BattlEye IP/Hardware Bans

[s4pphire 45]

I'd really like to see BattlEye move into this direction, as it would most likely be an efficient counter to at least some of the current problems. Not to mention, a global ban should be what the name implies, and I don't think people deserve a second chance in these circumstances.

What are your thoughts?

[Frozen (DayZ) 144]

its not a solution. locking scripts usage, while dayz is active - that is a solution. but BIS dont care/want/can do that.

[SmashT 10907]

Unfortunately IP/Hardware/MAC bans are all pretty easily circumvented.

Edited August 30, 2012 by smasht_AU

[nik21 287]

Unfortunately IP/Hardware/MAC bans are all pretty easily circumvented.

This.

[s4pphire 45]

Unfortunately IP/Hardware/MAC bans are all pretty easily circumvented.

While that's true, it would still be an extra layer of security that wouldn't really come at any additional cost.

[Frozen (DayZ) 144]

While that's true, it would still be an extra layer of security that wouldn't really come at any additional cost.

its like adding extra dog to guard massive hole in the wall, instead of fixing it.

[Tweakie 199]

its like adding extra dog to guard massive hole in the wall, instead of fixing it.

But while you are fixing the hole in the wall, might as well have a few dogs guarding it.

Make sense?

[Photolysis 25]

There is no point in adding something so easily circumvented. Far better to spend the effort fixing the root problem than waste all the manpower coding, testing and implementing a useless 'fix'.

[slartibartfast (DayZ) 77]

Unfortunately IP/Hardware/MAC bans are all pretty easily circumvented.

But it would still add another step for the morons to consider.

I imagine the majority are just kids with nothing better to do than sit on a hill and execute players from 800m.

Surely if the consequences of a global ban included your IP, MAC address or even the serial number of your motherboard and other hardware. Then the extra effort of paying for a VPN or some other piece of software to randomize these things would make the actual hacking for the hell of it very expensive.

Just my tuppence worth.

[s4pphire 45]

But it would still add another step for the morons to consider.

I imagine the majority are just kids with nothing better to do than sit on a hill and execute players from 800m.

Surely if the consequences of a global ban included your IP, MAC address or even the serial number of your motherboard and other hardware. Then the extra effort of paying for a VPN or some other piece of software to randomize these things would make the actual hacking for the hell of it very expensive.

Just my tuppence worth.

That's pretty much my thought behind this; implementing hardware and IP bans is a very simple process and the only reason against it is the additional revenue generated by people purchasing additional copies.

[slartibartfast (DayZ) 77]

That's pretty much my thought behind this; implementing hardware and IP bans is a very simple process and the only reason against it is the additional revenue generated by people purchasing additional copies.

The cynic in me has to agree with you.

Apparently there have been in the region of 20,000 global bans in the last month.

Now I am not saying that they would all come back, but at $15-$25 a pop for a new key. There is certainly gold in dat der hill of beans.

If you were a software developer then you wouldn't want to make it too hard for the skiddies to return.

[Photolysis 25]

That's pretty much my thought behind this; implementing hardware and IP bans is a very simple process and the only reason against it is the additional revenue generated by people purchasing additional copies.

And IP bans are useless because almost everyone has a dynamic address. For over 99% of people all they need to defeat it is to power cycle their modem. Changing a MAC address is trivial. Hardware bans are of limited effectiveness as serial numbers that the software can access (such as hard drives or network adapters) can be changed or spoofed.

One thing I've often noticed with people making suggestions on code changes is that they will often declare things to be "simple", and typically have no knowledge of software development. If you have any knowledge of how software works then you would know that even changing the simplest thing can have very far reaching consequences and requires extensive debugging and testing. BattlEye would have to completely modify their database structure as well, which again as any developer will know is never something to be taken lightly.

In short, people who say it is "easy" are almost invariably ignorant of the matter at hand and have no knowledge of the complexities involved.

I will also point out the obvious that people are willing to pay to cheat judging by the amount of paid-for hacks out there, including for DayZ. They will willingly pay for tools to allow them to continue cheating. I've even seen cases elsewhere where significant numbers of players pay for access to botnets to DoS other players out the game. If you think that adding such a minor hurdle will deter them then you are gravely mistaken.

TL;DR version: coding in these features from scratch is almost completely useless as are all easy to defeat, and you need to educate yourself on the subject if you want to make constructive suggestions.

[slartibartfast (DayZ) 77]

coding in these features from scratch is almost completely useless as are all easy to defeat, and you need to educate yourself on the subject if you want to make constructive suggestions.

Wow. That's a bit harsh.

I bet you aren't the school counselor.

