• Riskable@programming.dev
    link
    fedilink
    English
    arrow-up
    36
    arrow-down
    3
    ·
    13 hours ago

    Excellent defense: “You sent me the packets revealing where all the other players were. If you didn’t want me to know they were behind walls why did you tell me precisely where they were?”

    Yeah, doing such checks on the server side of things is more computationally intensive but it would solve that problem entirely and you wouldn’t need client-side anti-cheat bullshit anymore.

    The first rule of network programming is never trust the client. How does anti-cheat software work? By trusting the client.

    • Maalus@lemmy.world
      link
      fedilink
      English
      arrow-up
      10
      ·
      11 hours ago

      It is impossible to do these types of checks on serverside. Your PC needs to know where to render the enemy character ahead of time, otherwise they’ll pop into existence after you are dead. Bonus points for packet loss. Programming games isn’t the same as validating input from some rando trying to log in on a site, it’s an unsolved problem that all games have an issue with - from FPS like CS, RTS like Starcraft 2, to mobas like League.

      • stinky@redlemmy.com
        link
        fedilink
        English
        arrow-up
        3
        arrow-down
        3
        ·
        10 hours ago

        Why impossible? Server-authoritative programming is common in PVP gaming, even high-performance recent games. I don’t think anyone is suggesting lazily loading chunks of player data like wandering into a new chunk in Minecraft. Just write efficient, clean code that anonymizes or encrypts player data so it can’t be read client-side.

        • Mojave@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          ·
          edit-2
          7 hours ago

          Okay, now the player data is encrypted and unreadable by clients.

          How will the client display where the players are without data…

          Why are you bothering to spend cycles sending this useless, encrypted data…

          If you mean to decrypt the player data once it reaches the client, then you have solved no issues…

    • MentalEdge@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      10
      ·
      edit-2
      11 hours ago

      “Oh no, we don’t need to worry about any sanity checks in the database, that’s all taken care of in the javascript frontend”

      I didn’t come up with that, but it’s the same logic. Actually expressing something like it in a professional setting could get you fired.

      Not in the games industry, though.

      • Maalus@lemmy.world
        link
        fedilink
        English
        arrow-up
        5
        ·
        11 hours ago

        Because there is a reason nobody does that serverside. Programming games and programming a service are two different beasts.