Cheating and Exploits

Robbmrp

Since you cannot comment on disciplinary actions, can you provide information on when the Gap Closer Exploit will be resolved? To be able to Dragon Leap from the ground level's cannot be working as intended. People are doing this at Outposts and keeps to gain entry into it without using siege. If you cannot use Silver Leash to pull down people from the upper levels, they shouldn't be able to Gap Close up to you or your allies as well.

Zheg

They won't be forced to act until it affects console players. Console is their cash cow - it has by far the highest population and was the original planned market for the game. Until then we'll enjoy trigger-happy moderators with delete keys or talk in code. When console can support CE, then you'll see ZOS actually invest in the infrastructure to be able to detect it.

clayandaudrey_ESO

Bromburak wrote: »

WebBull wrote: »

ZOS_AlanG wrote: »

maintaining an open discussion on the matter is important to us.

Is maintaining the discussion important ZOS or is fixing the problem?

The question is why there is enough staff to deal with forum rules but not enough staff to deal with ingame rules ...
That's the point that really bugs me.

I made a point earlier that the money spent on moderators should be shifted to in game GMs. It seems to be the easiest thing to do without increasing their staff. But sadly they seem more inclined to punish the people complaining about cheats than the cheaters themselves.

Zheg wrote: »

They won't be forced to act until it affects console players. Console is their cash cow - it has by far the highest population and was the original planned market for the game. Until then we'll enjoy trigger-happy moderators with delete keys or talk in code. When console can support CE, then you'll see ZOS actually invest in the infrastructure to be able to detect it.

Detection is not necessarily the key. As I have said before a public policy on the enforcement of cheating and actually sticking to it is where they need to start. So far that has been lacking.

JKorr

Zheg wrote: »

They won't be forced to act until it affects console players. Console is their cash cow - it has by far the highest population and was the original planned market for the game. Until then we'll enjoy trigger-happy moderators with delete keys or talk in code. When console can support CE, then you'll see ZOS actually invest in the infrastructure to be able to detect it.

Please link to any official announcement that this game was planned for the consoles from the start. The game was going to be pc/mac only. The first announcement about the game on the site http://www.elderscrollsonline.com/en-us/news/post/2013/06/10/eso-on-next-gen-consoles-and-new-gameplay-trailer

And this: http://www.ign.com/articles/2013/09/07/sony-pushed-for-the-elder-scrolls-online-to-come-to-consoles

Zheg

JKorr wrote: »

Zheg wrote: »

They won't be forced to act until it affects console players. Console is their cash cow - it has by far the highest population and was the original planned market for the game. Until then we'll enjoy trigger-happy moderators with delete keys or talk in code. When console can support CE, then you'll see ZOS actually invest in the infrastructure to be able to detect it.

Please link to any official announcement that this game was planned for the consoles from the start. The game was going to be pc/mac only. The first announcement about the game on the site http://www.elderscrollsonline.com/en-us/news/post/2013/06/10/eso-on-next-gen-consoles-and-new-gameplay-trailer

And this: http://www.ign.com/articles/2013/09/07/sony-pushed-for-the-elder-scrolls-online-to-come-to-consoles

You're welcome to dig, I have to head to work. Matt Firor did an interview IRCC where he talked about the very playerbase the game is currently focused on, and it's not the PC sub-based model. Most players were able to read between the lines when IC kept getting pushed back further and further and then was turned into a DLC to make more money. There's a reason ZOS stopped everything they were doing for months in the early life of the game to focus on getting console out. Do you not remember posts from Gina basically saying "we won't be able to work on that issue until console is done, and yes it's taking priority over everything else"?

Even if they didn't initially plan on it, the console crowd is what brings home the bacon for ZOS. Cheating/Exploiting won't be a priority until the console players get mad about it.

Animal_Mother

ESO was announced before the next gen consoles were. Bethesda really couldn't announce intentions for them at the time.

JKorr

Zheg wrote: »

JKorr wrote: »

Zheg wrote: »

They won't be forced to act until it affects console players. Console is their cash cow - it has by far the highest population and was the original planned market for the game. Until then we'll enjoy trigger-happy moderators with delete keys or talk in code. When console can support CE, then you'll see ZOS actually invest in the infrastructure to be able to detect it.

