Announcement

Collapse
No announcement yet.

The Division beta has a problem with cheating — Ubisoft investigating

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • The Division beta has a problem with cheating — Ubisoft investigating

    By Dan Crawley


    Above: Tom Clancy's The Division is one of the big 2016 games. Image Credit: Ubisoft

    The streets of New York are full of self-made superheroes.

    Tom Clancy’s The Division is currently in beta testing on PlayStation 4, Xbox One, and PC. But its PC version is getting hammered by people exploiting the game’s netcode, according to reports on Reddit and videos on YouTube. It means that players are competing on unequal terms in The Dark Zone, The Division’s player-versus-player combat area.



    The fact that some players are unfairly giving themselves infinite ammo, super-speed, and invisibility is a big deal for one of the year’s biggest new releases. While this is a beta test, The Division is only five weeks away from hitting stores, and players want to know that developer and publisher Ubisoft is doing something to address these cheating problems. Failure to do so could impact PC sales of a flagship release.

    One Redditor claims that the cheating problem is because The Division’s stats are stored on the client side (your own PC) and that the game’s servers just accept any changes to them without checking.

    Ubisoft community manager Natchai Stappers initially responded to concerns about cheating on The Division’s official forum by saying, “The things discussed here are not in fact hacks or cheats, but merely abuse of glitches that exist in the game currently. These glitches are currently being worked on by the team.”

    He’s since followed up to say that Ubisoft is investigating these reported issues further. “Guys, just [so] you’re aware, we’ve taken the feedback regarding possible cheats/hacks to heart and will be thoroughly investigating,” he said.
    The Hackmaster

  • #2
    The Division players up in arms over bugs, exploits, and glitches

    "Enough is enough."

    By Tom Phillips

    Ubisoft is coming under increasing pressure from The Division players who have called on the company to tackle the game's growing list of exploits.

    The latest high-profile exploit allows you to ratchet up your weapons' damage output if you own a gun with the Competitive perk, which grants bonus damage after using a skill.

    Players have found that using a skill then repeatedly switching weapons allows you to multiply your gun's damage per second (DPS) to levels where the game's hardest enemies - or toughest players - can be beaten with just a couple of bullets.



    Another video shows the game's toughest boss being downed in just two shots, apparently using this method. The boss in question is the centerpiece of The Divisions new raid-like Incursion activity.

    Yesterday, we reported on players who had found an exploit to repeatedly rinse the Incursion for its top-level rewards.

    There's a screenshot of Ubisoft's official The Division forum in that article showing the current flood of criticism from fans.

    Looking at the forum again today, it is a similar picture. Discussions include "This is ridiculous", "Let's ask refund", "Hackers are out of control", "Disable Competent talent now!!" and "Enough is enough - shut down the game", among many others.

    Last week, Ubisoft threatened "punishment" for players who use exploits. Some fans rejoiced at the news, but others - who felt like they were forced to use the exploits to stay competitive in the game - claimed this would simply be unfair.

    The Ubisoft community manager who threatened this mystery "punishment" appeared to backtrack on the comment in a tweet published two days later:
    @ESERKER We have by no means confirmed punishment at all, so I wouldn't worry about it for now — natchai stappers (@natchai_) April 17th, 2016
    These issues are particularly frustrating for players as The Division shares all of its player-versus-enemy power levels, items and abilities with its player-versus-player Dark Zone area.

    Understandably, players are unhappy to see others strutting around equipped with full sets of the game's best armor, at power levels currently unobtainable through legitimate means.

    This becomes far more of an issue, however, when these same exploits allow players to dominate in the game's competitive multiplayer area.

    Ubisoft has issued patches for some of The Division's problems - glitches affecting backpacks and missing characters were fixed last week, and Ubisoft has promised in-game currency as compensation after The Division's daily mission failed to update three times in a row.

    But the big problems remain, and players feel Ubisoft is either unable - or simply swamped by the mass of issues - to fix them as fast as they'd like.
    The Hackmaster

    Comment


    • #3
      Not 1 single second of time was spent thinking about security during the developement of that game you can literally know NOTHING about hacking and spend 15 minutes in Cheat Engine and modify important stuff

      Comment


      • #4
        The Division appears to be broken at a fundamental level, enabling cheats

        It may need a complete rewrite in order to work properly.

