@@ -0,0 +1,499 @@
+++
draft = false
layout = "post"
title = "Escape From ~~Tarkov~~ Cheating"
slug = "escape-from-cheating"
date = 2023-02-18 00:01:00
pubdate = 2023-02-18
email = "eft"
+++
Nearly every player in Tarkov has a map they avoid because they're tired of
dying to some suspicious gaming chair. Depending on who you believe, there's
between 5 and, somehow, "negative 2" people cheating in some way in every raid.
The general consensus is the problem is getting worse, and rarely better. Escape
From Tarkov clearly has a cheating problem.
Now this isn't a problem that's unique to EFT, but prevalent throughout not only
all online games, but all online systems. The issue for EFT now is that cheating
has become 'especially noticeable' in most recent patch. It feels as if the
baddies are winning this patch[^1]. Not exactly ideal -- but it is something
that's to be expected, because there will always be cheaters, right? As I write
this I feel as if I should try to preempt the whole "well we can't win so we
might as well give up" idea. The people preventing users from abusing systems,
the good guys, they have to be perfect, every single time. Where the abusers,
they only have to be right once to win any given battle. It's an arms race, one
where even the largest online services have given up on the goal of attempting
to prevent people from abusing their services. If even the largest, best funded
services have given up on trying to prevent abuse, Why shouldn't everyone with
an internet facing service cry that; "the only winning move is not to play"?
That's because winning the fight against cheaters really doesn't matter. Well,
kind of, let me explain.
[^1]: [1]: Depending on who you listen to, every patch is the worst patch for
cheating, this just happens to be the one where cheaters are allowed to both
fly, and "ignore" damage.
The users cheating in EFT are without a doubt abusing the games intent. They're
aware this isn't allowed and violates the TOS, and don't care. They'll continue
to abuse any of the system they're able to. The design of EFT allows them to do
this. It's design is needless problematic in a number of ways.
For now, I'll defer the argument if preventing users from cheating is the
responsibility of the game developers, or if this is something best left to off
the shelf, 3rd party software libraries/services. Battleye is clearly not
functioning well enough to meet the current demands of the games users, just
read a few links from the subreddit if you don't already agree. So instead, I'm
going to assume that detecting cheating software and code, is the job of BE, and
detecting cheating is the job of BSG. Human nature is unavoidable, so when you
put cheaters in position where they can cheat, eventually they will. Which
leaves the only remaining gap in abuse prevention to be detecting the in game
behavior of cheaters with enough specificity to stop them from cheating,
importantly, without hurting legit users.
One of the many factors of why cheating is so problematic in the EFT community,
is because cheaters have an extra-ordinary, and longer lasting impact on your
gameplay. In other games, when you run across a cheater, they can only ruin your
ability to enjoy that raid, or that match. In Tarkov, cheaters also get to ruin
the next few. Die to a cheater, <strong style="color:goldenrod">(head,
eyes)</strong>. Now you've lost your best kit, or your last kit, or that
specific loadout you need to complete that one quest that you hate so much. It
feels *extra* unfair.
That feeling, where *just playing the game* feels like it can be unfair is part
of the spirit of EFT. You can bring in a 2mil ruble kit, find a bunch of sick
loot, only to die <strong style="color:goldenrod">(head, eyes)</strong> to some
one hiding in a bush near extract. Everyone who plays knows that feeling, and it
sucks, but it's not really unfair. You have the exact same chance to do that.
The real unfairness is playing against cheaters, because you know you can't do
what they can do, unless you're willing to cheat too. Cheaters know this, and
they avoid killing players, because when it feels unfair, they get reported, and
sometimes get banned.
Remember when I said that "winning" against cheaters doesn't matter? Well, if
our definition of winning is: *"No one can cheat in any way"*. That is a battle
you've already lost. But the point shouldn't be to prevent any and all abuse,
the only thing you actually need to care about is if real players can enjoy the
game. Blatant cheating ruins the game. Rather, it ruins the ability of other
players to enjoy the game. Honestly that's only the cheating that you really
even want to prevent.
There's a common question in computer security. Once you've identified and
prevented all the abusive behaviors you don't want, when you know there's still
people abusing your services, you just can't seem to find them, how do you stop
those people from abusing your services?
The answer is... you don't.
When you've finally reached the point where you've forced anyone who wants to
abuse your services to be *so good*, to be so perfectly hidden, that you can't
even differentiate them from legit users? You simply don't stop them. Because at
that point you've already won.