Please link to any official announcement that this game was planned for the consoles from the start. The game was going to be pc/mac only. The first announcement about the game on the site http://www.elderscrollsonline.com/en-us/news/post/2013/06/10/eso-on-next-gen-consoles-and-new-gameplay-trailer

And this: http://www.ign.com/articles/2013/09/07/sony-pushed-for-the-elder-scrolls-online-to-come-to-consoles

You're welcome to dig, I have to head to work. Matt Firor did an interview IRCC where he talked about the very playerbase the game is currently focused on, and it's not the PC sub-based model. Most players were able to read between the lines when IC kept getting pushed back further and further and then was turned into a DLC to make more money. There's a reason ZOS stopped everything they were doing for months in the early life of the game to focus on getting console out. Do you not remember posts from Gina basically saying "we won't be able to work on that issue until console is done, and yes it's taking priority over everything else"?

Even if they didn't initially plan on it, the console crowd is what brings home the bacon for ZOS. Cheating/Exploiting won't be a priority until the console players get mad about it.

I want to see the announcement about the consoles being the original planned market from the start. From the start it was pc/mac only. I was on the forums from the start, and know about the many constant questions about the game coming to consoles, and it was always pc/mac only. Until the intervention from Sony; then they'd have been stupid to leave Microsoft out, so Xbox was in. Until the official announcement however, the game was pc/mac only.

Whatever it changed into after that isn't the focus. You said it was planned for consoles from the start. Everything before Sony got involved said pc/mac only. So, official announcement they never intended to make the game for pc?

Zheg

JKorr wrote: »

Zheg wrote: »

JKorr wrote: »

Zheg wrote: »

They won't be forced to act until it affects console players. Console is their cash cow - it has by far the highest population and was the original planned market for the game. Until then we'll enjoy trigger-happy moderators with delete keys or talk in code. When console can support CE, then you'll see ZOS actually invest in the infrastructure to be able to detect it.

Please link to any official announcement that this game was planned for the consoles from the start. The game was going to be pc/mac only. The first announcement about the game on the site http://www.elderscrollsonline.com/en-us/news/post/2013/06/10/eso-on-next-gen-consoles-and-new-gameplay-trailer

And this: http://www.ign.com/articles/2013/09/07/sony-pushed-for-the-elder-scrolls-online-to-come-to-consoles

You're welcome to dig, I have to head to work. Matt Firor did an interview IRCC where he talked about the very playerbase the game is currently focused on, and it's not the PC sub-based model. Most players were able to read between the lines when IC kept getting pushed back further and further and then was turned into a DLC to make more money. There's a reason ZOS stopped everything they were doing for months in the early life of the game to focus on getting console out. Do you not remember posts from Gina basically saying "we won't be able to work on that issue until console is done, and yes it's taking priority over everything else"?

Even if they didn't initially plan on it, the console crowd is what brings home the bacon for ZOS. Cheating/Exploiting won't be a priority until the console players get mad about it.

I want to see the announcement about the consoles being the original planned market from the start. From the start it was pc/mac only. I was on the forums from the start, and know about the many constant questions about the game coming to consoles, and it was always pc/mac only. Until the intervention from Sony; then they'd have been stupid to leave Microsoft out, so Xbox was in. Until the official announcement however, the game was pc/mac only.

Whatever it changed into after that isn't the focus. You said it was planned for consoles from the start. Everything before Sony got involved said pc/mac only. So, official announcement they never intended to make the game for pc?

The game was obviously planned to milk a sub based model from the start and switch to selling DLCs as well (as evidenced by IC), but you won't find an announcement for that. To most of us, it was pretty clear ZOS had every intention early on to tap into the console market because that's where they could make the most money. You're welcome to disagree, but this topic is tangential to the thread and is only relevant because cheating/exploits are not really affecting the console community and therefore ZOS lacks incentive to do anything substantial.

rfennell_ESO

Zheg wrote: »

JKorr wrote: »

Zheg wrote: »

JKorr wrote: »

Zheg wrote: »

They won't be forced to act until it affects console players. Console is their cash cow - it has by far the highest population and was the original planned market for the game. Until then we'll enjoy trigger-happy moderators with delete keys or talk in code. When console can support CE, then you'll see ZOS actually invest in the infrastructure to be able to detect it.

