Anti-hack system discussion
This is not a complain about how many hackers in the game. Once I can join the passworded room, I would believe that is not my concern any more.
But new players still join the open room, so here I want to show what I think of the anti-hack system.
My main point is:
1. programmed methods (auto-ban, xtrap) are necessary but always slow in updating. It takes them 2 weeks to patch once, while it works for only several hours.
2. cfr file report is necessary, but in natural it is not a remedy. Game experience has been ruined before they review and ban a single player. While there are still many new account for hacking has built up.
3. Player interactive is the only way that can protect the game play. Like vote kick (current) and maybe future respawn button (my hope).
But vote kick always failed, I can summarize several reason here.
a. Player need hacker to help to finish their daily mission.
b. Player want to finish daily mission, when it is not blocked by the hackers.
c. Player don't care about hackers.
d. Player don't know who is hacking.
e. Player get misled by hacker
f. Hacker have a large base than legit player to dominate the vote.
g. Some guys get unfairly kicked would revenge by not kicking a hacker.
h. Player dedicate to the game would not notice any one hacking.
i. Player don't understand English and can not understand what is going on.
I would say,
case a might be a general reason the vote kick always fail.
case b might be the second major reason.
case c is a very normal reason.
case d can be changed soon, and is very unlikely to happen.
case e, after z8's notification in game start page, would be hard to take effect, unless the player totally would not read or don't know English.
case f, can I believe it is true, if so, we'd better quit gaming.
case g, I believe it is trivial, but ask yourself.
case h, might be a good reason, but should they notice some strange at least, for example, after 2 minutes?
case i, I can not believe this because when they know where is the start button. Or does that mean the word censor in game is too strong that they never learn the word hack?
Anyway, daily mission is really a big problem for vote kick can not work on hacker, while almost always get a legit player kicked.
To cancel the score of a daily mission when a hacker is confirmed sounds good, but it is extremely complex to be implemented, that need record all the separate game score till the deadline of a report should be submit and reviewed. Based on the speed that the report get reviewed, that probably be several months, and cause a big burden in data saving.
=====================================================================
Then something that is too old to be stale, honor system. At beginning, make it simple.
Rule 1. Player score 1 point when CORRECTLY reported hacker during given period of time (within 1 week after game), and lose 3-5 points for a wrong report, based on how hard a player can be identified as legit.
Rule 2. Vote kick is weighted by a factor 1.05^(honor points), and 60% of all the player's weighted vote would be a pass.
Rule 3. How many times a player can start a vote in a game depends on his honer points. A more responsible player should have more chance to keep the room clean. While bad reputation player will easily choose to kick the ace, or not kicking the hacker.
Rule 3. Additionally, allow room to add a restriction on honer points, example, anyone has negative honer point can not join a room, or minimal requirement is 10.
Here are some Q&A I can imagine.
Q1. Would it increase the number of reports dramatically?
Maybe, but reviewer can start from the reporter who has high score, because more likely this person has reviewed the replay and can tell the difference between a hacker and a legit player. This is the group of player who hate hackers (because they report more), make less mistake (because every wrong report will cost more they can earned from a correct one).
Moreover, when a player found his score keeps dropping by sending reports, would he consider to review the replay carefully before filing a report, or would he just keep sending, with an evil goal to block the reviewer's work (remember this will either not get reviewed or decrease their point so that less likely to be reviewed).
Q2. Would it increase the chance that you get kicked for being too good?
You can figure it out. If someone is so serious on hacking report, and seldom make a mistake to identify a hacker, would he help you from being kicked or help kicking you?
Q3. Can it be abused?
Yes, anything can be abused. But the only way it can be abused is in vote kick. Ask yourself how likely it could be when a player care about the honer point so much to kick you just because you are good.
Also, I should correct my statement: anything can be abused when there is no measure to rule it. So we just a way to rule. It is simple, for an unfair kick AS A HACKER, one can submit a report with replay, which once confirmed as a wrong kick, will cause the one who started the kick 5 points, and those who vote yes 3 points. Similarly, one can also report a failed kick, once proved hacker kick failed, anyone who vote no would lose 5 points, anyone who don't vote will lost 3 points.
