|
Edit:
I've developed a prototype application. It currently successfully detects all the existing hacks that I've tested it with. It also supports signature recognition of applications running on the system, which will allow blacklisting of hacks.
I've also developed a counterpart to the application which is an off-site service that performs analysis on replays post-game. The off-site service currently successfully detects Auto-Blink, Auto-Burrow, Auto-Inject and Screen blocking maphacks. If you know of other hacks that are evident in replays, and you have replays of them, please post them here or PM them to me.
Both players in a game running the application would ensure a hack free game. One player in a game running the application would still provide a decent detection of hacks through post-game analysis.
I plan to develop a user friendly version of these applications ASAP.
Thoughts? 
---
Hello TL,
Right now the community at large has finally been made aware of something that has been prevelant since beta. As a former WoW player, a game in which cheats and botting are rampant, I can tell you that Blizzard will not take sufficient action within a sufficient time frame. Botters in WoW often go unimpeded for months (sometimes years) despite numerous reports, and many never get banned at all.
Blizzard's lax attitude towards hacks could maybe be considered acceptable if it actually worked. However, the "put up with it now in order to be free of it later" method doesn't work. Sure, some people may lose their accounts after a ban wave, but there's new undetectable hacks out within days and then we're back to having months of hacks running rampant.
Even if their method did work in the long run, it would be acceptable if it only affected ladder play. You might lose a few points unjustly, but there would be no real harm done. However, the fact that these people can use hacks freely in the many online tournaments played daily is unacceptable.
What I'm proposing, and what I'd be happy to create if there's interest, is a third-party anti-hack utility. There are many ways to do this, both invasive and non-invasive when it comes to interfacing with StarCraft II. However, Blizzard have shown they're willing to overlook ToS violations when it comes to helpful utilities (R1CH's XSplit Scene Switcher and stream opponent announcer, Starboard, my SC2 Scrapbook utility are ones that come to mind).
I've only done mild initial research in to the matter. However, I've come up with a list of various things that would be detectable. Obviously, to ensure a 100% hack free environment, both players would need to be running the software. However, it's still possible to detect if the other person is cheating with some accuracy. These games could be flagged for review and you could post the replays for further analysis.
The following is a list of features that would be relatively easy to implement:
General Hack Detection:
Similar to iCCup Launcher. Check running programs to make sure they aren't messing with the SC2 Process, and check running programs against a list of known hacks. Blizzard launcher is supposed to do this, but does a very poor job of it.
Enforcing the use of this in tournaments combined with a well updated hack database would be the most efficient way to counter hacks at the competative level. Any other methods of detection aren't fool-proof.
Maphack Detection:
This would check the position of the opponent's camera for known maphack signs. Fog of war peeking is easy to detect. The "screen lock" feature that some maphacks use would be even easier to detect.
If a user is flagged as suspicous then the person running the anti-hack software can be advised to watch the replay when the game is finished.
If both parties are running the software then camera positions of each player can be compared to make sure they match. Even if general hack detection is bypassed, this will reveal users using screen lock while fog of war peaking
Microhack Detection:
Blink/Burrow micro hacks don't select the units they're microing to perform the action. This is one that's easy to detect just by watching the replay, but could easily be automatically detected.
Key Analysis:
This would work in a perfect world if both players are running the software. Many hacks have console commands (E.G., type "/mh" to enable map hack). Comparing keys pressed to the user's key bindings would prevent (or at least detect) the use of hack hotkeys.
Obviously there are many more hacks available, and many more ways to counter them. These are the thing that came to mind immediately.
I'm unsure if this has been proposed before, but it's something I've been thinking about and would be willing to make.
Thoughts?
|
as long as said program wouldn't get you banned by blizz in Sc2 sounds good...if somebody could make it that is
|
Anything you could do would be greatly appreciated by everyone but the maphackers.
|
This is great initiative. The concerns I would have are a) would this possibly get you banned from bnet? And b) would this flag players that are just using various mods (the stronger team color mod comes to mind)?
|
Would be a good idea to implement on online daily tourneys
On June 06 2012 00:30 ThirdDegree wrote:
This is great initiative. The concerns I would have are a) would this possibly get you banned from bnet? And b) would this flag players that are just using various mods (the stronger team color mod comes to mind)?
a)no idea
b) i don't think so, since you modify sc2's files, most hacks read the memory while executing
|
Something like this is always going to be risky while were relying on blizzard servers. I've always hoped that someday the community will get custom server working.
There way this is probably a good utility for the community to have
|
To add more to the legality side of things:
Detecting known hack applications and checking for other applications messing with the SC2 process would not be against the SC2 EULA/TOS. Extra detections (such as checking camera positions and wongful blink micro) would require reading the SC2 process memory. While it is against the EULA/TOS, Warden (Blizzard anti-cheat) does not detect applications that read SC2 process memory. Only applications that modify SC2 behaviour are automatically detected and even then it's easy to hide, thus the many hacks we currently have.
So, to sum it up:
You would not be at risk for being banned for using this application unless Blizzard decided they wanted to ban this specific application, which would be the most ironic thing ever.
Edit:
Added clarification.
|
On June 06 2012 00:17 Veritas wrote:
As a former WoW player, a game in which cheats and botting are rampant, I can tell you that Blizzard will not take sufficient action within a sufficient time frame. Botters in WoW often go unimpeded for months (sometimes years) despite numerous reports, and many never get banned at all.
GCD hacking got fixed in Cata(?) so maybe they will add better antihack system to HotS if people complain enough about hackers.
|
Create the program and use it. Then 3 likely scenarios will follow:
Blizzard outlaws your program (looks stupid) and have to come up with a blizzard version of the same program.
OR
Blizzard outlaws your program (looks stupid) and will not come up with a blizzard version of the same program (looks stupider).
OR
Blizzard gives the thumps up (looks cool).
|
This is kinda pointless for a lot of reasons.
Many people probably don't want to play tournaments if they have to download a software. Thought you have to convince any tournament to use it in the first place.
It probably won't stop many hackers, unless you are willing to spent some money and have a lot of knowledge, there is no way you can't secure your software against someone with even just a little knowledge. The effect will only be very little at best.
In my opinion it's very likely just a waste of time.
|
On June 06 2012 00:46 zezamer wrote:Show nested quote +On June 06 2012 00:17 Veritas wrote:
As a former WoW player, a game in which cheats and botting are rampant, I can tell you that Blizzard will not take sufficient action within a sufficient time frame. Botters in WoW often go unimpeded for months (sometimes years) despite numerous reports, and many never get banned at all. GCD hacking got fixed in Cata(?) so maybe they will add better antihack system to HotS if people complain enough about hackers.
Didn't GCD hacking only get fixed because they changed how the GCD worked? I know all throughout Cata (or at least until I quit after the Deathwing patch) there were still rampant mining/herb/fishing bots, AFK honor farm bots, auction house bots, etc. Didn't matter if you reported them, they were still there the next week.
|
This is a good idea, I think.
At the SkillCraft.ca project (http://www.teamliquid.net/forum/viewmessage.php?topic_id=264852), we've been gathering replays from hackers to see if we can detect hacking in the replay. Since we have a good idea what a player of each skill level should look like, hackers who don't have the skills associated with their league should pop out as outliers.
It would be really helpful to us if there are ways to confirm, positively, that someone was hacking. That way we can build the classifier with accurate data.
As far as Blizzard is concerned, the question is always resources. They have to decide whether a few hackers are worth pulling people off other aspects of the game to address them. Maybe creating a thread that detailed specific ways to detect hackers would make it easier for Blizzard to implement something by doing some of the work for them.
|
You're a real ideas man, OP. Why don't you start a Kickstarter to fund this? Name yourself the "supervisor" of the project too, coders love it when a guy with a vision tells them what to do.
|
On June 06 2012 01:03 Jinsho wrote:
You're a real ideas man, OP. Why don't you start a Kickstarter to fund this? Name yourself the "supervisor" of the project too, coders love it when a guy with a vision tells them what to do.
If you're going to be a dickhead, at least read his entire post.
