Anticheat for linux

[Ratti]

Sorry guys, R1CH said it's never going to happen because he states that linux is insecure for preventing cheats.  Does anybody have a problem with this?  Well, there is many, and since R1CH is accusing me of spreading lies and misinformation about him, I'll lay out everything right here.

- Did anybody ever read the Privacy agreement bundled with anticheat or are these things uncool to read and nobody reads them.

2. PRIVACY
The software may transmit personal information related to your computers
operating environment. Such information is encrypted before being transmitted
over the Internet using public key encryption technology, ensuring only the
r1ch.net anticheat server is able to read it. Personal information may recorded
in log files and saved on the server for future use. Your personal information
is used primarily to generate a verification code which will either permit or
deny you access to a game server based on the results of certain tests on the
data. Unless outlined below, your personal information will never be shared
with any 3rd party.

Personal information may include (but is not limited to) the following: open
processes, loaded module list, username, presence of any specific files on the
system, operating system version, loaded device drivers, window classnames,
window titles, file versions, system file checksums, game file checksums. In
addition, screenshots of the game environment may be transmitted. Screenshots
may be shared with server administrators and publicly posted should they show
anything suspicious that may be regarded as cheating.

- So basically this gives anticheat.dll carte blanche access to your entire filesystem, memory, for certain files.  So if R1CH wants to know what kind of music you listen to or what websites you visit or full read access to your screenshot folder, this EULA gives him that right.  Interpret that  privacy disclaimer anyway you want, it's written word for word  there, I wouldn't want to be accused of spreading misinfo again.

- Maybe some of you have seen the 'R1CH refuses to make anticheat for linux' as the hostname for the server with the most players this past week.  They're not real players, most on there are 35  Eraser bots filling up slots.  You won't see this server on q2servers.net or any master server R1CH has control of (been blacklisted by R1CH) but I have gotten word that ASE and Gamespy users are finding it, over 100 people have connected and R1 is totally raged over it.

- What sparked this, is R1CH's goons run the only gloom server in the Western Hemisphere at this time and R1CH thought it would be a good idea to make anticheat.dll manditory for everybody there. 

- So who cares about this draconian disclaimer, punkbuster works the same way.  Possibly, but it's either some no-name gaming corperation sending you spam or R1CH getting kicks out of spying on and harrassing with certain people he chooses AND DOES.  Is he nice to you?  Well have you ever heard the saying:  'somebody who is rude to the waiter but nice to you is not a nice person'?  Tread carefully, you could be next.

- Do you think it's worth it to stop the 1/500 people cheating by running a binary that exludes other OS's but windows?  It's just Quake ffs.  He won't make AC for linux because then it would be possible to restrict permissions to not give his program unrestricted access to the entire system.  "Anticheat.dll is a win32 binary compiled by R1CH.  it's closed source.  you think i'm going to run some kid's binary on my box?"  'nuff said.

- I'm glad the admins here at tastyspleen have some sense and still give the choice to people on whether to use a specific cheat prevention program, and still rely on common sense and demos instead to pass judgement.  It shows that maybe TS will be around longer than Gloom which has been wittled away over the past few years just about to oblivion now.  The main gloom server years ago was hit repeatedly by European DDOS kiddies who told me they hated R1CH and would make him pay etc.and the company hosting it went under and stole their box.  Look at nocheat Q2ace and so forth and what happened.  I hate seeing this happen yet again.

Who cares to discuss?

[Jay Dolan]

Well, R1CH's anticheat approach is technically impossible on GNU/Linux because of the heterogeneous nature of the platform.  That said, locking down servers to force a particular client (and OS) is unfortunate.. but if he's running the server on his hardware and his bandwidth that he pays for ..then that's his prerogative.

Personal note, I don't like closed-source solutions, and would probably not opt to run a binary-only anticheat solution for Linux anyway.  Advice?  Play something else.. like Quake2World

[R1CH]

Well let's get started...

- So basically this gives anticheat.dll carte blanche access to your entire filesystem, memory, for certain files.  So if R1CH wants to know what kind of music you listen to or what websites you visit or full read access to your screenshot folder, this EULA gives him that right.  Interpret that  privacy disclaimer anyway you want, it's written word for word  there, I wouldn't want to be accused of spreading misinfo again.

presence of any specific files

"Presence of" does not equal "details of". I've told you time and time again to look up what a "hash" is yet you still bring this up. The only filenames anticheat transmits are those of modules in the Quake II process, those of running system processes and those of game content that Quake II itself loads. Everything else is hashed or never even sent over the net. Maybe I should just remove the EULA, would that make you feel better? I thought it would be nice to let people know exactly what anticheat does, but perhaps you'd prefer being ignorant.

- Maybe some of you have seen the 'R1CH refuses to make anticheat for linux' as the hostname for the server with the most players this past week.  They're not real players, most on there are 35  Eraser bots filling up slots.  You won't see this server on q2servers.net or any master server R1CH has control of (been blacklisted by R1CH) but I have gotten word that ASE and Gamespy users are finding it, over 100 people have connected and R1 is totally raged over it.

I have no idea why you think I'm 'raged' over it, I never even saw it - I only brought it up because some player asked me what it was. Your IP was blocked from the q2servers.net master because it's supposed to list Q2 servers, not fake servers full of fake players. And congratulations I guess, you sure tricked those 100 people who wanted to play Q2!

- What sparked this, is R1CH's goons run the only gloom server in the Western Hemisphere at this time and R1CH thought it would be a good idea to make anticheat.dll manditory for everybody there.

God forbid you play on one of the other 5 servers.