All the number I used here is just a demo to show how it works. BUT IDEA IS, PLAYERS ARE MARKED BY THEIR ATTEMPT AND ABILITY TO KEEP THIS GAME CLEAN, SO THAT WE KNOW THERE A GROUP OF PLAYER IS MORE RELIABLE IN FIGHTING AGAINST HACKER.
======================================================
Last point, ALL OF ABOVE JUST NEED A SINGLE NEW FIELD (INTEGER) FOR EACH ACCOUNT. With initial value to 0, which cause his vote weighted 1.
He can keep ruining it till it is -2G, and as a reference 1.05^(-100) = 0.007. 1.05^(-10) = 0.61. You can see how fast his vote will go weightless.
The equation can be improved by introduce a non linear base. For example, base 1.2 for negative points, 1.05 for positive points.
But new players still join the open room, so here I want to show what I think of the anti-hack system.
My main point is:
1. programmed methods (auto-ban, xtrap) are necessary but always slow in updating. It takes them 2 weeks to patch once, while it works for only several hours.
2. cfr file report is necessary, but in natural it is not a remedy. Game experience has been ruined before they review and ban a single player. While there are still many new account for hacking has built up.
3. Player interactive is the only way that can protect the game play. Like vote kick (current) and maybe future respawn button (my hope).
But vote kick always failed, I can summarize several reason here.
a. Player need hacker to help to finish their daily mission.
b. Player want to finish daily mission, when it is not blocked by the hackers.
c. Player don't care about hackers.
d. Player don't know who is hacking.
e. Player get misled by hacker
f. Hacker have a large base than legit player to dominate the vote.
g. Some guys get unfairly kicked would revenge by not kicking a hacker.
h. Player dedicate to the game would not notice any one hacking.
i. Player don't understand English and can not understand what is going on.
I would say,
case a might be a general reason the vote kick always fail.
case b might be the second major reason.
case c is a very normal reason.
case d can be changed soon, and is very unlikely to happen.
case e, after z8's notification in game start page, would be hard to take effect, unless the player totally would not read or don't know English.
case f, can I believe it is true, if so, we'd better quit gaming.
case g, I believe it is trivial, but ask yourself.
case h, might be a good reason, but should they notice some strange at least, for example, after 2 minutes?
case i, I can not believe this because when they know where is the start button. Or does that mean the word censor in game is too strong that they never learn the word hack?
Anyway, daily mission is really a big problem for vote kick can not work on hacker, while almost always get a legit player kicked.
To cancel the score of a daily mission when a hacker is confirmed sounds good, but it is extremely complex to be implemented, that need record all the separate game score till the deadline of a report should be submit and reviewed. Based on the speed that the report get reviewed, that probably be several months, and cause a big burden in data saving.
=====================================================================
Then something that is too old to be stale, honor system. At beginning, make it simple.
Rule 1. Player score 1 point when CORRECTLY reported hacker during given period of time (within 1 week after game), and lose 3-5 points for a wrong report, based on how hard a player can be identified as legit.
Rule 2. Vote kick is weighted by a factor 1.05^(honor points), and 60% of all the player's weighted vote would be a pass.
Rule 3. How many times a player can start a vote in a game depends on his honer points. A more responsible player should have more chance to keep the room clean. While bad reputation player will easily choose to kick the ace, or not kicking the hacker.
Rule 3. Additionally, allow room to add a restriction on honer points, example, anyone has negative honer point can not join a room, or minimal requirement is 10.
Here are some Q&A I can imagine.
Q1. Would it increase the number of reports dramatically?
Maybe, but reviewer can start from the reporter who has high score, because more likely this person has reviewed the replay and can tell the difference between a hacker and a legit player. This is the group of player who hate hackers (because they report more), make less mistake (because every wrong report will cost more they can earned from a correct one).
Moreover, when a player found his score keeps dropping by sending reports, would he consider to review the replay carefully before filing a report, or would he just keep sending, with an evil goal to block the reviewer's work (remember this will either not get reviewed or decrease their point so that less likely to be reviewed).
Q2. Would it increase the chance that you get kicked for being too good?
You can figure it out. If someone is so serious on hacking report, and seldom make a mistake to identify a hacker, would he help you from being kicked or help kicking you?
Q3. Can it be abused?
Yes, anything can be abused. But the only way it can be abused is in vote kick. Ask yourself how likely it could be when a player care about the honer point so much to kick you just because you are good.
