That’s simply not a great solution. You can’t make a fast paced fps feel good without trusting the client. Even quake has some factor of client trust. The issue is that even if the client sends just inputs across the network, you still end up with cheats that seems the exact inputs to click on a person’s head. You are trusting the inputs are sane. So that’s the raw metric of not trusting the client, it’s just sending the user data and the user data can be manipulated in order to cheat.
So you still failed to secure the game simply by trusting the client. It’s not possible and it’s an argument that comes from not understanding the technical challenge at play here.
No amount of clientside anticheat software can stop that either though, anything running on the clientside can be faked/manipulated with enough effort
Also you could argue someone could simply plug in another device that takes a video input and can simulate a keyboard and mouse
On the server side, you could check for abnormalities in a person’s stats, for example if they get >90% headshots, if they’re getting a lot of kills outside a weapon’s normal range, amount of time aiming at enemies through walls that they shouldn’t be able to see etc etc
Then, once someone is suspicious enough, flag it up to a human moderator who can watch them and verify
Not saying there shouldn’t be any clientside anticheat at all but at the point of the anticheat putting itsself in kernel space it’s gone too far
On the server side, you could check for abnormalities in a person’s stats, for example if they get >90% headshots, if they’re getting a lot of kills outside a weapon’s normal range, amount of time aiming at enemies through walls that they shouldn’t be able to see etc etc
That’s called heuristics and EAC does that as well. Why not do both?
Not saying there shouldn’t be any clientside anticheat at all but at the point of the anticheat putting itsself in kernel space it’s gone too far
Why? this isn’t the opinion of a lot of the players out there.
I hate that the solution for them is to try to lock down users’ own machines rather than trying to secure their own servers with server side anticheat
Goes against the whole philosophy of never trusting the clientside
That’s simply not a great solution. You can’t make a fast paced fps feel good without trusting the client. Even quake has some factor of client trust. The issue is that even if the client sends just inputs across the network, you still end up with cheats that seems the exact inputs to click on a person’s head. You are trusting the inputs are sane. So that’s the raw metric of not trusting the client, it’s just sending the user data and the user data can be manipulated in order to cheat.
So you still failed to secure the game simply by trusting the client. It’s not possible and it’s an argument that comes from not understanding the technical challenge at play here.
No amount of clientside anticheat software can stop that either though, anything running on the clientside can be faked/manipulated with enough effort
Also you could argue someone could simply plug in another device that takes a video input and can simulate a keyboard and mouse
On the server side, you could check for abnormalities in a person’s stats, for example if they get >90% headshots, if they’re getting a lot of kills outside a weapon’s normal range, amount of time aiming at enemies through walls that they shouldn’t be able to see etc etc
Then, once someone is suspicious enough, flag it up to a human moderator who can watch them and verify
Not saying there shouldn’t be any clientside anticheat at all but at the point of the anticheat putting itsself in kernel space it’s gone too far
That’s called heuristics and EAC does that as well. Why not do both?
Why? this isn’t the opinion of a lot of the players out there.