        By Kyle Orland


        A video demonstrating how trivial it is to hack the online infrastructure of The Division.

        Since the release of The Division last month, Ubisoft has been scrambling to stem the widespread use of hacks, cheats, and exploits that have ruined much of the PvP experience in the online-focused multiplayer shooter. But an analysis of client-side cheating programs by an experienced network gaming developer suggests the game may need a "complete rewrite" to fix major holes in its online security.

        Glenn Fiedler is a game-networking consultant with credits on Sony's God of War series, Respawn's Titanfall, and more. In a detailed blog post this week, he lays out what he sees as a core problem of client-side trust in the way The Division's basic networking is structured.

        For his analysis, Fiedler makes reference to a recent hacking video (since set to private) that shows a client-side program modifying local memory locations to give a player infinite health, infinite ammo, the ability to warp around the level and shoot through walls, and more. These kinds of demonstrations suggest to Fiedler that the game is using a trusted client network model, where the server essentially accepts the client-side reports of in-game events like player position, weapon fire rates, item inventory, and even when players are hit with bullets.

        This is fundamentally different from how most multiplayer online shooters work, Fiedler explains. In games like Quake and Call of Duty, the server doesn't simply trust reports of local game play information sent from the client machine (since those can be trivial to edit, especially on PC).

        Instead, in those games, the raw inputs from the client machine are replicated in what he calls "the real game" running on the server. That means that even if a player tinkers with the memory values on his own client-side copy of the game, that would only affect "ghosts" running on that local machine; the legitimate action being run on the server would be unaffected.

        The Division's apparent lack of this kind of basic network infrastructure isn't exactly a new revelation; players have been calling attention to the game's broken netcode and naive, client-side trust since the closed beta in January. "This is not just lack of anti-cheat, it is global networking architecture fuck up," redditor Z000001 wrote at the time. "I highly doubt that this will be fixed any time soon after release. You probably might wanna stay away from PVP area while this problem is present."

        During that beta, Ubisoft said it was aware of "cheating issues in the Closed Beta on PC," promising a solution by the game's release on March 8th.

        But despite that promise and a pre-launch patch that reportedly "extended server-side checks to detect any illegal actions from the game client, limit their impact in the game and track down the perpetrators," client-side hacking is still reportedly rampant on the PC version of the game weeks after launch.

        The reason for the continued problems, Fiedler suggests, is that fixing The Division probably isn't just a matter of patching in a few simple server-side checks that test for those hacked clients. To be really secure, Fiedler says, the game would have to be reworked from top to bottom to run a complete, trusted version of the game on the server rather than simply using the game status data stored on individual client machines.

        "I sincerely hope [this trusted client model] is not the case [in The Division], because if it is true, my opinion of can this be fixed is basically no," he writes. "Not on PC. Not without a complete rewrite. ... If a competitive FPS was networked [with a trusted client network model]... it’s really difficult for me to see how this could ever be made completely secure on PC."

        From a community management standpoint, Ubisoft has promised to "act a lot more strongly towards players who use exploits," and a recent patch made it easier to report players suspected of running a hacked client.

        Person-by-person bans seem like a limited solution to deep technical problems that are being exploited by what seems to be an increasing number of players as time goes on, though. If this analysis is right, The Division may be stuck with its hacking problem for a while.
        The Hackmaster

        Comment


        • #5
          Originally posted by dlevere View Post
          It may need a complete rewrite in order to work properly.

          By Kyle Orland


          A video demonstrating how trivial it is to hack the online infrastructure of The Division.

          Since the release of The Division last month, Ubisoft has been scrambling to stem the widespread use of hacks, cheats, and exploits that have ruined much of the PvP experience in the online-focused multiplayer shooter. But an analysis of client-side cheating programs by an experienced network gaming developer suggests the game may need a "complete rewrite" to fix major holes in its online security.

