Comment by mcv
Reliable anticheat is serverside. Clientside anticheat sounds like a fool's errand to me. You need to control the client, so that means the user cannot be in control of their own computer, which is contrary to the idea of Linux.
Reliable anticheat is serverside. Clientside anticheat sounds like a fool's errand to me. You need to control the client, so that means the user cannot be in control of their own computer, which is contrary to the idea of Linux.
Comparing VAC2 (released in 2005) to FACEIT in 2025 is pretty dumb. There are still absolutely cheaters running rampant on FACEIT and FPL.
The real solution is to limit information sent to the client, make it harder for cheaters to have reliable solutions to get access to critical game information. ARC Raiders has Theia anti tamper (very poor performance) but right now the number of cheaters is minimal because the select few who are smart enough to break the anti-tamper are keeping quiet. See other examples; The Finals, Roblox (Byfron) and Overwatch
> It’s fundamentally incompatible with open source
Yeah, I mean why would they open source their anti-cheats, would defeat the purpose, wouldn't it?
Not sure why you bring up OSS here, it isn't relevant in the least, plenty of non-OSS runs on Linux even though Linux and more is OSS.
Because with Windows, MS can put a list of trusted rootkit anticheats in the kernel and that cannot be changed (without having the source or breaking signatures when hex editing etc).
If Linux did the same, anyone could recompile the kernel with their fake anticheat’s signature. The fake anticheat would then present itself as real to the game. One could go as far as to rewrite the relevant syscall to falsely indicate to the game that the legitimate version is running.
Yes and no. I agree the only thing that can be reliable is server side.
However that means that anything based on reaction times and such is impossible to protect against (under reasonable conditions). At the end of the day you can always have a robot sitting at your desk. But there is steps to that. You can have something that highlights enemies, etc., you can have something that controls keyboard and mouse (maybe inside a VM, so you don't need hardware) and so on. You can reverse engineer packet encryption in a debugger (in most situations) and have something on the network messing with stuff and so on.
So in that regard, yes you can prevent everything you can prevent on the server, but you cannot prevent every sort of cheating on the server.
Everything that has rounds basically can be prevented (other than again a bot playing).
Everything that is complex to automate is better, but might just make cheating more "worthwhile".
The other thing you can do on the server is "dumb cheat" detection. Eg. the odds of someone being consistently as good at a game and such. Statistics like that is widespread and doesn't need any change on the client.
It works on Windows by essentially rooting the machine. MS holds control of a bunch of stuff because they hold the signing keys. It’s fundamentally incompatible with open source.