Please link to any official announcement that this game was planned for the consoles from the start. The game was going to be pc/mac only. The first announcement about the game on the site http://www.elderscrollsonline.com/en-us/news/post/2013/06/10/eso-on-next-gen-consoles-and-new-gameplay-trailer

And this: http://www.ign.com/articles/2013/09/07/sony-pushed-for-the-elder-scrolls-online-to-come-to-consoles

You're welcome to dig, I have to head to work. Matt Firor did an interview IRCC where he talked about the very playerbase the game is currently focused on, and it's not the PC sub-based model. Most players were able to read between the lines when IC kept getting pushed back further and further and then was turned into a DLC to make more money. There's a reason ZOS stopped everything they were doing for months in the early life of the game to focus on getting console out. Do you not remember posts from Gina basically saying "we won't be able to work on that issue until console is done, and yes it's taking priority over everything else"?

Even if they didn't initially plan on it, the console crowd is what brings home the bacon for ZOS. Cheating/Exploiting won't be a priority until the console players get mad about it.

I want to see the announcement about the consoles being the original planned market from the start. From the start it was pc/mac only. I was on the forums from the start, and know about the many constant questions about the game coming to consoles, and it was always pc/mac only. Until the intervention from Sony; then they'd have been stupid to leave Microsoft out, so Xbox was in. Until the official announcement however, the game was pc/mac only.

Whatever it changed into after that isn't the focus. You said it was planned for consoles from the start. Everything before Sony got involved said pc/mac only. So, official announcement they never intended to make the game for pc?

The game was obviously planned to milk a sub based model from the start and switch to selling DLCs as well (as evidenced by IC), but you won't find an announcement for that. To most of us, it was pretty clear ZOS had every intention early on to tap into the console market because that's where they could make the most money. You're welcome to disagree, but this topic is tangential to the thread and is only relevant because cheating/exploits are not really affecting the console community and therefore ZOS lacks incentive to do anything substantial.

Zenimax has been cross platform releasing for a while now.

Like... when is the last time they released a title that wasn't?

NobleNerd

JKorr wrote: »

Zheg wrote: »

They won't be forced to act until it affects console players. Console is their cash cow - it has by far the highest population and was the original planned market for the game. Until then we'll enjoy trigger-happy moderators with delete keys or talk in code. When console can support CE, then you'll see ZOS actually invest in the infrastructure to be able to detect it.

Please link to any official announcement that this game was planned for the consoles from the start. The game was going to be pc/mac only. The first announcement about the game on the site http://www.elderscrollsonline.com/en-us/news/post/2013/06/10/eso-on-next-gen-consoles-and-new-gameplay-trailer

And this: http://www.ign.com/articles/2013/09/07/sony-pushed-for-the-elder-scrolls-online-to-come-to-consoles

Agree... If they intended this game to be focused on console from the start I doubt they would have wasted all their years coding for PC first. Console became viable later on. It is a shame they could not make it cross-platform play though. FFXI and FFXIV both have it, but ZOS wasn't able to manage it?

But this digresses from the topic so I will stop there.

Rohamad_Ali

Still no updates from ZOS . Still no word on that ban list Jessica mentioned . Still no mention or acknowledgment of the new versions of CE being used or whether or not they're even detecting anything . Geez .

Casandra

So, Im confused.... we should complain here... or we shouldn't complain??? We should report abuse or not?

Just watched DC use exploits to get into 3 keeps to get scrolls without taking down a wall.... so sick of this and DC is the master at using this exploit in Cyrodiil. Should I post this or not.... will it do anything... Using gap closers to scale walls is rampant in Haderus and yes it is an exploit as it was supposed to be patched a few weeks back... What happened?????????


And I thought perma banned was ..... permanent? Am I wrong....

Just a thought as a new person and you get killed by a cheater, but, you think it is your poor skills..... just feel so sorry for them cause they end of wanting to quit. Every think of that ZOS???

Zoner

Roehamad_Ali wrote: »

Still no updates from ZOS . Still no word on that ban list Jessica mentioned . Still no mention or acknowledgment of the new versions of CE being used or whether or not they're even detecting anything . Geez .

It really does seem like they are just not going to do anything and wait for us to calm down and accept it.

clayandaudrey_ESO

I will continue asking until something from ZOS comes out.

Zoner

clayandaudrey_ESO wrote: »

I will continue asking until something from ZOS comes out.