          Glenn Fiedler is a game-networking consultant with credits on Sony's God of War series, Respawn's Titanfall, and more. In a detailed blog post this week, he lays out what he sees as a core problem of client-side trust in the way The Division's basic networking is structured.

          For his analysis, Fiedler makes reference to a recent hacking video (since set to private) that shows a client-side program modifying local memory locations to give a player infinite health, infinite ammo, the ability to warp around the level and shoot through walls, and more. These kinds of demonstrations suggest to Fiedler that the game is using a trusted client network model, where the server essentially accepts the client-side reports of in-game events like player position, weapon fire rates, item inventory, and even when players are hit with bullets.

          This is fundamentally different from how most multiplayer online shooters work, Fiedler explains. In games like Quake and Call of Duty, the server doesn't simply trust reports of local game play information sent from the client machine (since those can be trivial to edit, especially on PC).

          Instead, in those games, the raw inputs from the client machine are replicated in what he calls "the real game" running on the server. That means that even if a player tinkers with the memory values on his own client-side copy of the game, that would only affect "ghosts" running on that local machine; the legitimate action being run on the server would be unaffected.

          The Division's apparent lack of this kind of basic network infrastructure isn't exactly a new revelation; players have been calling attention to the game's broken netcode and naive, client-side trust since the closed beta in January. "This is not just lack of anti-cheat, it is global networking architecture fuck up," redditor Z000001 wrote at the time. "I highly doubt that this will be fixed any time soon after release. You probably might wanna stay away from PVP area while this problem is present."

          During that beta, Ubisoft said it was aware of "cheating issues in the Closed Beta on PC," promising a solution by the game's release on March 8th.

          But despite that promise and a pre-launch patch that reportedly "extended server-side checks to detect any illegal actions from the game client, limit their impact in the game and track down the perpetrators," client-side hacking is still reportedly rampant on the PC version of the game weeks after launch.

          The reason for the continued problems, Fiedler suggests, is that fixing The Division probably isn't just a matter of patching in a few simple server-side checks that test for those hacked clients. To be really secure, Fiedler says, the game would have to be reworked from top to bottom to run a complete, trusted version of the game on the server rather than simply using the game status data stored on individual client machines.

          "I sincerely hope [this trusted client model] is not the case [in The Division], because if it is true, my opinion of can this be fixed is basically no," he writes. "Not on PC. Not without a complete rewrite. ... If a competitive FPS was networked [with a trusted client network model]... it’s really difficult for me to see how this could ever be made completely secure on PC."

          From a community management standpoint, Ubisoft has promised to "act a lot more strongly towards players who use exploits," and a recent patch made it easier to report players suspected of running a hacked client.

          Person-by-person bans seem like a limited solution to deep technical problems that are being exploited by what seems to be an increasing number of players as time goes on, though. If this analysis is right, The Division may be stuck with its hacking problem for a while.
          Glenn Fiedler is a joke. Both models have a downfall, most ps2 online games were built with client trust and it did cause a lot of issues. Call of Duty sure as hell got raped in comparison. So yeah maybe one guy is hacking and has infinite health. In call of duty the whole room can receive hacks from one hacker in the room who isn't even host. Any person in the room can then go to a new room with those hacks as long as the game isn't rebooted. In my opinion client trust is the better model but needs to be reinforced with security outside of the scope of networking.
          Last edited by Cronotrigga; 04-27-2016, 05:54:35 PM.

          Comment


          • #6
            Looking at the forum again today, it is a similar picture. Discussions include "This is ridiculous", "Let's ask refund", "Hackers are out of control", "Disable Competent talent now!!" and "Enough is enough - shut down the game", among many others.
            Woah woah woah wooooooooooah there. We don't want to disable "competent" talent, people. You'll want competent talent fixing this game. It may already be disabled leading to this problem.

            Yeah, I couldn't resist being a smartass the second I saw that. I haven't played the game nor do I care.
            July 7, 2019

            https://www.4shared.com/s/fLf6qQ66Zee
            https://www.sendspace.com/file/jvsdbd

            Comment


            • #7
              never trust the client! Isn't that the #1 rule of IT security?

              Comment

              Working...
              X