In this case you're left with players who are cheating, but they lose enough,
and they play in such a way that no one can tell they cheating. Everyone will
stop complaining about the "cheating problem", because they won't even notice it
anymore. Sure, there will always be that one guy who claims it's a cheater[^2].
And people will still find something to complain about... *\* looks at netcode
\** But at least **I** will be able to enjoy the game. And isn't what *I* want,
all that really matters?
[^2]: [2]: No [X], that's not me, I don't call everyone a cheater. *(only most
of them)*
## Please, for the love of God, don't ban legit users!
The remainder of this document comes with the following disclaimer. It took me a
surprising amount of ethical consideration before I decided to even start
writing this. Enumerating a number of behaviors you can use to detect cheating,
when those same behaviors could also reasonably come from legit players carries
some ethical weight. If these observations and suggestions are misused, or the
level of confidence is broken. Then this will only serve to harm legit users
who've done nothing wrong. It's unambiguously immoral to hurt someone "for the
greater good". I hate the idea of giving away knowledge when I have no way to
verify that it's not being misused to hurt legit players. But given BE is also
banning legit players who've never cheated; I hope that makes it unlikely to
change the status quo much.
*[ Only the next two paragraphs were written after the 18th ]*
I'd written the vast majority of this paper, almost all of it well before the
drama explosion on Feb 18th. My warnings above, while clearly prophetic, are now
obviously insufficient. Without clear and convincing evidence of a repeat
offender, you **can not** simply ban users because they've interacted with a
seller. If the rational of why is still unclear, even after the numerous other
opinions, from people who are undoubtedly better experts at EFT than I will ever
be. All of whom, currently infuriated about how fucked up it is that BSG has
banned content creators for playing with a viewer. There's another reason as
well. Mixing the good in with the bad is standard operating procedures for these
guys. That's the reason none of the large tech companies ban people for "buying"
followers, or subscribers. Generally, the most anyone with a competent security
team will do, is delete the followers/subscribers. That's because most of the
people they follow, are innocent. They intentionally mix in a large number of
users that didn't pay them for the "service" so you security can't tell who
*did* pay them.
It goes well beyond just pissing of a few innocent players. The chilling effect
that banning legit players will have, is it makes people afraid to actually
**play** the game. This very topic came up in a discord that I hang out in.
There's no guidance on where the line is, if you'd asked 48h ago, if you could
get in trouble for playing with a random, if they ever bought from RMT, everyone
would have been sure the answer was a resounding no. But today? No one actually
knows. The general consensus in a few Discord servers now is that it's dangerous
to play with anyone you don't already know really well, and can trust deeply. In
large part because BSG hasn't said anything. Operational security is important,
you'll see me rant a lot about that exact thing next. But if the strategy you
use to try to prevent cheaters from ruining the game, just ruins the game...
Well, what's the point? I can't express the harm this does better than my friend
already has.
Don't suck the remaining enjoyment out of the game because you're trying to stop
cheaters. All of the strategies have to, **very specificlly**, target cheaters,
without hurting legit players. That's the primary reason preventing cheaters is
such a hard task.
## There's a few bugs
### Bugs in Tarkov
All the information you provide to someone abusing your systems will be used
against you. That is to say, **all** of the information, **will** be used
against you! EFT is now just another example of this unfortunately ultra common
mistake. The "good" cheaters, claim that they only kill other cheaters. Now, I'm
not one to believe this claim outright, but I do believe that they try. The
number one metric they admit they use is the players KDR. I don't know what to
believe about what a "normal" KDR is. But this information absolutely should
**never** be available to players in a raid. EFT is leaking information like a
sieve.
While not quite as bad, but in the same vein as the KDR, is player names.
There's nothing quite like seeing a name pop up in the chat of your twitch
stream, just before he wipes your whole squad. Names also shouldn't be available
to everyone in a raid[^3].
[^3]: [3]: Yes, I know names show up when you ask someone to cooperate, you
should only send names to those players after they emote. Same thing with
Dogtags, you should need to loot the body first.
It gets worse from there. The newest strategy cheaters employ to evade
detection, is flying up to someone reading off their inventory saying "drop
everything or I'll kill you." It seems absolutely insane to me that the entire
contents of a players inventory is sent to *everyone* on the server. I might
have found a way to understand some of this, but when not only the keys in a
secure pouch are sent, but the number of uses remaining, on items that players
aren't even able to drop because it'll just get deleted.
[somethingsfucky.gif](/assets/somethingsfucky.gif). Full disclosure, I'm a
security person and not a game dev, and sadly, I don't have access to any EFT
source code so while I can guess at some of the optimizations this has allowed
here, from a security only POV, it's leaking information when it's technically
possible not to.