"I'm unsure if this has been proposed before, but it's something I've been thinking about and would be willing to make."
|
We need this badly, If done correctly this would be by far the most beneficial SC2 utility software out there for a long time to come. Blizzard will never be able to (or willing) to stay on top of this type of thing, especially in the pro scene, all the time for years and years to come - we have to do it ourselves. Of course by we I mean you OP and any other programers :p
|
I would like to test it, if it can help.
|
Godspeed to this plan.
Also amusing how the features you describe is basically what Warden SHOULD be, if they got half a brain and a concern outside of just money they should implement these as soon as possible.
But I expect it will be the same response as with the disconnect problem, "We'll fix it in HotS... Maybe.".
|
On June 06 2012 00:38 NoobStyles wrote:
Something like this is always going to be risky while were relying on blizzard servers. I've always hoped that someday the community will get custom server working.
There way this is probably a good utility for the community to have
There already is custom server,look up Starfriend.
|
Canada13389 Posts
I posted this in the other thread but here it goes.
In MOHAA there was an anti hack that would screen cap randomly. If you were suspected of hacking you would be given 24 hours to email an admin the screenshot collection and if hacks were found you would be banned, if none no ban and if no Emil you would get banned as well. Worked pretty well and it can work for tournaments run online only for sc2 idf there was a similar application.
|
Sounds like a good plan, but there's something to consider about looking at fog of war:
1: If a player scans a base, briefly looks and it, and comes back a minute later to see what he might have missed/count buildings, then these instances should be highlighted but not scream "maphack".
2: Looking at base locations to shift-click a scouting worker shouldn't be highlighted. Some people prefer to click on a screen instead of the minimap.
3: Scouting for proxies in the normal spots.
4: What should definitely be highlighted is when the player camera goes over a random area that has "nothing", but is hiding a proxy pylon or tech.
How to fix this? For point 1 I don't have a good idea. You just have to flag it up and analyze manually. For point 2 and 3, I would suggest to ignore the instance if it is followed up by a click (or shift click) within 2 seconds of vision in that area. That way, you won't have a million false positives showing up when a player decides to spam shift click for legitimate scouting.
Edit:
On June 06 2012 01:19 ZeromuS wrote:
I posted this in the other thread but here it goes.
In MOHAA there was an anti hack that would screen cap randomly. If you were suspected of hacking you would be given 24 hours to email an admin the screenshot collection and if hacks were found you would be banned, if none no ban and if no Emil you would get banned as well. Worked pretty well and it can work for tournaments run online only for sc2 idf there was a similar application.
You could run an overlay that's recording your game with "normal vision", so the hack can only be seen by you, making the screenshot worthless.
|
We just need rich to fix this. I bet he already has an idea in his head how to fix all this hacking stuff.
RICH where are you???
|
Don't, DON'T, stomp on Blizzard's toes. If something like this is to come to fruition, whoever writes this code needs to appeal to the authorities that be. Something that starts with "Blizzard may I please..." and ends with "Thank you, Oh glorious masters" will do.
Blizzard is widely known for their Cease and Desist micro. If they don't like what you're doing, they will let you know about it, in a rather blunt way. Better to just talk to them, yeah?
|
How much funding would you need to accomplish this task and in how much time? I would be more than willing to use a third party software to participate in Playhem or z33k.
|
Sounds like a great idea. At the very least the honorable players who do play online can be free and clear of any kind of controversy (thinking mainly of Nerchio) rather than have to "prove themselves" at LAN events where nerves can wreck a player.
|
Please god make it so that this never happens. I can't think of any game company that came up with a good hack preventing software.
Not only they don't prevent that much hack/cheat/bot but they are often heavy or annoying for every other users.
If the community come up with a need for such software and it is adopted for tournament, Blizzard may see and incentive to work on it and come up with a punkbuster or other NCSOFTlike guardian that does nothing to prevent recent hack/cheat but annoy some legit users.
|
On June 06 2012 01:21 Chargelot wrote:
Don't, DON'T, stomp on Blizzard's toes. If something like this is to come to fruition, whoever writes this code needs to appeal to the authorities that be. Something that starts with "Blizzard may I please..." and ends with "Thank you, Oh glorious masters" will do.
Blizzard is widely known for their Cease and Desist micro. If they don't like what you're doing, they will let you know about it, in a rather blunt way. Better to just talk to them, yeah?
Why does it sound like Blizzard is the real bad guy here? Not that the hackers qualify as anything but bad, but like Zimbabwe, do you blame the small(er) time criminals that loot a shop or join a armed militia or the government that destroyed the economy, infrastructure and social cohesion for personal gain that was supposed to stop these things from happening in the first place.
Not sure if Dustin Browder or Activision is Starcrafts Mugabe though.
|
On June 06 2012 01:05 Gheed wrote:Show nested quote +On June 06 2012 01:03 Jinsho wrote:
You're a real ideas man, OP. Why don't you start a Kickstarter to fund this? Name yourself the "supervisor" of the project too, coders love it when a guy with a vision tells them what to do. If you're going to be a dickhead, at least read his entire post. "I'm unsure if this has been proposed before, but it's something I've been thinking about and would be willing to make."
But parent has a point, and us programmers see it all the time: Somebody dreams up some idea not thinking through the true effort involved in its realization, and then nothing happens. The way real open-source development works is the author starts a project to fill some need and hacks on it ... they feel they have something worthwhile ... then they release it to the public so others can find bugs in the code, report issues while using, document its usage, etc.
OF COURSE antihack is something anybody would like. If a good opt-in antihack were developed, I can't imagine a serious online tournament that wouldn't require it. And so to some of us it will seem as though OP is just making a scene.
|
On June 06 2012 00:17 Veritas wrote:
Maphack Detection:
This would check the position of the opponent's camera for known maphack signs. Fog of war peeking is easy to detect. The "screen lock" feature that some maphacks use would be even easier to detect.
If a user is flagged as suspicous then the person running the anti-hack software can be advised to watch the replay when the game is finished.
If both parties are running the software then camera positions of each player can be compared to make sure they match. Even if general hack detection is bypassed, this will reveal users using screen lock while fog of war peaking
Any credible "anti-hack" software cannot operate on fog-of-war-looking detection. I look into the fog-of-war a lot when I'm planning something for later in the game (where I can drop some units, or where I can put pylons if I'm trying to do a wall-in cannon rush). So I'm suspicious if I'm planning a drop in somebody's base and happen to look where they just hid a Dark Shrine? I don't think so.
Trying to detect actions performed separate from the user's controls isn't so reliable for micro hacks either (this ought to be easy to fake ... I'm sure a hack program could move the cursor for you, etc.).
A trustworthy anti-hack would have to base most or all of its assertions on known fingerprints of hack utilities, or recognizable interference at the OS level with the SC2 processes.
|
On June 06 2012 01:36 pigmanbear wrote:Show nested quote +On June 06 2012 01:05 Gheed wrote:On June 06 2012 01:03 Jinsho wrote:
You're a real ideas man, OP. Why don't you start a Kickstarter to fund this? Name yourself the "supervisor" of the project too, coders love it when a guy with a vision tells them what to do. If you're going to be a dickhead, at least read his entire post. "I'm unsure if this has been proposed before, but it's something I've been thinking about and would be willing to make." But parent has a point, and us programmers see it all the time: Somebody dreams up some idea not thinking through the true effort involved in its realization, and then nothing happens. The way real open-source development works is the author starts a project to fill some need and hacks on it ... they feel they have something worthwhile ... then they release it to the public so others can find bugs in the code, report issues while using, document its usage, etc. OF COURSE antihack is something anybody would like. If a good opt-in antihack were developed, I can't imagine a serious online tournament that wouldn't require it. And so to some of us it will seem as though OP is just making a scene.
I've developed SC2 utilities that read data from the game previously, and what I'm suggesting isn't really all that complex.
|
On June 06 2012 01:42 pigmanbear wrote:Show nested quote +On June 06 2012 00:17 Veritas wrote:
Maphack Detection:
This would check the position of the opponent's camera for known maphack signs. Fog of war peeking is easy to detect. The "screen lock" feature that some maphacks use would be even easier to detect.
If a user is flagged as suspicous then the person running the anti-hack software can be advised to watch the replay when the game is finished.
