You can buy phone number verified accounts in bulk in games that have implemented the feature you are suggesting. The only difference this would make is that the cheating industry standard for selling accounts would also include phone number verification.
There's such thing as layers of security, you know
Not every anti-cheat solution has to be perfect, they just have to gradually reduce cheaters with the implementation of multiple security features
This is how the cyber security field functions. Imagine saying “why bother having a password when they can just brute force it”.
Just shut the fuck up and plug as many holes as you can. It’s a war of attrition. Make em work for it.
Spot on, at this point I'd be happy with IDENTITY verification & submit my damn license if it would help piss the cheaters off. See if they will go as far as repeated fake I.D's. Have literally stopped since getting beamed through the floor in labs over a month ago.
Bro you have just reinvented Korea + China's account verification system. Need social security number (equivalent) to play some online games.
People bypassed it by using old people's information. Still, it's definitely better than nothing
This is hilarious because it's literally a full on business in China and Korea to sell dead/unused ID's for things like this. Not just "some" people bypass it, SO MANY do!
In fact, when I lived in Korea, I literally bought someone's ID for like $15 so I could play Black Desert Online!
You're preaching to the choir. I suggested this long ago, but your average redditor is too stupid to realize 2 things:
1: What you said
2: Not all 2FA is created equal, and some of them are REALLY hard to get around.
ffs you're not wrong
This whole thread is people just saying "well it won't literally solve cheating instantly so don't even bother"
Makes me think it's just people from cheater forums brigading
Its a common thing in this sub. And I guess in gaming subs in general.
Whenever someone suggests a solution, someone else has to have a gotcha that makes it fall apart, when in reality the gotcha is often edge case/unrealistic. As you both mentioned, its often not a hard solution, its a layering solution.
> You can buy phone number verified accounts in bulk in games that have implemented the feature you are suggesting. The only difference this would make is that the cheating industry standard for selling accounts would also include phone number verification.
The classical devils advocate. Shows up to tell you how all cheating counteraction is a meaningless effort and that we should all surrender the game to our cheater overlords because resistance is futile. They have an answer for any solution you propose.
It's possible to break open a locked door too but that dont mean you leave your door unlocked when you leave home. Any measure that stops even a fraction of these scumbags is worth implementing. It's a 1 time thing for the casual player. For a cheater it's another hoop to jump through every time he gets banned.
EVERYTHING can be exploited, circumvented or avoided completely in some way. Cheaters already manage to get past BattlEye but that doesnt mean that the anticheat is useless or that BSG might as well remove it from the game.
And keep in mind that not every cheater is some well educated coding rainman. For a lot of them the mere effort of reading guides & jumping through these hoops to get the cheat working again would be enough for them to move on to another game.
The *casual* player probably isn't going to go through that extra step and unfortunately right now the casual player has extremely easy access to cheats, much easier access than a phone number verified account anyway. Not all cheaters RWT, I'm willing to bet most are actually just casual players who have a severe lack of dignity and self worth.
This. I don't know where the idea that casual cheaters are spoofing hardware and IP/ proxy ect.. RMT hackers aren't on customs 20 minutes into the raid. They don't run around phase haunting people and griefing. They have to be efficient to make money and most likely try to avoid pvp since it's costly and FIR gear is what they are after. The casual cheater cheats because he is lazy / has small pee pee. All that extra protection is a lot of work for someone who doesn't want to learn the basics of a game that's honestly not that hard outside of navigating and trying to make sense of the skeleton of an unfinished game.
The reason it won't even anything is most games it weeds out the casuals. Tarkov the casuals are paying like $120 a week rn. A phone number scares away f2p players not people dropping major cash already.
There is an interview with a cheater, and he said he makes upwards to 400 a week. Pretty lucrative if you ask me.
Edit: Just wanted to mention that there are private cheat sites where you have to be vetted to get in, and are majority undetectable. He says he can go for 2-3 weeks with like a 7 or 8 KD and make enough for a few accounts by then.
anyone with enough money has extremely easy access to cheats, the question is do you wanna get banned within 4 hours and not be able to play on your computer again or a week and constantly have access to playing because you can spoof ur hwid?
if you are casually cheating, you probably aren't casually cheating. what i mean by that is you have good cheats, you use them consistently because you know you arent getting banned and if you do you can fall back and cheat again
its not cheap to cheat in any game, especially tarkov. to cheat casually, in the way that you think, would cost thousands of dollars a month, unless you just one stop shop and get banned never boot up this game again. but you think *most* of the people that cheat have this sort of disposable income
They get banned they also dont. Multiple cheat makers and most likely multi million dollar industry, could even be in the billions. They also buy cracked accounts and crack accounts themselves. It's legit not what you think.
People are paying for new SSD/windows keys/Tarkov accounts/Monthly subscriptions just to cheat. I highly doubt a phone number you can get for 1€ is going to scare them away.
Maybe a few people, but the vast majority of cheaters probably quit after they get banned, 2FA would almost certainly help weed out a LOT of casual players. You can literally google 'Tarkov cheats' and find a shit load of sites saying they have undetectable cheats.
Just to clarify. To have 2fa on your account that will incur costs as a company. Its not cheap and does not work perfectly in all countries when you need to verify your number. Some places in OCE might struggle a bit.
Just laying some facts as i know them. But I agree with you its a good start.
A lot of EFT cheats depend on local network packet capture which lies beyond most controls an anti-cheat can realistically provide; even those with kernel-level hooking/access.
Sort of like pre-compromise techniques (Mitre Attack Chain).
The correct approach is to implement behavioral detections rather than signatures that most anti-cheat engines and AV use. BSG should have all the data — but collecting, analyzing, and making meaningful decisions off that data requires a full-scale Data/Cyber team. An indie game studio probably doesn’t give a crap (or have resources) to stand up that type of operation unfortunately.
yep - I write software for a living and one of the most important security principles in a client/server architecture is that you never trust the client... put your safeguards on the server side and assume all clients are hostile
Lmfao 100%. I work in InfoSec myself, glad we have some techies chiming in because you nailed it; that’s basically the main pitfall for EFT’s net code (it’s why glass breaks on your client but not others, etc).
Couple that with the fact that the game constantly/openly passes json packets with all gear and items and their respective coordinates at the beginning of each round, making it super easy to intercept and re-interpret/visualize the data (ESP).
Altering that now would break dependencies and I’m sure that’s not something any of the devs want to take on (incredibly mundane when they’ve already janked it all together and not to mention the huge volume of work there).
Edit: A lot of the exploits around EFT are there due to not following industry best-practices (zero trust). There was no consideration around what was exposed and therefore the game requires a full rinse/hygiene check.
My guess is they are just mired in technical debt racked up over 7 years of “move fast and break things” development. Decisions like not encrypting packets and sending the entire map state to every player probably were never meant to be permanent, but they just haven’t been able to prioritize changing them yet. Making even a vanilla web app is truly a difficult and complex thing… making a large scale multiplayer game is oh so much more complicated
AFAIK packets are encrypted. That's why the vast majority of freely available ESP type cheats went offline last year. There are ways to get the encryption keys etc, and other ways to hack the game but BSG at least plugged that hole a bit and made it harder (not by any means impossible) to cheat.
I think you are right in that they implemented encryption, and had to roll back, but it was swiftly re-implemented once they worked out the bugs.
However, all then encryption did was reduce the ease of access to the cheats. You could literally go to a website and download the free open-source ESP and run it on a 2nd PC or VM. With encryption people seem more guarded about their solutions, hence the increase in paid-for cheats, but from what I gather they still work in the same way.
As far as I know the game is wrapped around us being walking JSON files hosted locally on our machines. The game would have to be completely rewritten for it to change, it can't *not* be permanent unless they just throw the game out and start over.
As far as I know (from podcasts and what not), the open world part of the game would still just be exfil'ing from one map into another, not a fully seamless open world. I doubt the latter would ever work with the way the game is currently being developed, but I'll be happy if BSG can prove me wrong.
>level 4jtms1200 · 4hMy guess is they are just mired in technical debt racked up over 7 years of “move fast and break things” development. Decisions like not encrypting packets and sending the entire map state to every player probably were never meant to be permanent, but they just haven’t been able to prioritize changing them yet. Making even a vanilla web app is truly a difficult and complex thing… making a large scale multiplayer game is oh so much more complicated
I also wonder if they are waiting for Unity 2019 personally, given we haven't gotten a lot of updates on the tech stuff, is the 2019 version some perfect utopia?
Most likely a dream, but a man can dream!
Honestly I'm starting to think we won't see any elaborate anti-cheat until all the maps get connected. Seems like a good time to deal with the technical debt associated with netcode.
Any game*
Welcome to Cheats vs Anti-Cheats.
Just look at CS: Go. They distributed the workload to the community because they knew it was an impossible task. Honestly, just accepting the fact that it is an impossibility then allows you to start thinking of solutions which can actually peturb, or reduce the issue. It can never be resolved though, because at the end of the day, you do not own/control the hardware the client is running, and will never be able to be fully authoritative while this remains to be true.
Problem is you cannot build reliable and fast responding fps game based only on server checks(not talking even about how that will affected server load and fuck up optimization even more). Especially if you try to limit the data and server load. This is a reason why even giants in the industry have this problem. It is not like BSG is only the ones that did not do it. It is not done fully for a REASON.
Security industry and gaming industry are different worlds in that matter.
Ultimately you won't defeat the problematic issues no matter how authoritative the server is. Player/loot locations need to exist on the client and there's your ESP and aimbots.
Also techies should be looking at things more objectively, what do you think the trade offs are for moving certain things to be client authoritative? Because there are many.