[slartibartfast (DayZ) 77]

There is no point in adding something so easily circumvented. Far better to spend the effort fixing the root problem than waste all the manpower coding, testing and implementing a useless 'fix'.

I wasn't aware of a 'root problem' in battleye.

Pray tell. Educate the slightly differently knowledged.

[Photolysis 25]

I wasn't aware of a 'root problem' in battleye.

Pray tell. Educate the slightly differently knowledged.

The main problems are:

1) The Arma engine is too trusting. Not something that can be easily fixed for the mod, though BI can make a few tweaks in patches to help reduce the problem.

2) BattlEye has security vulnerabilities that allow scripts and DLLs to be injected and so appear legitimate and evade detection. This is something they can work on, and many of their updates revolve around closing these exploits. That is where their efforts are best spent.

Edited August 30, 2012 by Photolysis

[slartibartfast (DayZ) 77]

The main problems are:

1) The Arma engine is too trusting. Not something that can be easily fixed for the mod, though BI can make a few tweaks in patches to help reduce the problem.

2) BattlEye has security vulnerabilities that allow scripts and DLLs to be injected and so appear legitimate and evade detection. This is something they can work on, and many of their updates revolve around closing these exploits. That is where their efforts are best spent.

I was being facetious.

Or a faeces.

[keosan24 55]

i do believe if you ip ban someone who lives in a house hold where their are more then one person with a computer who play dayz then both will be banned unless the one not banned refreshs his dynamic ip.

[s4pphire 45]

And IP bans are useless because almost everyone has a dynamic address. For over 99% of people all they need to defeat it is to power cycle their modem. Changing a MAC address is trivial. Hardware bans are of limited effectiveness as serial numbers that the software can access (such as hard drives or network adapters) can be changed or spoofed.

One thing I've often noticed with people making suggestions on code changes is that they will often declare things to be "simple", and typically have no knowledge of software development. If you have any knowledge of how software works then you would know that even changing the simplest thing can have very far reaching consequences and requires extensive debugging and testing. BattlEye would have to completely modify their database structure as well, which again as any developer will know is never something to be taken lightly.

In short, people who say it is "easy" are almost invariably ignorant of the matter at hand and have no knowledge of the complexities involved.

I will also point out the obvious that people are willing to pay to cheat judging by the amount of paid-for hacks out there, including for DayZ. They will willingly pay for tools to allow them to continue cheating. I've even seen cases elsewhere where significant numbers of players pay for access to botnets to DoS other players out the game. If you think that adding such a minor hurdle will deter them then you are gravely mistaken.

TL;DR version: coding in these features from scratch is almost completely useless as are all easy to defeat, and you need to educate yourself on the subject if you want to make constructive suggestions.

'Educating' myself on the subject is quite unnecessary as I am well aware that someone who wants to circumvent it, will circumvent it. I must have stated that about ten times by now, so let me make this a little clearer to you; it is an extremely easy feature to implement and even if it only prevents 5% from the cheaters returning, then it has been a success.

It's as simple as this, there is a global ban list which is very much like a database and fetching and adding hardware IDs as well as IP addresses to an entry, is very little work for any experienced programmer. The structural change needed is probably the most complex thing in the matter, although it is quite likely that this feature is in place already if BI requested it. Then again, you seem to know the process so I won't bother explaining further.

If you still fail to see the point I am trying to make here, go google hacks for Dayz or something, read a few forums and take a good look at how many clueless people are able to make use of these things, and while you are there, take another look at how many people are looking to purchase more keys to continue. A fraction of those people won't be willing to bother circumventing it and another fraction won't even know how. I don't know if the total percentage is 1%, 5% or 20%, but like I have said previously, even preventing 5% from returning is significant for the small investment needed.

At this stage, it is rather obvious that a problem exists and just like everybody else, I'd like to see it fixed completely too; but as we have seen, those expectations are frankly unrealistic and thus small changes like these at the very least improve the situation to a certain extent.

Edited August 31, 2012 by s4pphire

[slartibartfast (DayZ) 77]

That ^

[Photolysis 25]

That ^

What a valuable contribution, thank you for sharing.

I was being facetious.

Unlikely. More likely that you were trying to expose me as someone equally ignorant by asking me a question you were hoping I couldn't answer. All you have done is made yourself look foolish.

'Educating' myself on the subject is quite unnecessary as I am well aware that someone who wants to circumvent it, will circumvent it. I must have stated that about ten times by now, so let me make this a little clearer to you; it is an extremely easy feature to implement and even if it only prevents 5% from the cheaters returning, then it has been a success.