All loot, everywhere, across the whole map, is sent to the client on raid start.
> "Silly security engineer, that's so you can see it!"
From hundreds of meters away?
> "Yeah, otherwise clients won't be able to show loot or items."
Inside containers and locked rooms?
> "..."
But, I digress. You *could* build the game without sending all contents to all
players. Which is better? There's a reason security engineers don't make
games.
Cheaters are able to loot through walls and aren't instantly banned for that.
Cheaters are able to use macros to load into a raid, run around spawn aimlessly
all the while gaining experience, level skills, and artificially crashing their
KDR/survival rate.
### Bugs in Ragman
The flea market makes it easy for cheaters to get away with their asshattery. If
you want to sell rubles to some player, you can just buy items they list on the
market. A few patches ago, a upper limit on ping was added before you're kicked
from raid. Mixed reception to be sure, but the number of cheaters per raid
cratered, or at least the perception of it did. The flee market itself doesn't
appear to be region locked. You can build your gold farm in countries with cheap
daily labor, but sell to any and everyone. Thus the direct cheating effects of
RMT aren't actually locked to any specific region.
I remember when you used to be able to buy bitcoins on the flee market. They
were removed because it was a huge target for RMT. Now instead of sellers
needing to convince or teach buyer not to use bitcoin, because it's to obvious.
BSG has done that part for them. Ditto with THICC cases. Huge, very high value
item, one that had a lot of people who'd willing buy it, both legit, and via
RMT. In it's current state, the RMT transactions have to be split among a larger
number of smaller value items. Making it much harder to track and find.
Why do I have to do a captcha when I'm buying stuff on the flee market? I've
looked but I've been unable to find an explanation anywhere. I'm *assmuing* that
it's to prevent bots from abusing the market? Is it working? Or is it hitting
mostly real users just trying to upgrade their hideout? Ignoring the flee market's
number of usability issues. Even without knowing exactly how it's implemented;
I'd bet money it's not actually working. API scripts will have access to the raw
data, and probably don't have to do anything special to complete the captcha. If
the goal is to prevent on-screen macros/clickers. Well, the problem is
**trivially** solved... OpenCV has been able to do this for years. I've even
built something **years** ago[^4].
[^4]: [4]: Using OpenCV to look up prices for me on different game 
## Understanding your adversary
I have no idea how much information on raids, and play styles, or in game
actions is recorded server side. But I assume it's nearly nothing. I have to
guess because, while BSG or BE hasn't been very good at catching cheaters.
They've been very good at preventing information about cheaters from becoming
publicly available. Content creators that try are admonished, to such an extent
they willfully censor themselves, or are excommunicated. The argument that it's
passively advertising cheats doesn't hold water, but that's a topic for another
paper[^5].
[^5]: [5]: TODO write that paper, and link it here.
Seeming everyone has their own, rarely overlapping, RCA for the primary cause of
cheating in EFT. I've identified 2 main causes[^6]. People cheat for ego, or for
money.
[^6]: [6]: Technically, there's 3. Some people cheat in an attempt to "level"
the playing field. If you can't beat them, join them. I didn't count this above
because it's both close enough to ego, and stems from a misunderstanding about
how much cheating actually exists.
### Ego
> I know I'm better than you, look I'll even cheat to prove it!
Because "ego" players are cheating because of emotion. They're a lot easier to
manipulate. Put them in a situation they feel is unfair, and they'll react by
toggling on the most egregious features. Those cheats that are the easiest to
detect.
The players that buy rubles, items, and boosting actually fit into this
category. They do what they do in an attempt to enjoy the game. Knowing exactly
which means, justify which ends is much harder. But you have many more options
for compelling this group to behave. You just have to make cheating *slightly*
less enjoyable than playing normally.
### Money
From the sources I have access to, the three most popular methods are, selling
rubles and/or items, selling levels/boosting, and selling full accounts. These
people don't care about the game, they don't attempt to enjoy the gameplay,
their actions are a means to an end.
Anyone selling rubles or items, everything under that will be what makes sense
from a cost benefit analysis context. If you can slightly increase the cost of
doing business, you can kill the market. Or at the very least weaken it to the
point where it's hardly noticeable.
The gold standard is undetected, limited sale cheats. The best of the best, or
rather, the worst of the worst, they aren't trivial to make. The authors of this
cheating software **need** to sell them to make money so they can stay ahead of
the game. It's very hard to sell them for the prices they need to make in order
to keep the software a secret. If people doing the cheating can't make money
from cheating, they won't keep paying monthly. Most of the authors will move on
to better paying games, or sell for prices where you can't keep the software a
secret. Then BE will find it, and eventually they can start to detect it.