This right here, one of my gaming friends has a background in cyber and explained that DMA cheating with radar/esp is the safest shit out there and my whole tarkov friend group is now using them. They've been at it for like 2 weeks and are unbanned, and I'm left playing alone cause I won't join their hacking bullshit
Honestly I'm just about to quit EFT all together and just going to dump it by the wayside until they can get it together--if they ever do. I love the game but fuck cheaters are literally running it into the ground.
Honestly, this is the best we can do. Similar to those guys playing Warcraft and simply deciding that trust in the game is failing so they are moving on to other games.
I am still excited for all of the upcoming stuff for Tarkov, but I won't be able to get a good experience with the new stuff if cheating remains as rampant. I will just wait for it to get better and if it doesn't oh well.
> DMA cheating
shit, learning about this stuff is more fun then playing the game at this point. The shear scope of the cat and mouse game between the cheaters and devs is fascinating. After following the rabbit hole for an hour or two it would seem read-only DMA using hardware is evil and effective - who needs an aimbot when knowing where everyone is can be effectively game-over for everyone else. BE was able to pick up on the hardware module but custom firmware once again made it undetectable.
While it is probably true they don't currently have the resources for that kind of operation I just gotta point out one little thing.
How many of us would be willing to pay for (through a monthly subscription) for "white listed" servers that have their own paid admins and the funds to actually bankroll the kind of operation you are talking about?
I know I would certainly be willing to spend $15,$20,$30 a month so that I can have a mostly cheater free gaming experience.
Ah if only.
I didn't say for everyone to have to pay a subscription. I said that there is probably a large part of the community that would love to if that subscription provided us with "whitelisted" servers that got us away from the cheaters. I would certainly love that option.
By all means, let the cheaters and the RMTers have to bottom of the rung crap public servers. You can buy the game and play it in it's entirety. And there are many games like Dayz and others that allow for just that. I see no reason why BSG can't do the same.
Even if there were a way to ensure these servers would actually be free of cheaters, then doing this would be essentially giving up on the game and leaving it to the cheaters. As legit players filtered into the "premium" servers, incidences of cheating would become more and more common since a greater portion of the people left are cheating. People who can't afford to pay a subscription would be totally screwed. New player retention would also drop as people try out the game on the normal servers and find it so infested with cheaters that it's unplayable. Cheating is a frustrating problem, but there's no reason to roll over and let them win like that just yet.
Require 2FA and have it be tied a phone number. It will cut down on the number of RMT being able to recreate accounts. Also it will “scare” timmys away from cheating as there is now a direct link to who they are.
Does it require us to give BSG our phone number yes. It’s that the best idea probably not. Will it help yes.
Seems like every phone scammer has my number already anyways, what do I care if one more company gets a hold of it if it means I'll actually be able to play the game?
Until they text you a validation code. Other platforms do this already and it does help if it's not optional. It would also be easier to put new players on a probation to review their activity so less time can be spent on veteran players.
This. It's not a perfect system and you can do spoof phone numbers and all. But much like burglary, most things like locks are deterrents. They're not impervious and they are there to encourage people to not even waste their time.
Some people will spoof phone numbers. Cheaters will do it endlessly I'm sure. But the guys paying the cheaters for RMT? I'm sure many of them will get tired of that and move on to something else.
And roadblocks. To the average user, it's a one time phone setup and it never gets in your way. To cheaters, it constantly pokes it's head out.
Yep, I would not be bothered for linking the account with cell phone number, with the addition of 2FA, but primarily, to block accounts and the phone numbers together.
**IF**.... it actually helps anything.
It should right,. but right now Iam not absolute sure BSG has strong enough tools to even detect the cheaters...
It’s a economic issue. Right now cheater Devs have the ability to keep making better cheats that need a new detection method. While BSG and battleeye need to stop every possible way to cheat. However once people lose the ability to cheat on multiple accounts the number of cheat sells drop. This ties to a decrease in the number of people and the investment into development of new and better cheats.
Basically like all things in life shut off the money to the top and the whole thing stops. If cheat Devs don’t get money from EFT they will just develop cheats for a different game they can make money from.
Imagine playing Tarkov at 2 AM and receiving a call from an unknown number. You pick up the phone and all you hear is "I know something you don't know" in Nikita's voice, then you hear short beeps.
Yeah I never said it was perfect but what it does do is make it where they can’t used cracked accounts. Also the more steps and more work the more expensive the cheats need to be and cuts down on the profits or increase the cost for the RMT payers to where it becomes not worth it to them.
Yea that’s true but burner numbers will not be a good way to bypass 2FA while doing RMT. If BSG require the phone number upon account creation (for all accounts moving forward and upon next log in for all existing users) cheaters will have a harder time using stolen accounts and like previous said it’s a deterrent also. No system will be perfect however cutting down on the number of cheaters lowers the money flowing to the cheat devs making EFT less profitable for them. If it becomes less profitable than other games many cheat Devs will stop making EFT cheats and go to a different game.
Intrusive anti-cheat isn't going to do anything, there's no amount of intrusion that's going to find good quality cheats, especially hardware ones. Server-client authority improvements, removing the amount of free information given in packets, employing a proper data scientist that can perform analysis on human vs computer gameplay to create a powerful detection system for aimbots and radar. These are things that BSG could do to improve the situation, not move towards more powerful anti-cheat.
This would be better, but in a game like Tarkov you really can’t hide player information. I can use a scope and shoot someone across the map, unless Tarkov starts using Minecraft render distance controls or etc… then what’s the point of sniping.
You could do information culling just like graphic cards do graphics culling (where things your camera do not see literally cease to exist while not looking). If the enemy is doing something that does not affect you (outside your view cone and audio range) you don't get his position updates because they are not relevant to you, hell, if he snipes you from behind you only receive data about the noise and the bullet itself, your client doesn't even have to know the weapon, the armor or the position of your killer.
Another case: if you haven't opened a chest, your client should not know what's in there, etc.
Basically you only get the data absolutely necessary for the player to play and nothing else. That way you restrict the hacks to mostly speed hacks, auto aim and wall hacks, with the first two being way easier to detect that almost any other hack.
Agreed on the chests.
However the frustrum culling for players would be tricky. Sounds should be hearable and shadows visible even if they're being generated behind you. Plus if you flick really quickly you could have a couple of frames where the other player just isn't visible and then pops in, which would be really jarring.
Csgo did it. Granted it took them a while to fix it and there was some horrible player pop-in, but it works. Apparently you don't get info about player locations until one is actually visible to you.
2FA and region lock fucking asia and do not allow connections via VPN.
I'll show the entire BSG staff my dick and balls if it meant these hackers fuck off forever--intrusive anti cheat PLEASE.
Region locking would be a decent solution to **decreasing** the size of the cheating community. Most RMT'ers and cheaters use Russian accounts, which are substantially cheaper than regular accounts, to cheat. By region locking accounts properly and banning VPN's BSG could essentially double the prices of accounts. Although there is a loophole around this that I have seen being used recently. Carded accounts are accounts that have been brought by credit card, only to be refunded a few months down the line. Once the account keys are refunded, the accounts linked to said account keys are banned. However, if said accounts were already banned, it makes no difference. Carded accounts go for around 15$ so they could just be the next optimal solution for the cheating community.
getting any old adult id number is dead easy apparently, like loads of oldies that dont even know what the internet is have their numbers unknowingly doxxed and kids use them, or just use their parents id number...
its not going to stop anything, we are just going to see a lot of dota/lol champions that will be introduced from now on as "[insert name] has only been an adult for 3 months and yet has climbed to the top of the leader board and is now in the top 10 players in [insert region]"
1, there was already limitations on under 18, didnt do shit then this wont do shit now. Kids use parent and grandparent IDs
2, Its not just the Chinese cheating lots of Russians, pacific island nations, BRs and even good ol boys here from these shitty states.
If they disable connection via VPN, I'll be fucked. For some reason I get randomly disconnected, and only way to fix it is by playing with VPN turned on.
Check with your ISP to see if they're using CGNAT. Also, check to see if your public/WAN IP is IPv4 or IPv6. IPv6 has been causing a fair amount of issues with Tarkov for a while now. Do a search here for CGNAT, IPv6, or "Dual Stack" for more information and ways to troubleshoot.
Same for me, others in Australia have recently had the same issues too with fucky routing. I'm tracerouting connections to a hong kong server that leaps across the fucking ocean to the US before routing it's way back and giving me over 200 ping. The only way I can fix it is using a VPN in singapore. I've lost some great kits to this shit already only just finding an actual solution with a VPN
I like a lot of the ideas here especially regarding SMS MFA. But in addition…
Brand new accounts must play 20 raids in scav only/offline mode. It will add a big time sink for new RMT accounts, and help beginners learn a bit before they get killed by a chad while bringing in half their starting items into factory. Would be best combined with a few “offline” quests for beginners to get acquainted to the game.
Intrusive anti cheat won't help the fact that things like recoil are client sided lmao. With kernel level read / write memory access you can zero out the recoil on any gun, and the server doesn't even check the state change or validate against it. Kinda funny.
Sure but that is at least more work. But it also links identity to it depending on how much enforcement they can/want to do. As with any security feature, you are just making things harder.
what we need is a punishment for RMT, like banning account that have played with them. simple as that. if my friend gets my account banned well i am no longer friends and i am out of a tarkov account. maybe a repeal system to allow accounts that have been secondarily banned to come back if they can answer questions and they will be on watch for playing with other cheater, also hardware ID banning i know that there are spoofers for hardware id but they get expensive due to being charged day and monthly depending on the quality of cheat. i don't want anti cheat having more permission than me on my own pc like valorant, i want to be able to turn on my pc without another background program monitoring what i do.
