>or even by normal load from someone deciding to split a /8 prefix into /24's
If that kind of happening directly from load of added 25 routes it's quite hard to believe it.
# 10/8 prefix here only to show how to get number of new routes added.
$ sipcalc -n 24 10.0.0.0/8 | grep -c Network
25
$
BGP peering routing policies have then been for the good reason constructed in way that they expect advertisements "exact accept" with a prefix-list with that /8 prefix, because that's is expected when peering is agreed even when not explicitly stated by many. This expected best practice following goal to manage and prevent internet routing table being filled with superfluous routes.
But anyway, sudden change from /8 to 25 x /24 without first noticing your peers and giving them time to change that "exact accept;" to "orlonger accept;" is quite sure footgun if you don't know common principles of network management. But usually that kind of screwup blast radius is local mostly local only to that /8 prefix.
Not sure though how that could be technically avoided in BGP protocol or router control-plane (router OS config) design. Policy filters and best practices how to use them have been set for good reason. Not just to irritate and make things harder than they need to be. We certainly did not do that while I was still working.
Right, something else what could happen with that kind of sudden change is. If that peered had also other peers which had instead "orlonger" in place traffic would then switch to that, what could have some side effects like saturated links, slowness or even increased costs. Too bad, and may happen. But principle is that communicate your routing changes in good time before you actually make the changes. That will prevent most of this kind of problems ever happening to you.
Most BGP peers have router filters in place. It's not 1996 anymore. I remember the days of logging into a Cisco connected to a Sprint T1 and seeing a coworker had fat fingered a spammer's route, sending it to null0. Oops. How did that happen?
Considering the routing table size has been increasing and IPv6 need anyone shouldn't be running global routing with gear not supporting RPKI any more, the routing polices and announcing those RIR they operate.
Many v4 prefixes in the ARIN region are legacy and don't support RPKI unless you sign the registration agreement. I have a legacy prefix and may eventually be forced to sign up.
type Error struct {
// Path is the Upspin path name of the item being accessed.
Path upspin.PathName
// User is the Upspin name of the user attempting the operation.
User upspin.UserName
// Op is the operation being performed, usually the name of the method
// being invoked (Get, Put, etc.). It should not contain an at sign @.
Op Op
// Kind is the class of error, such as permission failure,
// or "Other" if its class is unknown or irrelevant.
Kind Kind
// The underlying error that triggered this one, if any.
Err error
// Stack information; used only when the 'debug' build tag is set.
stack
}
This is the same hardware as a PC, but TPM and UEFI “Secure Boot” happen way, way later in the boot process and aren’t present here; this is the hardware root of trust, in this case the AMD PSP boot firmware, which runs on an ARM system alongside the x86 cores. Intel’s version is called Boot Guard and runs on a combination of x86 sub-cores (TXE) and ME.
Interestingly, I've heard on the grapevine that AMD PSP was originally from the hardware security in the Xbox One (ie. the third line of Xboxes), hence why it's an ARM core. And it's also another branch in the lineage that also includes the Pluton security module.
Kernel anti cheat in the client are the strongest form of protection by far, your comment makes no sense, anything userspace is easily spoofed. You can create a driver ( module ) that intercept calls and that is completely invisible to userspace processes.
The default security measures on Linux are pretty bad compared to windows, it's not even close. People like to bash windows but they have a way better security model.
1 - kernel module from anti-cheats are weaponized by hackers.
2 - if I recall properly, that linux feature is a direct mapping of the target user process allowing extreme dynamicity in time, performant, and much more powerfull mechanisms than basic 'calls'. Namely hell for hackers if a live service game has a proper "security" team, all that without a kernel module.
I'm quite literally the first person to bash Windows for being a shitty operating system, but the requirement for signed modules puts a massive barrier to entry for cheaters, where Linux can load just about anything.
If every system call can lie to you, there's a few things you can do, but it's not many.
I know this because I've actually done a lot of due diligence on anti-cheat.
One mechanism I attempted to employ was to replay initalisation vectors and determinism of inputs; this means I could replay your session out of band and witness the same outcomes. If there was variation then there's a fault. Except as soon as you introduce floating point numbers there's no more determinism... Oh well.
The other was to watch for "impossible" things, but then you need to run full complex physics simulations for every client. If your game requires you to effectively buy an i7-11700k for every user then you'd have to sell your game for a lot more money, and limit how long they can play - nobody wants this.
The third option was to score our best players and anyone who performs better than that gets their behaviour tracked. The problem is, coming up with a scoring system that's server side is much harder than you think.
GameDevs don't actually like paying a shit load of money for anti-cheat (that also breaks their debugging systems and causes bugs: a wonderful combination)... so if you've got a better way: join the industry and fix it. You'll be a moderately wealthy person.
> GameDevs don't actually like paying a shit load of money for anti-cheat (that also breaks their debugging systems and causes bugs: a wonderful combination)... so if you've got a better way: join the industry and fix it. You'll be a moderately wealthy person.
