How SOE can stop cheaters in the short and medium term

Short-term:

For each server, there should be a GM watching 24/7 who can spy on players. (You DID code a "spy" ability, didn't you?) No exceptions. The "/report" command should get immediate attention and a fast ban hand if applicable. Somebody's griefing the warpgate? Warn. Kick. He does it again, ban. Somebody's clearly autoaiming? Ban. Delete his account, he won't be needing it anymore. Next. "But they don't have the money to..." SONY doesn't have the money? It's going to cost them a lot more than the $10/hour to hire somebody in lost SC sales.


Mid-term:

Server-side position checks. Somebody's sending "update location" packets too quickly and covering a large amount of horizontal distance on foot in a short time? He's either lagged hard or he's cheating. Autokick.

Server-side recoil checks. Somebody's getting an implausible amount of headshots at long range in a short time with a machine gun? He's cheating. Autoban.

Server-side damage/rate-of-fire checks. I hear of infiltrators doing stupid amounts of damage to vehicles, and my jaw drops- Sony, you seriously did not check for this? Somebody's claiming to do more damage than the weapon can possibly do? He's cheating. Autoban. Somebody's claiming to be shooting thirty rounds a second? He's either lagged hard or he's cheating. Autokick.


And to permanently stop cheaters, you might want to start requiring people's credit cards to be on file (no payment required, just being on file) and banning by that. People can get a new IP address in minutes. A new bank account? Not so much. Yes, this will probably decrease the player base, and you might have to merge servers. Do it.

Nobody, but nobody, is going to plunk down cash on a game where they see people running around at 100 mph and getting insta-headshotted at 200m with a CARV.

Also, here's a way to impede the wallhack crap: Lie, and lie extravagantly, to the client. Tell the client that there are enemies everywhere, embedded in the walls. People who aren't hacking will never see them. Somebody starts mass-spotting these fake enemies, who they couldn't possibly see with an unmodified client? Huh. Looks like he's cheating. Time for a ban.

Another mid-to-long term plan is to build dozens of fake cheat-tool websites and hire some SEO (Search Engine Optimization) companies to move these websites to occupy the first 2 pages of "planetside 2 aimbot" keywords or the similar on major search engine sites...

Setup the trap and let'em in.

Problems:

1) You say *a* GM.

One person. Watching thousands of players, in a game that is entirely about chaotic PVP battles. You'd need a full team, PER SERVER, so don't play that down; we all know Sony aint poor, but keep in mind that the developers are NOT Sony. They're a little corner office of Sony. They can't exactly dictate their budgets to the (massive) parent corporation.

2) What you're suggesting for "mid-term" solutions would appear to include a hell of a lot of scripting that would be constantly analysing player behaviour in a multitude of ways. Given that the servers are already a little unstable at times, do you really want to demand that they add that extra load? And what happens when all these automated anti-cheat systems start swinging the banhammer against innocent people who just got caught in a bit of a lag spike?

"I hear of infiltrators" "Somebody's claiming"

You're assuming that the smoke is directly proportional to the fire. This isn't necessarily the case.

"Yes, this will probably decrease the player base, and you might have to merge servers. Do it."

Yeah, because that would be a wise strategy for the initial launch period of a new MMO...

I understand it can be difficult to track all cheaters. But sometimes, like last night, it shouldnt be difficult at all. there were 3 players that were hacking and werent even trying to hide it. everyone playing knew what was going on and the 3 had to be reported by at least 50 or 60 people in a matter of 20 mins and they continued to blatantly hack and be obscene in /yell for hours after. SOE should be on top of behavior like that in less than and hour or they risk losing players and also promote even more hacking because frustrated players getting killed by hackers see SOE doing nothing and figure why not do it too. Not a good idea. IMO this a great game and the only possible down fall is hacking. we'll see what they do i guess,

Just need to change the memory locations of certain functions periodically and keep the hacker developers chasing them. It will tick off their customers enough during the down time between new cheat fixes the customers might give up on em. I don't know how modular PS2 code is but this would require a game download every time they change memory locs. If it is very modular then it would be a small patch.

No you wouldn't. This would be somebody who watches people only in response to the /report command, something that should be in place already. The percentage of people who hack/grief/whatever is actually pretty low, maybe one in a few hundred. It will get higher if they aren't policed, because kids will go "I want what that guy has". It will get lower if SOE starts getting rid of them, both from direct bans and discouragement.