If both parties are running the software then camera positions of each player can be compared to make sure they match. Even if general hack detection is bypassed, this will reveal users using screen lock while fog of war peaking Any credible "anti-hack" software cannot operate on fog-of-war-looking detection. I look into the fog-of-war a lot when I'm planning something for later in the game (where I can drop some units, or where I can put pylons if I'm trying to do a wall-in cannon rush). So I'm suspicious if I'm planning a drop in somebody's base and happen to look where they just hid a Dark Shrine? I don't think so. Trying to detect actions performed separate from the user's controls isn't so reliable for micro hacks either (this ought to be easy to fake ... I'm sure a hack program could move the cursor for you, etc.). A trustworthy anti-hack would have to base most or all of its assertions on known fingerprints of hack utilities, or recognizable interference at the OS level with the SC2 processes.
As I said in the OP, requiring both parties to run an application that checks for known hack utilities is the only reliable method. Any other methods would be to flag replays for review at a later date, not to take automated action.
|
On June 06 2012 01:46 Veritas wrote:Show nested quote +On June 06 2012 01:42 pigmanbear wrote:On June 06 2012 00:17 Veritas wrote:
Maphack Detection:
This would check the position of the opponent's camera for known maphack signs. Fog of war peeking is easy to detect. The "screen lock" feature that some maphacks use would be even easier to detect.
If a user is flagged as suspicous then the person running the anti-hack software can be advised to watch the replay when the game is finished.
If both parties are running the software then camera positions of each player can be compared to make sure they match. Even if general hack detection is bypassed, this will reveal users using screen lock while fog of war peaking Any credible "anti-hack" software cannot operate on fog-of-war-looking detection. I look into the fog-of-war a lot when I'm planning something for later in the game (where I can drop some units, or where I can put pylons if I'm trying to do a wall-in cannon rush). So I'm suspicious if I'm planning a drop in somebody's base and happen to look where they just hid a Dark Shrine? I don't think so. Trying to detect actions performed separate from the user's controls isn't so reliable for micro hacks either (this ought to be easy to fake ... I'm sure a hack program could move the cursor for you, etc.). A trustworthy anti-hack would have to base most or all of its assertions on known fingerprints of hack utilities, or recognizable interference at the OS level with the SC2 processes. As I said in the OP, requiring both parties to run an application that checks for known hack utilities is the only reliable method. Any other methods would be to flag replays for review at a later date, not to take automated action.
You must have replied to the wrong post. That has nothing to do with anything I said; any fool knows you can't detect a hack without observing it in the wild (that is, running on a user's OS).
|
On June 06 2012 01:44 Veritas wrote:Show nested quote +On June 06 2012 01:36 pigmanbear wrote:On June 06 2012 01:05 Gheed wrote:On June 06 2012 01:03 Jinsho wrote:
You're a real ideas man, OP. Why don't you start a Kickstarter to fund this? Name yourself the "supervisor" of the project too, coders love it when a guy with a vision tells them what to do. If you're going to be a dickhead, at least read his entire post. "I'm unsure if this has been proposed before, but it's something I've been thinking about and would be willing to make." But parent has a point, and us programmers see it all the time: Somebody dreams up some idea not thinking through the true effort involved in its realization, and then nothing happens. The way real open-source development works is the author starts a project to fill some need and hacks on it ... they feel they have something worthwhile ... then they release it to the public so others can find bugs in the code, report issues while using, document its usage, etc. OF COURSE antihack is something anybody would like. If a good opt-in antihack were developed, I can't imagine a serious online tournament that wouldn't require it. And so to some of us it will seem as though OP is just making a scene. I've developed SC2 utilities that read data from the game previously, and what I'm suggesting isn't really all that complex.
Reading data from the game gets you nowhere; at best you get the equivalent of a replay analysis tool. Just as a hack can tamper with the game interface (drawing a production tab, etc.) it can also simulate user actions (see Lossbots, for instance). The only way you can prove that a player is hacking is when a hack is detected on the system (as a process tampering with the SC2 process' memory, for instance), and doing so in such a way that you will ever be able to keep up with hack developments is non-trivial to the extreme: Case-in-point, Blizzard has a pretty hard time doing this, and they're the ones writing the software! You can also prove a hack when something "impossible" happens (intense blink micro while not looking at the battle), but at that point you are depending on sloppy work of the attacker, and that is just not how security works at all.
|
On June 06 2012 01:21 Chargelot wrote:
Don't, DON'T, stomp on Blizzard's toes. If something like this is to come to fruition, whoever writes this code needs to appeal to the authorities that be. Something that starts with "Blizzard may I please..." and ends with "Thank you, Oh glorious masters" will do.
Blizzard is widely known for their Cease and Desist micro. If they don't like what you're doing, they will let you know about it, in a rather blunt way. Better to just talk to them, yeah?
No, not at all. Past experiences with blizzard shows that action produces results, good or bad. Asking for permission wont change anything. However, if someone produces an antihack that works and blizzard bans it than it forces blizzards hand to produce something better than waves and warden, especially for customs.
Community demand for the ability to reconnect from disconnected games didn't do shit until the ideas and possibilities for programs to be able to do it came up in the community. Than blizzard decided they would do it properly themselves.
|
However, Blizzard have shown they're willing to overlook ToS violations when it comes to helpful utilities (R1CH's XSplit Scene Switcher and stream opponent announcer, Starboard, my SC2 Scrapbook utility are ones that come to mind).
What about the resume from replay program that blizzard won't let tournaments use?
|
On June 06 2012 02:01 coolcor wrote:Show nested quote +However, Blizzard have shown they're willing to overlook ToS violations when it comes to helpful utilities (R1CH's XSplit Scene Switcher and stream opponent announcer, Starboard, my SC2 Scrapbook utility are ones that come to mind). What about the resume from replay program that blizzard won't let tournaments use?
Is this true? Source?
I thought my Zimbabwe analogy might be a bit over the top but if this is true Blizzard is closer to Al-Shabaab IMO.
|
On June 06 2012 02:01 coolcor wrote:Show nested quote +However, Blizzard have shown they're willing to overlook ToS violations when it comes to helpful utilities (R1CH's XSplit Scene Switcher and stream opponent announcer, Starboard, my SC2 Scrapbook utility are ones that come to mind). What about the resume from replay program that blizzard won't let tournaments use?
I may be wrong, but didn't that only allow you to resume as single player?
|
On June 06 2012 02:01 coolcor wrote:Show nested quote +However, Blizzard have shown they're willing to overlook ToS violations when it comes to helpful utilities (R1CH's XSplit Scene Switcher and stream opponent announcer, Starboard, my SC2 Scrapbook utility are ones that come to mind). What about the resume from replay program that blizzard won't let tournaments use?
Evidence that Blizzard is blocking the use of that program? I have heard nothing of the sort, beyond that it is a mod that is out there and is not perfect.
Blizzard will respond to the hackers and has no interest in stopping people from policing hackers. However, Blizzard is a large company and they do not do things quickly. They would also rather take care of several issues at once, rather than try to patch one at a time. It is in the nature of the beast.
I don't think program that "detect" hacks are the answer. Detection software vs hacks is an arms race that most people do not have time to keep up with. I would rather Blizzard work on ways to get more information into replays, like showing clicks on the mini map or recording mouse movements(ie not clicking). At the end of the day, it is humans that will need to root out hackers, not a program. The more tools you can give people, the harder it gets to hide the hacks from review.
|
I really don't see how Blizzard could possibly get mad at the community for do their job for them, lol. As long as you are fairly open with the development process to prove that their are no nasty surprises in whatever software is produced, there should literally be no reason for any objection from Blizzard.
|
http://www.teamliquid.net/forum/viewmessage.php?topic_id=328785
There is the thread for the resume from replay program. It does work in multiplayer and the op shows suggestions and bug fixes added. Do you know of any problems the program still has? there is no source for blizzard not letting tournaments use it but tournaments have not used it when it would have been useful to prevent a regame. Is there any other reason they wouldn't give it a try if blizzard had let them?
|
This is an interesting idea, but as with any antivirus/anti-malware software, you'll always be one step behind the hackers. And you won't be able to detect everything (stream cheating is gonna be hard to detect, maphacking too once they figure something more evolved that their camera lock by randomly moving the camera or whatever).
