x4e
commented
3 years ago I think there are some fundamental issues with your argument, even though I agree with parts.
Firstly, if you want to suggest changes I recommend you take time to write out a thoughtful, helpful and grammatically correct proposal. Your issue is long and feels like something you wrote out of spite in 5 minutes.
Secondly, the issue you present at first is not a cheating issue but a trust factor issue. Cheating is NOT an issue in this game. Over the past year I've come across 0 people in comp and 1 in casual who I actually thought were cheating.
Your problem is that you have a low cheating trust factor. Incorrect trust factors are a big problem, I myself have a very low toxicity trust factor (lots of team killers/griefers). I'm not sure what to do about this (if anyone from the csgo team wants to take a look my steam id is STEAM_1:0:91441613).
You recommend virtualization and specifically VM Protect. One, this is slow. CSGO is known for running fast on even shit computers, so I imagine valve would not want to sacrifice performance for security.
The devs also aren't able to use random anti debugging code that you link to because it doesn't have a license.
HWID bans are intrusive. It has been proven before that steam collects HWIDs, so I'm sure it plays a part in trust factor if your HWID has been involved in cheating previously, however banning people's computers is unnecessary and intrusive.
I do agree however the game needs better reverse engineering protections. Stuff like using a packer would help without degrading runtime performance.
Overall, in my opinion cheaters aren't a problem for CSGO. The majority of people complaining about cheaters have low trust factor / are getting tilted and accusing innocents.
BlackYuzia
SamuelTulach
Col-E
ericek111
kisak-valve
Your system information
Steam->Help->System Information) in a gist: https://gist.github.com/SamuelTulach/af16b8d6398526eaf4cf94c9dd475cf0Please describe your issue in as much detail as possible:
On a Steam profile with level 101 and inventory with a value of at least 800$, 1100 hours of playtime, I am getting matched against level zeroes with 20 hours in game that are blatantly cheating.
Steps for reproducing this issue:
Before you flag this issue as invalid and close it, please at least consider reading this.
You don't need any intrusive anticheat solution to stop cheaters. All that I am asking is for someone to actually start caring about the game. Have you ever trying looking online how easy it is to cheat in CS:GO? It has come to the point when where someone asks on a reverse engineering forum, how they should learn code injection and function hooking, instead of recommending them some CTFs or games like PwnAdventure, they are being told to just make a cheat for CS:GO because of how many public sources are available. There are literally sites and repositories that have updated offsets for the game that are being updated few minutes after each game update. This is the main issue with the game. Not only you are not doing anything against cheating actively, but you are even encouraging it by making it so easy.
Imagine following scenario. A person has really basic knowledge of C++ and wants to make his own cheat for the game. All that he needs to do, it to figure out how to read process memory, get base address of modules and then simply use some publicity available offset dumper or just strait up copy the offsets to loop though entities and enable glow on each of them. It does not require any reverse engineering skills. It does not require any advanced knowledge of system internals.
You have tried to fix this problem by introducing trusted launch, which literally only hooks LoadLibrary function on Windows to prevent loading of unsigned DLLs. I am sorry but is this a joke? Seriously there is nobody at Valve that would have basics understanding of how could cheats work? Not only it can by bypassed completely by patching one byte, but why would anyone do that when basically any public DLL injector supports manual mapping - in case you don't know, that means that memory is allocated in the process manually, imports and relocations are also resolved manually by the injector and then the entry point of the dll is called usually from hijacked thread. Hooking LoadLibrary did not help anything. It only annoyed bunch of people, because lot of legitimate programs (such as OBS), stopped working.
What can you do about it? The answer is pretty simple. Do what other game developers do!
At this point, 99% of all cheats would be instantly dead and each update, it would take the cheat developers solid amount of time to get their cheats updated. If you want to go beyond that and make sure that cheating will be basically completely dead, you can also do some basic usermode checks like:
I honestly don't know how to end this. I seriously love the game. It's counter-strike after all - one of the most famous FPS titles, but with such a massive cheating problem, I can't just enjoy the game at all. If you need any help with any of those things above, I can help (but I seriously don't think you would not be able to do it). If you need a proof that it's possible to write a glow cheat under 5 minutes from scratch and without even getting the offsets from some dumper, I am willing to show you. All I want is for the game to be playable.
Quick summary: The game is suffering from the amount of public sources for cheats available. It could be resolved without using intrusive anticheat solution. Make it harder to reverse engineer the game and make sure that old sources are not functional anymore.
Thanks.