+ Reply to Thread
Results 1 to 15 of 15

Thread: Overwatch Bans

  1. #1
    Join Date
    Feb 2003
    Posts
    4,149

    Default Overwatch Bans

    I'm not playing Overwatch, but blizzard has apparently held true to their threats of perma-banning cheaters. There have been multiple reports of thousands of bans going out. Interestingly enough, they are multi-banning offenders. So even if you re-purchase the game, they will ban that game too.

    Here is one report:
    http://imgur.com/gallery/yoms5
    "Doubt is not an agreeable condition, but certainty is an absurd one." ~ Voltaire

  2. #2

    Default Re: Overwatch Bans

    Big fat meh.

    Confirmation bias combined with reactive bans is going to make people feel like there are cheaters all the time even if they only rarely see them. Six months from now if blizzard is still banning and putting up names all it will prove is that it didn't work and tons of people are still cheating regularly. If they're NOT still banning but the cheats are still updating then it will mean the same thing... It's a feel good moment for the die hards but I don't see it going anywhere good. Games need to be made more secure. Reactive bans are just something I have no faith in. I did reactive bans on a daily basis on shooter game servers. Even when CS:GO was new people would gladly pay full price again just to come back and get banned by us again, and then make forum threads laughing about how they'd done it twice before and it took days to catch them.

    I still haven't even programmed a phone game or anything so feel free to tell me to STFU, but if I ever did make a game with my friend it would start with making a very simplistic third person control scheme and then bullet proofing it. Any cheating or information gathering we couldn't prevent we'd build the game around it.
    Last edited by VKhaun; 06-04-2016 at 03:17 PM.
    Nowadays when people start to get killed by fireballs, no one says they need to dodge the fireball anymore; they say they need to go get a fire resist ring and some ice damage so they don't have to.

  3. #3
    Join Date
    Apr 2003
    Location
    Saratoga, NY
    Posts
    1,074

    Default Re: Overwatch Bans

    Quote Originally Posted by VKhaun View Post
    Big fat meh.

    Confirmation bias combined with reactive bans is going to make people feel like there are cheaters all the time even if they only rarely see them. Six months from now if blizzard is still banning and putting up names all it will prove is that it didn't work and tons of people are still cheating regularly. If they're NOT still banning but the cheats are still updating then it will mean the same thing... It's a feel good moment for the die hards but I don't see it going anywhere good. Games need to be made more secure. Reactive bans are just something I have no faith in. I did reactive bans on a daily basis on shooter game servers. Even when CS:GO was new people would gladly pay full price again just to come back and get banned by us again, and then make forum threads laughing about how they'd done it twice before and it took days to catch them.

    I still haven't even programmed a phone game or anything so feel free to tell me to STFU, but if I ever did make a game with my friend it would start with making a very simplistic third person control scheme and then bullet proofing it. Any cheating or information gathering we couldn't prevent we'd build the game around it.
    The feasibility problem you would run into is that each of these 'checks' to ensure that no cheating or information gathering is occurring is slowing down the overall processing of the game (IIRC). I am no serious programmer but I feel like I understand the systems enough to know that it's kind of impossible to make a cheat proof game unless you are willing to sacrifice quality.

    As for the bans, yeah... Kind of meh. Cheating will always occur and I would say most 'Pro Gaming' tournaments ensure that no cheating is going on.
    Last edited by Pyrrhus; 06-04-2016 at 05:32 PM.

  4. #4

    Default Re: Overwatch Bans

    It's not impossible to make a game completely secure, but then it'll play like shit. At some point, you have to trust the client or you're hamstringing the player by tying feedback to latency. Pretty much everyone gets somewhere around 50-100ms ping in a multiplayer game. If you're lucky and happen to be really close to the server, you might get under that, but that's not a scenario you can count on.