So I don't know, I think you'll need an army of programmers to maintain the software up-to-date against the multiple versions of various hacks the hackers are going to throw at you. But yeah, probably worth a try. At least, it might send a signal to Blizzard that they should start caring about hackers.
|
On June 06 2012 02:23 KrazyTrumpet wrote:
I really don't see how Blizzard could possibly get mad at the community for do their job for them, lol. As long as you are fairly open with the development process to prove that their are no nasty surprises in whatever software is produced, there should literally be no reason for any objection from Blizzard.
Openness means nothing -- it's not like Blizzard has a couple developers on staff just waiting around to perform code reviews on open-source programs meant to integrate with SC2. Violation of TOS is enough reason for Blizzard objecting for that very reason. More than likely, the only way Blizzard would interact with such software would be to fingerprint it to add it to their list of known third-party extensions, so they could ban users if they started getting some complaints about it somehow.
|
Our technology isn't advanced enough to do such things. Nope iccup launcher comes from the future, it doesn't count.
|
If Blizzard promised to allow this it would be great.
|
I had an idea that most likely wouldn't fly with Blizzard.
They can't install software that scans our computer to report what is in our RAM. But that doesn't mean we can't, right? In theory, have a launcher that we download and use, of our own free will, that scans and posts in chat at the start of every game, "I use <program name> and am verified as 100% hack free!" In theory you could shame people into getting it, pro's and "serious players" alike. If you're a GM and not using this program, how can anyone take you seriously?
|
On June 06 2012 02:56 lavit2099 wrote:I had an idea that most likely wouldn't fly with Blizzard. They can't install software that scans our computer to report what is in our RAM. But that doesn't mean we can't, right? In theory, have a launcher that we download and use, of our own free will, that scans and posts in chat at the start of every game, "I use <program name> and am verified as 100% hack free!" In theory you could shame people into getting it, pro's and "serious players" alike. If you're a GM and not using this program, how can anyone take you seriously?
There is no program that can do this for us. Even if we demanded that all pro set up a live webcam of them playing the game and streamed it direclty to the tournament host(only, not over twitch), people still would find ways to cheat. That is the nature of a cheater, they will find ways to do it. People just need to be active and aware of what is out there. We also need to put more weight on live events, where players cannot use hacks.
|
On June 06 2012 01:03 Jinsho wrote:
You're a real ideas man, OP. Why don't you start a Kickstarter to fund this? Name yourself the "supervisor" of the project too, coders love it when a guy with a vision tells them what to do.
Good to see you read the whole original post before dismissing it and decided to act like an ass.
|
Russian Federation396 Posts
seems like you should start working on this
|
On June 06 2012 02:56 lavit2099 wrote:I had an idea that most likely wouldn't fly with Blizzard. They can't install software that scans our computer to report what is in our RAM. But that doesn't mean we can't, right? In theory, have a launcher that we download and use, of our own free will, that scans and posts in chat at the start of every game, "I use <program name> and am verified as 100% hack free!" In theory you could shame people into getting it, pro's and "serious players" alike. If you're a GM and not using this program, how can anyone take you seriously?
There's no integrity to that practice. Anybody can copy and paste that message a thousand times. Maybe if the program itself hacked the game and put its logo in your opponent's base temporarily. I kid, I kid ^^
|
On June 06 2012 01:03 Jinsho wrote:
You're a real ideas man, OP. Why don't you start a Kickstarter to fund this? Name yourself the "supervisor" of the project too, coders love it when a guy with a vision tells them what to do.
I love it when a douchebag is out in the open for everyone to see.
|
This seems like a good idea if it cna be implimented without any problems occuring for the user.
|
Please make this =) Would be awesome!
|
I don't see how this can prevent all the hacks out there. Not only do many hacks come with screenshot blockers, but I know of at least 1 that runs inside ring0 so unless your anti hack software can scan inside the Windows kernal, which is deeply invasive, you won't be able to detect it.
Edit: Okay so I don't know this for absolute fact, but it's what people have told me.
|
On June 06 2012 03:15 Darkman wrote:
I don't see how this can prevent all the hacks out there. Not only do many hacks come with screenshot blockers, but I know of at least 1 that runs inside ring0 so unless your anti hack software can scan inside the Windows kernal, which is deeply invasive, you won't be able to detect it.
While this may be true, it's also a damn slight better than nothing. Especially with the majority of the community working to keep it up-to-date.
When you combine this with dedicated efforts to monitor replays and observe games, and something like a legal agreement at the outset of a tournament that anybody caught cheating is required to refund their prize money, it can take steps to legitimize online tournaments which are currently dangerously close to being deligitimized due to how easy it is to accuse somebody of hacking.
|
Don't forget to consider 'low tech' hack solutions like simply pointing a camera towards a player's display setup.
|
Thing is that if Blizzard really cracked down on hackers by releasing a program that directly supervises you while playing(ie: What the OP says:watch your running programs or detect your key presses) people would be accusing them of installing spyware on your computer XD.
But anyways great idea OP, although as many have said this won´t stop the hackings but at least we can react more quickly to the newer hacks and anyways the purpose of a software like this is to act more like a deterrent than an actual antihack tool.
I don´t know why people act as if hacks didn´t exist in ICCUP, as always this anti-hacking devices are as beatable as Blizzard´s Warden. With this kind of stuff its always a game of cat and mouse between the antihacking developers vs the hacking developers.
But yeah Blizzard will definitively won´t make something like this because they are too legally accountable for any software they make you run.
|
Dude you realize that suggesting such a thing is meaningless without actual code. Its one thing to say "Lets bell the cat" another to actually do it.
|
I commend you for making this topic, get people thinking. But your approach has no viable long term success. The objective should be -not- to defeat the hacks you see in front of you, but the people who are creating them. Conquer their minds instead of what they make with their tools.
To defeat hackers you must think more abstract, specifically targeting hack features will start the endless headless goose chase of the century... Which is what hacker's desire recognition, acknowledgement and all that.
|
It seems like after every shitstorm a brave community member comes forward with a great answer/fix. After MKP vs. Parting, we got the resume game from replay device, and now we have this Nicely done.
|
Canada13389 Posts
On June 06 2012 01:19 Heh_ wrote:Sounds like a good plan, but there's something to consider about looking at fog of war: 1: If a player scans a base, briefly looks and it, and comes back a minute later to see what he might have missed/count buildings, then these instances should be highlighted but not scream "maphack". 2: Looking at base locations to shift-click a scouting worker shouldn't be highlighted. Some people prefer to click on a screen instead of the minimap. 3: Scouting for proxies in the normal spots. 4: What should definitely be highlighted is when the player camera goes over a random area that has "nothing", but is hiding a proxy pylon or tech. How to fix this? For point 1 I don't have a good idea. You just have to flag it up and analyze manually. For point 2 and 3, I would suggest to ignore the instance if it is followed up by a click (or shift click) within 2 seconds of vision in that area. That way, you won't have a million false positives showing up when a player decides to spam shift click for legitimate scouting. Edit: Show nested quote +On June 06 2012 01:19 ZeromuS wrote:
I posted this in the other thread but here it goes.
In MOHAA there was an anti hack that would screen cap randomly. If you were suspected of hacking you would be given 24 hours to email an admin the screenshot collection and if hacks were found you would be banned, if none no ban and if no Emil you would get banned as well. Worked pretty well and it can work for tournaments run online only for sc2 idf there was a similar application. You could run an overlay that's recording your game with "normal vision", so the hack can only be seen by you, making the screenshot worthless.
Not necessarily, it doesn't have to screen cap sc2 but instead everything displayed on the desktop like hitting print screen on your keyboard.
|
This should totally be included into beyonds gaming client BGLINK! since that application already offers some utility for tournaments
|
On June 06 2012 04:07 mastergriggy wrote:It seems like after every shitstorm a brave community member comes forward with a great answer/fix. After MKP vs. Parting, we got the resume game from replay device, and now we have this Nicely done.