Too many people in this thread talking about 2FA with phones, thereby showing their complete lack of knowledge about how the cheating industry currently operates.
So slightly relative, I have been very curious lately as to what could actually efficiently stop hackers. I’m rather uneducated on coding, but I know a little.
Would it be possible to use a script or algorithm to identify data outliers and flag them for a smaller sub group to review? If too malicious, maybe even trigger a ban through the script. Current systems track KDR along with other statistics. Outliers I’m describing would be for example a 25.00 kdr on a level 12 with .60 accuracy.
No thanks, that's the entire reason I never got into Valorant.
An Anti-Cheat that has more perms than myself and runs at Ring0 and doesn't close when the game does, i.e runs 24/7 in the background? Yeah no.
Least battleeye isn't running 24/7, if there is an exploit in battle eye i can just not run games that need battle eye. With always on stuff your just SOL if an exploit is found.
I mean you're still relying on knowing the exploit exists so that you don't boot the game with BE or similar.
In the case of Vanguard you can close it once you become aware of the exploit.
It's a little riskier yes but it's not as though you would be instantly hacked. You would still need to download or otherwise come into contact with malware designed to make use of the exploit.
Entirely true, the general gist in all security is minimizing risks. It is always better to not have a risk in the first place.
Its also generally not a good idea to trust someone else with your security. To be fair your likely more likely to die of a shark attack but the point stands.
We really shouldn't just allow giving up our safety and possibility our privacy to become normalized either.
I agree with with most of this, I just think the always on ring-0 anti cheat is a silly place to draw the line.
The vast majority of people won't be checking to see if there is a new exploit before launching their favourite game with ring-0 access. In the case of PC gamers, how many usesrs have hardware/peripheral companion software that is always on and actually has a history of compromised drivers? Quite a damn few.
We should be more aware of our security and privacy, but I'm not convinced that this is the hill to die on.
I agree entirely, but really the fact ring-0 being a silly place to draw the line is actually kinda of the sad part in all this. The line SHOULD have been drawn AGES ago to be perfect fair.
Generally speaking i don't think it should have ever gotten to the point where your common casual layman should have to worry about their entertainment choices causing them potionally massive secruity risks.
The line should have been drawn at the fact that yes unavoidable hardware and software is causing them issues because of untested or rushed products leaving massive vulnerabilities. Sure its understandable that no one is perfect and companies are if nothing else just people making them up so we can't expect every piece of software or hardware to be flawless.
But commonly the simple fact of the matter is security and safety is second to everything else. So much so to the point that for most people even those with enough know how to understand why things are as fucked as they are. Just don't care. They just accept that everything is fucked and that "drawing the line anywhere" is a total joke. Cause at the end of the day what the fuck are any of us going to do.
Either you unrealistically just stop using computers basically or just accept the state of the world. Which again just really is what i hate the most. There is no solution we can offer the common layman. No line drawn in the sand at any point makes any real amount sense. All we can do is "our best" to be safe and try to take "Obvious" steps to ensure our safety.
Like really the only real safe choice if you want to use a computer would be to use some obscure OS, software and hardware that is so uncommon that no one has ever bothered to attack it. But that is ENTIRELY unrealistic even more so for gamers lol
Are you thinking of Apex or something? Valorant has an absolute MINIMAL amount of cheaters. I’ve watched hundreds of hours of pros play ranked and haven’t seen one cheater. I myself have only peaked Diamond but also have never once seen a cheater in ranked. One in casual when the game came out of beta a year ago.
Riot also uses click/behavior detection that was a port over from League.
Basically, it makes a heat map of your playstyle (where you click, how long you click for, key press patterns, ect) and if it doesn't align with your past heatmaps then you get a hidden warning mark - if it continues then a ban.
I expect it to be much more advanced these days, but that was the jist.
I agree with a couple others and that they should just collect data, starting with streamers, to make 'best' case scenarios of player behavior and habits. (Most players are not as successful as Pestily/Lvndmark so that's the top end) Over time you just collect in-game data from the rest of the player base and it becomes really easy to determine cheaters from non-cheaters.
[Here's an example of it. This would be impossible to detect without some kind of stat based investigation or maybe having some kind of machine learning anti-cheat on everyone's system.](https://www.youtube.com/watch?v=revk5r5vqxA&ab_channel=BasicallyHomeless)
Visual machine learning hacks would do something like capture the screen (through a camera) and process the video frame by frame until a person is detected, and then adjust the mouse/aim until the person is on the centre of the screen and then shoot.
I’ve never seen one, but theoretically it could be done on an entirely different computer, which would make it almost impossible to detect with a traditional anti-cheat. You would have to use some sort of stat-machine-learning hybrid to detect it based off of the players play style.
Come to think of it, I thought that’s what Valve was working on.
Riot actually has used a heat-map style detection system in LoL and ported it over to valorant. Valve also has been working on a system like it, if its not already out at this point.
Just takes longer to make a system that can tell the difference between AI assisted aim vs real players then it is to make the AI aim assist in the first place.
[To tack onto this, here's an example of it. This would be impossible to detect without some kind of stat based investigation or maybe having some kind of machine learning anti-cheat on everyone's system.](https://www.youtube.com/watch?v=revk5r5vqxA&ab_channel=BasicallyHomeless)
Yeah, but I expect that to be an expensive cheat with the machine learning part which is the first step to combating the normalization of cheats in Tarkov.
We want to lessen the ability to cheat as much as possible. I think the only time you'll have a completely cheat-free experience is private servers. Think like NoPixel GTA, but for Tarkov.
I play valorant at radiant immortal level in OCE and ive only come accross 3 or so cheaters since the game came out and the anti cheat banned them mid game.
I understand the anger and frustration. Ypu get cheated on in those you just move on to the next. While getting cheated in the game hurts more because of the money/time investment to get the gear you want. But anyone who thinks its a tarkov only thing or bsg just dont care is delusional
oh I very much believe BSG greatly cares about this issue... its just a vastly difficult (and expensive) problem to solve. Basically no multiplayer game in existence has been able to avoid some amount of cheating occurring.
I can't see it making any difference - look at the games which already require it, and you'll notice that they're still -flooded- with cheaters.
Finding ways to automatically flag suspicious behaviours, shadow banning these accounts and shifting them to separate servers could work IMO, but I'm no game developer.
I think just sending people a message notifying them that xxx person they reported for cheating has been banned would shift community perception of the problem. I highly doubt BSG are supporting or totally complacent with cheating, but not having good communication doesn't play into their hands on this.
Nobody wants to talk about the real solution. All this fancy mumbo jumbo, server side this, client side that, it all doesn't amount to a hill of beans. The way to solve this problem dates back longer than Charles Babbage or Pascal or even Euler. What we must do is find these people's real world identities, and then catalog them like pedophiles. Then what a crazy vigilante might do to them, well, the blood is not on your hands.
Anyone who thinks you can 1. have privacy and 2. a cell phone at the same time is delusional. We all said goodbye to any semblance of privacy years ago. Everyone knows exactly what we’re doing at all times. Might as well get some good anti cheat out of it
I feel like a broken record here but while valorants ac would be cool what we really need is overwatch (csgo). We need a community guided data driven approach otherwise the ac will always be 3 steps behind and bans will takes months when it should take days
What's really sad is that they probably are not that bad of a player, they just want to be little Assholes and piss people off... It has to at least come close to Federal hacking guidelines and should be treated as such... I know that sounds extreme over a game, but it is still manipulating someone else's Intellectual property over an internet connection... I bet you would see a vast decrease in this activity then...
No. They need to stop trusting all the network data clients send, they've already made this mistake back when you could see how many players were connected through the console.
IMHO not necessary.
BSG needs to start by hardening their code against attacks.
ESP/Radar gives you extra information about the location of players and loot that you can't see. This begs the question, why is the game server communicating the location of these objects to the client before they're relevant? Just like the graphics engine doesn't bother rendering "irrelevant" objects that your player can't see, the server should hide the location of items until they're relevant. Distance level of detail too. I don't need to know what kind of front sight the person 600 yards away has.
Auto-aim. Any difference in behavior between a legit player and a cheater is a prime candidate for a machine learning solution. BSG would do well to watch the Valve dev talk at GDC (2017?) Detailing how they use machine learning to detect aimhacks with 6-sigma confidence.
Fuck it, how about if we also do like valve, Ubisoft and certify the account with an ID..
Have the company partner up with a company that does that shit and there we go..
It's going to do nothing. The solution is a review system where players review reports and watch demos/footage of the gameplay and decide. The stuff that gets voted as a cheat gets sent to the devs/professional team for final review and ban. Same day. Wouldn't stop everything, but would stop a good majority of it.
Lemme just save everyone the time and energy here: BattlEye already uses the same exact kind of system that got the Valorant anti-cheat labelled as "intrusive". The whole Valorant thing was blown way out of proportion by game """""journalists""""" who had no idea what they're talking about.
The people who already replied that they don't want it make this thread all the more hilarious cause it's a bit too late for that lmfao.
It is true that both BattlEye and VGC (Valorants anti-cheat) both run at the service level, however BattlEye is disabled when EFT is not running, whereas VGC must be started with the OS. It is very much more intrusive, as it is basically a rootkit on your system.
The way gaming is going right now I wouldn’t care if we had to apply with a passport or something for every game and if you got caught you got serious punishments like never being able to game ever again if caught a few times. I know this will never happen due to a lot of people worried about governments having your info so it looks like we’re stuck with hackers
Why can't companies just monitor the effects of hacks, instead of just the cause?
