Jump to content
Sign in to follow this  
maddogx

POLL: Do you want ArmA Anti-Cheat?

Recommended Posts

Hi there,

as you all know, ArmA patch 1.08 was released a few days ago, finally fixing the long awaited addon signature check functionality. Because of this, I decided to withhold my server-side anti-cheat script for the time being, and to wait and see whether it would be needed at all.

Now, over a week into 1.08, it seems that cheating is still a problem in ArmA, as can bee seen in zootia's thread. It appears that most server admins are either unaware of the new server-side scripting functionality, or they don't know how to use it.

Apparrently my anti-cheat script (rechristened ArmA Anti-Cheat or simply ARMAAC) may not be completely useless after all. For those of you who haven't heard of it yet, here is a short description of its features:

Quote[/b] ]

Ease of use: ARMAAC can be implemented in any mission with a single line of code. No scripting skills required.

Easily updated: All ARMAAC scripts are run from a server side addon that can be updated at any time without needing to edit the mission.

Server Side: The ARMAAC addon is only required by the server, not by the players. No player will ever need to download any addon for ARMAAC. They don't even need to redownload the mission if the server admin updates ARMAAC.

Secure: All scripts a run on the server. No player can tamper with them.

Addon compatible: ARMAAC is compatible with all addons and mods and will allow users of non-malicious mods (such as the FDF-Soundmod) to play without problems.

ArmA compatible: ARMAAC can run alongside the existing ArmA anti-cheat functionality. There is no need to deactivate either one.

As the thread title says, do you want to see ARMAAC released and implemented in MP missions?

Vote over!

<span style='font-size:12pt;line-height:100%'>Result:<span style='color:green'>YES</span></span>

Share this post


Link to post
Share on other sites

Hell yeah. If the BIS one ain't working 100% yet, we can use this.

My vote's YES.

Share this post


Link to post
Share on other sites

Before I vote, I want to know how your addon works what script is included? Where can I get it? Does it really work?

Share this post


Link to post
Share on other sites
Quote[/b] ]

Ease of use: ARMAAC can be implemented in any mission with a single line of code. No scripting skills required.

Easily updated: All ARMAAC scripts are run from a server side addon that can be updated at any time without needing to edit the mission.

Server Side: The ARMAAC addon is only required by the server, not by the players. No player will ever need to download any addon for ARMAAC. They don't even need to redownload the mission if the server admin updates ARMAAC.

Secure: All scripts a run on the server. No player can tamper with them.

Addon compatible: ARMAAC is compatible with all addons and mods and will allow users of non-malicious mods (such as the FDF-Soundmod) to play without problems.

ArmA compatible: ARMAAC can run alongside the existing ArmA anti-cheat functionality. There is no need to deactivate either one.

I vote yes.  I cannot think of any reason not to implement this as it seems like a rather unobtrusive solution from the above description.

Share this post


Link to post
Share on other sites
I want to know how your addon works

Basically it compares certain config values of each player to the config values on the server. If the values are different then the player will be considered a hacker. Only config values that can be used for cheating (increased ammo, enhanced weapon damage etc.) are flagged as cheats. Sound mods are ok.

what script is included?

At the moment, only a basic anti-cheat script is included. Later, I want to implement some advanced teamkill detection functionality that can be enabled optionally.

Where can I get it?

It is not available yet. I want to see if people (especially mission makers and server admins) even want it before I release it. If not enough people are interested, the scripts will be kept private and only hosted on selected servers.

Does it really work?

Absolutely, yes. We hosted a private beta test a few months ago and all was fine. The script has been reworked since then to improve security and reliability, but the functionality is essentially the same.

Share this post


Link to post
Share on other sites

hell yeah we want the ArmA anti-cheat. Anything that will prevent this or even limit it to a degree is wanted.

This will only provoke them to find anti-measures and escalate the situation, but inaction is acceptance. confused_o.gif

Share this post


Link to post
Share on other sites

Yes - as long as the overhead on server resources is not too high, needs to be tested on a server with a large number of users.

If you could also have an option (that admin can choose whether they want to enable) to prevent 'command spotting' where you hold down the space too look around a spot targets that you really can't see (i.e. behind wall etc). That would be fantastic

Share this post


Link to post
Share on other sites
Yes - as long as the overhead on server resources is not too high, needs to be tested on a server with a large number of users.

I agree, though I don't expect it to be too bad.

If you could also have an option (that admin can choose whether they want to enable) to prevent 'command spotting' where you hold down the space too look around a spot targets that you really can't see (i.e. behind wall etc). That would be fantastic.

Hehe, nice idea but I don't even know if that's possible. Better stick with the basics for now. wink_o.gif

Share this post


Link to post
Share on other sites

My vote's yes - let's hope it puts an end to these scumbags' idea of fun at our expense mad_o.gif

Share this post


Link to post
Share on other sites

As the owner of the server that started this discussion my vote is

YES!!!

notworthy.gifnotworthy.gifnotworthy.gif

Share this post


Link to post
Share on other sites

I think this is definitely something you should continue work on. Its a much needed tool for server admins who can't be logged onto the server all day! Great job! biggrin_o.gif

Share this post


Link to post
Share on other sites
verifysignatures = 1..

it's not hard.

