An Interview with a Cheater

Dan writes to mention a post at the Aeropause site. Author Richard was recently given the rare opportunity to interview a cheater, shining a light into the dark recesses of a conflicted mind. The article explores why the cheater cheats, and the great excuses they use to be able to look themselves in the mirror. From the article: "Aeropause: What made you decide to mod your Xbox to gain an unfair advantage in games like Halo 2? Schmuck5000: Modding is not an unfair advantage. There is just as much chance that there will be a modder on the other team. I am there to even things out. Halo 2 is beginning to get old, us modders are just making it more funner."

Really lame interview

[EVil Lawyer]

FTFA: "Aeropause: Do you have a girlfriend?"

Boh the interviewer and interviewee appear to be relatively idiotic. This interview might have been marginally interesting if they had interviewed someone more on the cutting edge of cheating -- someone who actually creates the mods, or develops new cheating modalities.

Re:Interview the Enabler Please

[Cadallin]

Here's a hint: AI's in Video games don't look at the video data.

Re:anti-cheating engine

[lbrandy]

Honestly why don't companies like bungie simply run a CRC on any downloaded content, or record the downloaded date server side and compare it with the modified date client side.

Because it's not that simple. Think of the code that gets run.

Calculate CRC
check CRC to answer
if not equal jump to OMG_HACKER
if equal jmp to PLAY_GAME_PLEASE

All a hacker has to do is find any location in 'Calculate CRC' and put a single instruction 'JMP PLAY_GAME_PLEASE', and he's bypassed your CRC check. So now you have to put in a check to make sure that code hasn't been screwed with, etc, etc. To be totally secure, it would need to be "turtles, all the way down".

Re:anti-cheating engine

[abandonment]

this is pretty much what most online games do, lookig for unmodified content, but again you're relying on the client to tell you that it hasn't been modified, which is pretty much impossible to trust.

punkbuster et al rely on a seperate executable checking the state of another executable, which is a slightly better situation, but it ends up in a situation like bf2 where the 'validating client data' stage of loading a game takes as long as loading the content & connecting to a server, if not longer.

modders like this person have pretty much ruined online gaming and should be dragged into the streets and shot.

if he's just 'evening up the odds', it's an arms race that can never be won by the modders, so if this is their actual motivation, you'd think they'd be supportive of developers that DO successfully provide counter measures to cheating.

at least with BF2 anyone that mods content are forced to play on non-punkbuster servers - on xbox live, there is no such 'alternate' network that we can throw the cheaters onto.

the worst part is that doing any kind of LEGITIMATE mods of games falls afoul of the anti-cheat systems which has a negative impact on the game's lifecycle as well - you can't mod anything in BF2 without getting rejected from punkbuster servers for 'modifying your game content'.

The software used

[w33t]

This is a timely article for me since Saturday evening on Battlefield 2 I ran upon an entire squad/clan of cheaters.

It was around 4am with no admins on the server, so they were being quite blatant about their cheating. I believe they were using the wallhacks and aimbots offered from MSXSecurity [msxsecurity.com]

Check out the videos:
http://media.putfile.com/MSX-Aimbot [putfile.com]
http://media.putfile.com/MSX-Video2222 [putfile.com]
http://media.putfile.com/pwnage5580 [putfile.com]
http://video.google.com/videoplay?docid=-364914118 8840786715 [google.com]

Unfortunately, I must be honest, these hacks actually DO make cheating look kind of fun. Like you are a mutant with super-human powers.

I would like to see a team of cheaters going up against another team of cheaters though - that would be strange and pointless gameplay I would think.

Re:anti-cheating engine

[Anonymous Coward]

you've got to go further than that - it's simple to alter file modification dates back to the original ones, and munge data until crc32 matches (it's not a cryptographically-secure hash at all).

what i would do is, every time you sign in to the online service a custom bit of code is downloaded (and i mean you need thousands of variations, probably not too difficult with multiple programmers and polymorphic compilers). this custom bit of code, among other things, checks the kernel for evidence of malicious api-hooking, scans and hashes the entire game binary while it's in memory, salts that hash with a session-unique variable, and sends it back server-side. because every one of the custom code chunks will generate a different set of hashes for the game data (since every custom code chunk is salting the hash differently, or using different hash combinations), modders will either have to take complete hardware control of the machine (not easy with hardware drm) or create a workaround for each of the thousands of custom code fragments that can be downloaded.

as an extension, you could even have the custom code chunk patch the game in-memory, so that as part of the game's normal processing, a binary check is performed once every 4 seconds or something, and if the server doesn't keep getting the right hashes back it knows something's amiss with the client.

nothing's foolproof of course, but there are certain thresholds of difficulty you can create for copy protection or cheat detection that greatly discourage most attempts.

Re:anti-cheating engine

[scribblej]

Since you can't modify the disc content (if you did you'd need to run a modchip and if you're running a modchip when you log into Xbox Live MS can detect that and ban your sorry ass).

You don't know what you're talking about.

I don't cheat because I don't play online games because I can't stand f-ing cheaters, okay?

That said, you're just wrong. I've modded about a dozen Xboxes. None of them using a modchip, all done in software. When I am finished modding an Xbox:

1) You can connect and play on Xbox live. The SOFTWARE mod, no modchip, creates a virtual disc that looks to MS like an unmodded box. HARDWARE modchips usually come with kill switches so you can flip in a regular BIOS just like that. You can play on Xbox Live with either a hardware or software mod. Period.
2) You run all the games from copies on your Xbox hard drive. Modifying those bits is as easy as writing to a hard disc... which ain't hard.

You *can* play a game off a disc, but you wouldn't want to. Load times playing off the hard disc are WAY faster. Loading times for games played off the disc frustrate the hell out of me. It's why I've copied all my LEGITIMATELY PURCHASED games onto my Xbox HDD. It makes things like Fable or Jade empire actually playable.


I would think something as simple as a CRC or date check would be simple enough, once you download the content it shouldn't ever change so the CRC should always pass and the modified date should never change.

All you do is change the code to respond with the appropriate CRC instead of the real CRC. You can't stop people like this. You wrote a nice post, you got modded informative, but you're just plain wrong.

Re:Really lame interview

[HiVizDiver]

Actually, a closer definition would be psychopath. http://en.wikipedia.org/wiki/Psychopath/ [wikipedia.org]
That should make everyone feel better. O_o