I've been doing the same, in particular asking for them to explain the reasoning behind some brutally heavy-handed bans for minor offences, even oblivious, in the past and the chosen method of dealing with the hackers. I want them to explain their logic and how they think it is fair. And also why the community should be expected to accept it as fair.

Tickets are marked 'solved' and never responded to. 6 in a row. I just have no idea what is going on with Zos and the way they manage this stuff

Turelus

Zoner wrote: »

clayandaudrey_ESO wrote: »

I will continue asking until something from ZOS comes out.

I've been doing the same, in particular asking for them to explain the reasoning behind some brutally heavy-handed bans for minor offences, even oblivious, in the past and the chosen method of dealing with the hackers. I want them to explain their logic and how they think it is fair. And also why the community should be expected to accept it as fair.

Tickets are marked 'solved' and never responded to. 6 in a row. I just have no idea what is going on with Zos and the way they manage this stuff

And this has been one of the biggest problems throughout all the recent drama of exploits and cheating. None of us know jack about what's actually happening or being done because of this closed doors approach.

We have been asking for better communication for two years now and it's better in some regards like Wrobel's write ups of why mechanics were changed but when it comes to rules enforcement we're still in the dark.

They have nothing other than the ToS (which no one reads) even telling players what cheating/exploiting is (unless I missed it) we have no understanding of their bans policy other than it seems to be dependant on what customer service person it lands on the desk of and how famous/in you are with the community/ZOS.

I don't want to make speculative posts like this, but I have nothing to work with in regards to what they actually do.

Again I can go back to CCP Games and EVE Online where I can name actual GM team members, I can ask for escalations of tickets to a senior GM when I feel the ticket has been address badly etc.

This just all feels like a half-arsed and amateur operation, which I am sure it's not but again... what do I have to say otherwise?

Also one more time for the players in the thread, knock off the blaming of one another and factions, that gets us nowhere in this and just fills the thread with useless posts that rile people up against each other rather than discussing and debating the issues at hand.

XDragonDoomX

Casandra wrote: »

So, Im confused.... we should complain here... or we shouldn't complain??? We should report abuse or not?

Just watched DC use exploits to get into 3 keeps to get scrolls without taking down a wall.... so sick of this and DC is the master at using this exploit in Cyrodiil. Should I post this or not.... will it do anything... Using gap closers to scale walls is rampant in Haderus and yes it is an exploit as it was supposed to be patched a few weeks back... What happened?????????


And I thought perma banned was ..... permanent? Am I wrong....

Just a thought as a new person and you get killed by a cheater, but, you think it is your poor skills..... just feel so sorry for them cause they end of wanting to quit. Every think of that ZOS???

It depends on which campaign you're on.
On spellbreaker - its AD & EP that are the main offenders doing this. By all means - report - anyone of any alliance you see - a cheat is a cheat, no matter the colours they wear. I've reported people over & over again & they're still there, doing this on a daily basis. I've also provided suggestions to the Dev team that would prevent some of the easier exploits which so far have not been taken up.

FearlessOne_2014

Yeah it does seem like ZOS are supporting not only current hackers, or script kiddies. But is also supporting the big majority of competitive leader board guilds and players community to embrace the ideal, that this is what you "MUST" do to become "ESO Gaming Heroes". Thus making it mandatory for anybody who want shinnies and good leader board position to become the next hackers and or script kiddies of ESO.

If ZOS does not do much on this matter, you can bet your ass off the only people that will be buying the next product with "ZOS" on it, will only be hackers and script kiddies.

KingMagaw

XDragonDoomX wrote: »

It depends on which campaign you're on.
On spellbreaker - its AD & EP that are the main offenders doing this. By all means - report - anyone of any alliance you see - a cheat is a cheat, no matter the colours they wear. I've reported people over & over again & they're still there, doing this on a daily basis. I've also provided suggestions to the Dev team that would prevent some of the easier exploits which so far have not been taken up.

So when are you going to realize that the tickets your taking YOUR time out to send in are being ignored?. Im not wasting anymore of my time doing there job for them. Players moderating cheating in there game is just wrong. Paying a sub to do this is soso wrong in my eyes. I could see me sending in an odd ticket for an odd cheater, but squandering time again and again isn't me.

The problem lays at there end with poor coding and poor management of resources in my eyes. Even if they could program an algorithm too detect CE, how much lag you think that will add to the game. So its either, only a relative few know about CE, while adding lag everyone will complain.