    To have absolute security, you'd have to run everything from the player client through the server, have it verified, and send an okay back. For slow games, this is easy. Even for games that aren't quite direct-control (Diablo, Warcraft) you can do this to an extent - Warcraft 3 Battle.Net had a minimum 250ms delay on your actions to even the playing field between regions and allow for more security on their end. For a first-person shooter, it's nutty. You can't have even a 50ms delay between someone pressing W to move forward and their character actually obeying them.

    So enter client-side prediction. The practice of saying "okay, we'll let the client pretend like it has everything right until the server says otherwise." Blizzard is really good at this, and it's one of the reasons their games feel so good to play. This causes a problem, though, because what a player sees on his screen isn't actually what's happening on the server. Usually there's nothing too terrible about this, nothing is moving fast or unpredictably enough that the server can't send a quick correction message back and have the client "nudge" things into place over a few frames. But what happens when someone has a teleport? Or sprints behind a wall while being shot at? Who wins when one client says "I was behind a wall." and the other says "He was still being shot by my gun."? There's not really a good answer to this, but its an inevitable situation when latency is involved (and you aren't running in lockstep like Starcraft or Civilization does). Two players are going to see different things on their screen.

    At this point, you have to trust one client over the other. Someone has to win. Really the only bad decision here is to make the outcome random (server just picks a client and rolls with it). Overwatch's solution is to always favor the shooter. If a client says "I can see that guy and I'm shooting him." versus someone's "I ducked behind this wall with 10 health left," the first client wins. This isn't a bad solution, since you can play around it and be largely assured of how a conflict in-game will be resolved (and it has very little to do with the server's 20hz update rate, despite the internet throwing a fit about that).

    Ultimately, you have to put some trust in the client. The alternative is the aforementioned "lockstep" model where the client is really just a window into the server. Every update, the server sends out a full report of the simulation to every client, the client's make their moves, and the server merges that all into a new frame to send out. This binds everyone to playing at the same rate, though. Updates are all curated by the server, so you don't see the result of your move until the server sends back the new simulated frame. You can run superfluous prediction on this, but this goes back to the problem where the client isn't seeing the real picture, and then you get situations like shooting an enemy in the face and them registering no damage, then suddenly they teleport five feet to your right and you're dead. Whoops, missed a packet and your client was just running its own predictions in the meantime.

    The more trust you put in a client, the more security holes you create. But you need to put trust in the client to make the game smooth and playable. There's no good way around this.

  5. #5

    Default Re: Overwatch Bans

    ^
    I'm arguing from a position of complete ignorance, but I feel reasonable when I say there must be some middle ground between "lockstep" and letting the client lie repeatedly for weeks until your anti-cheat is patched.

    If one client is saying "hit" to other clients' "miss" at a 11:1 ratio can't you flag that in the very short term? Maybe you'd need a weighted where a rocket has a value of 1 and an AR has a value of 0.001 so one mag dump doesn't get you booted. Even if the person wasn't cheating, if you're giving them the benefit of the doubt ten times out of ten it doesn't really matter why. That person is disruptive and needs to get removed from that match/zone don't they?

    Lets say you have a 30 round magazine assault rifle and you fire 148 rounds straight. Doesn't the server have an log of firing vs reloading input that is NOT COMMUNICATED with every single frame? Lets say with all the latency you got off a whole extra magazine worth of bullets before it flagged that you were over, double checked with you, reacted, communicated the reaction to everyone and kicked you... firing an extra 28 rounds and then being kicked -not even banned, just kicked/disconnected/short temp ban- would still render the cheat pointless in even the short term.
    Nowadays when people start to get killed by fireballs, no one says they need to dodge the fireball anymore; they say they need to go get a fire resist ring and some ice damage so they don't have to.