Also, I should correct my statement: anything can be abused when there is no measure to rule it. So we just a way to rule. It is simple, for an unfair kick AS A HACKER, one can submit a report with replay, which once confirmed as a wrong kick, will cause the one who started the kick 5 points, and those who vote yes 3 points. Similarly, one can also report a failed kick, once proved hacker kick failed, anyone who vote no would lose 5 points, anyone who don't vote will lost 3 points.
All the number I used here is just a demo to show how it works. BUT IDEA IS, PLAYERS ARE MARKED BY THEIR ATTEMPT AND ABILITY TO KEEP THIS GAME CLEAN, SO THAT WE KNOW THERE A GROUP OF PLAYER IS MORE RELIABLE IN FIGHTING AGAINST HACKER.
======================================================
Last point, ALL OF ABOVE JUST NEED A SINGLE NEW FIELD (INTEGER) FOR EACH ACCOUNT. With initial value to 0, which cause his vote weighted 1.
He can keep ruining it till it is -2G, and as a reference 1.05^(-100) = 0.007. 1.05^(-10) = 0.61. You can see how fast his vote will go weightless.
The equation can be improved by introduce a non linear base. For example, base 1.2 for negative points, 1.05 for positive points.
Comments
-
-
X7RIPLEJAXX wrote: »But almost everyone in CF has their honor as very bad
And half the people dont even know why its bad
I don't know why it is bad.
I feel honored for I still have my honorable soldier ribbon.
And I would be happy if I have 1000 point as I described here.
Imagine that one day there are lots of hackers, host start to restrict the players to play in his room by limiting the honer points, I think 1000 points can pass most of the requirement. -
On my iPhone atm, I'll just talk about Main point #1:
Xtrap has been updating a little faster than 2 weeks, evident with these last few days.
K back to class now. I'll post a more meaningful explanation later if this is still up
I can correct that, like update once a week but can shield hacker for 12 hours. Then 1/14 of the total time we are protected, 13/14 of the time we are open for them to attack.
And the frequency of the update can not be predicted, remember I have a post asking when will be the next patch? Several MoD said it doesn't depend on z8 and no one can tell when. -
MyBrokenSoul wrote: »just think about it, hack never ever die and Xtrap or cr... staffs are too lazy in their job!
I am trying to save them.
If vote kick can works better, hacker will get kicked very quickly.
Number of vote can be started can be related to the score of hacker report.
When staff are lazy to review, they can choose the reporter with positive score first, just sort the report by reporter score.
I suppose they will provide very precise information: hacker name, round, time, what kind of hack. -
On my iPhone atm, I'll just talk about Main point #1:
Xtrap has been updating a little faster than 2 weeks, evident with these last few days.
K back to class now. I'll post a more meaningful explanation later if this is still up
Waiting for your input. -
And more I want to discuss about: Auto ban system.
Previously, I suggested a two step procedure:
1. have a scan program with all the hacker detection algorithm for reviewer first, so that he can first scan the replay and find out some abnormal event, like bullet go through the wall, player moving too fast, jump too high, in a glitch position, rotate too fast to make sequential kills, etc. When it is proved to be good, release to player and ask them to scan the replay before sending report.
2. When all the things are mature, includes the developer resource, integrate it to client, not only used to detect the host client, but also check the interactive client (e.g., when [MoD]9 killed me in game, my client start to check that kill and his position). If an abnormal situation happens, and statistically more than one instance (from different players in same room), host start to register the player, and ask players to save replay and the end of the game.
I think this is the to lower the server's burden, if this kind of detection is needed. -
There are so many hackers/cheaters. Where did they get their cheating softwares? Are they mostly programmers? I doubt any professionals care to cheat on games. If a website is distributing cheating softwares or codes online, can Z8 sue them for damage? Imagine how many Z8 customers were driven away by those cheaters.
Another thing, I report almost every cheater from any game. But that also means, I have to wait till end of the game, by which time I will have gotten slaughtered. My death number is twice as my kills.
