gaming on your PC? You should buy another PC then."
Don't even get me started about trying to run games in a virtual machine w/ GPU passthrough. The communities will tear you a new one telling you to do things "normally" and by attempting to use anything other than the "normal" setup makes you a cheater. Just google anything like "steam vac kvm" or "battleye kvm" and you'll get hordes of people claiming they heard some guy say virtualization is the future of game cheating therefore VMs are cheating tools and should be banned.
Seriously, if I could get a refund for every game that uses BattlEye, I would try.
If any game dis this to me, I would be having a refund, through credit-card charge-back if necessary.
Unless of course it is made obvious up-front that the game will not work with certain common legitimate software, in which case I'd have not paid for it in the first place and would play something else instead.
> which uses BattlEye. It actually injects a kernel mode driver
Sounds like something I need to avoid. A game is a user-land program and has no business touching kernel-space (with the possible exception of direct communication with the graphics hardware for performance reasons, but in this decade that to me would be a huge code smell...)
Having said that: I've not bought much by way of games aside from a few small ones in Steam of HumbleBundle sales, other parts of life are just too busy for me to have the time ATM, and I've never really bothered with PvP/online gaming (when I play games I do so to escape the unwashed masses, not invite them into my living room!), so I might be so far from the target audience that my thoughts on the subject count for nothing.
If it gets to the point where a chargeback is necessary then they are being a bad actor and I wouldn't be spending any more money with them in future anyway. If any banning means I lose access to content I've already paid for, then I can re-obtain that by other means. I currently chose to pay for their games but that doesn't mean I'm not capable of obtaining them by other means and would feel no moral compunction not to if I'd already paid for them but been locked off unfairly.
To add to your post, here's an example of why game developers can't be trusted to run code in kernel mode:
These things usually don't, unfortunately, at least not for any considerable length of time.
It is the age-old arms race scenario. There are small number of developers and an army of potential cheaters. The developers have to get it right 100% and the cheaters only have to get their part right once: once a viable method is found it can be reused by themselves or sold, or passed on gratis.
And cheaters can be very determined, either because success in the game world by any means gives them some real form of affirmation or in the case of "professionals" some form of profit.
Heck, for some working out how to cheat the system is the game!
There is a reason the hype has gone down quite a bit...
Still sounds very wrong what they are doing though.
I see they are used in quite a few games as well : https://www.battleye.com/ (including PUBG's main rival).
Interesting. Maybe my disappointment in PUBG got me to be a bit more biased than I should :).
I think the article missed an opportunity to talk about false positive rates, the workflow for users to get unbanned due to false positives (usually a very nasty process), performance, platform support (Windows, for example, has encrypted app packaging , anti-cheat monitoring , and protected processes  built in), and the privacy implications of uploading non-game-related Windows driver and process data.
Well that can be said for every product ever...
I do agree though, I did expect a little more real content. Not the "how anti-cheat works" because then we can find ways around it more easily, but like you said: reliability, performance, etc.
In general, this type of human/AI side-by-side feedback loop seems to be very successful, all the way from games to moderating content on the web.
especially with how opaque the whole flagging is.
I understand why they do it and a game environment is not a democracy or a court of law, but it's hard to defend yourself when you do not have access to the evidences.
The oft-used 'arms race' analogy for this would be like sending blueprints of your newly-fabricated weapons to the adversary.
The fact is 99 out of 100 banned users were actually banned for good reason and are lying about not cheating. Half of those will also dmit to cheating but beg for forgiveness as if they aren't quite literally destroying the game and everyone's enjoyment of it. That less than 1 percent that is truly innocent is nearly impossible to service because of all the noise.
Long ago I was using a custom Linux box with a slow GPU, and on one map no matter how hard I tried (and no matter how many fellow players watched trying to help me get the timing right) I simply couldn’t jump to the first level of a building.
I’d never experienced a hardware limitation quite like that.
I partially disagree about the transparency of this article, while they do explain most of their approach to anti-cheat (and that is pretty cool for them to do), they seem to leave out any mention of anything that could be controversial.
