All Discussions > Steam Forums > Off Topic > Topic Details
Sebastian Nielsen Oct 13, 2012 @ 7:17pm
Why do speedhacks work at all?
Why do speedhacks work at all? (Source engine can we take as a example)

I can understand that a aimbot or wallhack works because those are things controlled by the client.

But why would speed be controlled by the client?
For example a health hack would not work, because even if you would hack your health to 9999, your health at the server would be 100 and server would consider you dead when it reaches 0 on server side.

Why can't the same thing be applied to speed?
If the client says at: 01:02:00 "Im at pos: X: 104 Y: 382 Z: 10" and then client later says 01:02:01 "Im at pos: X: 404 Y: 382 Z: 10", why can't the server simply say: "No, youre moving 50 units/sec too fast, your pos is X: 354 Y: 382 Z: 10" and then annouce the server-corrected pos to all other players...

It would be a easy fix to the internal source engine making all speedhacks unuseable, so why not fix it in the ground up?
And that does not affect the server performance at all, its a simple true/false check of if a new position is legal in regards to the old position.
Last edited by Sebastian Nielsen; Oct 13, 2012 @ 7:23pm
< >
Showing 1-15 of 20 comments
my dude Oct 13, 2012 @ 7:38pm 
Nobody's going to tell you how to cheat at a video game here. Just play the game like everybody else.
Last edited by my dude; Oct 13, 2012 @ 7:39pm
#1
Buttered Biscuit Oct 13, 2012 @ 7:41pm 
stop hacking.....problem ♥♥♥♥♥♥♥ solved
#2
Felix Oct 13, 2012 @ 7:47pm 
I think you've both misunderstood the point OP is making here...

He's asking why his suggestion isn't used to STOP speedhacking. He's not trying to speedhack himself.
#3
my dude Oct 13, 2012 @ 7:48pm 
Originally posted by Pann Jilette:
I think you've both misunderstood the point OP is making here...

He's asking why his suggestion isn't used to STOP speedhacking. He's not trying to speedhack himself.
lambo's solution still works. If people stopped hacking, the problem would be solved. In fact, it wouldn't even be there in the first place.
#4
Buttered Biscuit Oct 13, 2012 @ 8:07pm 
exactly and their are actually clans of hackers that hack just to piss people off by killing them then getting them banned when they fight back with hacks when they are using hacks themselves
Last edited by Buttered Biscuit; Oct 13, 2012 @ 8:12pm
#5
Sebastian Nielsen Oct 14, 2012 @ 6:00am 
Yes, im on the "Anti-cheat" side of the discussion.
(Im even experimenting with building my own anticheat, by streaming the game, classic nexuiz, a opensource free game, from a server)
http://www.youtube.com/watch?v=NL-FADxxYkM

The question is why the server trust the client in regards of speed.
The main rule when developing any internet-facing applications is "never EVER trust the client".
Last edited by Sebastian Nielsen; Oct 14, 2012 @ 6:03am
#6
s e a n Jun 12, 2014 @ 10:49pm 
More than likely, it doesn't have a speed check on it, since the only speed checker I have ever seen is in Combat Arms... And lemme tell you, you jump off a balcony the wrong way: you get teleported back. If it does check for speed, than the speed hacker has to be messing with another variable, (probably the time that the packet was sent or etc.) making it appear to the server, that he SHOULD be moving that fast.
#7
Sebastian Nielsen Jun 13, 2014 @ 3:47am 
Yes but why should the server trust the client's apperance of when the packet was sent? Why not simply let the server decide that? Theres no reason to trust the client at all...

Simply, let the client side portion of the game be a simply "dumb renderer" that simply renders data from a server, like a thin client, and sends raw movement commands (NOT position commands) and the cheat problem is solved.
Last edited by Sebastian Nielsen; Jun 13, 2014 @ 3:48am
#8
Fork_Q2 Jun 13, 2014 @ 5:06am 
Originally posted by Sebastian Nielsen:
Yes, im on the "Anti-cheat" side of the discussion.
(Im even experimenting with building my own anticheat, by streaming the game, classic nexuiz, a opensource free game, from a server)
http://www.youtube.com/watch?v=NL-FADxxYkM

The question is why the server trust the client in regards of speed.
The main rule when developing any internet-facing applications is "never EVER trust the client".