  6. #6
    Join Date
    Apr 2003
    Location
    Saratoga, NY
    Posts
    1,074

    Default Re: Overwatch Bans

    The problem you face there is the sheer volume of data collection. For a small indie game? Maybe it would be possible and cost-effective. For any of the AAA 'overhype' games it's just not going to fly. Think of how many bullets you might fire in a single match, and how many other players just in that one match are doing the same. And if it is client side it can be 'cheated around'.

  7. #7

    Default Re: Overwatch Bans

    Quote Originally Posted by VKhaun View Post
    ^
    I'm arguing from a position of complete ignorance, but I feel reasonable when I say there must be some middle ground between "lockstep" and letting the client lie repeatedly for weeks until your anti-cheat is patched.

    If one client is saying "hit" to other clients' "miss" at a 11:1 ratio can't you flag that in the very short term? Maybe you'd need a weighted where a rocket has a value of 1 and an AR has a value of 0.001 so one mag dump doesn't get you booted. Even if the person wasn't cheating, if you're giving them the benefit of the doubt ten times out of ten it doesn't really matter why. That person is disruptive and needs to get removed from that match/zone don't they?

    Lets say you have a 30 round magazine assault rifle and you fire 148 rounds straight. Doesn't the server have an log of firing vs reloading input that is NOT COMMUNICATED with every single frame? Lets say with all the latency you got off a whole extra magazine worth of bullets before it flagged that you were over, double checked with you, reacted, communicated the reaction to everyone and kicked you... firing an extra 28 rounds and then being kicked -not even banned, just kicked/disconnected/short temp ban- would still render the cheat pointless in even the short term.
    Most places already do this where they can. That's the "validation" I was talking about.

    However, when cheaters cheat, they're usually doing so by editing the information the client sends to the server. A speed-hack in World of Warcraft doesn't just send "MOVE ME REALLY FUCKING FAST" because the server would catch it, auto-flag the account for GM review, and deny the movement commands. It has to do something sneaky, like edit the client response to say "Hey, this character is mounted." first, then start moving at 300% speed. The server then ignores the weird speed and doesn't flag it because mounted characters ARE allowed to move at absurd rates.

    Lots of cheats actually do get caught and banned. It's part of the reason most companies ban in waves, instead of immediately. If you do something the server can detect and get banned a month later, you have less chance of figuring out what part of your hack was detected. If you speed hacked and didn't get banned, teleported and didn't get banned, but got banned when you instant-killed a whole zone of monsters, you immediately know what part of your program is detectable needs work.

    It's why when I read things like "lol stupid hacker bought another copy of the game, a new HDD, and had his ISP change his IP address, but still got banned" it isn't funny. It worries me. There are people out there incredibly willing to spend hundreds of dollars on game keys and replacing hardware to find the holes in Blizzard's cheat detection.

  8. #8
    Join Date
    Feb 2003
    Posts
    4,149

    Default Re: Overwatch Bans

    If this helps the argument in any meaningful manner, one of the guys that got banned claimed to have only *attempted* a wall hack in the beta, but the client crashed. He got hit with the ban wave during the LIVE game, where he claimed to have never tried the hack. The same guy reported purchasing the game two additional times, only to get banned within a short time. He claimed that blizzard had some kind of Hardrive ID software or something-- but people on reddit joked that he might have just been using the same credit card.
    "Doubt is not an agreeable condition, but certainty is an absurd one." ~ Voltaire

  9. #9

    Default Re: Overwatch Bans

    Quote Originally Posted by Zavon View Post
    If this helps the argument in any meaningful manner, one of the guys that got banned claimed to have only *attempted* a wall hack in the beta, but the client crashed. He got hit with the ban wave during the LIVE game, where he claimed to have never tried the hack. The same guy reported purchasing the game two additional times, only to get banned within a short time. He claimed that blizzard had some kind of Hardrive ID software or something-- but people on reddit joked that he might have just been using the same credit card.
    I'm pretty sure they use a sort of anonymous fingerprint cobbled out of your location data, hardware IDs, and possibly other personal data you agreed to provide through Battle.Net. Wouldn't be the first time Blizzard rode the line on privacy. Their Warden anti-cheat program scanned your RAM while playing their games and looked for any signs of known third-party cheat code. Wouldn't surprise me if they incorporated part of Warden's scans into your "fingerprint" either - operating system version and other prominent programs could be used to identify users.