It suppose that it does make sense to not mention the implementation details of their anti-cheat, but I wish that they would be a little more transparent about how/when/what they snoop around and send to their servers. The current Mac game client for League Of Legends contains full debug symbols and it doesn't have Packman (the packer described in this article), which makes it quite easy to look through the symbols. Inside you can find all of the anti-cheat-related network packets, in specific:
Now, I personally expect anti-cheat to snoop around my system when I'm doing something shady like scanning its memory. However, if I was a normal user of the game, I would be a bit concerned to know that it might be sending my recently used file names, drive names, system driver names, currently running processes, processor information, system state, and even entire binary files that it automatically deems as "suspicious", to their servers.
These shady anti-cheating practices makes cheaters look good in comparison; similar to how copy protection measures make a genuine product inferior to the cracked version. If a hacker figures out the game's network protocol and writes his own client, he won't have to install a bunch of malware on his machine just to play the game. In my opinion, these developers are the real heroes.
If "deems as suspicious" means "whatever the server tells it to send" I would be very concerned.
I think it's sketchy to collect this much info, but I don't think it's explicitly illegal.
I think the real question is whether or not the information in question is personally identifiable information. If it's not, then GDPR doesn't apply. I think you could make a pretty strong argument that it doesn't apply, as long as you take pains to ensure that you can't identify the person from the information.
That would entirely defeat the purpose of an anti-cheat system. You have to have some sort of personally identifiable information attached to the data being sent in to the server, otherwise how are you going to ban the cheaters? Even IP addresses are personal identifiers as far as the GDPR is concerned and even if they're not storing it long term, just sending the user data over the wire is enough to trigger the data collection portions of the GDPR.
This does go further beyond GDPR as it is imho an intrusion into the inner most personal space. I believe a German court of law would have a field day ripping this practice apart, if a case would be presented.
Esp. if they do not totally make it clear upfront what they are doing. In a way every layman is able to understand.
So does this effectively make dash-cams illegal?
Probably because the person writing these anti-cheating facilities isn't as aware of how to implement these on macOS.
(I'm not an expert but I've done some anti-cheating pentests before, and have seen literally all these primitives deployed on old titles).
1, 2, 3) Everything on the server. Server's version always wins. Server is the authoritative source. Granted, I have a mathematical advantage in the game's particular movement mechanics which makes this easy to get away with. The other game mechanics are also designed with facilitating this in mind. Corollary: The client is almost nothing and trusted with nothing. It's pretty much a dumb terminal for displaying moving things, syncing their motion with the server.
4) Scripting -- if you can't beat 'em, join 'em! We're going to publish an API to allow for user scripting. We plan on releasing the client as Open Source, allowing people to modify and extend the client.
5) Cryptographically hard RNG and procedural generation. If you want to know what's in Star System 7, Galaxy Grid 123987236-87324958, you're going to have to go there yourself. We don't even know ourselves!
Regarding #4 -- This is going to be a design philosophy. Anything we can't enforce, we will allow and co-opt into the game!
I like the idea of customized clients, ala WoW's add-ons back in the day. Looking at the screenshot in the article, the idea of treating visible weapon ranges as a cheat strikes me as less balance than artificial difficulty. (Especially considering how many games have exactly that feature.)
Yeah, I was kind of annoyed that he flags this:
> draws the ranges of various abilities, indicates which minions are ready to be last-hit, and shows the path of skillshot projectiles.
as a cheat. It seems like this would be a godsend to new players.
However, I prefer Supreme Commander/Total Annihilation-like games over the twitchfests like Starcraft.
We've made our client so dumb, even Fog of War is cheatproof. How do we enforce not seeing something? The data for those entities isn't sent. In fact, this is exactly the same thing as making an entity disappear. The entity's tag and movement info aren't sent, and so it's diffed out of the set of visible entities.
Only downside of this is that when you have few thousand units on screen game will use abysmal about of bandwidth like 8Mbps for each client. So when there is 10 players in-game server-side must have these 80Mbps.
Oh and it's also used as replay / save system. Amazing tech:
The game, sadly, not so much.
I wish they had spent 1/10 the effort on the actual game for single players that they did on making it "Twitch/YouTube-friendly".