I know ♥♥♥♥ all about how cheats work, but this thread is interesting to read.
#9
Coffee Jun 13, 2014 @ 7:00am 
If games would work that way, lag would be considered as speedhack.
#10
BenjiGonzo Jun 13, 2014 @ 7:07am 
Originally posted by Fork_Q:
Originally posted by Sebastian Nielsen:
Yes, im on the "Anti-cheat" side of the discussion.
(Im even experimenting with building my own anticheat, by streaming the game, classic nexuiz, a opensource free game, from a server)
http://www.youtube.com/watch?v=NL-FADxxYkM

The question is why the server trust the client in regards of speed.
The main rule when developing any internet-facing applications is "never EVER trust the client".

I know ♥♥♥♥ all about how cheats work, but this thread is interesting to read.
Yep, I've been thinking of getting into this kind of programming for my career, so this is pretty interesting.
#11
Fork_Q2 Jun 13, 2014 @ 8:16am 
Originally posted by Silverfox:
Originally posted by Fork_Q:

I know ♥♥♥♥ all about how cheats work, but this thread is interesting to read.
Yep, I've been thinking of getting into this kind of programming for my career, so this is pretty interesting.

You want to sell cheats for games? I thought you were cool Silverfox, but not any more. ;-)
Last edited by Fork_Q2; Jun 13, 2014 @ 8:17am
#12
123 Jun 13, 2014 @ 8:18am 
Steam need to make the games more safe , then everyone have more fun!
#13
BenjiGonzo Jun 13, 2014 @ 8:27am 
Originally posted by Fork_Q:
Originally posted by Silverfox:
Yep, I've been thinking of getting into this kind of programming for my career, so this is pretty interesting.

You want to sell cheats for games? I thought you were cool Silverfox, but not any more. ;-)
Didn't see the winky, almost responded with "Hell no! I'm interested in security not cheating!". ( ͡° ͜ʖ ͡°)
Last edited by BenjiGonzo; Jun 13, 2014 @ 8:28am
#14
Sanchke Apr 18, 2016 @ 11:47pm 
Besides the retardness at the top of this discussion, this is a very good question. You seem to have a fair understanding of client Prediction and Reconciliation (http://www.gabrielgambetta.com/fpm1.html). There is a fundamental issue with such a simple fix: even with the best connection packets ARE lost in the internet. There are millions of variables that could mess with a packet moving across the planet. The server side must anticipate this, the server must be ready to interpret missing information. Your idea of sending raw commands like "W is down for this client" would be the go-to practice if packet loss did not exist. For instance, if the "W is down" packet lost it's way to the server, the server would never register that command up until the reconciliation would no longer tolerate it and send you back to square one, perhaps seconds after you originally pressed W.


As of you're idea of original idea of validating each position, that is a bit more realistic. The algorithms to determinate valid movement vary from game to game. (ie. will the client be falling far distances? Are their vehicles involved? can a player be pushed by another player? Are their any "speed boost?"). That all being said such a solution IS possible. Many triple A games utilize these custom made algorithms; but unfortunately for smaller game devs that use pre-made game engines do not have these custom made algorithms built in (such as Unity, Bullet, Unreal). The reason these algorithms are missing because they MUST be made custom, and some times, such as Unity, you don't even have access to modify the underling packet transfers.


Hope this halp'd.
#15
< >
Showing 1-15 of 20 comments
Per page: 1530 50

All Discussions > Steam Forums > Off Topic > Topic Details
Date Posted: Oct 13, 2012 @ 7:17pm
Posts: 20
Start a New Discussion

Discussions Rules and Guidelines