RiotArkem

10 Apr

Comment

10 Apr 16:23 /u/RiotArkem on Reddit - Thread - Direct

Originally posted by wow_im_white

Thats good and all, but is there any way you can make it a cvar/setting of some kind? I hate to be selfish but I dont really want my game less responsive because someone in a less fortunate area has 1Mbps upload. Would it be possible what csgo does and have a default that you can change to allow data to be sent per frame? Maybe make the default less upload and then set a switch to allow more info

I know you guys are busy and im sure its not a big deal if its a little less but for people at higher levels it really matters to get the most info from your pc as possible

Definitely!

The current plan is to reduce packet rate by not sending packets that have little to no new information in them. For example right now in VALORANT if you don't move the mouse on a frame we still send a packet. These packets don't actually help responsiveness so we can skip them to improve the experience at no cost.

If we do end up reducing packet rate in a way that could impact responsiveness I think we would want to make it an opt-in setting (like a fps cap setting for packets). Currently you can kind of get that effect from the fps cap but maybe in the future we can make fps and packet rate independently configurable.

Comment

10 Apr 16:19 /u/RiotArkem on Reddit - Thread - Direct

Originally posted by REDDITWASRIGHT

Okay, I was thinking more along the lines of abusing DMA or SMM, but sure general purpose AI works too.

Still interesting though, web security things are bugs that can be fixed. Tamper protection can't be fixed because again, it's just kinda broken by design and there'll always be a way.

Might need to check that out lol.

Yeah I chose a deliberately outlandish example because I don't want to completely rule out the possibility countermeasures for any techniques just yet :)

Comment

10 Apr 16:17 /u/RiotArkem on Reddit - Thread - Direct

Originally posted by synds

How is this AI not detecting blatant aimbotting? Shouldn't it be able to see 1 frame snaps left and right? What they're doing should be an easy ban from just one ace alone, none of that was humanly possible. I feel like anti-cheats are not and never will be aggressive enough.

Currently our aimbot detection AI is a research project that is used to inform analyst investigations. Once we're more confident in its results we hope to let it ban players unsupervised but due to the error prone / probabilistic nature of AI we think that it'll primarily be an analyst investigation tool for a while yet.

Comment

10 Apr 16:15 /u/RiotArkem on Reddit - Thread - Direct

Originally posted by Sxcred

Do cheat developers use logs/other client information to see what the anti-cheat is banning for?

Is it impossible to lockdown the anti-cheat to a level the client can't see what it's doing?

We try to make our anti-cheat systems hard to analyze for cheat developers but there are some limits because at the end of the day the client is running on the cheat deverloper's computer.

Comment

10 Apr 16:14 /u/RiotArkem on Reddit - Thread - Direct

Originally posted by Sxcred

Do a lot of games tend to send as many packets as VALORANT is? I've had this issue over Wifi with so many games and I can never find an exact reason but this sounds exactly why it's always happened in only certain games over Wifi.

EDIT: To add, I've been playing the beta on Wifi this whole time and I've been getting lag spikes at the end of almost every round and getting a network error and it goes back to normal. Could that also be attributed to this? (150+fps, quick 300ping spike back down to 30ms)

It's not too unusual for a game to send one packet per frame though often there's a cap. VALORANT ends up sending a lot because frame rates are high and we're trying to make the game as responsive as possible.

Round end in VALORANT is a time where a lot of cleanup is happening, a lot of objects are being created and destroyed and that makes for longer frame times and more packets. It's not too surprising that you can get a ping spike at the start of the round. Hopefully we can improve this in the future!

Comment

10 Apr 16:11 /u/RiotArkem on Reddit - Thread - Direct

Originally posted by iRideUnicornz

A bit of a weird question to ask, but would you happen to have any video or images showing what a wallhacker might see with the FoW system? I know there's limits to this since the less info there is about this the more secure the system.

Still, I think it would be useful to players to see the limits of what a wallhack could do, either by helping us learn how to counterplay or detect it or to simply have more confidence in the system.

Thanks and keep up the good work!

I've written an article about the Fog of War system, hopefully it'll come out next week. It includes a gameplay clip that shows a wallhack both before and after Fog of War. Hopefully that'll be helpful!

Comment

10 Apr 16:09 /u/RiotArkem on Reddit - Thread - Direct

Originally posted by Mjolnoggy

Keep in mind that you will ALWAYS be playing catch up and that there are some extremely big-brain hackers/coders out there.
I don't envy your battle as it's going to last forever and it's going to be a hard one.

I agree!

It's going to take a lot of time and effort to keep cheaters under control but I think it's necessary if we want to create a competitive shooter that lasts.