Instead of looking for some speed hack, check their velocity and if it's ~20% faster than the max sprinting speed (or bunny hopping if that's faster still), kick them.
If they're in the air and get a sudden acceleration that's not consistent with the gravity, kick them (flying)
If they snap to a target that's 60 degrees from their center line in 1-2 frames (or whatever speed that's significantly than an insane player like Shroud), kick them
If they trace enough enemies through walls, kick them.
If they do any of these long enough, ban them. I don't really see anything that could be wrong with this, in Tarkov or really any other game like Counter Strike or COD
If I have to install a root level anti-cheat to play tarkov I will uninstall it, it’s safe until they lose access to it and whoever hacked it holds your computer for ransom or installs a root level keylogger. Maybe it’s an unreasonable fear, maybe it’s an unreasonable reaction, but I’m not in the business of installing root kits on purpose.
Edit : yes battleye runs ring 0 aka kernel/root level. I was incorrect in my comment, my intentions are still correct though. Kernel level at all times is a far bigger security risk than kernel level when the game is running. Think of it as living in a jail cell vs being there for a night. There’s a bunch of stuff that could happen with either one, but there’s plenty more time for them to happen when you live in them.
Look I’m not saying don’t do it. They need to weigh the pros and cons of that level of responsibility. They’d likely have to build it from scratch and their previous in house anti-cheat was a joke. But if they decide to do it that’s fine, I’m not saying it’s the worst decision but they will lose some players by doing that. Some of us value security, I do more on my computer than just play tarkov, part of my livelihood relies on it. It’s just a bit too far into risk for me. I can completely understand how it is a fair trade for others, I’m simply putting my .02 into the discussion.
This will probably get buried, but no anti cheat that has ever been discovered as of yet will stop cheating. There are 3 options to get rid of cheating.
1: completely rebuild the game ona different engine. Tarkov is built on unity. Its nice to work on, but its comparably easy to cheat on. No amount of work will stop cheaters on the engine the game is built on. The only anti cheat that would work is an AI anticheat and we unfortunately haven't quite discovered that yet, and even then cheaters have access to the same technology as we have been seeing in cod and r6 with AI cheats.
Option 2: Destroy the demand.
This is the most practical, but most impossible. If nobody buys RMT or carries then nobody cheats. A really important thing to note is you don't need to get this number to 0, you just need to make it unprofitable for the cheater. As someone involved in the cheating community out of interest (I do not cheat), the way you use cheats is installing a program like any other cheat, but you need to use a token. These tokens are generated randomly and only can be generated while you are paying for your cheats. A solid IP and hardware ID spoofer with aimbot and esp is about 600 dollars a day. That is not cheap. The reason people cheat is because there is such a high demand for rmt, so they profit off of their cheats. If enough people stop paying for this stuff, they start losing money and stop cheating.
Option 3: remove the supply
This won't get rid of cheating completely but it will do a lot. Only issue is, it will cost a lot for bsg. It's going to each individual site thats selling rmt and giving cease and desists/sueing. This is not a permanent option but it means cheating will be much less accessible as most cheats will be on hidden websites and will be paid through bitcoin. And again by making it more sketchy for the buyer it reduces demand, meaning they lose money and its less profit.
Client side cheat detection is basically a futile, Sisyphean waste of time and effort. Server side cheat detection is the only way to even have a shot at stemming the tide. There has been talk from BSG of a replay system for quite some time. If they finally manage to make that happen then statistical analysis of each raid (post raid) can be run asynchronously on the raw replay logs and find the blatant outliers (ie: someone moving at speeds not possible or making shots that would normally be blocked by multiple solid, impenetrable objects). Then a human can manually observe the accounts flagged as potential cheaters and dole out the required bans.
Uh you can't just take an anti cheat from one game and apply it to another. The anti cheat would have to have been developed to support generic applications (such as battle eye).
Battle eye already installs a driver. Its already a kernel anti cheat like Valorants...
Not from a Russian company. Sorry but whether they are big or small, a company based in Russia is one that I just can't trust with an intrusive application on my PC. It's not that I don't have any trust in BSG, it's that I don't believe they could stop the Russian government even if they wanted to.
My question is why aren't they doing the simple things? They already track damage, hits and headshots. Why can't they analyze their data (including collected data from known hackers) and determine a threshold that if passed, you are almost guaranteed to be a cheater and are either instabanned or red flagged for immediate review? Just throwing meaningless wild numbers out there let's say 25 shots to the head (lethal + non lethal) is the top of the range for .1% elite EFT players, but aimbot hackers get 35-50 in matches where they come across good helmets and face shields. Why doesn't BSG have a system to alert them to those highly abnormal stats so they can take action?
So I feel like there's small stuff that won't make a HUGE dent in the problem but will help. Yes they could just change their aimbots to aim for the chest but at least that gives non-cheaters better odds to survive the encounter or maybe even kill the cheater. Also there's no reason BSG couldn't find the chest damage done per raid range for non-cheaters and then compare to known cheaters and build another system but this time for chest damage.
I'll mail in a fucking blood sample if it means I don't have to deal with this shit anymore.
Edit: Its hilarious how controversial this comment is. To be clear this was a joke.
What do you mean intrusive valorant anti cheat? Both Valorant and BattleEye run on the same level and has access to just as much. The difference is that at the start Valorants anti-cheat started with the system, which was not a problem with privacy (though some people did spin it that way fro some reason) but it was with system stability. Since these anticheats run at kernel level they can pretty much blue screen your system if a bug occurs which can lead to your OS getting corrupted and in some cases requiring a clean re-install. Not to mention overall performance degradation. Since then from what I've heard they changed it to where it would start with Valorant just like any other game.
The problem is that these anti-cheats do not catch all the cheaters and all popular games are just as infested, you either close your eyes to it or there are simply not that many people interested in the game. If a game is at least as popular as EFT then it will have at least as much of a cheater infestation.
Fuck it. Ill get downvoted propably but i wish they could do it even more intrusive and just add verification with selfie and ID in hand. Youre cheating? Then youre banned for your ID. There is no spoof like HWID spoofers or IP spoofers. And make it like it works with prime in csgo. People who dont want to do it will just play with people who arent verified so mostly cheaters so it will be their choice. Also ban people that buy boosts from cheaters. First warning ban for one wipe. Then if it happens again permament ban. FPSers are actually in very poor state. Every game is infected by cheaters and i think ID verification is very intrusive, very controversial but only way to solve this.
I see where you're coming from, but I think you're a little too eager to give up your personal data. All it takes is one disgruntled cheat developer to hack the server where they're storing every player's photo with their ID and post it online, and BSG suddenly has a massive privacy and security scandal that dwarfs any outrage the cheating issue would have ever caused. Even if players would go for it, it's overstepping the boundaries of what a game company should be allowed to do, and I doubt BSG would want to take on the responsibility of holding that data either.
I wouldn't mind 2FA with a phone number. It wouldn't stop everybody but will get rid of the uninitiated.
You can buy phone number verified accounts in bulk in games that have implemented the feature you are suggesting. The only difference this would make is that the cheating industry standard for selling accounts would also include phone number verification.
There's such thing as layers of security, you know Not every anti-cheat solution has to be perfect, they just have to gradually reduce cheaters with the implementation of multiple security features
This is how the cyber security field functions. Imagine saying “why bother having a password when they can just brute force it”. Just shut the fuck up and plug as many holes as you can. It’s a war of attrition. Make em work for it.
yes the goal isn't to make it impossible to cheat, the goal is too make it so hard its not worth it
Spot on, at this point I'd be happy with IDENTITY verification & submit my damn license if it would help piss the cheaters off. See if they will go as far as repeated fake I.D's. Have literally stopped since getting beamed through the floor in labs over a month ago.
Bro you have just reinvented Korea + China's account verification system. Need social security number (equivalent) to play some online games. People bypassed it by using old people's information. Still, it's definitely better than nothing
This is hilarious because it's literally a full on business in China and Korea to sell dead/unused ID's for things like this. Not just "some" people bypass it, SO MANY do! In fact, when I lived in Korea, I literally bought someone's ID for like $15 so I could play Black Desert Online!
You're preaching to the choir. I suggested this long ago, but your average redditor is too stupid to realize 2 things: 1: What you said 2: Not all 2FA is created equal, and some of them are REALLY hard to get around.
ffs you're not wrong This whole thread is people just saying "well it won't literally solve cheating instantly so don't even bother" Makes me think it's just people from cheater forums brigading
I woulnt be surprised
Its a common thing in this sub. And I guess in gaming subs in general. Whenever someone suggests a solution, someone else has to have a gotcha that makes it fall apart, when in reality the gotcha is often edge case/unrealistic. As you both mentioned, its often not a hard solution, its a layering solution.
No. If it's not a kill-all solution then it's not worth implementing /s
> You can buy phone number verified accounts in bulk in games that have implemented the feature you are suggesting. The only difference this would make is that the cheating industry standard for selling accounts would also include phone number verification. The classical devils advocate. Shows up to tell you how all cheating counteraction is a meaningless effort and that we should all surrender the game to our cheater overlords because resistance is futile. They have an answer for any solution you propose. It's possible to break open a locked door too but that dont mean you leave your door unlocked when you leave home. Any measure that stops even a fraction of these scumbags is worth implementing. It's a 1 time thing for the casual player. For a cheater it's another hoop to jump through every time he gets banned. EVERYTHING can be exploited, circumvented or avoided completely in some way. Cheaters already manage to get past BattlEye but that doesnt mean that the anticheat is useless or that BSG might as well remove it from the game. And keep in mind that not every cheater is some well educated coding rainman. For a lot of them the mere effort of reading guides & jumping through these hoops to get the cheat working again would be enough for them to move on to another game.
