Replays suggestion to combat hackers and save good moments

suggestion

#1

I don’t feel like typing it all again, so here’s the quote from my dead thread :smiley:

IMO this does kill two birds in one stone, however, if you have better ideas for tools we can equip server-staff with in order to fight and combat hackers, then do tell below.


#2


Confirmed.


#3

Still doesn’t confirm how replays will be like. For instance whats stopping me from saving a replay on a server and then free-cam my way around and look for bases? :thinking:


#4

Well played good sir.


#5

I feel like the main thing stopping that is that the developer, nelson sexton, has a brain and isn’t a complete idiot. Either way, if it was a server tool for admins, exploiting it is a non-issue, as there are far more mean things you can do as admin and if its something you can do as a “normie” in game it could either be instant, but with no freecam and just your/your groupmates perspectives, or a 2 (probably more but we dont know the pace of the game) or so hour buffer before you can view the replay in a mildly freecam perspective, where you are tethered to your character so you dont just fly off and look for some bases or something.


#6

I can only expect it to only offer first and third person on only you and your teammates I guess.

A CS:GO Overwatch-like system for server admins would be a dream but incredibly hard, overcomplicated and overrelies on good server staff which with this community and average age, I doubt it’d work well.


#7

I suppose you could do that, however, the file used to replay back things would save all structures, where their x y z is, and etc. I don’t see an easy solution for the client to “pick and choose” what structures should or shouldn’t be saved. Ultimately this line of thought would mean players will find a way to cheat the replay system in order to spot structures not limited to 1st/3rd person or “unlock” replays without directly hacking or use of a hacked client in-game.

It’s a whole lot better than say, having absolutely no way to defend against hackers. I’d appreciate methods or tools to catch hackers - and franchises that are dedicated to cleansing hackers will be reputable and known for such a thing.

Which is great - reputable, good servers with active staff to catch hackers get their respected and rightful reputation while players that appreciate no cheaters will play on them. Likewise, dead servers will no staff may and more-than-likely will have more cheaters. Why cheat on a server with active staff and mods when you could go join one that has none?


#8

Not only is this gonna be very difficult, it is also very costing on performance as your computer has to render everything that happened in that replay within a certain time period which could be as long as 30 minutes or above.
Finding a handful of loyal people to view the fottage might be easier than anticipated. But more often than not, it’s gonna be kids falsly accusing people of hacking which is very time-wasting. So it’s far more difficult than what you see on paper.


#9

As of now, all games suffer from hackers. And there is no fool-proof way to get rid of them. The best way is to involve humans into the investigation and check for themselves. But that is gonna be extremely difficult for the reasons I stated in the comment above. So the best way we can handle hackers as most games do is to rely on the anti-cheat system that auto-detects if there’s a software interfering with the gamefiles. But Nelson has to do a better job at concealing the codes and files because currently it is as easy as replacing a 0.5 with a 0.1


#10

Why would it be hard to watch a replay? It would be the exact same performance as if you were there, in the moment, at that exact angle. Theres not much difference. If anything, it would be EASIER to render than the normal game??? :thinking:

OK. We take a quick 3-5~ minutes to review the latest replay log provided by the server. That sounds overwhelmingly easy to me. And 3-5m is worth proving someone isn’t cheating via replays compared to whoever knows how long I’d have to follow behind someone in /god /vanish for ~30m. Because that is frankly the only other way to gather concrete evidence against someone. I’d much rather prefer replays, obviously.

This method seems very fool-proof to me. The only possible thing I can think of, is if someone were to manipulate the packets in a way that benefits them or covers them during a replay. Which I think would be impossible, as server-side replays would be the packets the server-side recieved from players. Unless, somehow, a hacker could send double the packets (one his actual hack movement, one his fake movement - which even then would be an extroidinarily difficult feat, and how would the client know how to simulate real movement in an environment? How would it know how to line up at the perfect angles when firing, or etc?)

I see no way of this being circumvent-able - besides merely denying the server update packets (at which, how are you supposed to move on the servers side?)

Which, clearly, isn’t doing a good job in every game ever. This method could ensure perfect, un-debatable, concrete evidence that someone was infact cheating through good, observant moderator-analysis

Probably even the most obfuscated and concealed code can be cracked.


#11

Maybe just implement something like CS:GO’s Overwatch system?


#12

How so? Like RMOD observatory? Where servers submit a multitude of screenshots of the suspect (server-replay) to a centralized website where a jury of qualified people dictate if the suspect is hacking or not? That would be cool as an official server-wide way of democratically punishing cheaters, and I’d most lovely oblige

However, unlike RMOD observatory, this should be ran by Nelson directly. RMOD observatory was a private program and Sven (it’s owner) abused the fact he could ban anyone he wanted with no jury, no appeals, even if they weren’t hacking. Thats something disugsting that I don’t want to see ever again. Also, another fault of RMOD observatory is that it came with RMOD by default, and was on by default, and most server owners had no clue what it meant - so they left it on. This overwatch system should be installed by default, should be enabled by default, but should have a small warning next to it explaining what it is (and perhaps these servers enabled/disabled could have their own filter)

Example config -
image
dont mind the horrendous color choice of my notepad++


#13

I never said it was hard to watch. I always make comments regarding the coding difficulty for Nelson. So when I said it would be hard, I meant for Nelson.

The video has to render EVERYTHING going on in the map as it is not a stream. When you’re playing, everything that players do goes to the server and doesn’t render. But in a recording, there is no “uploading to server” everything is already done and should be rendering thus giving a giant choppy file

Rain, Unturned is a survival game, not a battle royale or a fast-paced game where 3-5 minutes is enough. 3-5 minutes could well be the player simply walking their way to the city, or harvesting crops, or chopping down wood, or crafting shit. You need a good 30 minutes of footage so it can be good and suffiecient to determine whether that person is 100% hacking.

Is it really? 3-5 minutes of some random dude chopping down wood? Because there is no real way to determine when this guy was actually in combat and legitamately using cheats. You might suggest 3-5 minutes just before reporting the player. This requires the game to be constantly recording the game from server launch to current date because there is no other method to use recording of a game unless you have a recording yourself, or the game has been recording this entire time because, again, this is a survival game it has no real start and end besides server launch and shut down. And having the server be recording everything this entire time is gonna be majorly costing on performance. And hacking isn’t always aimbot, no recoil and such. The player could very well be using wallhacks and pretending like they can’t see players through walls. People don’t always aim at people through walls and prefire as what you see on “Unturned hack” videos. Which is why I said 3-5 minutes is not enough to prove anything except for extreme cases where the player is simply flying and shooting an invisible gun for 10 minutes straight and killing everyone including fresh spawns.

Good luck finding that in today’s communities

Again, not everyone is blatantly hacking like those CSGO spinbotters. Some require a lot of observation in which 3-5 minutes is not enough. Not even for a straight up fast-paced shooter game like CSGO.

Again, there is no perfect way of dealing with hackers, but at least making the codes a bit more discrete will make them harder to crack. At the end, we can’t really stop hackers, we can only slow them down, and concealing the files and the codes is one of many ways


#14

this really makes zero sense.

OK. Someone reports a player for hacking. Do I look at when they were strolling around farming 3 hours before the incident, or do I simply go to when the suspect did his fight? Common sense, please.

I really hope you understand that when I say “record” we aren’t talking about recording a screen or pixels. These replay files and “recordings” are extremely small files ranging in the KB to MB sizes. They’re extraordinarily easy to create, process, and play-back. I think thats where you’re getting confused (somehow). All they need to do is

1 - Record x y z of player
2 - Record pitch, yaw, roll of player
3 - Record what buttons player is hitting, such as equiping a weapon and firing
3 - Do this 10-20 times a second. Perhaps a server config can be adjusted to make this higher for crisper play-back

Games like Halo and Fortnite can easily do this stuff. Have you seen how large a replay file is in fortnite? I just asked me friend to tell me how large his BIGGEST replay in Fortnite is and is only 16mb

This is in regards to hacks that are blatant if someone were observing them. Aimbot, wall-hacks, shooting through walls, flying vehicles, walking through walls, terrain, etc. Of course some hacks like ESP will never be detected unless 4.0 has /spy (which will just be circumvented with anti-spy measures since the spy screenshot is client-rendered and client-side).

Sure you could join a server and use the really low-detection hacks like ESP, but why bother joining a server with active moderation that you know will catch you once you start doing more blatant things like aimbot, when you can join a server you fully know well has no staff? Hackers are warded off from these kinds of good, well-moderated servers.

I’ve seen hundreds of dedicated, good Minecraft servers that have great staff. My franchise has great staff that used to always manually inspect everyone with /spy before it was rendered useless by anti-spy

Again, there is no perfect way of dealing with hackers, however, giving servers the tools and equipment to catch then effectively is a good start, and having multiple measures (like obfuscating code) is also a good offense against hackers. The reason I dislike the idea of obfuscating code and Battleye is that they’re temporary inconveniences and shields against hacking. Once hackers unobfuscate the code it’s over. Once people crack through BE it’s over until the new ban wave - and the free-to-play nature of the game does not help BE’s case as most hack accounts are merely alts.


#15

Ontop of this, EVEN if you think this would be “too intense” on the server-side players that confront and fight the hacker could always send in their client-replay to the mods privately and tell them what time-frame to look at. This is WAYYYYY easier for players on any kind of machine to do compared to demanding players to “video record” hacker confrontations - which some computers can barely record, and the file sizes would be 100x larger


#16

I think that the only problem with the Overwatch-like system is Unturned is basically notorious for having staff that either don’t exist, or don’t contribute/abuse.

I’ve almost never seen 3.0 staff go out of their way to help people out, or try and fix things for others. So I’d doubt this replay system would go to enough use by the top servers.

This is also a concerning issue for Official Servers. We can’t have “vigilante investigators” or something like that or else they can use it for their own benefit (for example: the replay is a base raid that fails - investigator can just raid it outside of the replay) and I don’t think there will be enough people that will go and watch clips, but not actually play the server.

However, if there’s enough official servers, maybe this won’t be necessary because investigators won’t be able to identify which server, but it’s still highly likely they can use a replay to their own benefit.

Admins might be able to find crucial info as well for their own servers, so they get forced to not play on their own servers without indirectly abusing and pretending not to know where their base is.


#17

Doesn’t mean we should punish servers and franchises who will make use of these tools. I definitely will.

Who said this idea was only for official servers? This overwatch system could be serverlist-wide affecting all servers that are apart of it. How are you supposed to know the suspect is on Valve Competitive US #135 instead of Valve Competitive Middle East #8? Theres a whole sea of servers, and I doubt you could draw the lines as a juror of this system in order to abuse it.

When Observatory was around I had never once saw I case of an innocent mans screenshots being uploaded, him being voted innocent, but later a juror abusing these screenshots to raid their base or otherwise do something else with their location. It sounds like nonsense to me.

So you agree if this is server-wide it won’t be a problem. Great. ^w^

If this was a serverlist-wide jury system I doubt the admins of my server would be the ones participating in this. However, if they wanted to leave this up to the local staff team (as originally thought) then sure, you could say you gained crucical info as a dictating staff member who is reviewing the replay. Then again, aren’t you going to get tons of info anyways? The only other option is to, as said previously, go in /god /vanish and follow them closely, watching their movements for any bizarre cheat-like behavior.

Surely running around with a guy for 5-10m will reveal a lot about them, their base, their team, where they store loot, or etc. If anything, replays could and should minimize the amount of unnecessary extra “abusive” details that staff will pickup on as they would only have a small portion of the entire gameplay to look at - the portion of time when the suspect was accused.

=========

Even outside of hack-detection, replays could serve hundreds of uses whether recorded on client-side or server-side or both.


#18

So perhaps we should just leave it at the investigator would be able to see replays of ALL servers, official or not?


#19

In this theoretical idea of an overwatch system whereby “investigators” are jurors that democratically vote if someone is cheating, not cheating, or perhaps undecided, then the “investigators” would see replays from all servers that submit a report to the observatory similarly to how Rocketmod’s Observatory functioned.

Incase you’re unfamiliar, the Observatory website simply had a login (which was attached to your steam), and let you see a random case. When viewing a case you would be presented with an album of 10 or so /spy screenshots of the suspect on a server (server name, IP, or other information not included for anonymity)

You would analyze these screenshots as a investigator and take a humble, honest decision if this suspect is cheating or not. You don’t know their name, their S64ID, their profile, their avatar - nothing that would make you biased for or against them.

Then you choose if they were guilty or innocent.

I think you’re confused because you think the observatory is a place where random people can show up and pick a server and demand that it shows it’s replay to you. Thats definitely not how it works. A server moderator would willingly and consentually run a command that would send the log of this particular suspect to observatory, at which, then, the voting begins.

It would be like this on all servers that agree to this serverlist-wide ban jury system. If servers feel like this threatens their sovereignty to ban who they please they may opt out of it like so -


#20

pfff I never used the observatory tbh I’ve always had that shit toggled off because apparently it was glitched once in the past and it would kick people randomly and turning it off would fix it