Comment

10 Apr 16:08 /u/RiotArkem on Reddit - Thread - Direct

Originally posted by amakar_

Hey, first off keep up the great work. Second, maybe it would be better not to put out more info on the Fog of War. Less info out there, less info for people to use against you.

Thank you!

Thanks for the kind words!

One of the reasons I like talking about Fog of War is that it's one of the rare anti-cheat systems where knowing how it works doesn't make it less useful. We often don't share details of our security measures in fear of helping out cheaters but this is an area where I think being transparent is helpful.

Comment

10 Apr 05:41 /u/RiotArkem on Reddit - Thread - Direct

Originally posted by toocanzs

I wonder if the server could instead tell the player to play a sound at a specific volume with some direction to avoid telling them the location? Maybe that would have issues when walking towards a sound that plays for a long time.

Either way I'm glad you guys are focusing on cheating so much

I experimented with this a little bit and it was harder than I thought.

The problem I ran into is that how the sound is "rendered" depends a lot on the exact location and not just the attenuation due to distance. There are factors like occlusion and special effects like reverb that get applied based on position. Even the sound asset itself can vary based on exact location (imagine footsteps on grass versus footsteps on wood).

I concluded that it'd be possible to get it mostly working but the effort wasn't worth it. You'd end up with a mostly correct sound (probably a noticeable difference to what was originally intended) but a hacker could still guess a location from it with reasonable accuracy by taking the direction and volume of the sound.

Maybe someone cleverer than me will figure out a solution, if so I'd be happy to hear it!

Comment

10 Apr 05:35 /u/RiotArkem on Reddit - Thread - Direct

Originally posted by REDDITWASRIGHT

We reward bug bounties for information on weaknesses in our anti-cheat technology

Interesting, never heard of a bounty for bypassing anti-cheat before. How does that work? It's a cat and mouse game you can never win. So, uh, do I get infinite free money for bypassing your anti-cheat? If I tell you how to bypass every anti-cheat in a way that's not fixable because anti-cheat is just kinda broken by design (as I'm sure you know [but others here might not] it only stops people who can't make their own, and if your AC can't trust the HW it's running on anymore, it's game over), do I get paid?

It's similar to web security bounties, reports are eligible for a reward if they lead to a change in the software to address the reported flaw.

So for example if a researcher reports a way to defeat the mechanism that ensures that the game client executable hasn't been modified and in response we make a change to fix the attack (by improving the mechanism) they'd be eligible for a reward.

On the other hand if a researcher created a general purpose AI that could play the game impossibly well by using a keyboard and mouse that report is unlikely to be eligible for a reward since there's no improvements we can make.

Though this would be the least of their (and our) worries as the tac shooter robot uprising would soon begin likely destroying human civilization.

Comment

10 Apr 05:13 /u/RiotArkem on Reddit - Thread - Direct

Originally posted by toocanzs

Not sure how sound works in your game, but is it possible that hackers could display the locations sound comes from for footsteps to circumvent FoW?

Yeah, the need to play sounds for enemies even if you can't see them does weaken the Fog of War system, especially if a sound visualizing hack is used.

Comment

10 Apr 04:39 /u/RiotArkem on Reddit - Thread - Direct

Originally posted by MusicMedic88

Is there anyway you guys can make exceptions to people who are on Cloud based gaming VM's like shadow-pc? I am unable to play since Vangaurd wont install on VMs. I really really want to play but this restriction is alienating a bunch of gamers like myself!

Sorry for the inconvenience! If we find a way to support cloud gaming services without weakening our anti-cheat protections we're definitely open to supporting them. We don't have any plans for this right now though.

Comment

10 Apr 02:46 /u/RiotArkem on Reddit - Thread - Direct

Originally posted by NewBelieve

I don't know if this is related to the anti-cheat or not, but is the amount of information the game uploads going to be lowered?
I have 1 megabit upload where I live, I know people in similar positions, and they are unable to play the game with high FPS because for some reason the data the game uploads correlates with FPS. I've been having to sit at 90 otherwise I'm stuck with 300 ping spikes every 20 seconds.

We're working on it! It's not anti-cheat related though, it's because of how our netcode works.

What's happening is that the game is sending a packet every frame (sometimes more) to try and maximize game responsiveness. However, if your frame rate gets high enough the amount of packets can overwhelm your router (or your upstream bandwidth).

The workaround for now is just what you suggest (turning the FPS limiter on) but in an upcoming patch we'll have a fix that reduces the number of packets sent so that we don't accidentally crush routers.