You can use any number of obsfucation tricks to hide their purpose (if they even have one) and you could even randomly generate them. And since the server expects the response in the next client packet it would be literally impossible for a cheater to manually deconstruct them, and even be difficult for automatic analysis tools to have enough time to do anything meaningful with it.
You can reduce the security nightmare from the user's perspective by only allowing machine code that's on a tight whitelist. Allow it to read from anywhere, and only let it write to a dedicated little sandbox area with e.g. fixed addresses.
I think you missed a part. Namely that "It is allowed to read from anywhere". If it can't write anywhere but the sandbox, that just means it can't modify the game dynamically, just read its state. Which is plenty to verify whether the client has been hacked anywhere. You can read spans of .text to check whether code has been modified, you can read heap locations to check whether the state of the game is valid, and you can take all of that and hash it with a random seed included in the packet to set a high bar on the speed of any emulator. Your emulator would have to dynamically check every access to make sure it doesn't touch anything that has been tampered with, and change the reads to read from un-modified sections, while allowing it to view everything else accurately. Seems like a high level of effort for the cheater, for a low investment from the developer.
As an aside, I don't know anything about the market for game cheats. Do people really pay a significant amount of money for that?
People pay enough money for cheats that cheat makers have their own pretty intense DRM set up to make sure they get paid. You're probably looking at $10/month for something entry level, going up to $50 or $100/mo for something exclusive (that will take longer to get you banned).
Many people made serious money botting MMORPGs and selling gold. It's so prevalent it accelerates the inflation of the in-game currency.
If people make it too difficult to hook into the client, cheat developers can always reverse engineer the network protocol and make their own custom client. This bypasses all client-side annoyances. They might even create a headless client that can be run on servers.
I've heard there are cheats that use hypervisors to stand above the operating systems and avoid kernel-level anti-cheats. I wouldn't be too surprised to learn about cheats that sit on a bus and use DMA to peek into anything they please (subject to the memory protections of IOMMU - again, this war doesn't seem to have an end) - they're probably impractical but not something that couldn't exist.
I'm just saying this could be a relatively low effort on the part of the developers to create and a relatively huge effort on the part of cheaters to work around.
I don't know anything about LoL, though.
sure try to undo a block-chain and see what happens.
The code will be encrypted with a unique key that will need to be registered on the server with your account. Change that code and it invalidates your entire build along with your account. case closed.
https://en.wikipedia.org/wiki/Rice%27s_theorem <--- this is all about program behavior and did the user actually run the code you sent them. Block chain is about "did I possess certain data" (such as a private key to sign a transaction) and not about "did I run certain code".
If there was a simple solution to this problem there would not be insanely complicated packers that basically try to make their own instruction set.
All one needs to do is modify the program to make it always tell your server the build is valid. Problem solved.
On the other hand, a way to bypass it could be that, when you detect one of those "executable code packets" has to be run, you undo all the injection/hooks in the game (so that you are really running a 100% unmodified process), and let the executable code packet run. After it finishes (you could detect this by a timer, page fault, etc. which can be handled by a different process in a different address space), you inject all the hooks again.
If players could train with the spell range circles, skill shot path projection, last hit helpers, etc in a sanctioned way, I wonder how much this would remove the desire to seek out the cheating programs.
Edit: I see they have a "training mode" already: https://na.leagueoflegends.com/en/news/game-updates/features...
Well, much like that argument being bunk, the idea that no one would cheat if it was for this is also bunk. People like getting stuff for free if they can, and people like winning, even if it means cheating.
The game would probably be more vulnerable then, because now you have "cheat" scripts designed to work with the game.
> If players could train with the spell range circles, skill shot path projection, last hit helpers, etc in a sanctioned way, I wonder how much this would remove the desire to seek out the cheating programs.
People who cheat aren't trying to practice; they're trying to win games. There already exists a "practice mode" which lowers cooldowns and shows tower ranges. And it doesn't make sense to practice with cheats because it won't help you play the game without cheats very much.
That's possible. For example, World of Warships is a game where you fire big ship-mounted guns and must learn to take shell travel time and target relative velocity into account to hit moving targets. There used to be a cheat which did those calculations for you and showed you a reticle you could aim at instead. IIRC this cheat relied on code that existed within the game already and was just not used.
Guess no LoL for me anymore.