It still has Sony's name on it. If hackers are everywhere, it's causing lots and lots of damage to Sony's reputation and people no longer paying money for PS2, and so a lot of response is warranted. If they're not, then only a couple of people need to be watching. If the GMs are overwhelmed, you hire more.

One single speedcheat+aimbot hacker in a tech plant can make 50+ people leave- this happened on Connery last night. One guy. Do you think those people who left are going to spend money? It would have taken a GM less than a minute to go "Yup, definitely a cheater", ban him, and move on to the next report. Do you think the cost of $.25 or so of a single GM's time is worse than the potential $100s of SC the cheater might have caused people not to buy?

Yes. If you don't have the server resources, you allocate more. If your server software isn't set up to do these checks, you change it so it can. Because the cheaters are costing them a hell of a lot more money than the hardware and programming time would.

Server-side sanity checks aren't some big deal, nor are they anything new. There's Quake and Minecraft servers that do them.

Read more carefully- I suggested only autokicks, not autobans, for the things where lag could be the cause.

This referred to the hacker's client making a claim ("I just did enough damage to kill that Lightning in one shot with my pistol"), not a verbal claim.

No, it's worse. It's always worse. Only a very small proportion of the population uses the forum. A lot of people don't even chat in game. When they're confronted with speed-cheating aimbotters they can't even see before they die, they won't make a public fuss. They'll just leave, and take their friends and their money with them.

It doesn't matter, because if the cheating isn't dealt with in an organized way, they're going to have to merge the servers anyway due to dropping server population.

I was actually going to suggest this, but unless the code is *really* modular, it wouldn't be terribly hard for a hacker to make a "find functions" command. Something that could actually work like what you're suggesting would probably require a complete rehash of the entire code base.

"It still has Sony's name on it. If hackers are everywhere, it's causing lots and lots of damage to Sony's reputation and people no longer paying money for PS2"

You're not getting my point there. That it has Sony's name on it is irrelevant. To Sony, the actual Corporation, Planetside 2 is pocket change. Less than pocket change. Oh, they'd like it to succeed...but overall, if it doesn't work, they'll kill it, and barely notice that they did so.

You're acting as if the developers have limitless resources; that they are a development arm of a massive corporation means that they almost certainly have *less* control over such things. In the end, their resources are being defined by non-gaming businessmen whose ultimate goal is to make the greatest profit for the *lowest investment*.

But don't mistake my critical attitude as in any way condoning cheating or suggesting that it's not an issue; it's always an issue. But it's always a struggle. And right now, the game is suffering more from the fact that a *big* percentage of potential players...can't play it at all, due to actual technical issues.

I don't think you're getting my point. Having one of its products fail in a public way affects the entire corporation. Joe Q. Public usually can't tell the difference between SOE and Sony as a whole, especially Sony's gaming division.

Does anybody here remember the whole Sony rootkit fiasco? That was done by another division entirely, and it's still costing the company- all of it- money. This is textbook public relations. A lot of people play this game, and it represents a major corporation. The Christmas buying season is here. If some kid can't make PS2 work properly (we are in full agreement that the technical issues need to get fixed, yesterday) or gets killed a dozen times in a row by the same hacker, and the splash screen reminds him that the game is made by Sony Online Entertainment, he's not going to want Sony *anything* for Christmas. That kid's not going to care about which department does what.

Sony produces computers, audio equipment, cameras, assorted electrical components, is a major player in the film and television industries...their musical arm has the rights to Michael Jackson, along with a multitude of other big names. And of course, they have an entire gaming platform.

Do you truly, honestly believe that the failure of a single game on a single platform, with a playerbase in the thousands rather than millions will actually touch them? Did that "rootkit fiasco" actually damage Sony? Because correct me if I'm wrong, but they're not exactly crumbling.

Even if the hypothetical kid doesn't want Sony *anything* for Christmas, he won't be able to avoid it, unless he boycots a wide variety of films, the equipment he's watching those films on, a wide variety of music artists, the equipment he's listening to them on, doesn't go to the cinema and generally stays away from technology in general.

