This is so funny because rust has one of the worst cheating situations and majority of their players are windows users, and theres lots of games that have anticheat that allows linux and have notably less significant cheating problems like marvel rivals. in reality rust doesn’t take cheating very seriously because if they did they would have more server side software that detects illegitimate behaviour like tons of other games do successfully… even most popular Minecraft servers have better functioning anti cheat that is completely server side than rust has while getting kernel access to your pc. its pathetic and lazy development tbh and this entire post from them reads like such extreme cope…
They’re on that lie still?
Cool, cool. I’ve got plenty of games to choose from to care about lazy lying assholes who can’t be bothered to come up with a better excuse than that for why they irrationally hate Linux
Hardware level cheat detection has always been a losing game. I’m a professional in similar area (not games) but it’s fundamentally impossible to do when you dont control physical hardware, it’s stupid. The only way to detect cheaters is machine learning based behavior analysis, period.
TL;DR: skill issue
Let’s do some math here, they said:
More cheaters using Linux than legit users (…) .01% of all players base
Let’s do a quick math. The maximum peak users for Rust was 259,646 concurrent users according to https://steamcharts.com/app/252490 . Let’s assume 60% (more than half) of all the .01% users were cheaters, congratulations, you got rid of all those 16 cheaters… I haven’t played much Rust, but I’m fairly confident that there’s a bit more than 16 cheaters there.
And that’s without getting into the whole client side anti-cheat doesn’t work.
You dont understand linux users have black magic hacks that ruined the game for every player on every server, their power cant be understated… Theyre a whole bunch of dangerous hardened criminals
🤣 beware the Linux users
Isn’t the real issue the PCIe bus being undetectable-y intercept-able with devices that sit between the gpu and cpu?
correct that is where majority of cheats are, because as they dig deeper with anticheat backdoors it pushed people to take advantage of shit like injecting the data directly into the pcie bus untraceably, and the ways to catch that have all been unshockingly server side…
I feel like the 0.01% is either a mistake or an exaggeration? Isn’t Linux something like 1-2% of the gamer base depending on how you measure it? Why would a Linux supported hard-core game be 100x less than that?
No 0.01% was quite possibly the actual number at the time. What he didn’t tell is that by the time they stopped the Linux port it was in an abysmal state after months or years of neglect. Poor performance at best, up to outright not working, depending on your hardware.
its one or the other yea lol
Explain something to me. It’s a multiplayer game anything that affects all players should be handled on the server side, not the client. So if I make a cheat it can only be installed client side, not server side.
So if my hypothetical cheat looks at object placement and any time I sees a small object approaching at a high velocity it can say “I’m going to assume that’s a bullet based on what the server told me about it.” Then my cheat would say “your character moves from here to here until the bullet passes by, then moves back. I will tell the server you moved to the left 20 inches in the blink of an eye then moved back”
This works because the server just trusts what it’s told in this example.
So there are two options here to resolve this. Either the server sets thresholds and denies any placement changes look like the Flash is playing rust, or the server evaluates suspicious placement changes later when the cpu load it’s under is lower. The first approach stops much of this instantly but is computationally expensive and could not scale well for lots of players. The second would work well enough. You need to catch cheaters but it’s doesn’t have to be within the same exact cpu cycle.
In either case, these work because the server is taught to look for something that shouldn’t be possible. The enforcement happens server side. The client doesn’t fucking matter.
There is zero reason to put anti cheat on the client side when it’s not a P2P instance. Target a few servers, not thousands of players.
The client side anti cheat is a low effort hack that was good enough. Video game anti cheat devs are cheap as fuck because looking at client bits cost nothing compared to expensive machine learning pipelines that need to analyze all player performance. This is not a tech problem but a product/skill one.
Your head is in the right place, but your example is very wrong. First, unless it’s a very slow projectile that’s not how bullets work in games, second movement takes place in the server, to do so in the client is nuts. Client sends inputs, sever moves, gives back player location, client adapts. While waiting for a reply the client simulates the movement expected, but sometimes the server doesn’t receive the package and so tells you you haven’t actually moved and you teleport back.
What’s usually not done is calculate vision cone, instead the server gives you everyone’s position and you calculate whether you can see them on your GPU. Which is why if you can get access to the GPU pipeline you can tweak it so it shows you objects through walls. If you move the LoS calculation to the server you completely eliminate wallhacks, however that is very expensive to do (although ray tracing GPUs might provide a good approach in the future)
second movement takes place in the server, to do so in the client is nuts.
For the vast majority of games, it’s in between, because the latency if you waited for the server every frame you moved would be way too much.
It’s something like you have a local model of where everything is, and send updates to the server of where your local model says your character (and whatever else your inputs affect) are. The server receives that data, potentially validates it (server side anti cheat checking that your movement makes sense, similar to the OP post, for example), and then forwards that info to all players. The client side positions of everything are updated based on that info. Usually some interpolation is added to make things move more smoothly.