Be nicer if they'd just put the damn thing on Linux. They're already on Windows and Mac after all
Then again I heard recent versions of VAC detect running under a KVM hypervisor and kick you out of CS:GO servers.
I plan to reverse engineer VAC sometime to figure out how the detection works.
The cheaters that ruin games aren’t the ones that make players better such as discrete wallhacks. It’s the trolls that are immortal and flying. They blatantly cheat just for the response to their trolling, and they empty a server in a matter of minutes. But just because they are so very blatantly cheating, they should be quite simple to detect in logs too. If someone has 200 kills with an ammo box in a 5 minute round that’s enough to say it’s definitely a cheat. Yet these people do it over and over with NO obvious response to reports. Focus on THIS type of cheating (which is trolling, not gaining an advantage). Only after that look at more subtle cheating.
As a game developer your job then would be to write interesting enough systems for players to exploit to come up with interesting gameplay. I can imagine a scenario where different Overwatch-style "classes" emerge all built from the same basic game elements.
"Pwn Adventure 3: Pwnie Island is a limited-release, first-person, true open-world MMORPG set on a beautiful island where anything could happen. That's because this game is intentionally vulnerable to all kinds of silly hacks! Flying, endless cash, and more are all one client change or network proxy away. Are you ready for the mayhem?!"
"Pwn Adventure 3 was originally during Shmoocon 2015, from January 16-18, 2015. While the CTF is now over, we are still running the servers in a limited capacity so others can try it."
In this series he managed to get his player to be able to fly.
I can't help but wonder if whoever that hacker is that developed the recent PUBG cheat, got his inspiration from pwnadventure and this series :)
Here's a great playlist I found of it though:
> The game was eventually indefinitely postponed because Persson found several creative blocks, citing the main problem as "it not being very fun to play".
Anyway, they started to get pretty sophisticated around cs 1.4 or 1.5. The real breakthrough was the client aimbot which hooked into the game (using function trampolines) rather than opengl, and was instantly fast, but it was still a little inaccurate because it used hardcoded constants for offsets from the center of the player model to the head. It eventually got a bit more sophisticated with hitbox aimbots I believe.
The next breakthrough was "nospread" which basically allowed you to fire your gun with laser accuracy. I remember how it worked - to make accuracy random the game used a pseudo RNG which was seeded with the game's current tick, that way the spread was shared by both the client and the server. The cheat calculated the future spread by using the game's next tick (current tick + 1) for the RNG seed and setting the player's view angle to the inverse of that. If you watched the player, it looked like they had a shaky crosshair. You could be bunnyhopping around with any gun and get insta headshots with 100% accuracy. Each gun had its own spread constant so these had to be hardcoded into the cheat, and adjusted based on whether or not they were crouching or standing.
The last major breakthrough was "autowall," which would only shoot through a wall if it was a guaranteed hit. After this, cheats and hvh servers got more boring with marginal improvements only.
All of this got me into programming and I learned a lot, both about some game internals and operating systems. No ragrets
Wallhacks completely remove early game tactics too. Instead of having a game centered around information gathering each side is already completely aware of the game state. No being sneaky.
Sometimes people jokingly say that it would be cool if there was a second Olympics with steroid and genetically engineered participants. Concerns for player health and blah blah blah stops that from happening. Not in CS though! Crank the aimbots up to 11 and have em duke it out! I love it.
You can play it in the browser console with the JS API.
It is unfortunate a negative perception for cheats is so universal some countries are insane enough to make it into their laws. Call me names but I perceive computer game cheating as something that surely has a positive part. A lot of games are all about exploiting their mechanics (also called "developing a strategy" or "looking for weaknesses") to... err... win (or not lose). Cheats are the engineering solution to this, sometimes dull and non-imaginative, sometimes beautifully cunning hacks.
That is, unless we're talking about cheating griefers which I feel must be considered as a separate kind of people. Trying to gain advantage is natural for any player, depriving others of their fun is not. If cheating makes grief (besides envy!) to other players I believe it means that it's the game mechanics that are flawed for allowing this. At least it's treated as a bug in all other kinds of software engineering.