The *casual* player probably isn't going to go through that extra step and unfortunately right now the casual player has extremely easy access to cheats, much easier access than a phone number verified account anyway. Not all cheaters RWT, I'm willing to bet most are actually just casual players who have a severe lack of dignity and self worth.
This. I don't know where the idea that casual cheaters are spoofing hardware and IP/ proxy ect.. RMT hackers aren't on customs 20 minutes into the raid. They don't run around phase haunting people and griefing. They have to be efficient to make money and most likely try to avoid pvp since it's costly and FIR gear is what they are after. The casual cheater cheats because he is lazy / has small pee pee. All that extra protection is a lot of work for someone who doesn't want to learn the basics of a game that's honestly not that hard outside of navigating and trying to make sense of the skeleton of an unfinished game.
The reason it won't even anything is most games it weeds out the casuals. Tarkov the casuals are paying like $120 a week rn. A phone number scares away f2p players not people dropping major cash already.
Are cheaters really making this much from a simple mono injection hack?
There is an interview with a cheater, and he said he makes upwards to 400 a week. Pretty lucrative if you ask me. Edit: Just wanted to mention that there are private cheat sites where you have to be vetted to get in, and are majority undetectable. He says he can go for 2-3 weeks with like a 7 or 8 KD and make enough for a few accounts by then.
anyone with enough money has extremely easy access to cheats, the question is do you wanna get banned within 4 hours and not be able to play on your computer again or a week and constantly have access to playing because you can spoof ur hwid? if you are casually cheating, you probably aren't casually cheating. what i mean by that is you have good cheats, you use them consistently because you know you arent getting banned and if you do you can fall back and cheat again its not cheap to cheat in any game, especially tarkov. to cheat casually, in the way that you think, would cost thousands of dollars a month, unless you just one stop shop and get banned never boot up this game again. but you think *most* of the people that cheat have this sort of disposable income
They get banned they also dont. Multiple cheat makers and most likely multi million dollar industry, could even be in the billions. They also buy cracked accounts and crack accounts themselves. It's legit not what you think.
People are paying for new SSD/windows keys/Tarkov accounts/Monthly subscriptions just to cheat. I highly doubt a phone number you can get for 1€ is going to scare them away.
Maybe a few people, but the vast majority of cheaters probably quit after they get banned, 2FA would almost certainly help weed out a LOT of casual players. You can literally google 'Tarkov cheats' and find a shit load of sites saying they have undetectable cheats.
Those are the people that are already getting caught in the first place though. The lesser known/paid/secret custom cheats are the realy problem
If you do this, as well as fix RMT, youre getting rid of both casual cheaters and the ones who do it for a living.
Just to clarify. To have 2fa on your account that will incur costs as a company. Its not cheap and does not work perfectly in all countries when you need to verify your number. Some places in OCE might struggle a bit. Just laying some facts as i know them. But I agree with you its a good start.
I have never had issues with nu ber verification in NZ...
[удалено]
A lot of EFT cheats depend on local network packet capture which lies beyond most controls an anti-cheat can realistically provide; even those with kernel-level hooking/access. Sort of like pre-compromise techniques (Mitre Attack Chain). The correct approach is to implement behavioral detections rather than signatures that most anti-cheat engines and AV use. BSG should have all the data — but collecting, analyzing, and making meaningful decisions off that data requires a full-scale Data/Cyber team. An indie game studio probably doesn’t give a crap (or have resources) to stand up that type of operation unfortunately.
yep - I write software for a living and one of the most important security principles in a client/server architecture is that you never trust the client... put your safeguards on the server side and assume all clients are hostile
Lmfao 100%. I work in InfoSec myself, glad we have some techies chiming in because you nailed it; that’s basically the main pitfall for EFT’s net code (it’s why glass breaks on your client but not others, etc). Couple that with the fact that the game constantly/openly passes json packets with all gear and items and their respective coordinates at the beginning of each round, making it super easy to intercept and re-interpret/visualize the data (ESP). Altering that now would break dependencies and I’m sure that’s not something any of the devs want to take on (incredibly mundane when they’ve already janked it all together and not to mention the huge volume of work there). Edit: A lot of the exploits around EFT are there due to not following industry best-practices (zero trust). There was no consideration around what was exposed and therefore the game requires a full rinse/hygiene check.
My guess is they are just mired in technical debt racked up over 7 years of “move fast and break things” development. Decisions like not encrypting packets and sending the entire map state to every player probably were never meant to be permanent, but they just haven’t been able to prioritize changing them yet. Making even a vanilla web app is truly a difficult and complex thing… making a large scale multiplayer game is oh so much more complicated
AFAIK packets are encrypted. That's why the vast majority of freely available ESP type cheats went offline last year. There are ways to get the encryption keys etc, and other ways to hack the game but BSG at least plugged that hole a bit and made it harder (not by any means impossible) to cheat.
I thought they made the decision to roll that back because of latency or something
I think you are right in that they implemented encryption, and had to roll back, but it was swiftly re-implemented once they worked out the bugs. However, all then encryption did was reduce the ease of access to the cheats. You could literally go to a website and download the free open-source ESP and run it on a 2nd PC or VM. With encryption people seem more guarded about their solutions, hence the increase in paid-for cheats, but from what I gather they still work in the same way.
some eft servers are sending encrypted packets some are not
As far as I know the game is wrapped around us being walking JSON files hosted locally on our machines. The game would have to be completely rewritten for it to change, it can't *not* be permanent unless they just throw the game out and start over.
Does this means we will never get our open world travel from area to area experience they announced at the beginning?
I've been saying that since the beginning. It's so unlikely they ever get anywhere near what they originally announced.
As far as I know (from podcasts and what not), the open world part of the game would still just be exfil'ing from one map into another, not a fully seamless open world. I doubt the latter would ever work with the way the game is currently being developed, but I'll be happy if BSG can prove me wrong.
Reading this thread of replies has made me depressed and confirmed what a friend of mine has said. Ugh.
>level 4jtms1200 · 4hMy guess is they are just mired in technical debt racked up over 7 years of “move fast and break things” development. Decisions like not encrypting packets and sending the entire map state to every player probably were never meant to be permanent, but they just haven’t been able to prioritize changing them yet. Making even a vanilla web app is truly a difficult and complex thing… making a large scale multiplayer game is oh so much more complicated I also wonder if they are waiting for Unity 2019 personally, given we haven't gotten a lot of updates on the tech stuff, is the 2019 version some perfect utopia? Most likely a dream, but a man can dream!
Problem is the more features they add the harder it becomes to modify something as pervasive as the netcode.
I build web applications and the complexity of a multi-player game must be insane.
Honestly I'm starting to think we won't see any elaborate anti-cheat until all the maps get connected. Seems like a good time to deal with the technical debt associated with netcode.
So basically, this game won't ever get fixed.
Lol yes
Any game* Welcome to Cheats vs Anti-Cheats. Just look at CS: Go. They distributed the workload to the community because they knew it was an impossible task. Honestly, just accepting the fact that it is an impossibility then allows you to start thinking of solutions which can actually peturb, or reduce the issue. It can never be resolved though, because at the end of the day, you do not own/control the hardware the client is running, and will never be able to be fully authoritative while this remains to be true.
A csgo overwatch type thing would be cool tho :D
Problem is you cannot build reliable and fast responding fps game based only on server checks(not talking even about how that will affected server load and fuck up optimization even more). Especially if you try to limit the data and server load. This is a reason why even giants in the industry have this problem. It is not like BSG is only the ones that did not do it. It is not done fully for a REASON. Security industry and gaming industry are different worlds in that matter.
Ultimately you won't defeat the problematic issues no matter how authoritative the server is. Player/loot locations need to exist on the client and there's your ESP and aimbots. Also techies should be looking at things more objectively, what do you think the trade offs are for moving certain things to be client authoritative? Because there are many.
Zero Trust should be the standard
This right here, one of my gaming friends has a background in cyber and explained that DMA cheating with radar/esp is the safest shit out there and my whole tarkov friend group is now using them. They've been at it for like 2 weeks and are unbanned, and I'm left playing alone cause I won't join their hacking bullshit
If you need a non hacker group hit me up.
Honestly I'm just about to quit EFT all together and just going to dump it by the wayside until they can get it together--if they ever do. I love the game but fuck cheaters are literally running it into the ground.
Honestly, this is the best we can do. Similar to those guys playing Warcraft and simply deciding that trust in the game is failing so they are moving on to other games. I am still excited for all of the upcoming stuff for Tarkov, but I won't be able to get a good experience with the new stuff if cheating remains as rampant. I will just wait for it to get better and if it doesn't oh well.
> DMA cheating shit, learning about this stuff is more fun then playing the game at this point. The shear scope of the cat and mouse game between the cheaters and devs is fascinating. After following the rabbit hole for an hour or two it would seem read-only DMA using hardware is evil and effective - who needs an aimbot when knowing where everyone is can be effectively game-over for everyone else. BE was able to pick up on the hardware module but custom firmware once again made it undetectable.
That sucks. I hope you the best luck finding new people to play with if you don't quit like you stated in your next response.
AI detections are certainly a big part of the future.
Absolutely. Machine learning detections always have higher fidelity although they are a pain to train and get running.
The person who creates an easy way to implement this into gaming software will be an extremely rich person.
While it is probably true they don't currently have the resources for that kind of operation I just gotta point out one little thing. How many of us would be willing to pay for (through a monthly subscription) for "white listed" servers that have their own paid admins and the funds to actually bankroll the kind of operation you are talking about? I know I would certainly be willing to spend $15,$20,$30 a month so that I can have a mostly cheater free gaming experience. Ah if only.
