Reprinted from www.arena.net, with permission.

A cheat is defined as a process, a code tweak, an exploitation of a glitch, or a hack that allows the player to engage in behavior that isn’t intended within the context of the game. Cheating is exploiting weaknesses in the game’s architecture to, for example, allow a player to kill another player’s character where or when he should not be vulnerable; to have items that the character isn’t supposed to have, either through duplication of legitimate items or by means of taking items belonging to another player; or to know information that isn’t intended to be known, which gives the person using the cheat an edge in competitive play.

In this article we'll examine how players are able to cheat in online games, and how game technology has progressed over the years to address this problem. We'll explore in-depth how cheating affected some of the very games that we helped to develop. Naturally, our observations about cheats in these games would apply equally to other games that use the same network architectures.

One can compare playing an asynchronous peer-to-peer type of game to playing a game via the telephone. If a player says, “I hit you for 20 points of damage” and there are no means by which that amount of damage can be verified as possible and reasonable for the attacker to inflict, the other player has no choice but to register 20 points of damage. So if the would-be cheater finds a way to send a message claiming he has inflicted greater damage than is actually possible for his character to inflict, he can quickly gain experience points and reach godlike character levels.

A famous example of this was the Townkill cheat in Diablo. The starting town in Diablo was intended to be a safe zone where players couldn’t attack each other. However, even though it wasn’t possible to attack other players through the game’s user interface, hackers were still able to force the game to send a message over the network saying essentially “I hit you for 20 points of damage”. With Diablo’s network model, other computers in the game would simply accept the message and dutifully subtract 20 hit points from their character.

There were a few reasons why people used this cheat. One gamer we talked to explained, “Pking was so easy in Diablo, it got old. But when Townkill came out I loved killing them in town, it’s just totally unexpected, they’re like ’WTF?’” Another, referring to the fact that characters in Diablo drop their equipment when they die, stated, “It’s a way for me to get good stuff without the hassle of finding it myself.”

What is the solution to this sort of cheat, or how can it be prevented? This particular cheat was possible for Blizzard to address. Since players weren’t supposed to be able to do damage to each other in any way in town, Blizzard made the receiving computer ignore any incoming damage messages while it was in town. However, the hackers quickly adapted and created other types of cheats that Blizzard couldn’t address, such as the ability to walk into any dungeon level and kill everyone on that level. As the cheats became more sophisticated, the receiving computer couldn’t know for sure whether the message it was receiving was generated by a cheat or by a legitimate action of another player, so it had no choice but to accept the result.

Eventually, as most gamers know, cheating destroyed Diablo’s economy, and forced honest players to avoid playing with strangers. There were many games released around the time of Diablo that used the same networking model, and they were all susceptible to this type of cheating. Diablo merely had the distinction of being one of the most popular online games, which made it one of the most popular targets for cheaters.

As you can probably imagine, programming a synchronous peer-to-peer game is tricky. When one player clicks on another player to attack him, both computers must model the attack in exactly the same way and produce exactly the same result. If they don’t, then the game will diverge to the point where it’s playing differently on the two computers, and it will never get back in sync because the two computers never share any information except mouse and keyboard clicks. To keep the game in sync, both computers must start the game at the same moment and with identical starting conditions, and then they both must process mouse and keyboard input from each player at exactly the same time. This makes synchronous peer-to-peer games slightly more susceptible to lag than other types of games, because if one computer is not able to communicate even for a moment, the other computers can’t continue the game until they re-establish contact.

Unfortunately, even a synchronous peer-to-peer game does not solve cheating. It prevents players from taking actions that they couldn’t have taken legitimately, because the only messages they can send over the network are mouse and keyboard input. However, it requires that all computers in the game share their mouse and keyboard input with all other computers in the game, and this means that hackers can develop means to expose information that the player isn’t supposed to know.

For example, a common cheat in StarCraft is called MapHack. This cheat takes advantage of the fact that your computer always knows what the other players in the game are doing, even though it doesn’t normally display that information to the player. The MapHack cheat modifies StarCraft so that it displays the position and action of every unit on the entire map, whether the player has explored that part of the map or not.

There are those who argue that since MapHack doesn’t involve actual “damage” to the opponent it could be called harmless. Unfortunately, the truth is that map hacking creates a severely unbalanced playing field which is as damaging to the play experience as any other type of cheat. If a player has a full map view, he can look into his enemy’s base and judge precisely what the player will be sending his way in the form of an attack. In StarCraft, if you see a few Stargates going up, you can anticipate that your opponent is going to attack primarily by air, whereas if you see a couple of Robotics Facilities and their Support Bay, you might anticipate a Reaver Drop. What’s even worse is that with map hacking, the victim often doesn’t know that the reason he lost the game was due to cheating.

Why do so many gamers use MapHack? As Patrick Wyatt said in his article last month, this seems to be another of those “I had to hit you first, before you hit me” situations. Many players seem to believe that “everyone uses it,” and feel that if they are going to compete on a level playing field they should use it, too.

We asked a StarCraft ladder observer how MapHack has affected the community. He told us that top players have adapted by playing games on local area networks instead of on the Internet. When players compete on a LAN, there are often observers watching them play, and “if the player uses MapHack, it will be seen at a glance.” When asked about the official StarCraft Ladder, his response was, “Oh, nobody cares about the StarCraft Ladder any more… it’s all rigged.” This is just one person’s opinion, of course, but others have speculated that without observers, it is possible that any or all ladder players could be using MapHack and there is little that can be done to prevent its use.

Any game that uses a synchronous peer-to-peer network architecture is susceptible to map hacking. Since Blizzard can’t prevent map hacking in StarCraft, some have proposed that they level the playing field by including it as an option in the game setup screen, like “shared vision” or the choice of map. However, playing with the map revealed removes much of the strategy from the game. Blizzard may not be able to stop MapHack, but they’re not willing to embrace it, either.