But nothing's been done ...
|
On June 06 2012 05:05 ZeromuS wrote:Show nested quote +On June 06 2012 01:19 Heh_ wrote:Sounds like a good plan, but there's something to consider about looking at fog of war: 1: If a player scans a base, briefly looks and it, and comes back a minute later to see what he might have missed/count buildings, then these instances should be highlighted but not scream "maphack". 2: Looking at base locations to shift-click a scouting worker shouldn't be highlighted. Some people prefer to click on a screen instead of the minimap. 3: Scouting for proxies in the normal spots. 4: What should definitely be highlighted is when the player camera goes over a random area that has "nothing", but is hiding a proxy pylon or tech. How to fix this? For point 1 I don't have a good idea. You just have to flag it up and analyze manually. For point 2 and 3, I would suggest to ignore the instance if it is followed up by a click (or shift click) within 2 seconds of vision in that area. That way, you won't have a million false positives showing up when a player decides to spam shift click for legitimate scouting. Edit: On June 06 2012 01:19 ZeromuS wrote:
I posted this in the other thread but here it goes.
In MOHAA there was an anti hack that would screen cap randomly. If you were suspected of hacking you would be given 24 hours to email an admin the screenshot collection and if hacks were found you would be banned, if none no ban and if no Emil you would get banned as well. Worked pretty well and it can work for tournaments run online only for sc2 idf there was a similar application. You could run an overlay that's recording your game with "normal vision", so the hack can only be seen by you, making the screenshot worthless. Not necessarily, it doesn't have to screen cap sc2 but instead everything displayed on the desktop like hitting print screen on your keyboard.
There's something called privacy, i don't know if you could possibly do that and capture every single window the user has opened..
|
Do whatever it takes. It's up to the community to devise a solution. If Blizzard has a problem with it, then either it'll spur them to do something themselves, or give the community leverage to protest.
|
|
|
Basically it'll be awesome so long as you can get Blizzard's support behind it.
|
This sound great, as long as it can work and blizz doesn't herp derp over it <3
gogogogogoggo
|
Any CS majors in here?
Download many maphacks. Play a bunch of games on them using every effort to hide that you are, but still trying to win. Train a machine learning system on the maphack replays.
I wouldn't be shocked if there is some tipoff that could be 100% accurate since the maphack is interacting with the keys stores in the replay in order to do the view freezes and hide looking into the fog.
|
Would be cool to see this in daily and important online tournaments, as well as streams having a 5-10min delay.
|
I've developed a prototype application. It currently successfully detects all the existing hacks that I've tested it with. It also supports signature recognition of applications running on the system, which will allow blacklisting of hacks.
I've also developed a counterpart to the application which is an off-site service that performs analysis on replays post-game. The off-site service currently successfully detects Auto-Blink, Auto-Burrow, Auto-Inject and Screen blocking maphacks. If you know of other hacks that are evident in replays, and you have replays of them, please post them here or PM them to me.
Both players in a game running the application would ensure a hack free game. One player in a game running the application would still provide a decent detection of hacks through post-game analysis.
I plan to develop a user friendly version of these applications ASAP.
Thoughts?
|
On June 06 2012 06:20 JackDT wrote:
Any CS majors in here?
Download many maphacks. Play a bunch of games on them using every effort to hide that you are, but still trying to win. Train a machine learning system on the maphack replays.
I wouldn't be shocked if there is some tipoff that could be 100% accurate since the maphack is interacting with the keys stores in the replay in order to do the view freezes and hide looking into the fog.
Very possible.
But I think a smarter idea would be, make a really amazing maphack. (LeMap) and have it harvest replays from the hackers. That way your information set would be all races, leagues, and thousands of wins and losses.
|
On June 10 2012 04:45 Veritas wrote:I've developed a prototype application. It currently successfully detects all the existing hacks that I've tested it with. It also supports signature recognition of applications running on the system, which will allow blacklisting of hacks. I've also developed a counterpart to the application which is an off-site service that performs analysis on replays post-game. The off-site service currently successfully detects Auto-Blink, Auto-Burrow, Auto-Inject and Screen blocking maphacks. If you know of other hacks that are evident in replays, and you have replays of them, please post them here or PM them to me. Both players in a game running the application would ensure a hack free game. One player in a game running the application would still provide a decent detection of hacks through post-game analysis. I plan to develop a user friendly version of these applications ASAP. Thoughts?
Can your program test replays, or is it only useful in-game?
|
Amazing work, OP. I and I'm sure many others would be willing to donate to this project if you create a tip jar or something. That's assuming Blizz won't object to it and tournaments will utilize it.
Keep it up.
|
On June 10 2012 05:44 Nightmarjoo wrote:Show nested quote +On June 10 2012 04:45 Veritas wrote:I've developed a prototype application. It currently successfully detects all the existing hacks that I've tested it with. It also supports signature recognition of applications running on the system, which will allow blacklisting of hacks. I've also developed a counterpart to the application which is an off-site service that performs analysis on replays post-game. The off-site service currently successfully detects Auto-Blink, Auto-Burrow, Auto-Inject and Screen blocking maphacks. If you know of other hacks that are evident in replays, and you have replays of them, please post them here or PM them to me. Both players in a game running the application would ensure a hack free game. One player in a game running the application would still provide a decent detection of hacks through post-game analysis. I plan to develop a user friendly version of these applications ASAP. Thoughts? Can your program test replays, or is it only useful in-game?
The application will perform replay analysis by passing replays to the remote service after each game.
I could add replay processing to the application, but if it were to be cracked somehow then the detection patterns would be available to the hacker community.
On June 10 2012 06:13 Doodsmack wrote:
Amazing work, OP. I and I'm sure many others would be willing to donate to this project if you create a tip jar or something. That's assuming Blizz won't object to it and tournaments will utilize it.
Keep it up.
Even if tournaments don't use it, I think it will still be useful for people playing in tournaments to have the option to be alerted instantly if their opponent is acting suspicious.
|
Well specifically I was asking to see if you could support or contradict the claim that Spades hacked in his showmatch against Lucifron with your program.
|
Let's say I send you a 25 replays package, with some people I know hacked in those and some legit players, you would be able to find who's legit and who's not without error? If so, can we try this out... and if that end's up working i'd need your help in pinpointing hackers if your willing to in here: http://www.teamliquid.net/forum/viewmessage.php?topic_id=340614
|
Blizzard should hire you to do their job.
But seriously, thank you for being awesome OP. I hope this, in combination with stream delay, helps to legitimize online tournaments.
|
Great work keep it up. Thanks for putting the time and effort into finding a solution for this.
How can anybody even post something pessimistic before thanking the OP? If only the World was filled with all you sad sacks; nothing would get done.
|
Go for it, better anticheat is always a good thing.
On June 06 2012 00:51 Nightwatch wrote:
Many people probably don't want to play tournaments if they have to download a software.
100% not true, many tournaments/ladders for games have you download programs that check for cheats or help log games. If this comes out and is decent, it will get picked up by any tournament wanting to improve their image. I'd say it would actually draw people to the tournament.
|
On June 10 2012 12:12 Nightmarjoo wrote:
Well specifically I was asking to see if you could support or contradict the claim that Spades hacked in his showmatch against Lucifron with your program.
The anti-cheat monitor is the only fool-proof way of automatic detection. The replay analysis is meant to be a guide, nothing more. No automated replay analysis system will ever be without error. It is meant to inform users or admins that they may need to view a replay. Only significantly high counts of activity should be considered conclusive (e.g., 20+ suspected blink hack instances).
My current replay patterns only detect a few things. However, the Spades replays flagged more screen block warnings than 50 APM platinum replays. On average there were at least 8 points in each game where he stared at a single spot in his base for longer than 10 sconds. Beyond that I cannot say until it's more advanced.