Of course I recognize network lag is the enemy and computational complexity is another, so at least for anything fast-paced developers just have to offload calculations onto endpoints, sure. But still...
Oh, and I think this should be certainly possible for games where players don't compete. It's not impossible to believe a game where you can cheat yourself into gaining all the treasures of the world but that wouldn't mean anything and cheater would just deprive themselves of the fun. At the very least, the trend to try to shove anti-cheats into single-player games disgust me.
 I'm not sure about other areas of cheating. Although I think I wouldn't mind seeing Cheaters' Olympic Games, allowing humans with any aids, robots and basically anything that is physically able to participate. That would be fun and probably awe-inspiring to see.
 Can we talk about cheaters' moral codex, haha? Do unto yourself only as you would have others do unto themselves too and stuff.
I actually work in cybersecurity now, directly as a result of ROBLOX. Shedletsky came across some of my work a few months ago, and we reconnected over dinner. It's a crazy small world sometimes.
Just because someone gave you a sword doesn't make you a swordmaster. You might kill somebody, but a real master of the tool, maybe even the inventor, is much more capable.
Someone who knows some piece of software knows when, where and under what circumstances it aids the most.
It's about security training rather than gaming, but talks about using an approach where students were forced to cheat in order to pass an exam, as an exercise in getting into a mindset of finding the holes in a system and thinking like an adversary.
Come to Sydney. Play Ingress with the ENL faction.
Even if virtualization is detectable, you can also take the computer entirely out of the loop. The state of the art for aimbots seems to be reading game memory and applying synthetic mouse movements at the OS level. That is quite a blunt instrument to apply and I'm sure that no game has a major problem with this kind of aimbot. A more elegant aimbot would look at the video of the game, look for targets, and provide the necessary mouse movements over USB. At best, the only countermeasure is to make enemies harder to see or to learn some heuristic in mouse movement that differentiates the bot from a human... but injecting randomness is straightforward and nobody needs a 100% accurate aimbot anyway. The pros destroy you with 30% accuracy.
Finally, it's unclear if there is even any advantage to be gained by cheating. If you want a higher rank in a competitive game, you can just pay someone to play on your account. From what I've read on Reddit... many of the people offering these services are apparently professional players. No anti-debugger hook is going to detect that.
It should be interesting to see how this advances. While games that rely solely on mechanics or information hiding are clearly doomed in the long run, it's probably good news for the rest of the software industry. What is your cloud provider really doing? Is your own software compromised? The tools used to cheat in games will be quite valuable in answering these questions and protecting your users from people that actually have something tangible to gain from these actions.
For example people used to talk about APM in SC2 as a sort of measure of how good someone is. Why should that be? It's a strategy game. Imagine if you could express your ideas effectively into actual game actions?
For the same reason that sporting organizations regulate the equipment allowed during play - the make sure the playing field is reasonably level.
>For example people used to talk about APM in SC2 as a sort of measure of how good someone is. Why should that be?
Because dexterity has historically been a basis for comparison in recreational competition.
>It's a strategy game.
It's a real-time strategy game, which is an important distinction. Chess is a strategy game, and by its design guarantees each player an equal number of moves. SC2 is a real-time strategy game which makes no such guarantees, and if you have the dexterity to execute your strategy faster than your opponent can respond to, you should be rewarded for that.
>Imagine if you could express your ideas effectively into actual game actions?
Imagine the cost of such an interface in today's society, especially compared to a regular USB keyboard and mouse. Now imagine you're a game designer. Do you want to build a system that explicitly favors those rich enough to purchase the best equipment, or do you want to spread your playerbase as widely as possible?
Perhaps in another few decades, we can start rewarding the people with the "best" brains, but as long as we exist in meatspace, people are going to want to test their meat-skills against each other.
While I kind of understand the Ready Player One-esque issue here, I am thinking that most ergonomic aids would look more like software plugins for WoW or EVE than professionally developed HCI hardware.
If I were to be leading a game I'd just make it a requirement that tools were opensourced (hard to enforce in reality tbh) but at least that would help.
It's not chess. That's why.
There is a real physical aspect to the game. Training your fingers to hit certain combinations quickly to execute build orders, and mix in micro is key. Pro players use hot packs to warm up their hands, or glasses to aid their eyes.