This topic isn't stickied for a reason, even though it has double the views and heaps more replies than the other 2 junker threads they have stickied. They want to stop multiple threads and make it easier for street sweeper Daryk to sweep away and have thread go off page.

Disgrace in my eyes from a company in this day and age. A lot excuses being throw out because digital media but the fact remains, in my eyes anyway, they have handled this so poorly, i stopped my sub as how could i fund this?.

ShedsHisTail

Xylphan wrote: »

ShedsHisTail wrote: »

Xylphan wrote: »

Papa_Hunt wrote: »

And can they not detect this cheat engine thing? THAT seems to trump all other cheats/exploits, no?

Detection means jack. They need to fix the code. The general issue is that the client can be exploited through simple methods due to the server basically treating the client as "trusted". Until that's fixed, the game will always be easily exploitable.

Seriously, all you need is a couple lines of C code and some knowledge about the client. I was writing things like this to crack programs back when I was punk kid decades ago. These days you have tools with nice GUIs that allow just about anyone to do it.

Well, there ya go.
Write up some simple code and mail it off to ZOS. I'm sure they'd appreciate it since they are (clearly) incapable.

Are you deliberately misreading my post? I was specifically talking about what it takes to exploit the client in it's current state. I was in no way, shape, or form talking about a solution.

I wasn't -deliberately- misreading, but I did misunderstand, yes.

The first line of your post was "Detection means jack." which led me to believe the content of your post was in the context of "detection." Follow it up with "Until that's fixed..." and "Seriously, all you need..." and it does come across as you making it sound like a solution (at least for detection) is a simple fix.

Short of examining the source code itself, the solutions can only be talked about at a high level. We don't know if this is a one off defect in the code, or whether this is a result of a pervasive defect introduced by a design flaw. The problem itself is self-explanatory, and how to address it is also straightforward. However, the scope depends on whether it's an isolated issue or pervasive.

Since this has apparently been in the code base since beta and it still remains as an exploit, it looks more like a pervasive defect introduced by a design flaw in the original architecture. The problem may be "too big to fix", which is another way of saying that upper level management can't justify spending the resources it would take to fix it. The developer bug list priorities (what should be fixed) and the managerial bug list priorities (what the managers want fixed) don't always match.

I am in agreement with the rest of this.

clayandaudrey_ESO

Roehamad_Ali wrote: »

Still no updates from ZOS . Still no word on that ban list Jessica mentioned . Still no mention or acknowledgment of the new versions of CE being used or whether or not they're even detecting anything . Geez .

They keep sweeping like mad to keep this under wraps but like a comment I saw on another site eso is not the best mmorpg any more it is the best haven for cheaters 2016.

phbell

A question to the smart software folks reading this thread:

So does this "detection" software scan the client for running CE processes and disconnect the client from the server? If not, why not?

{mind you, the last time I wrote any serious software was in Pascal and i apologize in advance if this is a stupid question.)

KingMagaw

clayandaudrey_ESO wrote: »

Roehamad_Ali wrote: »

Still no updates from ZOS . Still no word on that ban list Jessica mentioned . Still no mention or acknowledgment of the new versions of CE being used or whether or not they're even detecting anything . Geez .

They keep sweeping like mad to keep this under wraps but like a comment I saw on another site eso is not the best mmorpg any more it is the best haven for cheaters 2016.

This is what impressed me the most. Zo$ tries silencing forum users so they go to 3rd party sites to give there feedback. Doesnt matter now if they spend there time and resources into sweeping and silencing people, word is out and will continue to be updated, giving much needed information out to communities.

The double edge of this sword is all the cheating and exploiters, will read and most likely come here to cheat. Wish it wasn't true, but if anything its Zo$ lack of information, lack of community and blatantly not caring that has caused this to spiral out of control.

kevlarto_ESO

Zoner wrote: »

Roehamad_Ali wrote: »

Still no updates from ZOS . Still no word on that ban list Jessica mentioned . Still no mention or acknowledgment of the new versions of CE being used or whether or not they're even detecting anything . Geez .

It really does seem like they are just not going to do anything and wait for us to calm down and accept it.