What I'm ultimately trying to convey here is that the developers of Planetside 2 are undoubtedly aware of the problem. What they can do, what Sony is allowing them to do, they will be doing, and everything you've suggested...they'll have thought of. But the game came out what...ten days ago?

Things will be messy for a while. There will be bugs, there will be exploits, there will be outright cheating. And then, patch by patch, it'll calm down.

SOE needs to modify the L and The i Keys for names, give the i the typical "I" appearance give the lower case L a slight curve at the bottom or something for god sake, i ran into a player who was named IIIIIIIIIIIIIIIIIII but i couldnt report becuse he killed me before i could Q > Send message him to get his name and i couldnt tell if it was L's, i's or a combination of both!!!! he sucked at aiming and i could hit him did so a few times, but he was rubbernecking all over the place (warping, rubber band effect) he was also yelling about how enyone who plays PS2 is feaces, that SEO is feaces, that the game is feaces, about how he was gona kill us all blah bah blah. but ive also been shot though cover when there was no one around, ran into invincible soldiers who dont even drop shields after unloading a full clip at point blank, and vehicals that cant be damaged or instantly heal themselves to 100% after being shot.

This feaces is Tucking insane!? SEO needs to impliment somthing like this >>Anti-Hacker coding<< and SOON its ruining the game.

Your signature animation looks a teeny bit perverse

I was going to post a rather meaty comment on bronies but then we don't want this forum to turn into another forumfield.

Yes, sanity checks are required. Abnormal results should be investigated by a live team. A lot of stat crunching needs to take place to get an idea of what the normal results are.

The coding departament has their resources stretched thin, I assume. And they're the guys who could actually implement those sanity checks. Unfortunately you can't just throw more manpower on the problem - with rushed development the code I'm guessing is a pile of hacks and broken design patterns duct taped with last-minute improvised solutions that everybody is afraid to touch.

SOE are doing alright. Could it be better? Sure but it isn't the doom and gloom people make it out to be. We have /report. We have in game support tickets. If I think someone is cheating/exploiting I do the following.
1) Record the player and review it to make sure I'm not about to report a player that is just that good.
2) use the /report [playername] command
3) follow that up with a ingame support ticket based on community standards.

after uploading the video to youtube, as an unlisted video, I provide the link on my support call.

As the game gets bedded down we should expect suspension and warning to players doing things while not hacking but just exploiting the system. Data mining can flag potential hacker even if they get passed the 3rd party program detection by doing many of the things the OP talks about but in a way that doesn't impact real time play. I

For example something like this could be done.
1) data mine the datawall and check for infantry movement that is to fast to often. Flag accounts that are above a certain threshhold
2) those account then get a 2nd level of automatic surveillance that is handled as the data come into the datawall real time.
3) if said behaviour is detected a CS team member is immediately notified for investigation

we already have 3rd party program detection in and they batch them up and do bannings in bunches.

I don't think we need to tie accounts to any credit cards personally. There are more effective ways to ban a player then by their IP address. People like me who have premium access plus over 40,000SC in 1 account have a high investment in this game but I wouldn't want them to limit the player base like you've said. Take away my cannon fodder and I'll get bored more quickly

so cute, helios is around for ages now. NO ONE managed to ban him and his cheat engine effectivly in the last years.
and you think this can be solved easily? did i mention you guys are cute?

gl sony. you will need it.

SOE just need to hire a killer and shoot Helios ^^

There is a way to limit the burden on the watchers, Steam profiling:

Make everybody use a Steam account to play the game, tie the SOE profile to the steam profile.

Players with only PS2 on their profile will be on a special watch list, these can be throwaway accounts for cheaters.
If there are some other games, but only free to play a less severe watchlist, these are more likely to be just cheap players or kids without a way to buy games.
If there are games bought with real money on the profile, this is probably a legit player. Watch only if reported.

No CC data needed, no restrictions for free players and everybody has steam, right?

Make hit-detection server-side. Will it suck with lag? Yes.. but it's more fair that way.

Actually that's not true. You really just need one person dedicated to it, rotate to a new random server every day. Once the ban hammers start swinging you just have to make it very public who is getting banned and why. Word gets around that cheating is not tolerated, and then suddenly the would be script kiddies think twice. There will always be idiots, but it would be a much more manageable level