• ᗪᗩᗰᑎ@lemmy.ml
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    2 months ago

    Genuinely curious, because this isn’t my area of expertise, but how do you design a server to be “better” if it has to trust data from a remote client?

    Example, if the client is compromised - because as they’ve said, they have no way to “attest” that the kernel is not compromised - how would the server know any better?

    If my Apex client tells the server I got a perfect headshot, how would the server know I didn’t fake the data? Is there a real answer to this problem or are we just wishing they come up with an impossible solution?

    My general understanding is that EA is 100% correct. Now, on the other hand, maybe the should just limit plays between Linux <-> Linux so people can at least still enjoy the game (I’m moving to Linux soon so I’ll basically no longer be able to play the game, which is, as my primary gaming addiction, a huge loss I’m willing to take).

    There’s compromises EA could take, but I think the Linux market share is just too small for them to care to spend any resources - even though they’re raking in billions (~$3.4 Billion) and could spare a few resources to find a good middle ground. Capitalism at it’s finest.

    • CalcProgrammer1@lemmy.today
      link
      fedilink
      English
      arrow-up
      2
      ·
      2 months ago

      How do they know you haven’t trained an AI to get headshots? The cheats often break the bounds of what is realistic in games, whether it is allowing you to see through walls (server shouldn’t be sending enemy positions that aren’t in view), going too fast (server should speed check pplayer positions), getting items they shouldn’t have (server should do inventory sanity checks), etc. Other than that, look for signs of automated movement/things unrealistically precise for a human to do. Eventually the cheating will just be moved to a separate air gapped computer running AI on the video feed. Client side is an invasive, broken, and malicious concept.

      • Evotech@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        2 months ago

        It’s not that simple. Especially not for real time shooters, latency is a killer.

        • conciselyverbose@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          2 months ago

          It is exactly that simple. You already have to account for latency because everyone but one player (who you also can’t trust no matter how many rootkits you install) is not the server. Having a proper server doesn’t change that in any way.

          Client side validation cannot possibly provide any actual security, but even if that wasn’t the case and it was actually flawless, it would still be unconditionally unacceptable for a game to ever have kernel level access.

          • ᗪᗩᗰᑎ@lemmy.ml
            link
            fedilink
            English
            arrow-up
            0
            arrow-down
            1
            ·
            2 months ago

            Client side validation cannot possibly provide any actual security

            Except it already does.

            but even if that wasn’t the case and it was actually flawless

            Nobody is claiming its flawless. This is the same anti-seat belt, anti-air bag, anti-mask, anti-vax argument. It “DoEsn’T WoRk iN eVeRy CaSe!” - that was never the intent. It’s about harm reduction.

            it would still be unconditionally unacceptable for a game to ever have kernel level access.

            Anyone with a technical background would agree with you, as do I, but the reality is anti-cheat software with kernel level access already exists and it works specifically because it has kernel level access.