### What does cheating look like?
As I wrote above, cheaters believe they are able to identify each other by KDR.
I'm sure that's at least partly accurate, (clearly not accurate enough to ban
players.) What other metrics are available? I don't have access to the data that
BSG has access to, but I have some guesses, or rather questions.
* What's the mean level of players killed by cheaters?
* Do any players only kill others if they have an expensive loadout?
* What's the mean amount of time a player spends looking at their inventory
while in raid?
* Are there any players that *never* get killed while looting another player?
* What's the mean number of **empty** loot containers that cheaters interact
with?
* What's the mean amount of time spent on "hard" quests like grenadier?
* What's the distribution of loot value someone gets out of a raid?
* How many players will raid with a few standard deviations lower level
players?
* Which players are doing the damage in these raids?
* How many raids is a player able to get out with a lot of loot they got from
an opposing player, without killing that player?
* What's the average velocity of a player?
* Is that velocity correlated with other metrics, levels, skills, maps?
* Do any players "tab out" at the start of the game more often if there's
someone with a TTV username in their raid?
* Do any players kill streamers more often?
* Do any players actively avoid fights with streamers, devs, sherpas?
* Do any players run right at high value loot spawns, but only when there's
high value loot there?
* Are there any players that never run toward empty loot spawns?
* Are there any players that login to the game, only to buy or sell something
on the flea, before logging off without playing?
* Do any players with a KDR in the 95th percentile, get max level traders,
logging into to a never before used computer & IP addr, where their KDR
crashes to a much lower level?
* How many of these are correlated with other known cheating behaviors?
* How often do players leave the raid (or die) with less value than they
started with?
* Do any players always hit<strong style="color:goldenrod">(head, eyes)
</strong> when fighting scavs, but always hit arms and legs when fighting
players?
* What's the KDR for players vs just scav raiders?
* What is the mean bullet velocity?
* What's the average distance a grenade is thrown?
## On to the solutions!
The very first suggestion I get to make is: Return "stolen" loadouts to players.
If I die to a cheater, it's annoying. But as my friend always has to remind
me...
> That is just part of the cost of playing online games.
But then I remember all that money I spent on insurance. That's when I feel bad
a second time.
You may not have enough confidence to ban a player, when they wipe a lobby with
a pistol. Even when every single player they kill reports them for cheating. But
then they wipe the next lobby, and the next, again, and again. Eventually,
they'll cross the line, and get themselves banned. Returning the stolen loadouts
to the players they cheated would do a **lot** to improve the painful experience
of dying to someone's gaming chair. If you need an in-lore reason, maybe you can
have Fence's scav's catch them, "interrogate" them, and say they eventually
admitted to stealing this from you. Maybe Fence will ask for a favor in return
one day.
But I get it, you're more interested in stopping the cheaters, rather than just
undoing the harm they wage. Me too!
Stop sending data to clients they don't need. Don't send usernames. Don't send
the contents of player inventories. Yes, a lot of what makes up a player
inventory needs to be known at all times so the game can remain playable. But
for items that can't be dropped, like keys, or things that will never be
lootable, like the contents of the secure pouch. Simply don't send them, at
least not at raid start. Wait until the player dies, Or at least not until a
player moves it into lootable inventory. Then again, I can only make that
suggestion from the factitious and ideal world I get to live in as an armchair
game developer. It's likely that when talking about loot, the value here doesn't
outweigh the work required. But please, for the love of god, if you do nothing
else, stop sending KDRs! (Or, maybe keep sending it, I'll explain the reason for
that in the next section.)
I don't know what the current state of dynamic loot is. But as something that
was teased quite a few wipes ago, it could very much be part of the solution to
combating cheaters. Don't spawn any high value loot until someone or something
dies. Don't spawn high tier loot near people who are currently suspected of
having RGB on their gaming chair.