The game developer takes a lot of care to ensure the UI / hotkeys / peripheral setups are optimized for pro players.
Using external tools to defeat this setup simply isn't fair and diminishes skill built into the hands and muscle memory of players. Even at a mid-level of skill, people learn simple combos. For example, a Protoss player hitting "4+e" because that's where they have hotkeyed all their Nexuses and e is the hotkey to build probes.
At the end of the day, "skill" is a meaningless term except in the context of a specific game. If Starcraft 3 came out tomorrow with no macro mechanics, no activated abilities, a pay-as-you-go economy rather than a pay-up-front one, then APM would be much less valuable and "skill" would mean something completely different.
Overwatch has this issue right now where players are complaining about Mercy, a character who is fairly simple to pick up and can provide a lot of value. What they ignore is that she was intended to be that way, and that the "skill" Mercy introduces is not lightning-fast reflexes or similar, but the strategic response to her presence.
I'm not campaigning for SC2 to be changed. But players' definition of "skill" generally shouldn't be trusted. Skill is what wins.
> It's not chess.
I agree it's not chess, and chess often has a time component to it. The realtime nature of a game doesnt mean you should have to be able to "move" in realtime, IMO it would be superior if it tracked more closely to your ability to react, intellectually, in realtime. That is, real time thought more than realtime motion. Ergonomic aids would help people to convert their thoughts into real game plays without limiting them to their body's capabilities. But I also admit this is my opinion and it's clearly an arbitrarily decided dividing line between how much should a game be about myelinating certain move patterns (spread out troops, cast a spell, select production groups) and how much a game should be about quality of thought in realtime (I see he made units X, How am i going to respond? I have many minerals, should I spend them on tech or units?) ...
For example, SC2 has a very cheap unit called the roach. When burrowed, it can't attack, but regenerates health incredibly quickly.
It's trivial to write a cheat that will, whenever one of your roaches starts taking damage, causes it to burrow, and whenever it stops taking damage, unburrow.
The unit is balanced around human control - no human can, with perfect accuracy, choreograph burrows and unburrows of individual roaches in a pack of ~60.
With such a cheat, roaches punch way above their weight, completely breaking the rock-paper-scissors balance of the game.
Which is trivial for any skilled player, because they are an incredibly cheap, low-tech unit, and passive base defenses are currently very good at fending off very early aggression.
> As an aside, ANY change to a game is going to disrupt the equilibrium in some manner
Yes, and sometimes, the equilibrium settles on an incredibly shallow, uninteresting game-space.
StarCraft is a game of a number of rock-paper-scissors cycles, all operating at the same time. Greedy expansion - versus rushing versus safe plays. Economy versus army versus tech. Roaches versus marauders versus zerglings.
Sometimes, due to patch changes, poor balancing, or because player skill improved, the game ends up stuck in a quagmire, where the risk/reward ratio for many of these options is completely out of whack. The game stagnates, and becomes incredibly unfun to play, and to watch.
Throwing a wrench into balance, by allowing auto-scripts, which have an incredibly uneven effect on the different units, mechanics, and races in the game is far more likely to push it into an unfun equilibrium, then a fun one.
It's kind of off-topic, but you will lose horribly if you actually try to win games on micro alone. People talk a lot about micro because it's flashy, but it's really just the icing on the cake. The pros can spend all their time showing off their icing skills because they all have solid macro underneath.
When I played in WoL, you could make it into master league (top ~2% of players) by: ensuring you were never supply blocked, spending all your money, scouting your opponent, and building counters. If you were efficient, you could do everything you really needed to with an APM of ~50.
Against marines, sure. But against siege tanks/disruptors?
Sirlin's spiel about there being more counters than people think (http://www.sirlin.net/ptw-book/introducingthe-scrub) seems applicable here.
There are a ton of interactions in games that are degenerate if performed at TAS level. These aren't areas looking for disruption; they're just impossible to perform with human inputs and they confer game advantages that are not surmountable by non-assisted players.
The speed running community segregates TAS content from played content specifically because of this. You will not beat the robot that can perform a 60 input 1 frame trick that gives you a .5 second time save.