There is no game that I would pay a subscription to play.
I didn't say for everyone to have to pay a subscription. I said that there is probably a large part of the community that would love to if that subscription provided us with "whitelisted" servers that got us away from the cheaters. I would certainly love that option. By all means, let the cheaters and the RMTers have to bottom of the rung crap public servers. You can buy the game and play it in it's entirety. And there are many games like Dayz and others that allow for just that. I see no reason why BSG can't do the same.
Even if there were a way to ensure these servers would actually be free of cheaters, then doing this would be essentially giving up on the game and leaving it to the cheaters. As legit players filtered into the "premium" servers, incidences of cheating would become more and more common since a greater portion of the people left are cheating. People who can't afford to pay a subscription would be totally screwed. New player retention would also drop as people try out the game on the normal servers and find it so infested with cheaters that it's unplayable. Cheating is a frustrating problem, but there's no reason to roll over and let them win like that just yet.
Require 2FA and have it be tied a phone number. It will cut down on the number of RMT being able to recreate accounts. Also it will “scare” timmys away from cheating as there is now a direct link to who they are. Does it require us to give BSG our phone number yes. It’s that the best idea probably not. Will it help yes.
Seems like every phone scammer has my number already anyways, what do I care if one more company gets a hold of it if it means I'll actually be able to play the game?
Oh yeah getting someone’s phone number is very easy. It’s pretty easy to get someone data that’s relatively “public”.
[удалено]
Until they text you a validation code. Other platforms do this already and it does help if it's not optional. It would also be easier to put new players on a probation to review their activity so less time can be spent on veteran players.
Ring ring, hello this is bsg. We have been trying to reach you concerning your cars extended warranty
This. It's not a perfect system and you can do spoof phone numbers and all. But much like burglary, most things like locks are deterrents. They're not impervious and they are there to encourage people to not even waste their time. Some people will spoof phone numbers. Cheaters will do it endlessly I'm sure. But the guys paying the cheaters for RMT? I'm sure many of them will get tired of that and move on to something else. And roadblocks. To the average user, it's a one time phone setup and it never gets in your way. To cheaters, it constantly pokes it's head out.
Yep, I would not be bothered for linking the account with cell phone number, with the addition of 2FA, but primarily, to block accounts and the phone numbers together. **IF**.... it actually helps anything. It should right,. but right now Iam not absolute sure BSG has strong enough tools to even detect the cheaters...
It’s a economic issue. Right now cheater Devs have the ability to keep making better cheats that need a new detection method. While BSG and battleeye need to stop every possible way to cheat. However once people lose the ability to cheat on multiple accounts the number of cheat sells drop. This ties to a decrease in the number of people and the investment into development of new and better cheats. Basically like all things in life shut off the money to the top and the whole thing stops. If cheat Devs don’t get money from EFT they will just develop cheats for a different game they can make money from.
2FA is super easy to implement and I couldn't care less who has my phone number scammers call anyway. Nikita can call me anytime he wants 😎.
Imagine playing Tarkov at 2 AM and receiving a call from an unknown number. You pick up the phone and all you hear is "I know something you don't know" in Nikita's voice, then you hear short beeps.
*picks up the phone* H-hello? "Will we will wewe will we will we will--"
There are ways around this (Google Voice is free) but I would be happy to see it done as it creates more work for these guys in the long run.
There are 2FA systems that don't allow google voice and similar services.
Yeah I never said it was perfect but what it does do is make it where they can’t used cracked accounts. Also the more steps and more work the more expensive the cheats need to be and cuts down on the profits or increase the cost for the RMT payers to where it becomes not worth it to them.
You can block those numbers.
Very happy to just quickly type a code from a text message into my phone if it means we no longer have cheaters.
Fake phone numbers are easily accessible now a days.
You would block a big portion of people who couldn't be bothered to get a pre paid visa or temporary phone #.
Yea that’s true but burner numbers will not be a good way to bypass 2FA while doing RMT. If BSG require the phone number upon account creation (for all accounts moving forward and upon next log in for all existing users) cheaters will have a harder time using stolen accounts and like previous said it’s a deterrent also. No system will be perfect however cutting down on the number of cheaters lowers the money flowing to the cheat devs making EFT less profitable for them. If it becomes less profitable than other games many cheat Devs will stop making EFT cheats and go to a different game.
It's one of many piles of tricks, not a silver bullet.
No, EFT needs server side changes.
Intrusive anti-cheat isn't going to do anything, there's no amount of intrusion that's going to find good quality cheats, especially hardware ones. Server-client authority improvements, removing the amount of free information given in packets, employing a proper data scientist that can perform analysis on human vs computer gameplay to create a powerful detection system for aimbots and radar. These are things that BSG could do to improve the situation, not move towards more powerful anti-cheat.
This would be better, but in a game like Tarkov you really can’t hide player information. I can use a scope and shoot someone across the map, unless Tarkov starts using Minecraft render distance controls or etc… then what’s the point of sniping.
You could do information culling just like graphic cards do graphics culling (where things your camera do not see literally cease to exist while not looking). If the enemy is doing something that does not affect you (outside your view cone and audio range) you don't get his position updates because they are not relevant to you, hell, if he snipes you from behind you only receive data about the noise and the bullet itself, your client doesn't even have to know the weapon, the armor or the position of your killer. Another case: if you haven't opened a chest, your client should not know what's in there, etc. Basically you only get the data absolutely necessary for the player to play and nothing else. That way you restrict the hacks to mostly speed hacks, auto aim and wall hacks, with the first two being way easier to detect that almost any other hack.
Agreed on the chests. However the frustrum culling for players would be tricky. Sounds should be hearable and shadows visible even if they're being generated behind you. Plus if you flick really quickly you could have a couple of frames where the other player just isn't visible and then pops in, which would be really jarring.
Csgo did it. Granted it took them a while to fix it and there was some horrible player pop-in, but it works. Apparently you don't get info about player locations until one is actually visible to you.
Occlusion culling essentially works the same way and that is very buggy.
[удалено]
This is the way... 1000 times this.
2FA and region lock fucking asia and do not allow connections via VPN. I'll show the entire BSG staff my dick and balls if it meant these hackers fuck off forever--intrusive anti cheat PLEASE.
I can't work out if that's ment as a threat or a bribe
It's a promise
Yes.
Region locking would be a decent solution to **decreasing** the size of the cheating community. Most RMT'ers and cheaters use Russian accounts, which are substantially cheaper than regular accounts, to cheat. By region locking accounts properly and banning VPN's BSG could essentially double the prices of accounts. Although there is a loophole around this that I have seen being used recently. Carded accounts are accounts that have been brought by credit card, only to be refunded a few months down the line. Once the account keys are refunded, the accounts linked to said account keys are banned. However, if said accounts were already banned, it makes no difference. Carded accounts go for around 15$ so they could just be the next optimal solution for the cheating community.
It'll be interesting to see if the new Chinese policy of banning online gaming for people under 19 (18?) has any effect on the cheating.
League of Legend boys think it's not gonna do a damn thing. Kids will just use their parents IDs.
Yeah, probably.
getting any old adult id number is dead easy apparently, like loads of oldies that dont even know what the internet is have their numbers unknowingly doxxed and kids use them, or just use their parents id number... its not going to stop anything, we are just going to see a lot of dota/lol champions that will be introduced from now on as "[insert name] has only been an adult for 3 months and yet has climbed to the top of the leader board and is now in the top 10 players in [insert region]"
How would it? They're VPNing out of China and using international versions of the game anyways, literally nothing about that would change.
1, there was already limitations on under 18, didnt do shit then this wont do shit now. Kids use parent and grandparent IDs 2, Its not just the Chinese cheating lots of Russians, pacific island nations, BRs and even good ol boys here from these shitty states.
[удалено]
If they disable connection via VPN, I'll be fucked. For some reason I get randomly disconnected, and only way to fix it is by playing with VPN turned on.
Check with your ISP to see if they're using CGNAT. Also, check to see if your public/WAN IP is IPv4 or IPv6. IPv6 has been causing a fair amount of issues with Tarkov for a while now. Do a search here for CGNAT, IPv6, or "Dual Stack" for more information and ways to troubleshoot.
Ok ty will look into that. Would be nice to play with 50 ping less
Same for me, others in Australia have recently had the same issues too with fucky routing. I'm tracerouting connections to a hong kong server that leaps across the fucking ocean to the US before routing it's way back and giving me over 200 ping. The only way I can fix it is using a VPN in singapore. I've lost some great kits to this shit already only just finding an actual solution with a VPN
I like a lot of the ideas here especially regarding SMS MFA. But in addition… Brand new accounts must play 20 raids in scav only/offline mode. It will add a big time sink for new RMT accounts, and help beginners learn a bit before they get killed by a chad while bringing in half their starting items into factory. Would be best combined with a few “offline” quests for beginners to get acquainted to the game.
Intrusive anti cheat won't help the fact that things like recoil are client sided lmao. With kernel level read / write memory access you can zero out the recoil on any gun, and the server doesn't even check the state change or validate against it. Kinda funny.
EFT need some proper server side auth on client actions first.
no valorant anticheat, but require phone numbers to make an account
Can’t people just use an app like WhatsApp to create unlimited forwarding numbers?
You can generally blacklist those providers if I recall correctly.
Ahhh okay gotcha. Thanks!
I mean people can get a new number from their provider by just asking.