Yes I meant movement happens server side, which is why this example cheat couldnt work. it would be telling the server what to do, and the server could always say “no, fuck off, thats not something you were coded to be able to do”. Sorry if I didnt convey that clearly.
I also understand the client has to draw things faster than the server can respond “okay, I moved you 12 inches to the left” so it guesses the outcome and if the server later responds with “denied, no teleportation in rust” it will just snap you back to the last position the server approved of.
My point is anticheat client side suggests bad code server side.
This is actually one of the absolute worst trade-offs they could have made, if you think about it for like 2 minutes :
They said 0.1% of players were on Linux.
Even if they were ALL cheaters, that’s still a tiny amount of cheaters you just “banned”
Almost 100% of whom will just cheat on Windows instead ; whereas all the legitimate Linux players will loudly complain forever.
They decided to sacrifice all the free PR from one of the most vocal groups of players out there, in order to get a ~ 0% reduction in the number of cheaters.
In more simple terms, they just shot themselves in the foot for no benefit whatsoever (though I do grant it’s a relatively small “gun”)
Not only that, but the steam deck exists, the gabecube is coming, Linux gaming has been on the rise. The shit you did “several years ago” is irrelevant. If they allowed Proton, windows players with steam decks can now also play on the go. Instead they repeatedly have to poorly explain why they won’t… to stop basically 0 cheaters. I’d be willing to bet that the only people who actually stopped cheating in rust when Linux support was dropped did so because they lost interest anyway.
I searched just to see, there’s a python script right on github that claims to have an aimbot, esp, wallhack, no recoil and several other features, along with “safety settings” so you don’t get caught. Does it work? I don’t know, but the codes right there to look at and there are dozens of other results in the search.
The Gabecube. Thank you for that. Totally stealing it.
they actually said 0.01 which is literally only 14 players compared to the average player base… they shot themselves in the foot to fuck with 14 ppl lmfao even though it’s unlikely the number is that small its likely just them exaggerating to make it seem like less people are affected
I also highly doubt their statement that more users were cheating under Linux than not. I’d like to see how they came to this conclusion. And if it’s so easy to identify who was cheating, why not just ban them if it’s .01 players? That’s like 7 or 8 bans. An insignificant amount of effort would go a long way here.
Remember when Apex banned Linux during a cheating low, and then cheaters started trending upward AFTER the ban? Pepperidge Farm remembers.
This is the same BS CrowdStrike uses to sell their rootkit EDR. I mean, by all means it is a very solid EDR, but it’s being used exclusively to cover gaping holes in discrete security as a cop out for not properly composing enterprise infrastructure.
A kernel space agent should only really be running in an environment where every process must be heavily scrutinized and the design of the kernel module is tightly controlled and itself under constant review, like in a proper data center with thousands of critical nodes. Not your laptop or the shitty windows box used to display ads in the screens at the airport.
Crowdstrike keeps spamming new features and techniques without serious consideration to keep their enterprise customers happy, similar to crappy solutions like Vanguard.
Covering obvious blatant logic flaws should be included in your server software, it’s the same as sanity checking your inputs because there is always the possibility in may not match what you expect.
From that experience, I’m very comfortable saying that if a game supports Proton or Linux, they’re not serious about anti-cheat
This statement is especially insulting to the massive library of games that successfully added Linux support without so much as a hint of issue relating to cheating. Even crappy outsourced dev War Thunder doesn’t need to do anything after enabling EAC/BattilEye because they actually spend the .000001% extra cash from their whale revenue to run a service moderation team.
Hell even Valve’s VAC system is mostly just about automating moderation tasks so that hackers can be taken down ASAP instead of a lengthy review process.
Or you know, the thousands of games that have better game logic than Rust’s anticheat.
It’s not even real Rust unless it’s coded in the real Rust language of Rustlandia.
Otherwise it’s just sparkling oxidation
They dropped Linux before proton was invented. Go on any cheat website and the requirements will always say to have windows. Maybe proton is exploited by some cheaters, news to me. You should just ban windows, no more cheaters.
It’s not proton that is exploited. It’s the kernel itself that cannot be monitored by anti-cheats, meaning cheaters could install a modified kernel to mess with the anti-cheat
as if the cheaters can’t already evade anti-cheats even on windows.
Exactly. There are two methods that bypass kernel-level anticheat fairly easily, and there isn’t really any way around them.
You can run the game in a virtual machine, with cheats running at the hypervisor level. This level is more privileged than the virtual machine’s kernel, and can thus read or modify the active program without detection.
The other way is to load the hack into the bootloader, so the cheat loads before the kernel and, again, can thus be in a more privileged permissions state.
The only effective solution is to detect cheating server side, or change the game engine so cheats don’t work (like loading all models with no line of sight behind the player, so wall hacks and modified game models don’t matter.