Another concern with peer-to-peer games is that, since the computers communicate directly with one another, each player’s IP address is revealed to everyone else in the game. A sophisticated hacker can trace these addresses to find the real life identities of his opponents, sometimes even to the point of obtaining an address or phone number. Furthermore, if the victim’s computer hasn’t been patched with the latest security updates from Microsoft or Apple, a malicious hacker could attack the computer with the goal of crashing it, destroying important data, or accessing personal files.

This privacy concern has caused many companies to reevaluate the viability of producing peer-to-peer games. For Warcraft III, Blizzard is using a modification of the synchronous peer-to-peer architecture called “hosted peer-to-peer”, in which messages from one player to another are bounced off one of Blizzard’s servers rather than being sent directly between computers. This change doesn’t impact cheating, but it does prevent players from seeing each other’s IP address, which eliminates the privacy problem.

In a properly written client/server game, computers still send only mouse and keyboard messages over the network, but they now send that information to a single server, rather than sending it to every other player. The server is the only computer that knows what all players in the game are doing, and knows the entire state of the game. The server then sends back to the clients just those events that they should be able to see. This way, the clients can’t do anything they’re not supposed to do, and they can’t see anything they’re not supposed to see.

Of course, the server can now do anything and see everything, so all of the players in the game must completely trust the person running the server. Games like Quake and Half-Life use a client/server network model and place no restrictions on who may run a server. When players connect to a server they haven’t used before, they will sometimes discover that the server operator is cheating. He may engage in obvious cheats, like summarily killing players he doesn’t like, or he may engage in subtle cheats, like giving his friends a slight advantage in combat. Either way, it is up to the players to discover that the server operator is cheating and stop playing on that server.

It would be much more damaging if a role playing game used the client/server networking model without restricting who could run a server. Role playing games usually center around character development, where players play the same character over many games, advancing his skills and finding new items for him to use. If a player connected to a server that was being run by a cheater, then the server operator could potentially steal all his items, or otherwise destroy his character, before the player was able to identify that the server was cheating and disconnect. Because of this possibility, when role playing games use the client/server networking model, they typically do not allow untrusted players to run their own servers. Instead, they use what is called a “hosted” environment, in which the game publisher uses its own computers as servers.

As you can imagine, setting up a hosted environment is both challenging and expensive. Depending on the popularity of the game, it may involve purchasing hundreds of computers, and operating them in data centers around the world. In addition to buying all the computers and hiring a staff to keep them all running, the game publisher must also pay for all of the bandwidth that they use. Despite the effort and expense, the industry is moving more and more in this direction, because it’s the only way to approach the ideal of a cheat-free environment. Examples of games that use a hosted client/server architecture include Diablo II, EverQuest, Ultima Online, Asheron’s Call, and Dark Age of Camelot.

Even when the game developer uses a well-written client/server networking model and controls all of the servers, it is still possible for cheating to occur, simply because games are written by humans, and human programmers will always make subtle mistakes that malicious users can exploit.

The most notorious type of cheating that takes place in hosted client/server games is item duping: taking a valuable item in your inventory and making an exact copy of it. To do this, players find and exploit a bug in the program. For example, they may try unusual combinations of actions that they don’t think anyone has ever tested before, hoping to find something they can do that will crash the game server. If they can find a way to consistently crash the game server then they can often use that knowledge to duplicate items. To do so, they simply hand a valuable item to an accomplice, who then immediately logs off, causing his character to be saved to disk. Then they crash the server before it has an opportunity to save their own character to disk. When the server comes back up, both players should have the item in their inventories.

In an online role-playing game, the most involving facet of character development and item acquisition might be rarity. It is rare to see a character over level 100 in Asheron’s Call. It is unusual to come across someone who has the entire Astrilite Set in Dark Age of Camelot. You don’t usually spot a character with +500% Magic Find in Diablo II. Being able to develop special characters, and having the ability, time and luck to acquire items that are rare and unusual, are two of the more rewarding aspects of a game. These two things set a player apart from the norm, and give him certain “bragging rights” in the game world.

When duping runs rampant in a game, suddenly the rare item that a player acquired legitimately is nearly valueless. Everyone in Diablo had the Royal Circlet; everyone had an Obsidian Ring of the Zodiac. In Asheron’s Call, the original Greater Shadowhunter Armor was removed by the developers because it was determined to be too powerful for the game. The removal created an even greater demand for this rare item, driving prices on eBay up to $500. However, heavy duping eventually destroyed the rarity of this item and forced the developers to return it to the game, so that the cheaters would not have a continuing unfair advantage.

So the greatest injustice perpetrated by those who cheat is that they destroy the game world’s economy for all players. And once corrupted, it is impossible to salvage the delicate balance of a game world’s economy and return to character development and item acquisition the value and the significance they once held.

Item duping can be solved. At one level, since it relies on players exploiting bugs in the software; it can be solved by fixing those bugs. At a more fundamental level, game designers can change the way characters are saved to disk, or the way items are assigned to characters, so that even if a player can crash a server, he can’t exploit that fact to duplicate items.

This is typical of the types of cheating that are possible with hosted client/server games. The client/server network model is the most secure that we as game developers have available to us. It isn’t fundamentally susceptible to cheating like other network models are. At the same time, it doesn’t guarantee a cheat-free game.

Mistakes in game design and implementation can always creep in and enable unforeseen types of cheating. At the end of the day, game developers need a lot of experience with network gaming so that they can foresee and avoid these problems, and they need to be able to quickly react to and fix problems that crop up after the game is released. At ArenaNet, we are committed to keeping cheat prevention and cheat resolution as one of the primary objectives of our game development process.