After several minutes of careful deliberation, I have come to the conclusion that your post failed to make any valid point.

I counted it as a no anyway.

Perhaps try reading the original post before replying to it.

Share this post


Link to post
Share on other sites

There's one major draw back for me, and that's the fact that it has to be integrated in the map. That means for me that responsibility is both on the server admin (for making the server sided addon available on the server) and on the map maker (for adding the call). The map maker would either be making a map that cannot be run on servers that don't have the addon present, or he'd have to add the option to enable the frame work or not (e.g. through param1/param2 selection).

If it was possible to run the frame work as part of the server sided scripting, e.g. on a onUserConnected event, I'd definitely say yes. That way the map maker is not burdened with integrating the framework (even if it's just one single command to add), and the server admin would not have to limit his choice of maps to those using the frame work.

Share this post


Link to post
Share on other sites
There's one major draw back for me, and that's the fact that it has to be integrated in the map. That means for me that responsibility is both on the server admin (for making the server sided addon available on the server) and on the map maker (for adding the call). The map maker would either be making a map that cannot be run on servers that don't have the addon present, or he'd have to add the option to enable the frame work or not (e.g. through param1/param2 selection).

If it was possible to run the frame work as part of the server sided scripting, e.g. on a onUserConnected event, I'd definitely say yes. That way the map maker is not burdened with integrating the framework (even if it's just one single command to add), and the server admin would not have to limit his choice of maps to those using the frame work.

You assume too much. If the ARMAAC addon is not present on the server, nothing happens. The mission will still run without problems - just that there will be no cheat protection.

No worries, I'm two steps ahead.  wink_o.gif

EDIT:

Just to clarify:

When a mission maker includes the ARMAAC call line in his mission, he is making it "ARMAAC compatible" but not dependent on ARMAAC in any way. Server admins can still decide if they want to use the anti-cheat scripts or not.

Also, I'm thinking about releasing the server-side ARMAAC scripts for known server admins only. This way, the cheating community should have a harder time figuring out how to counter them. If the scripts are released publicly, they will immediately be able to tear them apart and find ways to get around it.

Share this post


Link to post
Share on other sites

I vote YES, anything to shut these losers up.

Its people like this that make game life shorter sad_o.gif

Share this post


Link to post
Share on other sites

I vote <span style='color:green'>YES!!!</span> Two Defenses are better than one even if the ArmA Signature worked.

The current problem with using the VerifySignatures = 1 is that MODs like FDF Sounds will be affected by it. Till MOD makers actually start using the Signature Keys we'll have to leave that Feature OFF. I can't play ArmA with Vanilla Sounds anymore. So this alone justifies your current Cheat Busting Fix. wink_o.gif

Let me know where to sign up so I may use this on our Servers.

Share this post


Link to post
Share on other sites

Ok, it appears the general tendency is toward "yes", so that question would be settled. The next question is: how to make sure it stays secure?

As I mentioned earlier, I've been toying with the idea of only releasing the call code to the public, so mission designers can decide for themselves whether they want to implement ARMAAC support in their mission. The ARMAAC addon itself would only be made available to known server admins, so they can put it on their server.

This would mean the general public would (ideally) not get to see the actual code, making it harder for cheaters to counter it on the one hand, but also denying others the chance to look at the code and perhaps learn from it.

I'm generally a promoter of open source projects, but in this case I'm more inclined to keep the code secret for as long as possible. firefoxlover.gif

Any opinions?

Share this post


Link to post
Share on other sites

What your saying makes sense and is good in theory. But eventually it would get out into the wild. But I agree there should be some type of server admin verification used in order to receive the code.

Share this post


Link to post
Share on other sites

Would you release the Script/Code needed to modify other Missions to those of us who have and Run Dedicated Server. I'm sure some of the guys in my group would be able to Modify all the MP Missions we host with this Anti Cheat. This way we wouldn't have to depend on Mission Builders to implement it.

Share this post


Link to post
Share on other sites
Would you release the Script/Code needed to modify other Missions to those of us who have and Run Dedicated Server.  I'm sure some of the guys in my group would be able to Modify all the MP Missions we host with this Anti Cheat.  This way we wouldn't have to depend on Mission Builders to implement it.

The implementation code for missions is really just a small bit of code that can basically be implemented in any mission by anyone. You only need to modify the init.sqf (or create it) and put the call code in the first line (or wherever you want it to start checking for cheats). The call code runs the scripts if the current computer is the server and if the ARMAAC addon is there.

So yeah, you could edit the missions yourself if you want to. But I'm hoping that as many mission makers as possible (most notably KilJoy) will implement it themselves.

Share this post


Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  

×