So shouldn't reporter get a little bit of compensation for incentives? -
Time to verify user age with credit card lol
That wouldn't make a difference, now would it? Mommy's and Daddy's are still going and buying their kids cigarettes and beer and so on, knowing that they can now be put in jail. I have noticed Xtrap doing its job lately and updating faster and more often. The Mods i believe can not give out patch release dates (if i am wrong someone correct me). The Honorable Soldier Ribbon can be taken away for other reasons besides hacking(correct me if i am mistaking), for example mine has been missing for a while now but i believe it is due to my account getting blocked due to Paypal/ZP Transactions. I quit letting people on my account since then, just to be safe cause i was gone for a year+. -
Replays don't record server/client abnormalities.And more I want to discuss about: Auto ban system.
Previously, I suggested a two step procedure:
1. have a scan program with all the hacker detection algorithm for reviewer first, so that he can first scan the replay and find out some abnormal event, like bullet go through the wall, player moving too fast, jump too high, in a glitch position, rotate too fast to make sequential kills, etc. When it is proved to be good, release to player and ask them to scan the replay before sending report.
2. When all the things are mature, includes the developer resource, integrate it to client, not only used to detect the host client, but also check the interactive client (e.g., when [MoD]9 killed me in game, my client start to check that kill and his position). If an abnormal situation happens, and statistically more than one instance (from different players in same room), host start to register the player, and ask players to save replay and the end of the game.
I think this is the to lower the server's burden, if this kind of detection is needed. -
Replays don't record server/client abnormalities.
It records all the players dimension as a time flow. Even replay from different player might be slightly different, but it is good enough to be able to scan off the abnormal client behavior that most hacker use.
- Shoot thru walls
- Under maps
- On the sky
- Aimbot
- Moving too fast -
The Honorable Soldier Ribbon can be taken away for other reasons besides hacking(correct me if i am mistaking), for example mine has been missing for a while now but i believe it is due to my account getting blocked due to Paypal/ZP Transactions. I quit letting people on my account since then, just to be safe cause i was gone for a year+.
That is the problem. An honorable ribbon is not fully related to the players' spirit of fair play. They have mixed it up with money (lots of ribbons -- zp soldier, coupon soldier, gun collector, etc, are related to the money). And there is no way to reflect the players' attitude.
When the system is driven by zp, gp, players would be easily choose not to kick a hacker, or even choose to hack ---- just because kick hacker would bring them nothing, while implement daily mission would be a great benefit.
And also, there is really nothing to protect a legit player from being a victim of hacker. Players keeps playing the game even there is a hacker, even hacker keeps killing him. He might expect some strong hackers to join his team and bring him the victory.
A way to overcome this in current system:
Each game should have a fixed XP rate altogether.
GP is distributed to player based on the his performance in game.
Daily mission need accumulate the XP to certain level to finish.
Then even if there is a hacker in his team, a player would not receive many xp points if he let the hacker play, because definitely, hacker will take away most of the kills and leave almost nothing to the other. In the schema, a player need to play like 200 games if every game has a hacker, to achieve his daily mission. They might hate hackers therefore.
Also, I strongly believe honor point system should be added to reflect the players' effort to keep a clean game. Add rank system can be related to it too. Each rank need a certain exp score and a certain honor point score.
Due to the big load of the reports that z8 received, they can also use the clan resource to ban the hacker in the clan. For example, if someone reported a hacker which belong to a clan, the report will first send to the clan asking for review in 1 weeks time. The ban decision by clan can be approved as an email notice with the replay to the player account (this can be automatic), player would not being banned immediately, they will know it when he was trying to login the game through a pop up window says: "your account is going to be banned because of hacking, check email (don't tell them which email account, because when hacker make too many email account, he would forget which to check sometimes) and if you have argument, send a further request for adjustment with the issue id in 7 days from now on".
When an argument is filed and reviewed as ban is a wrong decision, depending on the hardness to tell it, clan will be punished with certain amount of clan point or clan honor point. Doing a right ban will be rewarded 1 points. Either failed to answer the request or think should not be banned will involve a further review. And if the ban is the final decision, clan will be punished with more clan or honor point.
The clan's honor point will become important soon. And because the clan resource has done a prefiltering, it would lower the staff's burden.
==================================================================
THE HONOR SYSTEM I SUGGESTED HERE IS TO SPLIT AND PRIORITIZED THE BURDEN OF REVIEW TO THE COMMUNITY BASED ON THE REPORTERS ATTITUDE IN BLOCKING HACKER. -
The honor system that you suggested is a nice idea, but won't happen as the developers are Korean and wouldn't spend that much time on this, plus they wouldn't even know about it unless a GM messages them about it.