Sure feels like that, but we should never accept it and never let this issue go away.
Until I see action that restores my confidence in the game again, I will spend no more money, no sub, no more dlc's nothing out of the store, I cannot with good conscience spend money in a game that lets cheating run rampant, and it really sux because I am huge fan of the game, but I am also a huge fan of having an equal and fair place to play and enjoy with my friends.

Xylphan

Thornen wrote: »

Sharee wrote: »

Turelus wrote: »

Generally ZOS won't lose anything if people do leave over this, it will be drops in a bucket in regards to their actual player numbers and the streamers/bloggers/website runners are also too in with ZOS to post anything critical to give this wider coverage.

As horrible as it is ZOS can win this by doing nothing, however sadly they lose the last of their competitive players and make most of hardcore fans leave for games with better enforcement.

That depends on how public the whole thing gets. If the game gets widely known for cheaters running rampant in it, sales will go down.

Just look at other mmos that have had rampant cheating, yep they're all ghost towns unless your playing a eastern mmo where this is a social norm.

There was one MMO (can't remember the name it was so long ago) that I downloaded to take a look. It wasn't a ghost town. It was full of bots and gold spammers.

phbell wrote: »

A question to the smart software folks reading this thread:

So does this "detection" software scan the client for running CE processes and disconnect the client from the server? If not, why not?

{mind you, the last time I wrote any serious software was in Pascal and i apologize in advance if this is a stupid question.)

The simple/stupid detection method would be simply scanning the list of running processes on the machine. But that's simple and...well stupid. It's trivial to change the name of a process so any such detection method would fail.

The smarter detection method would use a signature check, similar to how malware and virus scanners work. That way a potential cheater could rename it however they want and the detection algorithm would still detect it.

An additional method that could be employed is to develop and use a heuristic that would detect applications like CE on a more generalized basis. There are certain characteristics that applications like CE use, and you could develop an algorithm to heuristically check whether applications/processes had similar characteristics. This allows you to cast a wide net, but no heuristic is perfect and will encounter false positives.

But this always leads to escalation. Obfuscation techniques, encryption, etc. all the tricks virus/malware writers use could be employed to evade detection leading to ever more complicated checking routines.

It's much simpler to simply plug the whole in the wall than it is to try and post guards around it. If they fix the flaw, there'd be no need to have detection routines for CE and similar applications because they would no longer work.

sam0621

What does one receive for reporting an exploit or glitch?? Is there a bounty or incentive for people to take time out of gaming to find these?

SirAndy

Xylphan wrote: »

The simple/stupid detection method would be simply scanning the list of running processes on the machine. But that's simple and...well stupid. It's trivial to change the name of a process so any such detection method would fail.

The smarter detection method would use a signature check, similar to how malware and virus scanners work. That way a potential cheater could rename it however they want and the detection algorithm would still detect it.

An additional method that could be employed is to develop and use a heuristic that would detect applications like CE on a more generalized basis. There are certain characteristics that applications like CE use, and you could develop an algorithm to heuristically check whether applications/processes had similar characteristics. This allows you to cast a wide net, but no heuristic is perfect and will encounter false positives.

But this always leads to escalation. Obfuscation techniques, encryption, etc. all the tricks virus/malware writers use could be employed to evade detection leading to ever more complicated checking routines.

It's much simpler to simply plug the whole in the wall than it is to try and post guards around it. If they fix the flaw, there'd be no need to have detection routines for CE and similar applications because they would no longer work.

@Xylphan
One could scan all running processes for the use of the Win32 function calls needed to read the memory of another process. I bet at any given time, most computers will *not* run a legit process that uses those library functions.
It's easy to enumerate the DLLs loaded by any process and if needed scan the whole process for use of those functions.

Of course, that only means that the next gen of cheating Apps would probably find a way to hide those function calls by building a function pointer in real time in a register or on the stack and not using precompiled calls at all.


The real answer is always the same and one ZOS does not want to hear: NEVER TRUST THE CLIENT!!!
They need to move all client side trust to the server. It's the only way to really make this work.

dagonbeer

Well, the other way is to go the VAC route, so to collect data and monitor activity, and then ban players after the fact. If this is regular and reliable enough should serve as a worthy deterrent to cheaters (particularly since there's a lot more progression and persistence than shooters, and it works alright there.) However, we'd actually need some level of transparency for this to work. Right now they'd like us to believe that this is taking place, but I see no evidence of it.