On June 10 2012 13:34 ZweiGaming wrote:Let's say I send you a 25 replays package, with some people I know hacked in those and some legit players, you would be able to find who's legit and who's not without error? If so, can we try this out... and if that end's up working i'd need your help in pinpointing hackers if your willing to in here: http://www.teamliquid.net/forum/viewmessage.php?topic_id=340614
I'd be happy to give it a try. But only the things I mentioned a few posts ago are checked right now. If you have replays of hacks that can be detected via replay analysis then I'd love to have your help making pattern detectors for them.
|
On June 10 2012 14:16 Veritas wrote:Show nested quote +On June 10 2012 12:12 Nightmarjoo wrote:
Well specifically I was asking to see if you could support or contradict the claim that Spades hacked in his showmatch against Lucifron with your program. The anti-cheat monitor is the only fool-proof way of automatic detection. The replay analysis is meant to be a guide, nothing more. No automated replay analysis system will ever be without error. It is meant to inform users or admins that they may need to view a replay. Only significantly high counts of activity should be considered conclusive (e.g., 20+ suspected blink hack instances). My current replay patterns only detect a few things. However, the Spades replays flagged more screen block warnings than 50 APM platinum replays. On average there were at least 8 points in each game where he stared at a single spot in his base for longer than 10 sconds. Beyond that I cannot say until it's more advanced. Show nested quote +On June 10 2012 13:34 ZweiGaming wrote:Let's say I send you a 25 replays package, with some people I know hacked in those and some legit players, you would be able to find who's legit and who's not without error? If so, can we try this out... and if that end's up working i'd need your help in pinpointing hackers if your willing to in here: http://www.teamliquid.net/forum/viewmessage.php?topic_id=340614 I'd be happy to give it a try. But only the things I mentioned a few posts ago are checked right now. If you have replays of hacks that can be detected via replay analysis then I'd love to have your help making pattern detectors for them.
Thanks a lot, i'll be sending you few replays of hackers and some other of people we suspect via PM!
|
You are totally awesome for spending your time to do this. I don't have much to contribute to this thread but I just wanted to thank you for your hard work and I look forward to a time where your anti-hack launcher will allow us to play online-only tournaments on a fair level! You rock!!
|
Uncertain if you have done this yet, but have you tried running the Spades-replays through this?
Awesome work btw, big props!
|
This is silly. Blizzard does the best they can. No system you come up with will detect all hacks. If you release this anti-hack software in 2 days there will be a hack that confuses your software. Hell they could make a hack that takes advantage of your anti-hack software.
This is the same problem that anti-virus software has. No matter what detection upgrades you make it will be out done by hackers in 2 days. The resources of the hackers will always outstrip that of Blizzard.
The real secret is to make sure that hacking has no benefit. The first step to that is to convince the community that the ladder and ladder points are useless so don't cry over them. Second, tournament organizers must take their responsibilities to prevent hacking more seriously since Blizzard cannot.
|
sooo.... you should test your app with some Spades replays. Spades was saying he wished there was hack-detection software that could clear his name, right?
|
On June 10 2012 05:16 GhostFiber wrote:Show nested quote +On June 06 2012 06:20 JackDT wrote:
Any CS majors in here?
Download many maphacks. Play a bunch of games on them using every effort to hide that you are, but still trying to win. Train a machine learning system on the maphack replays.
I wouldn't be shocked if there is some tipoff that could be 100% accurate since the maphack is interacting with the keys stores in the replay in order to do the view freezes and hide looking into the fog. Very possible. But I think a smarter idea would be, make a really amazing maphack. (LeMap) and have it harvest replays from the hackers. That way your information set would be all races, leagues, and thousands of wins and losses.
You mean in the maphack software itself? That's a little too Machiavellian. You might as well just harvest the user names and then bust everyone using your program at some point in the future.
But I do think there is a great chance to find a 100% test. Like that reddit guy who theorized about the accuracy on the minimap and how maybe the screen clicks didn't align correctly when the maphack was holding your view still. Didn't work out, but a general purpose learning analysis could find a similar smoking gun.
Whether there is any hack detection in place, or any way to analyse replays, what the community should be doing right now is keeping an archive of all replays from every online tournament and qualifier. Just dump them somewhere they are small enough. If at some point in the future a technique is discovered which reveals hacking behavior then players can be busted and it doesn't matter if they patch the maphack at the point -- the damage is already done. This is how many were caught by TL in Brood War.
|
On June 10 2012 13:56 Defeat wrote:Go for it, better anticheat is always a good thing. Show nested quote +On June 06 2012 00:51 Nightwatch wrote:
Many people probably don't want to play tournaments if they have to download a software. 100% not true, many tournaments/ladders for games have you download programs that check for cheats or help log games. If this comes out and is decent, it will get picked up by any tournament wanting to improve their image. I'd say it would actually draw people to the tournament.
Just because people playing tournaments with such software doesn't mean that there are many that don't. It's kinda like some people not buying BF3 because of origin.
From my point of view why would I run a pointless piece of software. No offence but there is no way people can't bypass any clientside protection.
For other ideas like replay analysis you don't need clientside software. Thought I can't see this working well unless the hack is utterly obvious. Let alone that 20 or less replays are a far to small number and what happens if I send in a manipulated replay. Yeah, getting my opponent banned is good stuff.
|
Ideas like this always have one massive flaw. Creating a client-side anti-cheat program for a game like Starcraft 2 is, quite literally, impossible. As long as I maintain administrative access to my machine, there's nothing your anti-hack application can do to stop me from cheating.
Go ahead and make your program. Get its use required by all online tournaments. Guess what? Hackers will hook your system calls and return whatever your program expects to see. If your application is written in a managed language like Java or C#, the job will be even easier. Further, if your application is Open Source all bets are completely off (and to be frank, I'm not running a community developed anti-hack program on my computer if I can't see the source. Nope nope nope.).
At the end of the day, there are extremely few 100% reliable ways to detect hacks. Limited replay analysis happens to be one of those - if a player is performing actions that are physically impossible (e.g., blinking individual stalkers while his camera is somewhere else) then you can be certain something is wrong. Beyond that, there will never be a 100% foolproof method of hack detection, ever. As long as people retain physical access to the computers running the game, the only thing stopping someone from hacking is lack of expertise and time.
If anything, I am actually worried that this will make the maphacker's lives easier. They will be able to continue using hacks, but when questioned they can point to your application and say "See look, I'm not hacking, you can be sure because I'm running the community's anti-hack too1!"
|
I remember that wc3-pro ReminD used such anti-cheat programm at Bnet 1.0 ladder and was banned by Blizzard.
|
Maphack Detection:
This would check the position of the opponent's camera for known maphack signs. Fog of war peeking is easy to detect. The "screen lock" feature that some maphacks use would be even easier to detect.
If a user is flagged as suspicous then the person running the anti-hack software can be advised to watch the replay when the game is finished.
If both parties are running the software then camera positions of each player can be compared to make sure they match. Even if general hack detection is bypassed, this will reveal users using screen lock while fog of war peaking
Yeh well that won't work well. How is that even remotely reliable? Testing for user behavior is almost never more than some part of indication. "Fog of War peeking is easy to detect" - and doesn't necessarily mean ANYTHING, you should add that.
Because I must imagine most users do look at the fog of war every now and then. Sometimes just to issue move commands, to have a look at structure placement etc. of your opponent's base, send a scouting worker, or what I do for example, to set camera hotkeys.
For example in a 2 player map I'll always set one of my camera hotkeys to the other mains location, so that I can tab there quickly. Then what? Will I get flagged as potential maphacker every time I do this? If you don't want this you have to add exceptions like "don't count the first few minutes" and similar stuff, which in return actually makes this program totally pointless to begin with.
The only reliable way to prevent maphacks is complete server side calculations where you don't just distribute movement input etc. However that's not really possible in Starcraft 2 due to the very high amount of units for example.
You program won't work on a lot of hacks, and when that's the case, why should anyone bother installing it, which in itself could be considered a risk?
|
Even if a client side program is easily circumvented, what about remote automated replay analysis?
|
blizzards patch give them permission to scan your pc. with new agreement.
|
On June 10 2012 17:44 DeadBabySeal wrote:
Ideas like this always have one massive flaw. Creating a client-side anti-cheat program for a game like Starcraft 2 is, quite literally, impossible. As long as I maintain administrative access to my machine, there's nothing your anti-hack application can do to stop me from cheating.
Go ahead and make your program. Get its use required by all online tournaments. Guess what? Hackers will hook your system calls and return whatever your program expects to see. If your application is written in a managed language like Java or C#, the job will be even easier. Further, if your application is Open Source all bets are completely off (and to be frank, I'm not running a community developed anti-hack program on my computer if I can't see the source. Nope nope nope.).