Sorry, but it's a dream that will never come true. -
GodsGunman wrote: »The honor system that you suggested is a nice idea, but won't happen as the developers are Korean and wouldn't spend that much time on this, plus they wouldn't even know about it unless a GM messages them about it.
Sorry, but it's a dream that will never come true.
The change can lead to two aspects. The side Korean developer has to do is to retrieve a field from database, count how many vote kick one has used, and change the vote system with the weight. That should be trivial.
Another part is to update the database with the additional field: z8 maintain this database and need to add the field, then to create other interface to change the field and summarize the reports. Is this really hard.
In the rounds of hacker outbreak, z8, smilegate and xtrap are always in the losing side. A patch can block part of the hacker for a short period, mostly we are waiting for next patch. Staffs have their hand full, hacker reports might be review after 1 months, and more players find it unfair and start to hack. So it goes to a disaster loop. More reports created and it takes even longer to ban a hacker, while more and more are starting hacking.
So there has to be a way to change it. I am just proposing the idea. Thanks for the comment, wish Saidin finally read and consider it. z8 said they are working on some final solution, however, if it is the autoban system, I would predict it would not change things much in a recent future -- the account system in Korean is different from here. Korean version can afford a not so accurate detection system because their ban would make it almost impossible to create a new account.
AND IF THE IDEA IS GOOD, IT IS JUST A MATTER OF TIME. But before that, the discussion of flaws and remedy is very helpful to keep GM notice. So, please feed your consideration, and make it a more solid idea and keep the thread up. -
Lazy_Genius wrote: »This seems like a lot of reading.
....To those who've read it already, can you support a tl;dr version? Or is this actually a good read, and his crusade worth fighting for?
I can summarize the main idea here. You can keep reading if you think the idea is worthy discussing
1. Add a honor point system, which is a field of integer in the database. And I note it as HP in the following paragraph.
2. Honor point increased by 1 for every correct and neat and in-time (7 days after the game) hacker report.
3. Honor point decreased by 1-5 for every wrong hacker report, depending on how hard to tell it.
4. Players with positive honor point can start more than 1 vote kick in a game, in a formula of log5(HP) maybe, it can be further improved.
5. Players' vote would be weighted by the honor points, if HP < 0, weight it by 1.2^HP (weight less than one), if hp >= 0, weight it by 1.02^HP (weight more than 1).
6. When there are too many reports for review, sort the reports by reporter's hp, review their reports first.
Additionally,
a. replay record room id, game start time, join time.
b. same game report on same person can be merged as one group, review only once.
c. a room might set a minimal requirement of the honor point to join, default to 0, which is default value of honor point.
d. vote should be recorded and an request for review unfair vote to kick a legit player as hack or to support a hacker can be justified. Support hacker or unfair kick legit player as hack will be punished by the honor point.
=========
A brief explanation:
a. it force player to review the replay before report.
b. it will reflect how serious the player hate hacker, how accurate he can tell a hacker from a legit player.
c. player will get careful about kicking and eager to report hacker
d. if someone still want to keep hacker, his vote might be weighted to nothing if he keeps doing it.
e. if someone still want to kick legit player, he might soon realize he could not do so because his vote weighted nothing.
The vote system will be grasped in the responsible players' hand.
Hackers can increase his honor point by reporting hacker, but he has a risk to be identified as a hacker in the replay submitted by him or others. He might be able to ruin a room in a short period by kicking others with his weight (reward to his effort to ban hackers), but very quickly he will be banned, if the review system is not overloaded.
And the honor system prevent the review system being overloaded, even it is possible to be overloaded at the beginning. In a long term, they will find more accurate and in-time reports, instead of busy with some worthless ones. Even someone want to flush the system with wrong report, his effort will soon lead to nothing because reviewer can choose the report by the honor points.
And normal player could enjoy the game by entering a room with all the players has shown their attitude towards hacker. I will believe that a hacker either can not enter a honor restricted room, or just get kicked quickly once he entered. -
what if z8 made it so that each ip has a limited amount of accounts they can make and yea.. i know they can simply change their ip but idk anyway detect if they are using an ip changer like some sites??