- So who cares about this draconian disclaimer, punkbuster works the same way.  Possibly, but it's either some no-name gaming corperation sending you spam or R1CH getting kicks out of spying on and harrassing with certain people he chooses AND DOES.  Is he nice to you?  Well have you ever heard the saying:  'somebody who is rude to the waiter but nice to you is not a nice person'?  Tread carefully, you could be next.

Yes I obviously have nothing better to do than spend harassing and spying on the users of anticheat, it's so much fun looking at gigabytes of logs from over 100k unique IPs.  If you take such a moral offense to privacy issues, I don't see why you would be OK with punkbuster and other anti-cheat software doing the same.

- Do you think it's worth it to stop the 1/500 people cheating by running a binary that exludes other OS's but windows?  It's just Quake ffs.  He won't make AC for linux because then it would be possible to restrict permissions to not give his program unrestricted access to the entire system.  "Anticheat.dll is a win32 binary compiled by R1CH.  it's closed source.  you think i'm going to run some kid's binary on my box?"  'nuff said.

1/500? You'd be surprised how many people anticheat has caught. Anticheat works just fine with restricted access as demonstrated on Windows Vista or Windows XP on a limited account, unlike Punkbuster and other anti cheating software which uses kernel-mode drivers. I can't think of anything more invasive than that. And you already run some kid's binary on your box, I seriously doubt you've reviewed every line of code of every program running on your system.

- I'm glad the admins here at tastyspleen have some sense and still give the choice to people on whether to use a specific cheat prevention program, and still rely on common sense and demos instead to pass judgement.  It shows that maybe TS will be around longer than Gloom which has been wittled away over the past few years just about to oblivion now.  The main gloom server years ago was hit repeatedly by European DDOS kiddies who told me they hated R1CH and would make him pay etc.and the company hosting it went under and stole their box.  Look at nocheat Q2ace and so forth and what happened.  I hate seeing this happen yet again.

Q2ace violated the GPL, NoCheat suffered from lack of updates. I don't see either of those happening to anticheat. As always, you're free to play on servers that don't require anticheat. Anticheat is just a tool, it's the individual servers that choose to enforce it or not. I forced it on QDev due to significant instances of cheating by a few players as well as a number of painted models being used. Don't blame anticheat for a choice a server admin makes.

Your whole attitude towards this makes you seem like a childish attention seeker. Your quote on IRC "in b4 shitstorm" implies you want to see drama and spam, I suggest playing some TDM and Duels and taking yourself over to the smack forum if that's your thing.

[console]

Well let's get started...

Jayyzus man,

Thanks for being cool about that through so many stanzas.

 

[The Happy Friar]

if I start a gloom server will that stop the pissing & moaning?

[Jay Dolan]

And you already run some kid's binary on your box, I seriously doubt you've reviewed every line of code of every program running on your system.

Well, that's not really fair to assume.  And more precisely, if he's running a popular Open Source platform, he can rest easier knowing that many, many eyes have been over the code he's using.  The likelihood of anything invasive or nasty living within such code is slim to none.

Personally, the only closed-source binaries installed on my machine come from NVidia, Macromedia, and Splash Damage.  And while I'm not thrilled about them, yes, I do feel much better about running those than I would about running one from a random Internet persona.  I think you would, too.

[R1CH]

Many eyes don't help when the distribution files get trojaned or the code itself is insecure. Granted open source programs usually have security bugs spotted pretty quick, but the quality of some open source projects leaves a lot to be desired. Take 5 random sourceforge projects and I can probably find a security bug in at least 1. I'm not really trying to get into an open/closed debate, just that given a small target audience, downloading and compiling / running some obscure program from the Internet is not really any different than running it if it were a binary.

[X'tyfe]

i would like to point out that CHEATS AND HACKS DO NOT EXIST FOR LINUX
that is all

[QwazyWabbit]

i would like to point out that CHEATS AND HACKS DO NOT EXIST FOR LINUX
that is all

Patently false assertion.
Model spikes and hacks will work with Linux just as well as in a Windows client. These are what AC was intended to detect.
Brightskins work in Linux as well as Windows. They are not OS dependent.
Gloom depends on certain client variables remaining in specified limits. These can be tweaked in Linux as easily as in Windows. There is no method to verify the variables are within those limits except for a mechanism like AC.
Anyone with bot sources can build an aimbot for the Linux clients.
Anyone with Linux skills is more likely to have access to cheat sources and be skilled enough to use them, perhaps more skilled than some Windows users who just load the stuff and need to be spoon fed the tools.

Using a Linux client does not automatically confer "Purity of Code".

QW

[X'tyfe]

hmm, i guess that would be true

then again, with the few people left in the community
i doubt there are any cheaters with enough knowledge to do such things

[RailWolf]

[QwazyWabbit]

Dang. I was looking forward to a nice flame war and religious debate and he agrees with me in the first round.

I am just going to have to go back to lurk mode and buy a tee shirt.

[X'tyfe]

you will have to do better than that

[Jay Dolan]

Many eyes don't help when the distribution files get trojaned or the code itself is insecure. Granted open source programs usually have security bugs spotted pretty quick, but the quality of some open source projects leaves a lot to be desired. Take 5 random sourceforge projects and I can probably find a security bug in at least 1. I'm not really trying to get into an open/closed debate, just that given a small target audience, downloading and compiling / running some obscure program from the Internet is not really any different than running it if it were a binary.

Package management systems use MD5 validation and trusted hosts to ensure you're installing legitimate packages.  And please, the quality of select software leaves a lot to be desired -- open or closed source.  It's just that with open source projects, you're more empowered to find the shortcomings (AND fix them).  But I do agree with your last statement.