At the end of the day, there are extremely few 100% reliable ways to detect hacks. Limited replay analysis happens to be one of those - if a player is performing actions that are physically impossible (e.g., blinking individual stalkers while his camera is somewhere else) then you can be certain something is wrong. Beyond that, there will never be a 100% foolproof method of hack detection, ever. As long as people retain physical access to the computers running the game, the only thing stopping someone from hacking is lack of expertise and time.
If anything, I am actually worried that this will make the maphacker's lives easier. They will be able to continue using hacks, but when questioned they can point to your application and say "See look, I'm not hacking, you can be sure because I'm running the community's anti-hack too1!"
Would love for a mod to do an ip check on your account given how suspicious it is lol.
|
On June 10 2012 17:44 DeadBabySeal wrote:
Ideas like this always have one massive flaw. Creating a client-side anti-cheat program for a game like Starcraft 2 is, quite literally, impossible. As long as I maintain administrative access to my machine, there's nothing your anti-hack application can do to stop me from cheating.
Go ahead and make your program. Get its use required by all online tournaments. Guess what? Hackers will hook your system calls and return whatever your program expects to see. If your application is written in a managed language like Java or C#, the job will be even easier. Further, if your application is Open Source all bets are completely off (and to be frank, I'm not running a community developed anti-hack program on my computer if I can't see the source. Nope nope nope.).
At the end of the day, there are extremely few 100% reliable ways to detect hacks. Limited replay analysis happens to be one of those - if a player is performing actions that are physically impossible (e.g., blinking individual stalkers while his camera is somewhere else) then you can be certain something is wrong. Beyond that, there will never be a 100% foolproof method of hack detection, ever. As long as people retain physical access to the computers running the game, the only thing stopping someone from hacking is lack of expertise and time.
If anything, I am actually worried that this will make the maphacker's lives easier. They will be able to continue using hacks, but when questioned they can point to your application and say "See look, I'm not hacking, you can be sure because I'm running the community's anti-hack too1!"
pretty much this. being someone who's been in the community forever, even warden is limited.
|
Don't forget to do extensive testing with something like this to prevent false positives.
|
I've been thinking about coding something like this for a bit. My idea was a smurf detector for tournys. Users would have to run the tourny's application to be able to play and it would go through the sc2 files and pick out all accounts used on that computer. Now sure someone can delete all of that or claim it is a friend's account but I'll figure out something else for that.
|
For online low-level tournaments to thrive they need to have a constant, vigilantly updated anti-hack tool kit at their disposal
|
Some guy on reddit says he's making anti-hack software and actually provided some alpha-level blink detection stuff.
Link
|
Canada13389 Posts
On June 14 2012 12:38 Johnnysc2 wrote:Some guy on reddit says he's making anti-hack software and actually provided some alpha-level blink detection stuff. Link
Well now we have an after the fact blink hack detector. Would need to test it against known non hackers (ie. Local play) of a very very good player to make sure it won't false positive.
|
On June 14 2012 12:38 Johnnysc2 wrote:Some guy on reddit says he's making anti-hack software and actually provided some alpha-level blink detection stuff. Link
Yo, some guy here. =P
I can't make a thread since I just created a TL account (long time lurker).
I'll be releasing full source as well (though if you are impatient you can just use reflector, it's really basic stuff). This is all pretty bleeding edge right now though.
|
Well now we have an after the fact blink hack detector. Would need to test it against known non hackers (ie. Local play) of a very very good player to make sure it won't false positive.
There WILL be some false-positives. The false positives are in the form of "we saw a few blinks that match the pattern, but it was less than 40% of all blinks", for example.
There's a dead giveaway if the hack does all the work in one tick. Here's an example from http://idleengineer.com/blink.txt:
BLINK HACK DETECTED.
Total: 25 suspect: 23.
92% suspect blinks.
Suspect blinks at these times:
[snip]
00:16:03.562
00:16:03.562
As you can see, the hack is dumb enough to do things faster than any human can: Deselect, blink, attack-move, select, (twice!). All within the same game tick. My program doesn't currently check for this, but it will tomorrow.
Here's the blog post I detail what I'm doing to detect blink hacks: http://www.idleengineer.com/2012/06/13/to-catch-a-cheater-part-2-blink/
OP, feel free to steal this technique if you weren't doing so already. I plan on releasing full source soon-ish, though it's a very simple state-machine to detect the blink hack.
I also plan on working to detect a LOT more than just blink hacks. This is just the first thing we put together as a proof of concept.
|
Canada13389 Posts
On June 14 2012 12:52 leculver wrote:Show nested quote +Well now we have an after the fact blink hack detector. Would need to test it against known non hackers (ie. Local play) of a very very good player to make sure it won't false positive. There WILL be some false-positives. The false positives are in the form of "we saw a few blinks that match the pattern, but it was less than 40% of all blinks", for example. There's a dead giveaway if the hack does all the work in one tick. Here's an example from http://idleengineer.com/blink.txt:Show nested quote +BLINK HACK DETECTED.
Total: 25 suspect: 23.
92% suspect blinks.
Suspect blinks at these times:
[snip]
00:16:03.562
00:16:03.562 As you can see, the hack is dumb enough to do things faster than any human can: Deselect, blink, attack-move, select, (twice!). All within the same game tick. My program doesn't currently check for this, but it will tomorrow. Here's the blog post I detail what I'm doing to detect blink hacks: http://www.idleengineer.com/2012/06/13/to-catch-a-cheater-part-2-blink/OP, feel free to steal this technique if you weren't doing so already. I plan on releasing full source soon-ish, though it's a very simple state-machine to detect the blink hack. I also plan on working to detect a LOT more than just blink hacks. This is just the first thing we put together as a proof of concept.
Ah I see, didn't realise it was that specific, in which case yeah no human can provide 4 or 5 commands in one millisecond 
|
I don't think a 3rd party should be responsible with overseeing starcraft bans. While I agree with the anti-cheating attempt, I would not want to risk my career on the word of some unknown claiming hacks. This seems like it will always lag behind the latest new hack (false negative) as well as risking unjustly ending some players chances for life (false positives).
|
On June 14 2012 13:16 Darkstar_X wrote:
I don't think a 3rd party should be responsible with overseeing starcraft bans. While I agree with the anti-cheating attempt, I would not want to risk my career on the word of some unknown claiming hacks. This seems like it will always lag behind the latest new hack (false negative) as well as risking unjustly ending some players chances for life (false positives).
Ending some players' chances for life? It's not that hard to buy another copy of the game. And I don't think any amount of 3rd party hack detection will make Blizzard any more likely to start banning players. Blizzard is probably going to keep being as lazy as they have been as far as banhammer goes.
|
I'm skeptical of this. If your application detects the location of the other player's camera, how is it any different from what a maphack looks like to Blizzard's detection software? Considering Blizzard's relative incompetence in dealing with hacks, it seems like a lot of people would be banned for using anti-hack software right now.
|
Sceptical of this, however I'm glad to see people working on it. Thank you for your efforts and it's only through things like this can we start deterring hackers, although we'll never eliminate them.
|
On June 14 2012 12:44 leculver wrote:Show nested quote +On June 14 2012 12:38 Johnnysc2 wrote:Some guy on reddit says he's making anti-hack software and actually provided some alpha-level blink detection stuff. Link Yo, some guy here. =P I can't make a thread since I just created a TL account (long time lurker). I'll be releasing full source as well (though if you are impatient you can just use reflector, it's really basic stuff). This is all pretty bleeding edge right now though.
I sent you a message on reddit about this. I think releasing the source is a very bad idea, which is the reason mine is a web service. Providing the method you're using to detect to the public is a fast track way to ensure it no longer works.
|
If they are smart enough to reverse engineer Starcraft 2, they are smart enough to figure out what you are doing and work around it. I know because I do this for a living... (Pick apart software, that is.)
Even if your service is a black box, they'll just submit replays they've modified until they've figured out what you are doing to detect them. I've decided it's not worth trying to "hide" how to detect anything. They'll make changes to how their software works, I'll update mine to detect it. The only way they can completely get around this is to make their hack play as slow and crummily as a human, at which point we've won.