That's a fair point; I agree. But the ancestors are debating a scenario with sanctioned mechanical aids. vkou classifies them as "cheats" above, but I humbly suggest that he used the term improperly, given the context.
Also, remember that we're talking about RTS games, which have an S component as much as they have an RT component. OpenAI can beat Dendi in the early phases of solo mid, but can a team of AIs beat Navi in a full game of DotA? Perhaps they will eventually, but if they do, it will take a whole lot more than just reaction time.
Yes it can, especially Na`Vi (Dota-reddit jokes that AI won't play with Na`Vi because developers want to test AI with a pro team). There were matches with pro players last month. Players say that mechanics in 5v5 fight are perfect and the global strategy is there.
I won't say that the strategy has many states in Dota: it's the items and position on the map (by choosing one of the objectives).
It's not ready for the real Dota 2 tournaments though: AI was trained for the specific 5 heroes.
That might seem contrived, but there is a player whose job is to contrive it!
No, I don't think the next patch should include "improved" roach AI. But deep strategy games like Starcraft tend to have multiple levels on which to do battle, and you can often nullify an opponent's insurmountable advantage on one level by doing battle on another level. I honestly think that if super-roaches like we've been discussing were patched into the game, with no further changes made, winrates would stabilize around 50% in a few years (assuming everyone hadn't quit in disgust).
Now, that might not be the game you'd want to play. I'll freely admit I wouldn't want to play it. But that's you and me---perhaps whoever's into chess would love it. And "This would no longer be fun for me," while perfectly legitimate, is a very different claim than "the game balance breaks."
That's exactly the point; the "other levels" are macro, micro, and multi-tasking--the "realtime" components of an RTS game. (I consider positioning and scouting a factor of micro and multi-tasking respectively.) Those are the facets of the game that let you take two equally matched strategies, execute slightly better than the opponent, and thereby eke out a gradually compounding advantage.
If you remove those, the "deep strategy" of starcraft is basically just doing the one or two counterplays that you obviously need to do to survive. "He built too many early game marines so now I build banelings or I die." The strategic "if he does this, I'll do this, but then he'll do that" decision tree is very shallow in a game like brood war or sc2.
> What about tanks on high ground and out of reach? What if the roaches have to funnel through a walled choke guarded by some MMLib as well?
Then I'll be forced into one of a small handful of tictactoe-like responses: brood lords, vipers, doom drop on top of your army, or pull you apart with muta/nydus multi-taski... no wait. Just the first three options I guess.
StarCraft is physical - that's critical to the entire genre (RTS/MOBA/etc). Without it, it's not StarCraft.
Improving your dexterity is a real part of improving your skill in a game like StarCraft. So using a program to do this for you instead is cheating.
It sounds like you want to play something like Stellaris, Sins of a Solar Empire, or any other 4X-style genre game.
I don't think "I want to play Starcraft but without micro" is a compelling argument for changing Starcraft. I actually think it's pretty selfish to make these demands. It's a reasonable premise for finding or even creating a new game.
I may just go ahead and make such a game sometime and, I suppose, we'll see if anyone likes such a game dynamic. It would definitely introduce a very meta game where creating and tuning your "loadout" could matter greatly.
Of course, you're right, if the goal is who can strategize the best then APM shouldn't be a factor.
The playing field needs to be level though. Perhaps something like Formula 1 or Le Mans racing will develop for e-sports where people are allowed to fine tune their input with custom code with certain regulations for those inputs.
We tend to see similar exploits across all our games (memory hacking, fake IAPs, etc) which lets us build an armoury of anti-cheat tools.
What I find most interesting is where hackers don't focus their attention. It took almost 4 years for them realise the encryption key for our assets was easily accessible using the 'strings' tool in Linux - once they found it we had a busy few days stopping modders from impacting legitimate players.
This fixes a lot of problems with altering code and and extensions and modding. Does not fix memory changes but it can make it quite difficult because each memory change would have to be validated against the original fingerprint already registered on the server for your particular build.
I have talked about this in many occasions to developer and they also agree that a blockchain to maintain a unique fingerprint of the game is very good to deter many attacks to modding and extensions to code, no matter the platform.
If you change that code, and place it back in the block-chain no other block will agree to your change and reject you.