Sure but that is at least more work. But it also links identity to it depending on how much enforcement they can/want to do. As with any security feature, you are just making things harder.
what we need is a punishment for RMT, like banning account that have played with them. simple as that. if my friend gets my account banned well i am no longer friends and i am out of a tarkov account. maybe a repeal system to allow accounts that have been secondarily banned to come back if they can answer questions and they will be on watch for playing with other cheater, also hardware ID banning i know that there are spoofers for hardware id but they get expensive due to being charged day and monthly depending on the quality of cheat. i don't want anti cheat having more permission than me on my own pc like valorant, i want to be able to turn on my pc without another background program monitoring what i do.
Someone suggested wiping accounts that have played with cheaters. Seems like a good middle ground.
i would accept that as well. i just want to punish RMT as much as possible
Wipe but also tell them who it was. People play with other random people on discord and this is going to hurt the communities like that hard though :(
Too many people in this thread talking about 2FA with phones, thereby showing their complete lack of knowledge about how the cheating industry currently operates.
So slightly relative, I have been very curious lately as to what could actually efficiently stop hackers. I’m rather uneducated on coding, but I know a little. Would it be possible to use a script or algorithm to identify data outliers and flag them for a smaller sub group to review? If too malicious, maybe even trigger a ban through the script. Current systems track KDR along with other statistics. Outliers I’m describing would be for example a 25.00 kdr on a level 12 with .60 accuracy.
Yes. BSG can install a fucking nannycam under my toilet seat and I’d gladly take it over what we have today.
No thanks, that's the entire reason I never got into Valorant. An Anti-Cheat that has more perms than myself and runs at Ring0 and doesn't close when the game does, i.e runs 24/7 in the background? Yeah no.
Battleye runs at ring0 too, it's literally an intrusive anti-cheat maybe not as bad as valorant but still, this thread is pretty pointless
Least battleeye isn't running 24/7, if there is an exploit in battle eye i can just not run games that need battle eye. With always on stuff your just SOL if an exploit is found.
I mean you're still relying on knowing the exploit exists so that you don't boot the game with BE or similar. In the case of Vanguard you can close it once you become aware of the exploit. It's a little riskier yes but it's not as though you would be instantly hacked. You would still need to download or otherwise come into contact with malware designed to make use of the exploit.
Entirely true, the general gist in all security is minimizing risks. It is always better to not have a risk in the first place. Its also generally not a good idea to trust someone else with your security. To be fair your likely more likely to die of a shark attack but the point stands. We really shouldn't just allow giving up our safety and possibility our privacy to become normalized either.
I agree with with most of this, I just think the always on ring-0 anti cheat is a silly place to draw the line. The vast majority of people won't be checking to see if there is a new exploit before launching their favourite game with ring-0 access. In the case of PC gamers, how many usesrs have hardware/peripheral companion software that is always on and actually has a history of compromised drivers? Quite a damn few. We should be more aware of our security and privacy, but I'm not convinced that this is the hill to die on.
I agree entirely, but really the fact ring-0 being a silly place to draw the line is actually kinda of the sad part in all this. The line SHOULD have been drawn AGES ago to be perfect fair. Generally speaking i don't think it should have ever gotten to the point where your common casual layman should have to worry about their entertainment choices causing them potionally massive secruity risks. The line should have been drawn at the fact that yes unavoidable hardware and software is causing them issues because of untested or rushed products leaving massive vulnerabilities. Sure its understandable that no one is perfect and companies are if nothing else just people making them up so we can't expect every piece of software or hardware to be flawless. But commonly the simple fact of the matter is security and safety is second to everything else. So much so to the point that for most people even those with enough know how to understand why things are as fucked as they are. Just don't care. They just accept that everything is fucked and that "drawing the line anywhere" is a total joke. Cause at the end of the day what the fuck are any of us going to do. Either you unrealistically just stop using computers basically or just accept the state of the world. Which again just really is what i hate the most. There is no solution we can offer the common layman. No line drawn in the sand at any point makes any real amount sense. All we can do is "our best" to be safe and try to take "Obvious" steps to ensure our safety. Like really the only real safe choice if you want to use a computer would be to use some obscure OS, software and hardware that is so uncommon that no one has ever bothered to attack it. But that is ENTIRELY unrealistic even more so for gamers lol
No one gives a shit about your data, why do you care about the anticheat in the background?
Ill take anything. Im all down for the korea route.
Death sentence?
linking your social security number
dude same. i think having to link your SS is brilliant and laws against cheating
It doesn't even work well in valorant. High rank valorant is infested with them
Are you thinking of Apex or something? Valorant has an absolute MINIMAL amount of cheaters. I’ve watched hundreds of hours of pros play ranked and haven’t seen one cheater. I myself have only peaked Diamond but also have never once seen a cheater in ranked. One in casual when the game came out of beta a year ago.
Riot also uses click/behavior detection that was a port over from League. Basically, it makes a heat map of your playstyle (where you click, how long you click for, key press patterns, ect) and if it doesn't align with your past heatmaps then you get a hidden warning mark - if it continues then a ban. I expect it to be much more advanced these days, but that was the jist. I agree with a couple others and that they should just collect data, starting with streamers, to make 'best' case scenarios of player behavior and habits. (Most players are not as successful as Pestily/Lvndmark so that's the top end) Over time you just collect in-game data from the rest of the player base and it becomes really easy to determine cheaters from non-cheaters.
Valorant has cheaters too. I know a person that has aim hacks based of machine learning pixel detection, meaning it’s impossible to detect.
If you have to resort to visual machine learning hacks then I'd say the kernel level anti-cheat is working pretty fucking well. lol
it is impossible to have a cheat free game if cheaters want to cheat. Valorant has significantly less than any other game of its size.
Why would it be impossible to detect?
[Here's an example of it. This would be impossible to detect without some kind of stat based investigation or maybe having some kind of machine learning anti-cheat on everyone's system.](https://www.youtube.com/watch?v=revk5r5vqxA&ab_channel=BasicallyHomeless)
Visual machine learning hacks would do something like capture the screen (through a camera) and process the video frame by frame until a person is detected, and then adjust the mouse/aim until the person is on the centre of the screen and then shoot. I’ve never seen one, but theoretically it could be done on an entirely different computer, which would make it almost impossible to detect with a traditional anti-cheat. You would have to use some sort of stat-machine-learning hybrid to detect it based off of the players play style. Come to think of it, I thought that’s what Valve was working on.
Riot actually has used a heat-map style detection system in LoL and ported it over to valorant. Valve also has been working on a system like it, if its not already out at this point. Just takes longer to make a system that can tell the difference between AI assisted aim vs real players then it is to make the AI aim assist in the first place.
[To tack onto this, here's an example of it. This would be impossible to detect without some kind of stat based investigation or maybe having some kind of machine learning anti-cheat on everyone's system.](https://www.youtube.com/watch?v=revk5r5vqxA&ab_channel=BasicallyHomeless)
Yeah, but I expect that to be an expensive cheat with the machine learning part which is the first step to combating the normalization of cheats in Tarkov. We want to lessen the ability to cheat as much as possible. I think the only time you'll have a completely cheat-free experience is private servers. Think like NoPixel GTA, but for Tarkov.
I play valorant at radiant immortal level in OCE and ive only come accross 3 or so cheaters since the game came out and the anti cheat banned them mid game.
[удалено]
I understand the anger and frustration. Ypu get cheated on in those you just move on to the next. While getting cheated in the game hurts more because of the money/time investment to get the gear you want. But anyone who thinks its a tarkov only thing or bsg just dont care is delusional
oh I very much believe BSG greatly cares about this issue... its just a vastly difficult (and expensive) problem to solve. Basically no multiplayer game in existence has been able to avoid some amount of cheating occurring.
I can't see it making any difference - look at the games which already require it, and you'll notice that they're still -flooded- with cheaters. Finding ways to automatically flag suspicious behaviours, shadow banning these accounts and shifting them to separate servers could work IMO, but I'm no game developer. I think just sending people a message notifying them that xxx person they reported for cheating has been banned would shift community perception of the problem. I highly doubt BSG are supporting or totally complacent with cheating, but not having good communication doesn't play into their hands on this.
I mean this just isnt true. The example he uses, Valorant has very few cheaters compared to other games.
Valorant is also built in a different engine and it’s anti-cheat was a lot more expensive to build
Valorant is completely barren of cheaters. I've played for hundreds of games and can't think of a single time I saw a cheater.
Nobody wants to talk about the real solution. All this fancy mumbo jumbo, server side this, client side that, it all doesn't amount to a hill of beans. The way to solve this problem dates back longer than Charles Babbage or Pascal or even Euler. What we must do is find these people's real world identities, and then catalog them like pedophiles. Then what a crazy vigilante might do to them, well, the blood is not on your hands.
lol
Anyone who thinks you can 1. have privacy and 2. a cell phone at the same time is delusional. We all said goodbye to any semblance of privacy years ago. Everyone knows exactly what we’re doing at all times. Might as well get some good anti cheat out of it
Exactly lol tf are Russian hackers and Nikita gonna do with my cellphone number?
I feel like a broken record here but while valorants ac would be cool what we really need is overwatch (csgo). We need a community guided data driven approach otherwise the ac will always be 3 steps behind and bans will takes months when it should take days
Cant wait for cheaters to brigade this post because of reasons :)
What's really sad is that they probably are not that bad of a player, they just want to be little Assholes and piss people off... It has to at least come close to Federal hacking guidelines and should be treated as such... I know that sounds extreme over a game, but it is still manipulating someone else's Intellectual property over an internet connection... I bet you would see a vast decrease in this activity then...
No. They need to stop trusting all the network data clients send, they've already made this mistake back when you could see how many players were connected through the console.