Keep in mind, you are working against some of the smartest programmers out there. Say what you will about people who use these hacks, but the people making them are very sharp. Might as well give them the benefit of the doubt and adapt accordingly.
|
On June 10 2012 17:44 DeadBabySeal wrote:
Ideas like this always have one massive flaw. Creating a client-side anti-cheat program for a game like Starcraft 2 is, quite literally, impossible. As long as I maintain administrative access to my machine, there's nothing your anti-hack application can do to stop me from cheating.
Go ahead and make your program. Get its use required by all online tournaments. Guess what? Hackers will hook your system calls and return whatever your program expects to see. If your application is written in a managed language like Java or C#, the job will be even easier. Further, if your application is Open Source all bets are completely off (and to be frank, I'm not running a community developed anti-hack program on my computer if I can't see the source. Nope nope nope.).
At the end of the day, there are extremely few 100% reliable ways to detect hacks. Limited replay analysis happens to be one of those - if a player is performing actions that are physically impossible (e.g., blinking individual stalkers while his camera is somewhere else) then you can be certain something is wrong. Beyond that, there will never be a 100% foolproof method of hack detection, ever. As long as people retain physical access to the computers running the game, the only thing stopping someone from hacking is lack of expertise and time.
If anything, I am actually worried that this will make the maphacker's lives easier. They will be able to continue using hacks, but when questioned they can point to your application and say "See look, I'm not hacking, you can be sure because I'm running the community's anti-hack too1!"
That doesn't mean there's isn't anything to be done about it.
One 'client side' anti cheat system big online tournaments could use is to have a camera pointed at the player's display setup recording locally, and then sent to the admins after for verification.
The other thing that should be done right now is to archive all major online tournaments replays from this point forward. If there is a flaw in the maphack discovered at any point in the future people can still busted even if they fix the maphack right away. This happened during broodwar -- people were busted from old archives by teamliquid admins and then banned from future tournaments. This makes cheating a LOT more risky. You could be busted a year after you played that match.
Even warden type programs could be mildly effective as long as they were updated immediately before large online tournaments start. Make players play their matches BEFORE they have had time to test whether it can detect their current maphack software.
|
On June 06 2012 01:19 ZeromuS wrote:
I posted this in the other thread but here it goes.
In MOHAA there was an anti hack that would screen cap randomly. If you were suspected of hacking you would be given 24 hours to email an admin the screenshot collection and if hacks were found you would be banned, if none no ban and if no Emil you would get banned as well. Worked pretty well and it can work for tournaments run online only for sc2 idf there was a similar application.
you are talking about punkbuster, its still out there too...... BF2 used it, i assume bf3 uses it. It randomly takes screenshots from server side which means they aren't cleaned up by the client side hack, instead the hack often sends through "snow" instead as it blocks punkbuster taking screenies.... you see a ss that is just static? Ban.
|
The other thing that should be done right now is to archive all major online tournaments replays from this point forward. If there is a flaw in the maphack discovered at any point in the future people can still busted even if they fix the maphack right away. This happened during broodwar -- people were busted from old archives by teamliquid admins and then banned from future tournaments. This makes cheating a LOT more risky. You could be busted a year after you played that match.
That's exactly what I'm going after. For ladder games too, though those matter less. If I figure out how to detect cheats people are using now, three months in the future, you could still have your account banned.
To be honest, it's the risk vs. reward dynamic that I'm actually trying to change here. Do you want to risk that we detect your hack at any point in the future and have your account banned? I want there to be risk of future discovery for anyone who cheats.
|
I'd love to see a rating system of 'how suspicious'.
1. Nothing out of the ordinary.
2. Something is fishy.
3. Likely cheater.
4. NESTEA!
|
On June 15 2012 04:01 leculver wrote:
If they are smart enough to reverse engineer Starcraft 2, they are smart enough to figure out what you are doing and work around it. I know because I do this for a living... (Pick apart software, that is.)
Even if your service is a black box, they'll just submit replays they've modified until they've figured out what you are doing to detect them. I've decided it's not worth trying to "hide" how to detect anything. They'll make changes to how their software works, I'll update mine to detect it. The only way they can completely get around this is to make their hack play as slow and crummily as a human, at which point we've won.
Keep in mind, you are working against some of the smartest programmers out there. Say what you will about people who use these hacks, but the people making them are very sharp. Might as well give them the benefit of the doubt and adapt accordingly.
No doubt. But there's no point in making life easier for them.
Obviously we have different goals in mind. If you want to help out with client-side hack detection then I'd welcome the help. Likewise, if you want help with replay analysis patterns holla at me.
|
I'm a worthless piece of low life scum
User was banned for being a hacker.
|
As long as you provide hacks to idiots who go around making it blatant, you will be detected. It's that simple.
|
On June 15 2012 08:44 Veritas wrote:
As long as you provide hacks to idiots who go around making it blatant, you will be detected. It's that simple.
Don't feed the troll.
|
On June 15 2012 04:52 leculver wrote:Show nested quote +The other thing that should be done right now is to archive all major online tournaments replays from this point forward. If there is a flaw in the maphack discovered at any point in the future people can still busted even if they fix the maphack right away. This happened during broodwar -- people were busted from old archives by teamliquid admins and then banned from future tournaments. This makes cheating a LOT more risky. You could be busted a year after you played that match. That's exactly what I'm going after. For ladder games too, though those matter less. If I figure out how to detect cheats people are using now, three months in the future, you could still have your account banned. To be honest, it's the risk vs. reward dynamic that I'm actually trying to change here. Do you want to risk that we detect your hack at any point in the future and have your account banned? I want there to be risk of future discovery for anyone who cheats.
Sounds good. I wonder if TL would be willing to host the archive of tournament and qualifier replays. I think you are right that even if nobody works hard on cheat detection in the near future, the mere existence of such an archive changes the risk/reward significantly.
|
This sounds good and im up to help anyone who starts a anti-cheat project for sc2.(if its being made in c#/c++)
Also the best way to detect the cheats is to actually use them and check the memory stream for patterns but you might have to spend alot of money doing this and also having the risk of getting your account banned.
Thats atleast how I made my anti cheats for other games.
|
|
|
The thing i would want to see is some kind of "hack detection" implimented into sc2gears. If a widely used piece of software gets the hack detection it would probabaly end up with more people reporting hackers. I've had a few games where i've thought "i wonder if this guys hacking" and then just moved on.
If i could run my ladder replays through sc2 gears and see "HackyMcHackerson used hacks in that game" or "94% chance of hacks in this game" preferably with time data as evidence to check the replay. I'd go and report him.
Detection is the first issue followed by the community reporting people to blizzard when they have proof. Im sure if HackyMcHackerson gets enough reports next to his name he will be banned.
|
I'm pretty sure that the good hackers will only use the production tab and minimap hack, which would be almost undetectable save for a program that the user had to use that took screenshots randomly. But I'm pretty sure that Blizzard has said they will not allow 3rd party programs like that.
|
On June 15 2012 10:13 Johnnysc2 wrote:
I'm pretty sure that the good hackers will only use the production tab and minimap hack, which would be almost undetectable save for a program that the user had to use that took screenshots randomly. But I'm pretty sure that Blizzard has said they will not allow 3rd party programs like that.
However anything that weeds out the "script kiddys" is a good thing.
|
Canada13389 Posts
On June 15 2012 10:15 Archybaldie wrote:Show nested quote +On June 15 2012 10:13 Johnnysc2 wrote:
I'm pretty sure that the good hackers will only use the production tab and minimap hack, which would be almost undetectable save for a program that the user had to use that took screenshots randomly. But I'm pretty sure that Blizzard has said they will not allow 3rd party programs like that. However anything that weeds out the "script kiddys" is a good thing.
Yeah would really help a lot actually. If they aren't auto making workers and auto blinking the mid masters and below would be much better off. The problem with SC2 and the way the skill gaps work is auto blink, auto inject and auto worker will automatically place you in an ok league like diamond with little to no good decision making.
Map hacks means no losing to cheese and worker making means good income based macro :s Then they just need to learn when to make what units and gg.
|
DO IT!we need this,it will be awesome to have and it will be awesome to see players fall out of gm!if you make this i will have your babys for you
|
|
|
+1 making it into some addon for sc2gears to automatically submit replays once they are saved, that would be so awesome.
|
If he made it an addon to sc2gears it would be amazingtastic <3
|
|
|
|
|
|
EPT