It's as simple as this, there is a global ban list which is very much like a database and fetching and adding hardware IDs as well as IP addresses to an entry, is very little work for any experienced programmer. The structural change needed is probably the most complex thing in the matter, although it is quite likely that this feature is in place already if BI requested it. Then again, you seem to know the process so I won't bother explaining further.

If you still fail to see the point I am trying to make here, go google hacks for Dayz or something, read a few forums and take a good look at how many clueless people are able to make use of these things, and while you are there, take another look at how many people are looking to purchase more keys to continue. A fraction of those people won't be willing to bother circumventing it and another fraction won't even know how. I don't know if the total percentage is 1%, 5% or 20%, but like I have said previously, even preventing 5% from returning is significant for the small investment needed.

At this stage, it is rather obvious that a problem exists and just like everybody else, I'd like to see it fixed completely too; but as we have seen, those expectations are frankly unrealistic and thus small changes like these at the very least improve the situation to a certain extent.

And I will state in response very clearly that it is not as simple as you make it out to be and this is where you show your lack of understanding. Conceptually, yes, it is. The implementation step is harder. Testing and debugging will require significant manpower. It isn't a job that they could get an intern to knock out in a day, it would be a large undertaking to add this feature in and test it properly.

Ideally, yes, they'd add it in as it would increase security slightly. But there is no point adding an extra lock to your front door when you have 10 open windows, a large amount of holes in the wall, and 5 spare keys hidden in plain sight. Those are the problems BattlEye needs to fix first, and where they should spend their efforts on. And if they fix the gaping security holes then you don't need to bother with hardware bans in the first place since it would kill cheating dead by stopping anyone who tried.

And most of the people who do this stuff are clueless script kiddies. If they had to code their own hacks then they'd get nowhere. But you'd be surprised how many of them are capable of following simplified instructions that someone else has written.

[s4pphire 45]

And I will state in response very clearly that it is not as simple as you make it out to be and this is where you show your lack of understanding. Conceptually, yes, it is. The implementation step is harder. Testing and debugging will require significant manpower. It isn't a job that they could get an intern to knock out in a day, it would be a large undertaking to add this feature in and test it properly.

Ideally, yes, they'd add it in as it would increase security slightly. But there is no point adding an extra lock to your front door when you have 10 open windows, a large amount of holes in the wall, and 5 spare keys hidden in plain sight. Those are the problems BattlEye needs to fix first, and where they should spend their efforts on. And if they fix the gaping security holes then you don't need to bother with hardware bans in the first place since it would kill cheating dead by stopping anyone who tried.

And most of the people who do this stuff are clueless script kiddies. If they had to code their own hacks then they'd get nowhere. But you'd be surprised how many of them are capable of following simplified instructions that someone else has written.

Which is why I was referring to an experienced programmer and not an intern. An experienced programmer and employee working on BattlEye who is familiar with the project should have no problem implementing this swiftly. You wouldn't ask an intern to restructure your company's database, would you now.

Following instructions is what probably over 95% of the cheaters do, but the length and complexity of those instructions directly correlates to how many of them there are and this brings us back to exactly the point we are arguing about, following 20 steps is not nearly as desirable as following 10 and a fraction will say 'fuck it'. A fraction gone is a success if the fraction is large enough to warrant the work.

While you are right about testing and debugging, DayZ is in alpha and dozens of bans happen on a daily basis - it's almost as if it were the perfect testing environment after internal testing proved reliable enough. For all we know BattlEye already provides this feature but Bohemia Interactive hasn't requested it, and no matter what, it would still be a feature the company can use in future contracts.

I won't try to argue further about it, it's obvious there are different opinions on the matter. All I will say is that I never claimed this to be accomplished by snapping your fingers but I think we can both agree on this task not being a major challenge for an experienced programmer who is familiar with BattlEye's system.

[slartibartfast (DayZ) 77]

That again. ^

:D

[Frozen (DayZ) 144]

But while you are fixing the hole in the wall, might as well have a few dogs guarding it.

Make sense?

solid wall is much better then guard dog+ you can save money that you would`ve spent on a dog

[s4pphire 45]

solid wall is much better then guard dog+ you can save money that you would`ve spent on a dog

Yet China would be gone before the Great Wall was constructed if it hadn't been defended over and over again.

Moron logic.

[Frozen (DayZ) 144]

Yet China would be gone before the Great Wall was constructed if it hadn't been defended over and over again.

Moron logic.

you simply dont see my point... ok i have another for you:

Arma2- OS with a firewall that has an opened port - scripting. instead of closing it you ask to install antivirus that blocks all traffic that goes trough this port.