Primarily by not sending non-visible information and by detecting unrealistic/impossible motion. If the aimbot has to limit itself to what humans can do, it doesn’t really matter anymore.
It does matter though. If you program the aimbot to act as if they were the best human, the aimbot is still going to beat everyone else, same as if it was behaving unrealistically superhuman. But you can’t simply ban the best human from your game.
Then program some inconsistency into the aimbot. it’ll still win against everyone most of the time, still being a problem.
Manual review is always possible, but this requires a lot of people. And if someone really looks at the best players, they seem like an aimbot all the time.
Client-side scanning forces hackers to run the input through hardware, which increases the level of entry and investment necessary to start cheating. Of course everything is always avoidable, but it’s about reducing the amount of cheaters by detecting the lazy/stupid people. If you just don’t client-side scan at all, there will be a lot lot lot more cheaters. It’s about reducing the volume so much that the amount is not that bad anymore and can better be dealt with manually.
It’s about forcing cheat developers to spend time/money finding new ways to hide, reducing the value of trying to create cheats.
Of course there are privacy and security concerns. But client side detection in a limited manner does make sense.
I’m not the person you were talking with, but I mostly agree with them.
Here’s the thing, client side anti-cheating is a losing battle, it’s the equivalent of adding spikes to your key so you can give it to someone so they won’t be able to open your door, once they have the key they can remove the spikes. Client side anti-cheat can ALWAYS be bypassed, they rely on security by obscurity to prevent people from removing the actual check, but it’s a losing battle, no exceptions.
Server side anti-cheat is the only method that has the possibility of being accurate. Like you said, you can make your aim-bot be indistinguishable from human, but then you’re going to be on a human level and other humans might beat you. Any game that worries about this already has a skill based matchmaking, which means that cheaters will end up playing with other cheaters or humans with a similar level of skill, so who cares?. You might get one cheater that’s still ranking up on a match, but on the long run they’ll cluster together.
How do you suppose to block an aimbot on the server side?
Primarily by not sending non-visible information and by detecting unrealistic/impossible motion. If the aimbot has to limit itself to what humans can do, it doesn’t really matter anymore.
It does matter though. If you program the aimbot to act as if they were the best human, the aimbot is still going to beat everyone else, same as if it was behaving unrealistically superhuman. But you can’t simply ban the best human from your game.
No human has perfect consistency, and it’s always an option to manually review data if it’s questionable.
What good is client-side scanning, when you can just run the aimbot outside the client and send the inputs directly through hardware?
Then program some inconsistency into the aimbot. it’ll still win against everyone most of the time, still being a problem.
Manual review is always possible, but this requires a lot of people. And if someone really looks at the best players, they seem like an aimbot all the time.
Client-side scanning forces hackers to run the input through hardware, which increases the level of entry and investment necessary to start cheating. Of course everything is always avoidable, but it’s about reducing the amount of cheaters by detecting the lazy/stupid people. If you just don’t client-side scan at all, there will be a lot lot lot more cheaters. It’s about reducing the volume so much that the amount is not that bad anymore and can better be dealt with manually.
It’s about forcing cheat developers to spend time/money finding new ways to hide, reducing the value of trying to create cheats.
Of course there are privacy and security concerns. But client side detection in a limited manner does make sense.
I’m not the person you were talking with, but I mostly agree with them.
Here’s the thing, client side anti-cheating is a losing battle, it’s the equivalent of adding spikes to your key so you can give it to someone so they won’t be able to open your door, once they have the key they can remove the spikes. Client side anti-cheat can ALWAYS be bypassed, they rely on security by obscurity to prevent people from removing the actual check, but it’s a losing battle, no exceptions.
Server side anti-cheat is the only method that has the possibility of being accurate. Like you said, you can make your aim-bot be indistinguishable from human, but then you’re going to be on a human level and other humans might beat you. Any game that worries about this already has a skill based matchmaking, which means that cheaters will end up playing with other cheaters or humans with a similar level of skill, so who cares?. You might get one cheater that’s still ranking up on a match, but on the long run they’ll cluster together.