There’s another whole category that also doesn’t care about what the game is running on the kernel: seperate device cheats. They act as a man in the middle for the input and output signals, and can auto shoot when you’ll hit or adjust your aim if you’re close but not quite there. Or just play for you entirely if it’s that good at processing the output.
And blocking that isn’t likely possible without killing streaming for the game or convincing all users to get input devices with encrypted connections or they can’t play your game.
I’d respond to the original comment that anyone who doesn’t have server side cheat detection isn’t serious about stopping cheaters. In any case, I just removed that game from my wishlist. Not that I needed another survival builder game anyways, though they do tend to catch my eye.
Good point. I remember seeing one about a monitor that can give edge-of-screen glow to indicate proximity of enemies in LoL or DOTA2 based on minimap information.
Fascinating.
I will never understand, how people use their ingenuity to fake being good at a game.
Like, I get the hacker aspect of it: developing a cheat, breaking the game, exploit and find ways around the counter measures. Fair enough. But then you would do it once and showcase it, that wouldn’t disrupt a game’s community.
So there are people out there, who load cheats with the bootloader, in order to pretend being better than some randos in an online game. Wow.
I mean as a electrical engineering student who likes to program, building such a system seems like fun but playing with it not so much. If there was a game that was purly made for cheaters with the goal of beating the anticheat without detection i would love to try that. I feel like this could be something like the capture the flag competitions some groups make where you have to hack a website faster than others or break some encryption.
Desstroying other players without effirt is like playing a game in easy mode and i dont get that at all, where is the fun if there is no challenge?
Same kind of people who lie all the time to look good to others. Some people want to be awesome but know they suck, or even more pathetic don’t suck but can’t stand not being the best, and cheating is their pathway to getting the social results of being awesome without needing to develop the skills.
The way I’ve seen it for ages now, being a loser isn’t just about losing games, it’s how you handle losing games and how much you internalize that. I see it as short for “sore loser”. Cheaters are losers in that sense.
Though it makes the idea of them still losing despite cheating even more hilarious, which is why I love the idea of games that detect cheaters but stick them in cheating queues instead of just banning them.
Maybe it’s mostly kids? Like the genre of kid that told you their dad works for Nintendo so they have Mario 5.
Kids, and people making a profit.
Easier to make a profit off RMT if you bot and cheat.
They probably gave up on preventing cheat entirely, and are just trying to reduce the amount of cheaters by making cheating as annoying as possible.
I do actually believe them when they say that cheating on Linux can be made significantly easier and more comfortable than on Windows. I think it’s a real fundamental issue for Linux, multiplayer games with toxic playerbases can be unplayable due to users being able to do what they want. They would have to make systems to allow for playing in smaller human-moderated servers, or rely purely server-side solutions
And that it self is measurable. Never understood the attempt to have total control on byod setups. Its never going to happen lol
That week I played Rust on Linux before they dropped support was pretty fun
LOL
I mean, Linux player base is only .01%, even if they are all cheaters, they will literally have no impact… You can’t say “Linux user base is too small”, and “if you support Linux you want cheaters” at the same time if you want to make sense.
Yeah, but saying “Our codebase is so terrible Linux keep showing us new bugs we won’t fix” or “We can’t sell your personal data with Proton” is worse PR…
Developer of game ‘Rust’ talks about
anticheatrootkits on LinuxThis whole anticheat thing is so stupid. Remember when Sony got sued bigtime for including rootkits on their audio CDs? Why are game developers getting away with it no problem? Society is regressing and it’s frustrating to watch.
People are never interested in learning from history, they’d rather run face first into that wall.
The abusers typically.did read histor, saw what worked well, what didn’t, learned from that to become even better abusers.
This doesn’t only apply to games, it applies to politics, celebrities, religious clerks,you name it
People are never interested in learning from history, they’d rather run face first into that wall.
Just saw a comment in a topic about steam machines about “why do we even need to care about the past, its in the past, it doesnt matter anymore”
humanity is devolving to a state dumber than the chimp that scratches its ass, sniffs its finger, and falls off the log in shock at the smell.
TBF, you’d have to pay me to play most of these “anti-cheat” games anyhow.
BF6 is pretty great honestly
But I think you still would have to pay him if you want him playng BF6.
I can’t speak with 100% accuracy. I just have something that tells me so.
mentioning EA games like Apex Legends removing support is laughable. Sure Alistair, ALL those EA games ALL decided around fall of 2024 to ditch support for Linux/Proton. All at the Same time. Not because EA has a deal with Microsoft/Game Pass and NOT because a few months later Microsoft announced their own Handheld with Asus. Just like Riot.
So Alistair how long until Rust is announced for Gamepass with all DLC included?
That’s a bit tinfoil-hatty. EA is a big company and these types of decisions typically come from the top, and if it was decided that they don’t want to bother with Linux, because, let’s be fair, they don’t really have that much of an incentive, the profits they get from Linux is probably worth less than the headache of supporting another platform, then they most probably decided to apply that to the whole company, not just a single game.