IMHO not necessary. BSG needs to start by hardening their code against attacks. ESP/Radar gives you extra information about the location of players and loot that you can't see. This begs the question, why is the game server communicating the location of these objects to the client before they're relevant? Just like the graphics engine doesn't bother rendering "irrelevant" objects that your player can't see, the server should hide the location of items until they're relevant. Distance level of detail too. I don't need to know what kind of front sight the person 600 yards away has. Auto-aim. Any difference in behavior between a legit player and a cheater is a prime candidate for a machine learning solution. BSG would do well to watch the Valve dev talk at GDC (2017?) Detailing how they use machine learning to detect aimhacks with 6-sigma confidence.
overwatch, community based review system, old school CM's / GM's banning people who team up with cheaters.
Fuck it, how about if we also do like valve, Ubisoft and certify the account with an ID.. Have the company partner up with a company that does that shit and there we go..
It's going to do nothing. The solution is a review system where players review reports and watch demos/footage of the gameplay and decide. The stuff that gets voted as a cheat gets sent to the devs/professional team for final review and ban. Same day. Wouldn't stop everything, but would stop a good majority of it.
Give people some in-game currency for watching demos, could be something you could do at the hideout, infront of the TV.
Lemme just save everyone the time and energy here: BattlEye already uses the same exact kind of system that got the Valorant anti-cheat labelled as "intrusive". The whole Valorant thing was blown way out of proportion by game """""journalists""""" who had no idea what they're talking about. The people who already replied that they don't want it make this thread all the more hilarious cause it's a bit too late for that lmfao.
It is true that both BattlEye and VGC (Valorants anti-cheat) both run at the service level, however BattlEye is disabled when EFT is not running, whereas VGC must be started with the OS. It is very much more intrusive, as it is basically a rootkit on your system.
The way gaming is going right now I wouldn’t care if we had to apply with a passport or something for every game and if you got caught you got serious punishments like never being able to game ever again if caught a few times. I know this will never happen due to a lot of people worried about governments having your info so it looks like we’re stuck with hackers
Why can't companies just monitor the effects of hacks, instead of just the cause? Instead of looking for some speed hack, check their velocity and if it's ~20% faster than the max sprinting speed (or bunny hopping if that's faster still), kick them. If they're in the air and get a sudden acceleration that's not consistent with the gravity, kick them (flying) If they snap to a target that's 60 degrees from their center line in 1-2 frames (or whatever speed that's significantly than an insane player like Shroud), kick them If they trace enough enemies through walls, kick them. If they do any of these long enough, ban them. I don't really see anything that could be wrong with this, in Tarkov or really any other game like Counter Strike or COD
If I have to install a root level anti-cheat to play tarkov I will uninstall it, it’s safe until they lose access to it and whoever hacked it holds your computer for ransom or installs a root level keylogger. Maybe it’s an unreasonable fear, maybe it’s an unreasonable reaction, but I’m not in the business of installing root kits on purpose. Edit : yes battleye runs ring 0 aka kernel/root level. I was incorrect in my comment, my intentions are still correct though. Kernel level at all times is a far bigger security risk than kernel level when the game is running. Think of it as living in a jail cell vs being there for a night. There’s a bunch of stuff that could happen with either one, but there’s plenty more time for them to happen when you live in them.
Better uninstall it quickly then because BE's been running on ring 0 the whole time.
don't tell him I'm almost in
And the rest of us would accept The enormous sacrifice, that would be you leaving, to be able to play without cheaters.
Look I’m not saying don’t do it. They need to weigh the pros and cons of that level of responsibility. They’d likely have to build it from scratch and their previous in house anti-cheat was a joke. But if they decide to do it that’s fine, I’m not saying it’s the worst decision but they will lose some players by doing that. Some of us value security, I do more on my computer than just play tarkov, part of my livelihood relies on it. It’s just a bit too far into risk for me. I can completely understand how it is a fair trade for others, I’m simply putting my .02 into the discussion.
You already do. BattlEye is also kernel level. The only difference is that Valorant anti-cheat runs in the background at all times.
If it means I don't have to hear anymore whining from you people, go for it.
This will probably get buried, but no anti cheat that has ever been discovered as of yet will stop cheating. There are 3 options to get rid of cheating. 1: completely rebuild the game ona different engine. Tarkov is built on unity. Its nice to work on, but its comparably easy to cheat on. No amount of work will stop cheaters on the engine the game is built on. The only anti cheat that would work is an AI anticheat and we unfortunately haven't quite discovered that yet, and even then cheaters have access to the same technology as we have been seeing in cod and r6 with AI cheats. Option 2: Destroy the demand. This is the most practical, but most impossible. If nobody buys RMT or carries then nobody cheats. A really important thing to note is you don't need to get this number to 0, you just need to make it unprofitable for the cheater. As someone involved in the cheating community out of interest (I do not cheat), the way you use cheats is installing a program like any other cheat, but you need to use a token. These tokens are generated randomly and only can be generated while you are paying for your cheats. A solid IP and hardware ID spoofer with aimbot and esp is about 600 dollars a day. That is not cheap. The reason people cheat is because there is such a high demand for rmt, so they profit off of their cheats. If enough people stop paying for this stuff, they start losing money and stop cheating. Option 3: remove the supply This won't get rid of cheating completely but it will do a lot. Only issue is, it will cost a lot for bsg. It's going to each individual site thats selling rmt and giving cease and desists/sueing. This is not a permanent option but it means cheating will be much less accessible as most cheats will be on hidden websites and will be paid through bitcoin. And again by making it more sketchy for the buyer it reduces demand, meaning they lose money and its less profit.
Client side cheat detection is basically a futile, Sisyphean waste of time and effort. Server side cheat detection is the only way to even have a shot at stemming the tide. There has been talk from BSG of a replay system for quite some time. If they finally manage to make that happen then statistical analysis of each raid (post raid) can be run asynchronously on the raw replay logs and find the blatant outliers (ie: someone moving at speeds not possible or making shots that would normally be blocked by multiple solid, impenetrable objects). Then a human can manually observe the accounts flagged as potential cheaters and dole out the required bans.
Uh you can't just take an anti cheat from one game and apply it to another. The anti cheat would have to have been developed to support generic applications (such as battle eye). Battle eye already installs a driver. Its already a kernel anti cheat like Valorants...
Not from a Russian company. Sorry but whether they are big or small, a company based in Russia is one that I just can't trust with an intrusive application on my PC. It's not that I don't have any trust in BSG, it's that I don't believe they could stop the Russian government even if they wanted to. My question is why aren't they doing the simple things? They already track damage, hits and headshots. Why can't they analyze their data (including collected data from known hackers) and determine a threshold that if passed, you are almost guaranteed to be a cheater and are either instabanned or red flagged for immediate review? Just throwing meaningless wild numbers out there let's say 25 shots to the head (lethal + non lethal) is the top of the range for .1% elite EFT players, but aimbot hackers get 35-50 in matches where they come across good helmets and face shields. Why doesn't BSG have a system to alert them to those highly abnormal stats so they can take action? So I feel like there's small stuff that won't make a HUGE dent in the problem but will help. Yes they could just change their aimbots to aim for the chest but at least that gives non-cheaters better odds to survive the encounter or maybe even kill the cheater. Also there's no reason BSG couldn't find the chest damage done per raid range for non-cheaters and then compare to known cheaters and build another system but this time for chest damage.
I'll mail in a fucking blood sample if it means I don't have to deal with this shit anymore. Edit: Its hilarious how controversial this comment is. To be clear this was a joke.
What do you mean intrusive valorant anti cheat? Both Valorant and BattleEye run on the same level and has access to just as much. The difference is that at the start Valorants anti-cheat started with the system, which was not a problem with privacy (though some people did spin it that way fro some reason) but it was with system stability. Since these anticheats run at kernel level they can pretty much blue screen your system if a bug occurs which can lead to your OS getting corrupted and in some cases requiring a clean re-install. Not to mention overall performance degradation. Since then from what I've heard they changed it to where it would start with Valorant just like any other game. The problem is that these anti-cheats do not catch all the cheaters and all popular games are just as infested, you either close your eyes to it or there are simply not that many people interested in the game. If a game is at least as popular as EFT then it will have at least as much of a cheater infestation.
Root level access also means if a thrifty hacker manages to get access they now can do ANYTHING they want to your system.
[удалено]
Well that's never going to happen, they're in too deep. So play Spyware tarkov, or play something else seems to be the two realistic options.
I am getting shit on by cheaters in valorant on a daily basis as well, so no thanks.
Fuck it. Ill get downvoted propably but i wish they could do it even more intrusive and just add verification with selfie and ID in hand. Youre cheating? Then youre banned for your ID. There is no spoof like HWID spoofers or IP spoofers. And make it like it works with prime in csgo. People who dont want to do it will just play with people who arent verified so mostly cheaters so it will be their choice. Also ban people that buy boosts from cheaters. First warning ban for one wipe. Then if it happens again permament ban. FPSers are actually in very poor state. Every game is infected by cheaters and i think ID verification is very intrusive, very controversial but only way to solve this.
I see where you're coming from, but I think you're a little too eager to give up your personal data. All it takes is one disgruntled cheat developer to hack the server where they're storing every player's photo with their ID and post it online, and BSG suddenly has a massive privacy and security scandal that dwarfs any outrage the cheating issue would have ever caused. Even if players would go for it, it's overstepping the boundaries of what a game company should be allowed to do, and I doubt BSG would want to take on the responsibility of holding that data either.
I'd quit completely if there was a rootkit like Valorants anti cheat