I got a better way... just look at the past. Back in ye goode olde UT2004 times, there was no random matchmaking / ranking bullshit that removed the social element, game licenses cost money, people ran their own servers, and if you pissed off server mods enough, no matter if you were a cheater, a suspected cheater, or just an asshole, your serial got banned - sometimes, across a fleet of servers that shared ban lists. Cheating had costs associated.
But of course, that means you can't lure in whales with free to play games and loot them via microtransactions any more...
This ignores that community servers basically invented client anticheats. Almost all the current 3rd party anticheats started for community servers. Even Quake 3 Arena was updated with Punkbuster at some point.
You still see this with modern day servers. Modded GTA V, FiveM, had additional anticheat even before the unmodded game added anticheat. Part of the appeal of CS2 servers, Face-IT and ESEA, is the additional anticheats.
I played Warcraft 3 competitively in the "goode olde" times. Ladder was full to bursting with maphackers. It was still the way most people played, even though it also fully supported custom lobbies/rooms, which were used plenty for DotA, but almost never for random 1v1 matches. It sucked.
You don't have a better way. You have a nostalgic memory of how games should be played which doesn't match what people in a modern audience expect. It's like saying the solution to cell phones tracking you is to use a landline, because that's how we used to do things.
Primarily driven by my utter disgust for modern monetization mechanics, corporate greed and gambling. Cheaters, IMHO, are an inevitable side effect of combining gamification with gambling, with no barriers to entry, and with removing social barriers of entry.
> The requirements change drastically when you have a larger audience.
The market has exploded in the 12 years between UT2004 and The Division.
1 - kernel anti-cheats ARE weaponized by hackers. This is not a matter of discussion unless you are into the AI generated HN news conspiracy.
2 - this linux feature should provide (if I recall properly) a very complex and flexible (not limited to "calls"), and performant, set of interactions between a set of anti-cheat processes and the set of game processes. All that as being non-root priviledge (I think you must be have the same effective user id). The actual and real parameter is the level of competence and creativity of the "anti-cheat" team which is a requirement of any "live-service games" with frequent updates.
3 - for FPS games where aiming skill is critical, anti-cheat are close to useless due to "external" AI based aim assist hardware.
> "The researchers investigated the techniques used in online game cheating, as well as those deployed by ‘anti-cheat’ technologies. Most modern anti-cheat engines run in the Windows kernel, alongside applications such as anti-virus, at the highest levels of privilege. Software can only run in the Windows kernel if it has been approved and signed by Microsoft. This makes it more powerful than software run normally by the user. An example of kernel level software is the Crowdstrike system that recently failed, bringing down large parts of the internet."
> "While the anti-cheats are allowed in the kernel by Microsoft, the study also revealed that cheat software commonly uses weaknesses in Windows protections to ‘inject’ itself into the kernel and gain higher privileges. Many techniques mirror what is commonly seen in the domains of malware and anti-virus, with a difference in motivation."
> "This kernel injection technique has previously been observed in advanced ransomware attacks to disable anti-malware protections before the main attack."
In the current state of things, YOU have to provide the proof a kernel anti-cheat is not weaponized by hackers (yet...). It is now common knowledge, kernel level anti-cheats are leveraged by hackers.
And we all know this is fully hypocrit. "Computer security" does not exist, but for sure, adding a "gaming" _kernel module_ won't improve anything there... (irony).
I’ve seen so many cases of cheaters online where even the most braindead of checks would neuter most cheats:
Are they moving faster than conceivably possible by a real player? Even the most basic (x2-x1)/t > twice the theoretical will catch people teleporting or speed hacking.
Is their KDR or any other performance metric outside 5 standard deviations from the mean?
Here’s one: is everyone they encounter reporting them for cheating along with one of the above? Do people leave their matches constantly?
Defining and detecting objectively impossible things is not impossible.
I know when I spent a lot of time dealing with fraud in a different market, the most effective tool was to catch and shadowban the accounts rather than banning them.
If we banned them, they just created a new account and kept doing the same things.
When we detected them and the isolated them from all other good standing accounts, only allowing them to interact with other shadowbanned users, it virtually solved the problem. Normal users went about their day and the cheaters/fraudsters wasted a lot of time never getting through to anyone.
In gaming it seems like creating a cheaters purgatory where they are stuck competing against other cheaters forever would probably end up being its own special league after a while. Like when people suggested steroids in pro-baseball should be legal.
And to manage this purgatory and detect the accounts which will end up there, a live-service game needs an active, permanent and competent team of honnest people, period. If a game studio is not ready to do just that for its live-service game, it has to stop developping that game and move to another type of game.
Give this team server side data, user level 'traps' and 'pitfalls' with frequent updates (they do that for dota2 and probably cs2, they don't need a kernel module), and you should end up with a rather sane gaming experience.
Scoring ect ... is kind of useless because it's not a proof, basically it means nothing tangible to be able to ban with 100% confidence. That's why ML is not good for detecting cheaters.
>Are they moving faster than conceivably possible by a real player? Even the most basic (x2-x1)/t > twice the theoretical will catch people teleporting or speed hacking.
This is how I imagine Amazon ended up banning a large amount of players for speedhacking. The players were lagging. I'm guessing their anti-lag features ended up moving them faster than the anti-cheat expected.
But I agree that a combination approach would probably work.
reply