Maintenance for the week of December 23:
• NA megaservers for maintenance – December 23, 4:00AM EST (9:00 UTC) - 9:00AM EST (14:00 UTC)
• EU megaservers for maintenance – December 23, 9:00 UTC (4:00AM EST) - 14:00 UTC (9:00AM EST)

[Permabans being lifted] ZOS how are we as a community dealing with exploits/hacking?

  • WhiteCoatSyndrome
    WhiteCoatSyndrome
    ✭✭✭✭✭
    ✭✭✭✭
    For those of you wondering about the lack of reaction from ZOS...at least some of that is because today is a holiday in the US. Though if they have any sense, they'll buff their support staff for future three day weekends.
    #proud2BAStarObsessedLoony
    PAWS (Positively Against Wrip-off Stuff) - Say No to Crown Crates!
    A useful explanation for how RNG works
    How to turn off the sustainability features (screen dimming, fps cap) on PC
    Merry Christmas and happy New Life!
  • timidobserver
    timidobserver
    ✭✭✭✭✭
    ✭✭✭✭
    Ch4mpTW wrote: »


    IS THE LAG BETTER NOW??



    Lmao, this is ESO. And in a place like Cyrodiil? Hell no. :D

    @Ch4mpTW I am looking for confirmation. If lag is better then it proves that they dropped the server-side validation. It also proves that the server-side validation did in fact cause the lag.

    The validation was never there. As I understand it, people have been subtly using this exploit for a long time. It's just coming into the light now because someone made it impossible to ignore or explain away as L2P.
    Edited by timidobserver on May 30, 2016 4:53PM
    V16 Uriel Stormblessed EP Magicka Templar(main)
    V16 Derelict Vagabond EP Stamina DK
    V16 Redacted Ep Stam Sorc
    V16 Insolent EP Magicka Sorc(retired)
    V16 Jed I Nyte EP Stamina NB(retired)

  • Mush55
    Mush55
    ✭✭✭✭
    So much for the pc master race, glad i'm a console peasant.....
  • HuawaSepp
    HuawaSepp
    ✭✭✭
    I don't get why game companies dont just make a very verbal zero tolerance to hacks etc, once they come down real hard just one time it would put the average player off, be the company that everyone knows will not stand for it.

    The hack is only avaliable for pc so they can count on their Xbox and PS community.
    Doing smth against this is just not worth the money
    PTS-EU
  • Phinix1
    Phinix1
    ✭✭✭✭✭
    ✭✭✭✭✭
    Do your part!

    1-click report cheaters at a distance

    If you can see their name under your cursor, no matter how far away, you can hit a single keybind to grab their name and report them with this addon.
  • Lysette
    Lysette
    ✭✭✭✭✭
    ✭✭✭✭✭
    Turelus wrote: »
    @Ch4mpTW on this issue I lost faith about a year and a half ago.

    I love this game, I love the developers but as I've said there is some messed up backwards corporate style of running things going on which doesn't mesh with an MMO company.

    I won't give up given them lip for these kinds of issues, I just wondering how long it's worth trying for rather than playing the game and pretending it's not cheat2win.

    So for ZOS (if they're still reading) once again here are all the examples of what you should be doing.

    SWTOR Exploit Warning Post
    EVE Online Exploits Page
    Diablo 3 Exploit Warning Post
    Guild Wars 2 Reddit Comment

    Take note of how every other major company actually talks about the issues, how they warn people and then ban them and then ban them.

    Here is an example from EVE Online from this year.
    Firstly they make a news post when they become aware: https://community.eveonline.com/news/news-channels/eve-online-news/drone-exploit-notification/ This news post is on the websites/forums/launcher/character select or as close to everywhere they can get it.
    Then they fix the issue ASAP, not "next update" ASAP.
    Then they look through the data and reports and take action against accounts.
    Note that CCP now has a two strike policy (down from three) meaning temp ban, then perma ban.
    They have a smaller player base and ESO but haven't been doomed by very draconian rules enforcement so that argument can't be used.

    Here are three videos from their security team talking about rules enforcement and server security. Notice how they're open about things.

    https://www.youtube.com/watch?v=7Vd-CpnjvAM

    https://www.youtube.com/watch?v=1CZR9w3ftjY

    https://www.youtube.com/watch?v=WBD7CL9oQqE

    On a personal note which I am not sure matters to ZOS but hey ***...

    I really hope someone from ZOS actually takes the time to watch those videos, because for whatever you want to say about EVE Online the company running it are probably one of the best in the world. I invest seven years of my life into that game, took five vacations to Iceland to attend their fanfest, dropped money on $100+ collectables, was a member of a corp (guild) of friends for five years.