Actually moving calculations and such to server side will be a much larger effort, and not in the cards, methinks.

Chori

SirAndy wrote: »

Xylphan wrote: »

The simple/stupid detection method would be simply scanning the list of running processes on the machine. But that's simple and...well stupid. It's trivial to change the name of a process so any such detection method would fail.

The smarter detection method would use a signature check, similar to how malware and virus scanners work. That way a potential cheater could rename it however they want and the detection algorithm would still detect it.

An additional method that could be employed is to develop and use a heuristic that would detect applications like CE on a more generalized basis. There are certain characteristics that applications like CE use, and you could develop an algorithm to heuristically check whether applications/processes had similar characteristics. This allows you to cast a wide net, but no heuristic is perfect and will encounter false positives.

But this always leads to escalation. Obfuscation techniques, encryption, etc. all the tricks virus/malware writers use could be employed to evade detection leading to ever more complicated checking routines.

It's much simpler to simply plug the whole in the wall than it is to try and post guards around it. If they fix the flaw, there'd be no need to have detection routines for CE and similar applications because they would no longer work.

@Xylphan
One could scan all running processes for the use of the Win32 function calls needed to read the memory of another process. I bet at any given time, most computers will *not* run a legit process that uses those library functions.
It's easy to enumerate the DLLs loaded by any process and if needed scan the whole process for use of those functions.

Of course, that only means that the next gen of cheating Apps would probably find a way to hide those function calls by building a function pointer in real time in a register or on the stack and not using precompiled calls at all.


The real answer is always the same and one ZOS does not want to hear: NEVER TRUST THE CLIENT!!!
They need to move all client side trust to the server. It's the only way to really make this work.

Do that and unfortunately PVP aspect of this game will be dead, can you even imagine the lag the server would go thru every day? you dont need to take it to such an extreme point. You can always hide your code or encrypt it in a better way. It wont stop people who really want to hack or cheat in the game, but it will stop every other brain dead programming fool that doesn't know how to go around it. Not asking to stop it, it can't be stopped. I'd like ZOS to make cheating/hacking harder for some people at least because right now, every fool out there can do it.

ShedsHisTail

Chori wrote: »

SirAndy wrote: »

Xylphan wrote: »

The simple/stupid detection method would be simply scanning the list of running processes on the machine. But that's simple and...well stupid. It's trivial to change the name of a process so any such detection method would fail.

The smarter detection method would use a signature check, similar to how malware and virus scanners work. That way a potential cheater could rename it however they want and the detection algorithm would still detect it.

An additional method that could be employed is to develop and use a heuristic that would detect applications like CE on a more generalized basis. There are certain characteristics that applications like CE use, and you could develop an algorithm to heuristically check whether applications/processes had similar characteristics. This allows you to cast a wide net, but no heuristic is perfect and will encounter false positives.

But this always leads to escalation. Obfuscation techniques, encryption, etc. all the tricks virus/malware writers use could be employed to evade detection leading to ever more complicated checking routines.

It's much simpler to simply plug the whole in the wall than it is to try and post guards around it. If they fix the flaw, there'd be no need to have detection routines for CE and similar applications because they would no longer work.

@Xylphan
One could scan all running processes for the use of the Win32 function calls needed to read the memory of another process. I bet at any given time, most computers will *not* run a legit process that uses those library functions.
It's easy to enumerate the DLLs loaded by any process and if needed scan the whole process for use of those functions.

Of course, that only means that the next gen of cheating Apps would probably find a way to hide those function calls by building a function pointer in real time in a register or on the stack and not using precompiled calls at all.


The real answer is always the same and one ZOS does not want to hear: NEVER TRUST THE CLIENT!!!
They need to move all client side trust to the server. It's the only way to really make this work.

Do that and unfortunately PVP aspect of this game will be dead, can you even imagine the lag the server would go thru every day? you dont need to take it to such an extreme point. You can always hide your code or encrypt it in a better way. It wont stop people who really want to hack or cheat in the game, but it will stop every other brain dead programming fool that doesn't know how to go around it. Not asking to stop it, it can't be stopped. I'd like ZOS to make cheating/hacking harder for some people at least because right now, every fool out there can do it.

Yeah, that's kind of what I was thinking. Client-side processing relieves a lot of stress on the server. Move everything to server side and the already ready troublesome lag in Cyrodiil is gonna get way worse.