Comment

10 Apr 01:39 /u/RiotArkem on Reddit - Thread - Direct

Originally posted by artifact_eddy

the cheater who get caught now are most likely coders of the cheat or people who try to mess with the code. its all fine as long as you cant buy them and casuals start cheating.

Well said!

I wouldn't say that it's fine exactly but I don't think the measure of success is whether or not there can be cheats, instead it's what impact cheats are having on the game as a whole.

Comment

10 Apr 01:37 /u/RiotArkem on Reddit - Thread - Direct

Originally posted by AetherPrismriv

Quick question: Are these bans planned to be instant as soon as Vanguard detects something? Like as soon as the system detects, it stops the game immediately and it ends in a draw?

A big issue that most FPS have is that most bans are delayed. The system detects the cheat, but only bans in ban-waves in order to "grab" more cheaters. This "delayed ban" logic is flawed, because there are games that will be influenced by that cheater.

Just stop the game in its tracks and instantly ban the cheater, or else its the old story of "1 cheater every game, because the output of hacks is higher than the output of ban-waves"

I'm hoping to get the bans as close to the detection as possible, even terminating a match if a player in it is detected. Sometimes there will be a delay because the cheater will be detected by some offline processing but I believe that where possible cheaters should be removed quickly.

It's a balancing act though because each ban gives cheat developers more information about what is detected and what is not, that's one reason that banwaves are a thing. Sometimes a banwave makes sense to try for maximum disruption of a cheat developer's operation.

We'll probably use both strategies but I'm going to advocate for immediate bans as much as possible because I want to remove cheaters from the environment before they damage any more matches.

Comment

10 Apr 01:21 /u/RiotArkem on Reddit - Thread - Direct

Originally posted by vvv561

Are you using heuristic-based anti-cheat instead of relying only on anti-RE/injection methods?

Yeah, having anti-tamper technology is important but it's definitely not all we're doing!

Comment

10 Apr 01:10 /u/RiotArkem on Reddit - Thread - Direct

Originally posted by -Champloo-

While you're replying- where is the best place to report bugs?

Eg: I've had a few games on 1 map where there is no A or B indicator on the map. I know which sides are which from the games it worked, but still a bug lol

Support tickets are great for bugs because the support agents know how to route the reports to the right developers. Other than that I know that devs are reading the bug megathread so that's another decent spot!

Edit: I'm pretty sure we've received other reports of this map bug, I heard someone mention it today so if I'm not confused we're working on a fix at the moment.

Comment

10 Apr 01:10 /u/RiotArkem on Reddit - Thread - Direct

Originally posted by Extra-Spicy-Ramen

It may not be huge but if you change the enemy outline to black instead of red, pixel based aim bots will be effectively impossible to make. As it is currently, the red outline can be easily detected by aim bots since it’s so different from all the surroundings.

This is a tough one because one of the functions of the enemy outlines is to make the enemies easier to distinguish against the environment.

I'm talking to game designers and our art team about possibilities here, maybe we can figure out something that's good for humans and bad for pixel bots.

Comment

10 Apr 01:08 /u/RiotArkem on Reddit - Thread - Direct

Originally posted by vDUKEvv

Have you guys considered an extra program for AC that runs in the background like services like ESEA or FaceIt? I don’t believe I’ve ever run into a cheater in ESEA over thousands of hours with the service.

I understand this is not exactly an end all solution and I don’t develop anti-cheat, but from my own experience no other way have I seen an fps game be void of cheaters.

Yes, definitely! Riot Vanguard is very similar to ESEA's anti-cheat in some ways, one of the anti-cheat devs from ESEA works at Riot on Vanguard now.

Comment

10 Apr 01:07 /u/RiotArkem on Reddit - Thread - Direct

Originally posted by NontranslationalGod

Have you guys considered doing a big bounty program? I think you could get some really great feedback from security professionals and hobbyists. Bounty program doesn’t even have to be monetary...maybe a credits wall in the training area with their game tag? Dunno, just a thought to help stay ahead of the people developing the hacks.

Yes! We've got a bug bounty program on hackerone, it's entering its 7th year I think, for a little while at the beginning I was one of its admins. We accept reports on anti-cheat topics as well as more traditional application security reports.

RiotArkem

10 Apr

Cheater banned

Cheater banned

Cheater banned

Cheater banned

Cheater banned

Cheater banned

Cheater banned

Cheater banned

Cheater banned

Cheater banned

Cheater banned

Cheater banned

Cheater banned

Cheater banned

Cheater banned

Cheater banned

Cheater banned

Cheater banned

Cheater banned

Cheater banned