    This year I unsubbed and left all of that behind because I liked ESO more, for all the issues this game faces I enjoy the base mechanics and gameplay of it more. However when threads like this are happening, when I sit and work reading the forums at lunch and every single day I see a new thread about exploits get buried and ignored or just moderated away, I have to ask myself why am I bothering, there are better ways to spend my time and money.

    And the results of CCPs efforts to combat cheating - on fanfest 2015

    https://www.youtube.com/watch?v=WBD7CL9oQqE

    argh, you have added this already - sorry.

    Edit: you just think that you left EVE behind - but you will return - EVE will still wait for your return, when games like ESO will long be dead.
    Edited by Lysette on May 30, 2016 5:10PM
  • SirAndy
    SirAndy
    ✭✭✭✭✭
    ✭✭✭✭✭
    https://forums.elderscrollsonline.com/en/discussion/268389/a-message-from-zazeer-hacking/p1

    I told you so (for almost 3 years) doesn't feel as good as it should ...
    sad.gif

    PS: Gonna repeat this here again:
    What people need to understand is that on the PC, you can write an app that can read and write *any* running process's memory. Memory is NOT protected!

    And it's not hard to do either, the code required for such an app is pretty simple. Once you find the right data offsets while the game is running, you can change them at will in realtime.
    type.gif
  • ThePonzzz
    ThePonzzz
    ✭✭✭✭✭
    Haderus is completely unplayable right now. I don't know just how many people are doing stuff, but people were flying through the air and just going nuts. I thought it was lag last night. Like I didn't see the inner wall come down. But it's pretty shameless right now. Not really fun. On top of that, you have Haderus pop locked and good players pushing emp too. But if you just have 1 person per group doing this stuff, it makes them nearly invincible.

    Shame it has to be so close to DB launch, because I doubt anything this severe can be hotfixed. So it's gotta last for at least a week.
  • Lysette
    Lysette
    ✭✭✭✭✭
    ✭✭✭✭✭
    SirAndy wrote: »
    https://forums.elderscrollsonline.com/en/discussion/268389/a-message-from-zazeer-hacking/p1

    I told you so (for almost 3 years) doesn't feel as good as it should ...
    sad.gif

    PS: Gonna repeat this here again:
    What people need to understand is that on the PC, you can write an app that can read and write *any* running process's memory. Memory is NOT protected!

    And it's not hard to do either, the code required for such an app is pretty simple. Once you find the right data offsets while the game is running, you can change them at will in realtime.
    type.gif

    This is what a proper client-server architecture is for, which does NOT trust the client software, but performs vital things on the server and leaves just minor things like running animations or do flex hair and stuff like that to the client - well, ESO does not have flex hair, but there are MMOs which have this as well as body physics - and that stuff is done client-side for example.
  • Avezack
    Avezack
    ✭✭
    https://www.youtube.com/watch?v=zYg8n3kimGI
    No mercy for hacking/exploiters
  • dsalter
    dsalter
    ✭✭✭✭✭
    ✭✭
    Avezack wrote: »
    https://www.youtube.com/watch?v=zYg8n3kimGI
    No mercy for hacking/exploiters

    ugh i hated that abomination of a film
    PLEASE REPLY TO ME WITH @dsalter otherwise i'm likely to miss the reply if its not my own thread

    EU - [Arch Mage Dave] Altmer Sorcerer
    Fight back at the crates and boxes, together we can change things.

  • Phinix1
    Phinix1
    ✭✭✭✭✭
    ✭✭✭✭✭
    ThePonzzz wrote: »
    Shame it has to be so close to DB launch, because I doubt anything this severe can be hotfixed. So it's gotta last for at least a week.

    ZOS could run a simple script and mass-ban everyone it flags, and ask questions later.

    All the player interactions with the server are recorded.

    All the script would have to do is analyze how many ultimates were cast over an interval of time. With some basic template calculations and a reasonable margin, flag any player that cast more than the legitimately possible number within any period and ban them.

    Then come back and do proper sanity checks and server-side later.

    I actually think it's pretty funny how many think this is "undetectable" unless someone reports you.

    Edited by Phinix1 on May 30, 2016 5:25PM
  • Nebthet78
    Nebthet78
    ✭✭✭✭✭
    ✭✭
    Frankly, one of the first things I think ZOS should do while they go through dealing with the cheaters is to Disable ALL Add-Ons until they can figure out and deal with how to prevent this in the future.

    There may be a lot of people miffed about losing the use of Add-Ons, but for the long term health of the game, this would be a better alternative than shutting down the servers as I have seen some people suggest. That way every one is put on a level playing field and they are not actually required to enjoy the game.