Banning users doesn't have to be the be all and end all. Especially for gamers
cheating for ego. If you have a player that's constantly selling items for
*well* above the current market price. And those items sell. But their KDR is
low, or they effectively never get reported for cheating from in game raids. You
don't want to ban this person. The more they look like a buyer for RMT, someone
never cheating in raid, the more you want to keep them around, and allow them to
continue playing the game. You can then leverage these players to get intel
about the harmful cheaters that you do want to ban. Sure, if you ban the buyers,
and do so publicly. You make players scared of buying rubles, and while this is
likely to hurt the RMT economy a bit. It's sacrificing long term wins, trading
it for only short term gain. Instead, once you have enough data to "prove"
someone is buying from RMT using the flea. Instead, ban that buyer from the flea
for a few weeks. Even better if you're able to do so publicly. Get people to
complain about it, and that will not only discourage legit players from buying
from RMT. But because the ban wasn't permanent, it also wont stop everyone. This
is exactly what you want. Those users will keep buying rubles from RMT sellers,
and finding and punishing the sellers is the goal. Because the sellers are the
people cheating and ruining the fun of the game. Special note: extra care is
needed here, because once you start using this information to ban cheaters. The
cheaters will quickly figure that out, and will start to launder their money
through both shell accounts, and legit players, if they're not doing so already.
Remember banning legit players is bad!
I don't think using macros are cheating. Some people do, and some games disallow
it outright. To me, macros are a very fuzzy line between accessibility, and
advantage. For the people loading in naked to a raid running around just to die,
for the trivial XP gain. 1 health isn't enough to discourage the behavior. So
make those raids hurt a tiny bit more. If you die without a weapon in your hand.
Not only should you lose both level XP, but physical skill XP as well. That'll
end that behavior in seconds.
Start creating cheater lobbies. If you change nothing else, but group people
into raids by survival rate, KDR, whatever metric you choose, if that metric is
actually good for detecting cheating. Complaints about cheating will go to zero.
Cheaters will either avoid each other in raid, or they'll try to kill each other
for the lulz. But the rage about the problem across discords, reddit, twitch,
will drop.
If cheater lobbies are far to high a technical lift, how hard would it be to
create cheater flea markets? Cheaters don't need to buy and sell to other
cheaters. If cheaters can't buy and sell to players on the flea, then either
they'll need to drop items in raid, or they'll abandon the account. (Or
something else I can't predict).
Finally, when you get to the point where you're 100% done with battling with
cheaters. When you're willing to piss off some real users if it'll kill the
market. Once you catch someone cheating, once you ban them, delete all the
rubles, all the items they've sold on the flea, and any item they've dropped in
raid, from everyone's inventory. This will without a doubt piss off some real
users who just happen to have bad luck. But ideally it'll enrage everyone who
buys from RMT sellers. Once this new policy is discovered publicly. This will
absolutely kill the RMT market. No one will pay for items they think will just
get deleted once the cheater they bought it from is banned. What will the down
stream effects be here? That's a good question that I don't yet have a good
answer for. But I'd be willing to risk a few of the items in my stash getting
deleted if I knew they came from a cheater, and I also knew it was killing the
RMT market.
Incase I didn't make it clear: You do **not** want to risk punishing real users!
The outcome from harming legit users will be bad for everyone. You'll still have
the exact same number of cheaters, they'll still be pissing off the users that
they kill. The only thing you'll add is a growing group of users pissed off that
instead of banning cheaters, your ruining the game for legit players.
## Game Security for Chads!
Because the basis is to use human nature, against the people using cheats. Give
cheaters plenty of opportunities to expose themselves. Start spawning in traps
that no one but cheaters would be able to step on.
No one with any remaining sanity would bring T-7's into any raid currently.
Another unfortunate example of one of the best parts of the game that has been
ruined to the point where players just avoid it because of cheaters. It doesn't
have to be that way. Once you have an account that's doing all the wrong things.
Give them a chance to blow it. Spawn them into a raid with a player wearing
T-7's. If they run right at him, well... The smart cheaters will avoid that
player, but given most cheaters don't fit into that category, It'll be a quick
way to get them to do something that should be "impossible".
If for some reason, you decline to stop sending *all* game loot to all players
when the raid starts. You can also use that to set a trap for gamers. Put 3
LEDX, or 5 GFX cards in a single room, and see how many players book it straight
for that room. Even better if it's a remote room that no one runs straight to.
There's some things that take more self control, or more intelligence than most
cheaters have.
## Limitations
As mentioned above, I have to make a lot of guesses, and assumptions to write
this. It's all true to the best of my understanding. But I don't have access to
EFT source code, I'm not privy to any internal decisions, actions, or rationale.
Additionally because BSG has done a really good job at making people afraid of
sharing information about cheats, and cheating. Reliable and reputable intel is
hard to come by, (hard for the amount of time I'm willing to spend on counter
intel research). I also don't have access to any cheating software that I'd be
able to reverse engineer. (If *you* have any software that's not publicly
available and you'd be willing and able to send me a copy, I might be
interested! Let's talk. Or you could try to make tarkov better and submit it to
BattlEye)