IP can change, most cable ISP has a dynamic ip pool. Your ip is not guaranteed to be same today and tomorrow. Imagine someone use that ip before and created 3 accounts, you might use that ip and can not create account from it. While hackers still can change ip, which gives them another chance to make 3 accounts.
A more reasonable method is record the modem MAC. Because most ISP (not sure about dsl, but cable is so) need change it for a new MAC by technician support, the attempt to change MAC need to call them to change it. However, it is time consuming, and normally means they need a new modem, because random change of the mac might cause conflict with others. That will increase the cost of hacking -
The change can lead to two aspects. The side Korean developer has to do is to retrieve a field from database, count how many vote kick one has used, and change the vote system with the weight. That should be trivial.
Another part is to update the database with the additional field: z8 maintain this database and need to add the field, then to create other interface to change the field and summarize the reports. Is this really hard.
In the rounds of hacker outbreak, z8, smilegate and xtrap are always in the losing side. A patch can block part of the hacker for a short period, mostly we are waiting for next patch. Staffs have their hand full, hacker reports might be review after 1 months, and more players find it unfair and start to hack. So it goes to a disaster loop. More reports created and it takes even longer to ban a hacker, while more and more are starting hacking.
So there has to be a way to change it. I am just proposing the idea. Thanks for the comment, wish Saidin finally read and consider it. z8 said they are working on some final solution, however, if it is the autoban system, I would predict it would not change things much in a recent future -- the account system in Korean is different from here. Korean version can afford a not so accurate detection system because their ban would make it almost impossible to create a new account.
AND IF THE IDEA IS GOOD, IT IS JUST A MATTER OF TIME. But before that, the discussion of flaws and remedy is very helpful to keep GM notice. So, please feed your consideration, and make it a more solid idea and keep the thread up.
Things are slow to change in business. G4Box has little power over the game, and I'm sure smilegate is more concerned with what the asian versions than this version. CF CN has next to no hackers and I'm fairly sure that CF Korea is the same, so unless they're really interested on what goes on here (unlikely), they probably don't understand how bad it's gotten.
G4Box was probably able to convince smilegate/neowiz about CF LA because it would directly provide extra income. Getting rid of hackers could provide extra income, but it would be indirect, meaning they're less likely to try it.
The trouble lies with convincing smilegate to do this, but since they're across the world and have their own problems with their game, chances are we're less likely to get anything.
Please note that I wasn't told any of this directly by a G4Box staff, this is simply what I've picked up over the past year or so on the forums. -
One way the mods can work faster is to use a data base handaler like sql then they can do quick search for a player in the report list and see how maney times reported and go from there. also Eather I am crazy or it seems that cence the kick vote was put in ffa and the mm games the hackers seem to be using tanker mode moor. In a no hack game I can get 20 + kills no problem but in a game like the daily mission I am lucky to get 10 kills. I have been playing this game a long time and have a good fealing when some one is hacking but I only report the ones I can prove by revueing the replay.
-
I played around two years ago before Mutant Mode and all this new stuff came out. The only hackers I remember are the ones speeding around with the M60 spraying like crazy. Even then those hackers came around in a blue moon. Now I don't know who is legit anymore. If someone gets five headshots in a row I think they are using aimbot but they could just be having a lucky moment. It has honestly ruined the game as I have to back out a lot more and I can't enjoy the game like I used to. I appreciate that the developers are trying to fix the issue. Keep on going and good luck. I just don't want Crossfire to turn into Combat Arms.
![]K[illa](https://z8games.akamaized.net/cfna/forum/customavatars/79/navatar_6049979.gif){kind=avatar}
This discussion has been closed.
Categories
- All Categories
- Z8Games
- Off-Topic - Go To Game OT Forums
- 1 Z8 Forum Discussion & Suggestions
- 16 Z8Games Announcements
- Rules & Conduct
- 5.2K CrossFire
- 954 CrossFire Announcements
- 945 Previous Announcements
- 2 Previous Patch Notes
- 1.4K Community
- 122 Modes
- 601 Suggestions
- 85 Clan Discussion and Recruitment
- 274 CF Competitive Forum
- 19 CFCL
- 26 Looking for a Team?
- 704 CrossFire Support
- 52 Suggestion
- 116 Bugs
- 29 CrossFire Guides
- 166 Technical Issues
- 47 CrossFire Off Topic