A new dedicated field helps developers describe the anti-cheat provider used in a game
Steam store pages received a new Anti-cheat field. Disclosure is mandatory for kernel-level anti-cheat solutions. And recommended for other anti-cheat solutions (like server-side or non-kernel-level client-side).
The field discloses the anti-cheat product, whether it is a kernel-level installation, and whether it uninstalls with the product or requires manual removal to remove.
Does anyone actually have a suggestion for a less intrusive alternative?
Do you realise how difficult and ineffective server-side anti-cheat can be?
Although it would be the only way to actually try and detect someone using a second machine for hacking/inputs.
All of this will become an increasingly uphill battle for the devs.
Write it in language that obfuscates code by default (Rust does that) and then it obfuscates again. Or do it the Valve way. Even though is very easy to crack their anticheat (the hacks and DLL injectors are basically for free both on Windows and Linux), they have other measures in place. E.g. Votekicking players, Overwatch and matchmaking against other hackers.
If security analysts have issues decompiling Rust malware, then it's obvious that it obfuscates the code. All they could get was an ugly Assembly. You can try it yourself by downloading Ghidra/Cutter/any other compiler.
Server side AC is hard, yes, but it's not less effective than client-side.... As it's security by obfuscation. If you can't genuinely detect from server view the difference between an human and a cheater, that means a cheater can create a cheat controller (either hid spoof or even mechanicallly moving a mouse) that will spoof the client side too.