    Now another thing that I am concerned about in regards to this whole hack cheat, is just HOW much has this third party program been influencing the way the devs "attempt" to balance the game, which never seemed to actually work out.

    How many nerf threads have been created because of people coming up against other players using that program to increase their attributes, regeneration, DPS, or cost reductions by 10-20+%?

    Infinite Dodge rolling, Infinite Blocking, Speed running, Infinite Shields?? Just how much has this Cheat program influenced the constant nerfing at the hand of the Devs in the name of "Game Balance"?
    Far too many characters to list any more.
  • SirAndy
    SirAndy
    ✭✭✭✭✭
    ✭✭✭✭✭
    Nebthet78 wrote: »
    Frankly, one of the first things I think ZOS should do while they go through dealing with the cheaters is to Disable ALL Add-Ons until they can figure out and deal with how to prevent this in the future.
    @Nebthet78
    You are confusing AddOns with 3rd party apps. This whole thing has absolutely NOTHING to do with game AddOns!

    See my post above. It's a known standalone app that allows one to manipulate the ESO memory while the game is running.
    shades.gif

    Edited by SirAndy on May 30, 2016 5:50PM
  • ola.wilhelmssonb16_ESO
    Nebthet78 wrote: »
    Frankly, one of the first things I think ZOS should do while they go through dealing with the cheaters is to Disable ALL Add-Ons until they can figure out and deal with how to prevent this in the future.

    There may be a lot of people miffed about losing the use of Add-Ons, but for the long term health of the game, this would be a better alternative than shutting down the servers as I have seen some people suggest. That way every one is put on a level playing field and they are not actually required to enjoy the game.

    Now another thing that I am concerned about in regards to this whole hack cheat, is just HOW much has this third party program been influencing the way the devs "attempt" to balance the game, which never seemed to actually work out.

    How many nerf threads have been created because of people coming up against other players using that program to increase their attributes, regeneration, DPS, or cost reductions by 10-20+%?

    Infinite Dodge rolling, Infinite Blocking, Speed running, Infinite Shields?? Just how much has this Cheat program influenced the constant nerfing at the hand of the Devs in the name of "Game Balance"?

    Isn't the cheat we're all raving about, an entirely separate, third-party program? Would disabling add-ons even help in the slightest?
  • Tommy1979AtWar
    Tommy1979AtWar
    ✭✭✭✭
    Well whatever happens you just know that the players who haven't cheated are gonna get screwed over just like every other time.
    What do you think they'll nerf this time? AP?... RNG?.. place your bets!
  • Pallio
    Pallio
    ✭✭✭✭✭
    Is this new unlimited power buff going to be implemented in the game or fixed? 600k score in VMA sounds intriguing, actually finishing it all would be nice for most of us.
  • ola.wilhelmssonb16_ESO
    There's a locked thread, with a very informative, but sometimes extremely technical discussion about the lates hack/cheat:
    https://forums.elderscrollsonline.com/en/discussion/268253/a-few-facts-about-the-recent-ultimate-exploit-hack#latest
    From what I understand of that thread, disabling add-ons will not help. At all. But I know very little of programming and server/client technology, so read that thread for yourselves.
    Edited by ola.wilhelmssonb16_ESO on May 30, 2016 6:10PM
  • Korah_Eaglecry
    Korah_Eaglecry
    ✭✭✭✭✭
    ✭✭✭✭
    Oh no we got too many threads about this issue. Better sweep it under the rug and force everyone into one easy to lose sight of thread.

    Im tempted to flood this damn forum with as many threads about the topic as possible. It probably get me banned but hey....If players can exploit and get a three day vacay and players can go years outright hacking the game.
    Penniless Sellsword Company
    Captain Paramount - Jorrhaq Vhent
    Korith Eaglecry * Enrerion Aedihle * Laerinel Rhaev * Caius Berilius * Seylina Ithvala * H'Vak the Grimjawl
    Tenarei Rhaev * Dazsh Ro Khar * Yynril Rothvani * Bathes-In-Coin * Anaelle Faerniil * Azjani Ma'Les
    Aban Shahid Bakr * Kheshna gra-Gharbuk * Gallisten Bondurant * Etain Maquier * Atsu Kalame * Faulpia Severinus
    What is better, to be born good, or to overcome your evil nature through great effort? - Paarthurnax
  • arena25
    arena25
    ✭✭✭✭✭
    Hello all, Lord Arena25 here.