  10. #10
    Join Date
    Apr 2003
    Location
    Saratoga, NY
    Posts
    1,074

    Default Re: Overwatch Bans

    Quote Originally Posted by Ero Elohim View Post
    I'm pretty sure they use a sort of anonymous fingerprint cobbled out of your location data, hardware IDs, and possibly other personal data you agreed to provide through Battle.Net. Wouldn't be the first time Blizzard rode the line on privacy. Their Warden anti-cheat program scanned your RAM while playing their games and looked for any signs of known third-party cheat code. Wouldn't surprise me if they incorporated part of Warden's scans into your "fingerprint" either - operating system version and other prominent programs could be used to identify users.
    Funny note, my Rogue in WoW is named Warden and I think of it as a 'homage' to the Warden program. Sneaky and stealthy behind the scenes.

  11. #11

    Default Re: Overwatch Bans

    Quote Originally Posted by Ero Elohim View Post
    Most places already do this where they can. That's the "validation" I was talking about.

    However, when cheaters cheat, they're usually doing so by editing the information the client sends to the server. A speed-hack in World of Warcraft doesn't just send "MOVE ME REALLY FUCKING FAST" because the server would catch it, auto-flag the account for GM review, and deny the movement commands. It has to do something sneaky, like edit the client response to say "Hey, this character is mounted." first, then start moving at 300% speed. The server then ignores the weird speed and doesn't flag it because mounted characters ARE allowed to move at absurd rates.
    I want to ask "what mount?" and I feel like the server should know if they have one or not and what it's capabilities are to the point that the cheat would be worthless as you'd have to actually have a mount, actually have it out, and actually be on it... but I take your point. It's an example saying the cheater need only find how... wide... the validation goes, and go a little wider to cheat.

    That brings me back to where I started though. Can't you go full Trump and validate EVERYTHING server side? I'm sure there are challenges to this but I would go in with a philosophy of building a game from the ground up with this in mind. I need to look into the original Planet-Side. I remember being told that was unhaxable on a cheat forum years ago when I asked what games they couldn't hack and why and I don't remember seeing much in the way of cheating on that game at all but then PlanetSide2 was a joke.




    Quote Originally Posted by Ero Elohim View Post
    Lots of cheats actually do get caught and banned. It's part of the reason most companies ban in waves, instead of immediately. If you do something the server can detect and get banned a month later, you have less chance of figuring out what part of your hack was detected. If you speed hacked and didn't get banned, teleported and didn't get banned, but got banned when you instant-killed a whole zone of monsters, you immediately know what part of your program is detectable needs work.
    This I just can't agree with.

    The other players experiencing this environment just feel like they see cheaters all the time. Seeing a wave of bans might make them feel better for a time, kind of like a surge of population after a content patch, and that may make sense from a marketing perspective but that's not the game I want to make. I want players to see other players get booted in real time.

    "DarkRe4perGoku9004 was kicked for sending impossible client states/values"

    I want them to know that they're not just playing all night with cheaters who will still be there cheating tomorrow night.
    Nowadays when people start to get killed by fireballs, no one says they need to dodge the fireball anymore; they say they need to go get a fire resist ring and some ice damage so they don't have to.

