Tenebrous
Peacekeeper
- Joined
- Feb 26, 2014
- Messages
- 1,411
- Reaction score
- 1,622
I'll just copy-paste part of the reddit post
As many of you guys know, we announced CheatBreaker, which was a super-secret MineHQ Project that we created over the last month. It is designed to stop the ongoing cheating issue that will only get worse if we don't do something to stop it. I mean, look, there's dozens, if not hundreds, of ghost clients.
Server-side anticheat can only act on a limited set of data that it receives: swing packets, attack packets, and movement packets. These packets don't contain headers to determine if a hacked client sent it, it simply contains data that a legitimate player would send and the server must try to guess (using heuristics), whether the data is legitimate or fake. This can and does produce, both, false-positives and false-negatives. That's just the nature of server-side anticheat.
CheatBreaker, as a client-side application, gives us a whole new dataset to work with to ensure that players aren't cheating. This gives us access to critical game JAR files and JRE components to ensure their integrity. I simply can't go into specifics for the security of the system, but in creating this system, we've launched several attacks on it to see if we (as the creators of it) can bypass it. As of now, we can't.
First and foremost, we do intend to allow other servers to adopt CheatBreaker. That means if you get banned on a CheatBreaker protected server, you're banned from EVERY protected server.
If you're caught cheating, you will be marked for a future ban, similar to systems like VAC and ESEA, among others. When the banwave is issued, you will be PERMANENTLY banned from all CheatBreaker-protected servers.
This ban is an IP Ban, HWID Ban, and Minecraft UUID ban.
CheatBreaker bans cannot be removed by MineHQ Staff, and CheatBreaker bans are entirely separate of MineHQ. This means that you CANNOT purchase an unban for CheatBreaker bans.
CheatBreaker operates on a zero-tolerance policy for all cheating violations.
We hope to open CheatBreaker (Windows) for public testing by late this month. We're currently auditing CheatBreaker with a select group of testers.
There is also a social engineering side to cheating, which is to attack people's trust in the system. If "[CheatBreaker] is evil - look they are tracking all of the websites you visit" is an idea that gets traction, then that is to the benefit of cheaters and cheat creators. [CheatBreaker] is inherently a scary looking piece of software, because it is trying to be obscure, it is going after code that is trying to attack it, and it is sneaky. For most cheat developers, social engineering might be a cheaper way to attack the system than continuing the code arms race, which means that there will be more Reddit posts trying to cast [CheatBreaker] in a sinister light.
http://www.cheatbreaker.com/faq/
http://www.cheatbreaker.com/faq/
http://www.cheatbreaker.com/faq/
http://www.cheatbreaker.com/faq/
Should MCSG try to get this?
As many of you guys know, we announced CheatBreaker, which was a super-secret MineHQ Project that we created over the last month. It is designed to stop the ongoing cheating issue that will only get worse if we don't do something to stop it. I mean, look, there's dozens, if not hundreds, of ghost clients.
Server-side anticheat can only act on a limited set of data that it receives: swing packets, attack packets, and movement packets. These packets don't contain headers to determine if a hacked client sent it, it simply contains data that a legitimate player would send and the server must try to guess (using heuristics), whether the data is legitimate or fake. This can and does produce, both, false-positives and false-negatives. That's just the nature of server-side anticheat.
CheatBreaker, as a client-side application, gives us a whole new dataset to work with to ensure that players aren't cheating. This gives us access to critical game JAR files and JRE components to ensure their integrity. I simply can't go into specifics for the security of the system, but in creating this system, we've launched several attacks on it to see if we (as the creators of it) can bypass it. As of now, we can't.
First and foremost, we do intend to allow other servers to adopt CheatBreaker. That means if you get banned on a CheatBreaker protected server, you're banned from EVERY protected server.
If you're caught cheating, you will be marked for a future ban, similar to systems like VAC and ESEA, among others. When the banwave is issued, you will be PERMANENTLY banned from all CheatBreaker-protected servers.
This ban is an IP Ban, HWID Ban, and Minecraft UUID ban.
CheatBreaker bans cannot be removed by MineHQ Staff, and CheatBreaker bans are entirely separate of MineHQ. This means that you CANNOT purchase an unban for CheatBreaker bans.
CheatBreaker operates on a zero-tolerance policy for all cheating violations.
We hope to open CheatBreaker (Windows) for public testing by late this month. We're currently auditing CheatBreaker with a select group of testers.
There is also a social engineering side to cheating, which is to attack people's trust in the system. If "[CheatBreaker] is evil - look they are tracking all of the websites you visit" is an idea that gets traction, then that is to the benefit of cheaters and cheat creators. [CheatBreaker] is inherently a scary looking piece of software, because it is trying to be obscure, it is going after code that is trying to attack it, and it is sneaky. For most cheat developers, social engineering might be a cheaper way to attack the system than continuing the code arms race, which means that there will be more Reddit posts trying to cast [CheatBreaker] in a sinister light.
http://www.cheatbreaker.com/faq/
http://www.cheatbreaker.com/faq/
http://www.cheatbreaker.com/faq/
http://www.cheatbreaker.com/faq/
Should MCSG try to get this?