    Every game has that exploit that a lot of players use and it made a mess of PR in their respective games. For World of Warcraft it was the Saronite Bomb Platform Rebuild. For RIFT it was a dummy boss mechanic. And now ESO has to deal with this mess.

    While unfortunate, ESO isn't the first game to have this kind of a PR issue right before a major content update, and I doubt ESO will be the last game to have this kind of a PR issue right before a major content update.

    I'll be back later when I can be bothered.

    Signed,
    Lord Arena25
    If you can't handle the heat...stay out of the kitchen!
  • Minalan
    Minalan
    ✭✭✭✭✭
    ✭✭✭✭
    There's a locked thread, with a very informative, but sometimes extremely technical discussion about the lates hack/cheat:
    https://forums.elderscrollsonline.com/en/discussion/268253/a-few-facts-about-the-recent-ultimate-exploit-hack#latest
    From what I understand of that thread, disabling add-ons will not help. At all. But know very little of programming and server/client technology, so read that thread for yourselves.

    It's true that you can't completely make a client program 'safe', but there's plenty that you can do to improve from where they are now. Enough so that a bunch of 15 year old children with a memory edit program can't break in.

    * They have no redundancy in their data structures. No checksums, hash values, or copies of the data are stored to use for integrity checks. They have no security built around core objects, so that modifications and reads done to private object variables *must* be done via method calls with specific/valid keys or tokens that change over time.

    * They didn't bother to encrypt or compress their core data structures. Everything is apparently stored once and easily readable. Really, this isn't hard guys.

    What does all this do? If the encrypted and compressed object values for your health or ultimate don't match up to a dozen internal copies, each hashed with a different algorithm, then crash the client and report to the server. Three reports and your login stops working, and you spend two hours on the phone with customer service listening to elevator music. This won't stop the NSA, but your average kid? Probably.

    * There is no server side cheat detection. There are no algorithms checking whether a player should be dead from damage, out of mana/stamina from skill use, or have no ultimate left after dropping one meteor.

    Even if you do get a kid who manages to break your client, the server should have extensive cheat detection algorithms in place to stop it. Someone taking 50K damage and surviving. Someone spending 50K Magicka in a few seconds. Someone ripping too many attacks at once. Someone moving too fast. Check. And have the server hang up that person.

    * They have no routines in place to shut down or temp ban players clearly/purposefully corrupting the client process memory, or those that fail server side cheat detection.

    Conclusion: ESO developers are nearly as terrible and arrogant as their exceptionally poor design team. They think they're much better than they are, but they really aren't.

    I say 'nearly as bad' because If they followed @Wrobel standard procedure, they would come in here and tell us how awesome their non existent security is instead of fixing it.
  • Riggsy
    Riggsy
    ✭✭✭✭
    AdmiralSam wrote: »

    Doing an IN-GAME exploit isn't the same as running a 3RD PARTY software. While most of us recognize in-game exploits as dirty, it is nothing in comparison to what the people this thread is about do. I really hope you can see that.

    I understand the difference. Abusing either is still wrong, especially when they are closely guarded secrets enjoyed by only a few elite players while anyone trying to post about in on here, to expose it, is moderated into silence with their silly no name-and-shame policy.

    Nebthet78 wrote: »
    Infinite Dodge rolling, Infinite Blocking, Speed running, Infinite Shields?? Just how much has this Cheat program influenced the constant nerfing at the hand of the Devs in the name of "Game Balance"?

    I wonder that as well. For the longest time the excuse was "they run a great build" or "learn to play" but I, along with a lot of people one here, have seen the invincible opponent who, despite taking on 5-6 skilled PvPers at once, never seems to run out of resources while moving faster than everyone else.
    MMAGA - We Made Medium Armor Great Again
    Evasion: Casting this ability and its morphs now requires that you wear 5 pieces of Medium Armor.

    Woe Biden - Mule
    Donald Thump - Mule
    M'aiq Pence - Mule
  • vladimilianoub17_ESO1
    vladimilianoub17_ESO1
    ✭✭✭✭
    Here is a name and shame free video. If this gets removed its a blatant act of censorship.

    NOTE: This video contains NO NAMES and NO DESCRIPTION of the exploit or how to do it. It just shows visually what is happening.


    https://www.youtube.com/watch?v=KosPhi1vchQ

    This is what it's like to PvP right now. This is the quality of our game.

    SHAME!
    SHAME!

    Hory shet ,this thing is serious.Just wow.That look like a apocalypse movie.Wow,you allow this shet to happen? ZOS? Shame on you.Those player doing that should be named and shamed on a video of ZOS deleting their characters.
  • Rakkul
    Rakkul
    ✭✭✭
    See the hacking threads getting locked, hmm.

    And in the middle of this we have a supposedly white knight hero who was only hacking to show everyone the hack
    Well.......
    [Snip].

    "ah your honour, I was only doing three times the speed limit to show the speed cameras would work at 120mph." - I'll be off now then ok?

    Also he named a person who was hacking (himself) - so that's a double infringement, although a perma-ban kind of covers both.

    Zos - you urgently need to be less vocal about forum threads and significantly more about what you are doing about this. Apparently your game has been running in a player corrupted state for years.

    Ok not everyone hacks of course, but the outcome is not limited to the hackers.

    Anyone - no matter how brief or how extended the fight - who has engaged a hacking player, has done so on an uneven basis.
    On a stage tipped in favour of the hacker(s).

    Players - remember that fight you just lost or that campaign target you just didn't get - you'll be wondering now if you should have won as maybe the opposition was hacking.

    All those l2p messages you received after getting beat - could well have been from people laughing at you whilst using the hack software - how good does that make you feel?

    As for pvp now - who the heck would want to contemplate it when you're met with this corruption of the game?

    Remember - not all the hackers where dumb enough to nuke everything, some where quietly adjusting things to keep below the radar.

    Adjusting things just enough to beat you - and they're still there.

    [Edit to remove censor bypass]
    Edited by [Deleted User] on May 30, 2016 7:12PM
  • Sasyk
    Sasyk
    ✭✭✭
    Phelaen wrote: »
    i am more worried about the people using these cheat engines marginally then the idiots that make it so obvious they are cheating.

    its way harder to spot people that do 20% more dps with 20% more health and 20% more regen
    for all we know its been going on for a long time and some of the people we think are really good are just pulling a "lance Armstrong" and EPOing up.


    This is something that bothers me as well.
    Sasyk Ik-ce - Spacey Ricochet - Swaggette - Andrea Ik-ce - Avari Lebe - Rubi Malone - Amaryllis Fox - Sergeant Moxy - Moon Unit Zoey - Retro Betty - Emmanuelle Sinclair
    Nightfighters - Sempiternal Way - Macro and Cheese
  • vladimilianoub17_ESO1
    vladimilianoub17_ESO1
    ✭✭✭✭
    This link is old and it doesnt show how to expolit or anything( i just read the 1st page) but it shows how dedicated some players are to exploit the game.I wish ZOS was that dedicated when it comes to stop exploiting.

    [Removed malicious link]
    Edited by [Deleted User] on May 30, 2016 7:21PM
  • Turelus
    Turelus
    ✭✭✭✭✭
    ✭✭✭✭✭
    @vladimilianoub17_ESO1 I would remove the link as it's going to get moderated any way.

    Also just because files are out dated doesn't mean they can't be updated to still work.
    @Turelus - EU PC Megaserver
    "Don't count on others for help. In the end each of us is in this alone. The survivors are those who know how to look out for themselves."
  • mtwiggz
    mtwiggz
    ✭✭✭✭✭
    Sasyk wrote: »
    Phelaen wrote: »
    i am more worried about the people using these cheat engines marginally then the idiots that make it so obvious they are cheating.

    its way harder to spot people that do 20% more dps with 20% more health and 20% more regen
    for all we know its been going on for a long time and some of the people we think are really good are just pulling a "lance Armstrong" and EPOing up.


    This is something that bothers me as well.

    That bothers me almost as much as the fact that ZoS still hasn't made an official response to this issue.

    Memorial Day picnics > their ESO community.
  • Tandor
    Tandor
    ✭✭✭✭✭
    ✭✭✭✭✭
    For those of you wondering about the lack of reaction from ZOS...at least some of that is because today is a holiday in the US. Though if they have any sense, they'll buff their support staff for future three day weekends.

    Those who believe ZOS have not reacted need to check the Dev Tracker - they responded on this yesterday.
  • MaxwellC
    MaxwellC
    ✭✭✭✭✭
    ✭✭
    Edit: I've seen the light of the Dev tracker!
    Edited by MaxwellC on May 30, 2016 9:26PM
    不動の Steadfast - Unwavering
    XBL Gamer Tag - Maxwell
    XB1 Maxwell Crystal - NA DC CP 800+ Redguard Stamina DK
    XB1 Max Crystal - NA DC CP 800+ Brenton Magicka DK
    PC Maxwell-Crystal - NA DC - CP 200+ Brenton Magicka DK 「Retired」
    Band Camp statements: To state "But this one time I saw X doing X... so that justifies X" Refers to the Band camp statement.
    Coined by Maxwel
    l
This discussion has been closed.