  12. #12
    Join Date
    Feb 2003
    Posts
    4,149

    Default Re: Overwatch Bans

    From what I understand the only wide spread cheating that has occured was wall hacks. Most players that die to a wall hacker probably don't even realize that the other person is cheating.
    "Doubt is not an agreeable condition, but certainty is an absurd one." ~ Voltaire

  13. #13
    Join Date
    Apr 2003
    Location
    Saratoga, NY
    Posts
    1,074

    Default Re: Overwatch Bans

    Quote Originally Posted by VKhaun View Post
    I want to ask "what mount?" and I feel like the server should know if they have one or not and what it's capabilities are to the point that the cheat would be worthless as you'd have to actually have a mount, actually have it out, and actually be on it... but I take your point. It's an example saying the cheater need only find how... wide... the validation goes, and go a little wider to cheat.

    That brings me back to where I started though. Can't you go full Trump and validate EVERYTHING server side? I'm sure there are challenges to this but I would go in with a philosophy of building a game from the ground up with this in mind. I need to look into the original Planet-Side. I remember being told that was unhaxable on a cheat forum years ago when I asked what games they couldn't hack and why and I don't remember seeing much in the way of cheating on that game at all but then PlanetSide2 was a joke.






    This I just can't agree with.

    The other players experiencing this environment just feel like they see cheaters all the time. Seeing a wave of bans might make them feel better for a time, kind of like a surge of population after a content patch, and that may make sense from a marketing perspective but that's not the game I want to make. I want players to see other players get booted in real time.

    "DarkRe4perGoku9004 was kicked for sending impossible client states/values"



    I want them to know that they're not just playing all night with cheaters who will still be there cheating tomorrow night.
    This could work for simple FPS games and probably only for certain values. Wallhacks tend to manipulate GUI/Texture information if i recall some of the CS 1.6 wallhacks I played around with.

  14. #14
    Join Date
    Oct 2001
    Posts
    1,315

    Default Re: Overwatch Bans

    Regardless of the end result of the Overwatch bans, the fact that they are happening is being used to flog other game companies that have cheat problems.
    -Make America Nazi Free!

    -Agent of Satan, but my duties are largely ceremonial.

    -"Personally, I play a warlock to set people on fire as they run in fear while I steal their souls. As an added perk, I play an undead warlock so I can eat their brains afterwards. I suppose a better question is, why do people play anything else?" (Unknown WoW forum poster)

  15. #15
    Join Date
    Mar 2005
    Posts
    3,281

    Default Re: Overwatch Bans

    I would love for a game to be run entirely server side like VKhaun wants. I'm so sick to fucking death of cheating in online games that I would say it's the number one reason I don't log on to a gaming service. I still play various games but when I don't feel like logging in it's because of the cheating. Just to add my 2 bit opinion to the conversation, companies certainly don't do enough to ban cheaters. Xbox Live is butt ass horrible about cheating. The problem is these cheaters are constantly on new gamertags. Why? Because it takes 3 hard bans before they even consider perma banning JUST the Gamertag. A representative told me this on the phone. THREE. So if you get caught doing some serious hacking then the 3rd time you get your gamertag perma banned. Which means your punishment is having to create another fake email account through hotmail. OH THE HORROR. Why not fucking brick their console after the 3rd time? Gaming companies are making a killing off of these cheaters and that's one reason they don't want to cure the situation. Cheaters pay $9.99 a month to play Xbox Live. The rest of us pay $59.99 per year. It's a major conflict of interest. Until the noncheaters start sticking it to the companies that allow this shit to go on it will be not only an consistent problem but an exponentially increasing problem. Just today I ran into 2 or more cheaters in warzones. I just said screw it and went back to PvP which I really wasn't in the mood for. Saw someone insta cap a bomb twice in the same warzone and then another guy used a terrain glitch in a 4 v 4 match. There's all kinds of bullshit going on in online games now days.
    Last edited by Sillywilly; 06-04-2016 at 10:31 PM.
    "Nah man, a Paladin has to play fair and by the rules. Do you really see Silly not attacking a weakened opponent? Or rather, not exploiting a weakness to take an enemy down? He'd totally do that. It's the law of the jungle with Silly, even if he does have faith. I think he's principled, just not merciful." - Zavon

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts