Jump to content

[FAQ] Anti-cheats and choosing EQU8


NQ-Nyzaltar

Recommended Posts

Why adopt an anti-cheat system?

  • It’s no secret: Cheating is prevalent in many multiplayer games. It’s an even bigger problem in a Single-Shard metaverse with PvP, like Dual Universe. Therefore, we needed to put several safety measures in place to ensure a fair game for all players. Our client anti-cheat implementation is one of these measures.
  • The main goal of the EQU8 anti-cheat system we adopted is to prevent modification of the game client as a lot of cheats rely on these modifications in order to access hidden data, automate actions, or display extra information to the cheater. For example, a "wall hack" usually reads the other players positions in the game memory and overlays these on the game’s interface. The anti-cheat system has other roles too, but we don't want to enter into too technical details here.
  • We’re no anti-cheat experts, especially client-side. On the other hand, EQU8 has a dedicated team working on it full time. They also gather experience from other games, so it makes sense to use their solution, which is already up and running, as well as their experience and availability to help us in that regard.

 

Why using a client side solution instead of securing the Server ?

 

Client-side security is usually considered a bad thing, as the computer is controlled by the player. Indeed. In an ideal world, all controls and all security measures should be server-side. 

 

However, there are two good reasons to also use a client-side anticheat:

  1. There are controls which are difficult to implement server-side, and which we don’t have any clever solution yet, nor the time to work on for now. For example, loading the game physics for all players at the same time, and ensuring no one is passing through walls, is nearly impossible to do in real-time.
  2. In security, there is also a notion called “in depth defense”. It acknowledges a system can never be 100% secured and thus requires several layers of security. If one fails, the second prevents further escalation.

 

We know a client-side anticheat cannot be 100% bullet-proof. However, it does increase the technical requirements of any client-side attack. The better the anticheat solution is, the more skills and time are required… up to the point where the effort is not worth the gain.  This means two things: less active cheats in the game, and more time for us to identify those who fall between the cracks. Of course, it does not mean we are leaving our Server unprotected; Another reason why we delegated the client-side anticheat to an external partner is that it leaves us more time to work on the Server. And just to be clear, what we’re saying is not a challenge to attract any sort of attack here ?

 

Why EQU8?

  • It’s less intrusive than other, similar third-party solutions, and aims to respect players' privacy.
    For example, EQU8 only gathers information when the game is running (and few personal data altogether). They also insisted to not get any personal data from us (like players emails or username); we only send an anonymous player identifier. You can check their FAQ at https://equ8.com/faq, and their privacy policy at https://equ8.com/assets/privacy.pdf for more details.
  • It has low performance impact (actually, it’s almost imperceivable) and good reputation regarding false positives and potential crashes.
  • The EQU8 team is very responsive and engaged. This is a big strength of theirs, and we greatly appreciate their unconditional support!
  • The solution is very flexible and configurable, which is important because Dual Universe is a complex game that often requires specific tuning.
  • Oh, and the most important: it detects cheaters efficiently. ?

 

Launcher changes

  • The anti-cheat needs to install a Windows service on its first run to work properly. This requires administrator privileges, which is why the launcher requests them. This service only runs with the game. If the game is stopped, so does the service. Please also keep in mind that stopping the service on purpose triggers a kick, as it’s interpreted as a cheating attempt.
  • The launcher currently requests administrator privileges on each launch. This is a bug which will be fixed soon.
  • With the introduction of the anticheat, the client will refuse to start if run directly from the binary (Dual.exe). This is expected and is a technical constraint. You need to start the game from the launcher every time.

 

What is authorized or forbidden

  • Modifying the game files is forbidden, (except for the "Game/data/lua" folder (this is the only location where you can add or modify files).
  • Modifying the game cache is forbidden (by default it is located in the directory C:\Users\<user>\AppData\Local\NQ\DualUniverse\) ;
  • Reading or modifying the game memory is forbidden.
  • Disabling, modifying, or attempting to evade the anti-cheat in any way is forbidden.
  • Playing at the same time with two or more accounts is authorized, but please note, that any form of automating multiple accounts is forbidden
  • Helping someone, or driving someone, to do forbidden actions is obviously forbidden too.
  • Discovering or knowing an issue, bug, or exploit and benefiting from it instead of reporting it to Novaquark is forbidden.
  • Sharing accounts between different people is forbidden. Any action performed on your account is the responsibility of its owner. The Customer Support team won’t be able to help regarding any issues happening due to account sharing. The owner is responsible for any action made with the account.
  • Trying to degrade the game performances of other players for any reason is forbidden.
  • Creating new Lua files for debugging purposes is authorized as long as these are new files imported from in game scripts. In this case, you should put the files in the Game\data\lua\ folder to be able to import them.
  • Using macro programs (like AutoHotKey) or similar hardware tools is authorized as long as you don’t automate gameplay. We consider gameplay as automated (and, thus, forbidden) when the macro or script:
    - Takes decisions based on game feedback
    - Executes actions for more than a few seconds
    - Executes without any user input or when not actively playing the game.
    For example, using a macro to keep a button pushed instead of maintaining it is authorized. But using a macro to send a message every hour is forbidden, especially if you are not even in front of your screen.

 

What happens to cheaters ?

  • Our policy is to not issue automatic bans. There is always a human review when the anti-cheat system detects any unauthorized behaviour. Nonetheless, you may temporarily be kicked out of the game if the anti-cheat cannot initialize correctly.
  • Sanctions include (at the discretion of the Novaquark team):
    Removing access to the game, temporarily or permanently (aka ban),
    - In case of recurring offenses, the player may get a hardware ban (in this case, the player won’t be able to play the game with any current or future account, even if those accounts were never used for cheating).
    - Plus any action required to revert any change made to the game world (removing Quantas or items, restoring constructs state, etc.).
    - This list is not exhaustive and may be updated by Novaquark as the team sees fit.

 

Why is it forbidden to modify Lua files or import custom DLL ?

 

We know some players or organizations have used local libraries (aka. DLLs) with great success and with good intentions. 

However, this option gives unfair advantages compared to pure in-game scripts (extra CPU capabilities, the ability to execute Internet requests or load/store data on the computer disk for example).

 

Moreover, we don't want players to massively share and use these custom libraries because it has severe security and privacy implications that we cannot control and we want to protect our players (for example, a player in an organization would need to install the organization library to use its scripts and constructs, but this library may as well read all his/her files without his/her knowledge nor consent on the disk, and send them to the author or do almost anything on the computer). Keep in mind that libraries could contain malware too. You don’t want that.

 

Finally, adding or modifying a DLL allows users to modify the game behavior in an arbitrary way, which directly leads to heavy cheating. For example, it allows access to the game’s memory and to escape the anti-cheat verification. We can't secure this at all, so player-made libraries are clearly a no-go security wise.

 

Therefore, after careful examination, we decided to forbid any modification to the game files. This restriction also includes the local Lua files as they contain security measures to ensure the game integrity and players privacy (for example, you could load a library by editing the global.lua file; this file is also responsible to make sure in-game scripts cannot read personal documents on your computer). The exception to this rule are files found in: "Game/data/lua" folder (this is the only location where you can add or modify files

 

Developers may still create new Lua files for debugging purposes if they want to (these files will be under control because global.lua is loaded first and sets up safeguards for any file loaded after itself).

 

 

Could player-made libraries be integrated after NQ’s validation ?

 

Having a process to submit, review, and integrate libraries looks good on the paper. However, code review is a tedious process. It is a lot harder than checking an image. There would be technical challenges to integrate them into the game too. Also note that we don't want to transform Lua scripts into full-fledged operating systems. They are simply supposed to be lightweight scripts, not full-fledged operating systems. ?️

 

Thus, we don't want to engage this process, at least in the near future. We simply don’t have the time or resources for this at the moment.

 

 

EQU8 is not compatible with Linux / consoles

 

Unfortunately, EQU8 does not work under Linux, even with Wine. This is due to the Windows functions it uses to protect the game’s integrity, which are different from other operating systems. This is a trade-off we had to make between having a fair game (without cheats) and compatibility.

 

Most players and games are on Windows. Thus, very few anti-cheat solutions support Linux (even less with good support). Because of this, we did not find an anticheat solution which works on Linux and suits our needs. However, please note that this decision doesn't prevent us from adding an alternative anti-cheat solution in the future, in case we decide to officially support Linux systems or consoles later on. Nothing prevents us from having a different anti-cheat for each platform. ?

 

We hope you found this FAQ about anti-cheats useful and helped to understand better why we chose EQU8.

 

Best Regards,

The Novaquark team

 

Last updated: October 5, 2020

Link to comment
Share on other sites

Would players utilizing Linux or some flavor of Linux still be able to use a virtualized architecture featuring Windows as the main OS or is this going to inhibit those who are using virtual machines to bypass the need for Wine?

Link to comment
Share on other sites

Id like to know what the official stance is on multiboxing (which is basically the same as having friends or family play on the same connection from server point of view). 

 

Running multiple accounts on one machine is a no go and is obvious, but id rather not get myself and friends banned for hosting a lan party over a weekend or something lol.

Link to comment
Share on other sites

1 hour ago, NQ-Nyzaltar said:

Playing at the same time with two or more accounts is forbidden (having several accounts is fine as long as you only play with only one at a time).

Does this restriction include running a second account on another PC, where the player character only stands near a control unit (programming board) and does not do anything else?

 

Until headless Lua clients are added to the game, there is no way to keep a Lua script running while the player is offline or out of range.

Link to comment
Share on other sites

Well NQ, to be honest, yes these steps you made are totally necessary, BUT the DLLs gave us features you still didn't gave us and that are absolutely required.

 

These are for example:

- external requests for receiving and sending data to our own apis (VERY IMPORTANT)

- a json encoding/deconding that is not stupidly slow

- communication between programming boards

- and more

 

The coder community in this game is big and needs more specialized features to make this game as great as it deserves to be. But if you restrict everything and give us nothing back, I don't know how long coders will stick to the game.

 

I am actually quiet disappointed how coders get ignored and handled like 2nd class people.

Link to comment
Share on other sites

1 minute ago, WildChild85 said:

Well NQ, to be honest, yes these steps you made are totally necessary, BUT the DLLs gave us features you still didn't gave us and that are absolutely required.

 

These are for example:

- external requests for receiving and sending data to our own apis (VERY IMPORTANT)

- a json encoding/deconding that is not stupidly slow

- communication between programming boards

- and more

 

The coder community in this game is big and needs more specialized features to make this game as great as it deserves to be. But if you restrict everything and give us nothing back, I don't know how long coders will stick to the game.

+1 to all this!

Link to comment
Share on other sites

17 minutes ago, Jey123456 said:

Id like to know what the official stance is on multiboxing (which is basically the same as having friends or family play on the same connection from server point of view). 

 

Running multiple accounts on one machine is a no go and is obvious, but id rather not get myself and friends banned for hosting a lan party over a weekend or something lol.

This rule existed in so many MMORPG's over the billions of years since they existed. I have a feeling this be used more against people who are using it in abusive nature.... But I like to see some clauses like keeping LUA Scripts going at a base, etc. 

Link to comment
Share on other sites

22 minutes ago, Dodgin said:

Playing at the same time with two or more accounts is forbidden (having several accounts is fine as long as you only play with only one at a time).

I'm a bit curious about this - are they talking 'same machine', 'same external ip address' or 'same household'?  We have three gamers in the house, two of which actually PLAY DU.  And sometimes we sit at different machines in the house while doing so.  I might sit at machine A for the first half of my day while my other half uses machine B, but then in the evening I might be sitting at machine B while my other half uses machine A.  

Link to comment
Share on other sites

"Playing at the same time with two or more accounts is forbidden (having several accounts is fine as long as you only play with only one at a time)."

Please reconsider this. People who want to multibox will not stop because you simply say their not allowed. It just raises the barrier to entry for people who want to. This game involves a lot of waiting around if it's for industry or slowboating and allowing people to do fun things on an alt allows them and others they play with to have more fun playing the game.

Link to comment
Share on other sites

4 minutes ago, Kane Hart said:

This rule existed in so many MMORPG's over the billions of years since they existed. I have a feeling this be used more against people who are using it in abusive nature.... But I like to see some clauses like keeping LUA Scripts going at a base, etc. 

those mmo normally are clear on the number of connections allowed by IP, or if its single connection per network or per machine (well, per machine is obvious as i said and is pretty standard, per network tho is rather rare due to the whole shared connection thing with family or dorm and whatnot.  but the ambiguity in this case is annoying. 

 

Id rather not discover it being 1 per network on the weekend we plan off to game all day (happened to us on Path of exile and well that pretty much made it so we never played again lol). 

If we know in advance, its fine even if its 1 per ip. Were not computer illiterate, we can setup proxy server on some high quality networks and still each have an ip, but knowing if its needed or not is rather important. 

Link to comment
Share on other sites

5 minutes ago, Jey123456 said:

those mmo normally are clear on the number of connections allowed by IP, or if its single connection per network or per machine (well, per machine is obvious as i said and is pretty standard, per network tho is rather rare due to the whole shared connection thing with family or dorm and whatnot.  but the ambiguity in this case is annoying. 

 

Id rather not discover it being 1 per network on the weekend we plan off to game all day (happened to us on Path of exile and well that pretty much made it so we never played again lol). 

Interesting. My fiance and I play PoE on the same network all the time. No problems. o__O

Regardless, we also both play DU. Though we haven't had any issues playing on the same network for ages with DU. 

Link to comment
Share on other sites

8 minutes ago, Jey123456 said:

those mmo normally are clear on the number of connections allowed by IP, or if its single connection per network or per machine (well, per machine is obvious as i said and is pretty standard, per network tho is rather rare due to the whole shared connection thing with family or dorm and whatnot.  but the ambiguity in this case is annoying. 

 

Id rather not discover it being 1 per network on the weekend we plan off to game all day (happened to us on Path of exile and well that pretty much made it so we never played again lol). 

If we know in advance, its fine even if its 1 per ip. Were not computer illiterate, we can setup proxy server on some high quality networks and still each have an ip, but knowing if its needed or not is rather important. 

More and More remote communities are under 1 IP in Buildings, Schools, etc. 1 Per IP would be insanity in 2020. 

it also states "Playing at the same time with two or more accounts is forbidden"

So in my books unless your playing someone elses account and your own at the same time and that is talent I can't see any rules broken.

Honestly the word playing normally means direct Interaction. I can even see them letting us use an alt to run LUA scripts as long were not playing it actively as it be sitting on a box in the corner with anyone "playing" 

Link to comment
Share on other sites

50 minutes ago, NQ-Nyzaltar said:

EQU8 is not compatible with Linux / consoles

 

Unfortunately, EQU8 does not work under Linux, even with Wine. This is due to the Windows functions it uses to protect the game’s integrity, which are different from other operating systems. This is a trade-off we had to make between having a fair game (without cheats) and compatibility.

 

Most players and games are on Windows. Thus, very few anti-cheat solutions support Linux (even less with good support). Because of this, we did not find an anticheat solution which works on Linux and suits our needs. However, please note that this decision doesn't prevent us from adding an alternative anti-cheat solution in the future, in case we decide to officially support Linux systems or consoles later on. Nothing prevents us from having a different anti-cheat for each platform. ?

 

OK, so best as I can make out here, they are either saying that you can't play the game on a Linux machine (sux for Linux Users), or, you can play the game on a Linux machine, cheat your azz off and not get busted.  ?‍♂️

 

Hide In The Bushes GIF - Hide TheSimpsons Bush GIFs

Link to comment
Share on other sites

I've been having issues logging into the game, and filed a ticket with the team after following the guidelines outlined in the FAQ. The team replied back that they saw anti cheat was being triggered. However I garintie I have not attempted to cheat in any way and even closed all applications to ensure no conflicts. 

 

So, first what are you all doing to ensure the anti cheat program doesn't produce false positives? 2nd, what is your review process for players that are "accused" by the ati-cheat?  

Link to comment
Share on other sites

I noticed the other day while troubleshooting Factorio that EQU8 made some rules in my firewall. Not unusual, most game I've installed do... for inbound connections.

 

Only EQU8 made rules in the outbound direction in my firewall. Not even other Anticheats I've installed have outbound rules.

So I'm curious as to what it does, and why it's needed. I know you probably don't know the answer, but maybe you can bring it up with EQU8.

 

Also the link for the faq has the comma in it, which is breaking the link.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
×
×
  • Create New...