mahuja 12 Posted April 10, 2007 I would like to kill a myth as well. "Punkbuster is optional" ...in theory/name ONLY. (For what friggin reason do they have you "sign" that it's optional in the EULA? It's not as if it endures a reality check.) 1) When PB enters a game, the gamedevs get lazy and add no, or next to none, anti-cheat other than PB. For most PB-protected games, how bad is the cheating when PB is turned off? Is that really an option? (yeah, in name.) There may be exceptions, I haven't found any but I haven't been looking either. Extend this to the server operators, and you'll find no servers to play on if you're not willing to use punkbuster. Is it still an option? (Yeah, singleplayer; playing the game at all is also optional.) 2) BF2, you won't get the unlocks without playing on pb-enabled servers. You *can* play without punkbuster at all, but with the unlocks the enemies may have some ('legit') advantage over you. Which is what cheats are all about, isn't it?  (The logical extension to this is to say that in BF2s case PB can be called a cheat in itself...)  How many servers were there that didn't use punkbuster and that disallowed unlocked weapons? (Last I saw, disallowing unlockable weapons didn't seem to work in the first place.) 3) This one should be treated as mere hearsay until it's been researched properly. Besides, this is no longer relevant as a direct case (at least for those already walking vista, what I just saw of EBs writing indicates this is still an issue for 2k/xp), but as an illustration of PB operation policy it's quite damning (if true, which I cannot guarantee yet) : By following the instructions for how to run a game without admin permissions, you open a security hole that allows any program ran as a user allowed to play, to bypass the entire user security system. (IF I remember it right, it required debug permissions; which can be used to change the behaviour of any program running on the computer; SYSTEM level programs included.) In short: So long as you cannot cheat, it doesn't matter if your system gets hacked. ---- According to PB, I've been guilty of at least the following cheats: -Having a ramdisk  (...!) -Connecting to an enabled server  (...pretty much.) And the part that PB (occasionally) requires a player to be a ("certified-level") computer technician to get it working is also a good argument against it. I mean, that's kinda reminiscent of the DOS days! I thought we had progressed since that! The biggest problem with PB (in my experience) is the false positives; innocents get promptly kicked. Usually from everywhere, like a PB global ban, until they can figure out what causes it - with cryptic noninformative error messages giving no help. The biggest problem with OFP AC is less of a problem; the plenty of "false positives" makes it easy for a real positive blend in unless your cheat is blatantly obvious in the game. Actually, for the type of cheating that has been the most prevalent in OFP, I believe the system BIS has come up with (though not completed) has a lot of promise. Of course, PB could come on top of that, and cover other types of cheating entirely (dxdll!) but really... it wouldn't be worth it, neither in terms of monetary cost to BIS nor the troubles it will give players. Ps1:It would be interesting to see the aftermath of a virus whose payload triggered the PB hardware ban. Ps2:While doing some basic lookups regarding #3, I came across this quote from http://www.threatcode.com/admin_rights.htm "Will not accept anything less than FULL file access to your computer. Even when other, BETTER methods for cheat protection can be accomplished. Does not say anymore what it is searching & transmitting." Again, I can not vouch for its correctness at this time, nor the extent of the problem implied. (Full file access is quite excessive though) Share this post Link to post Share on other sites
Birgrim 0 Posted April 10, 2007 I voted yes. Nothing keeps server admins to configure PB for certain mods. You want to play Modwar? Join a Modwar server. You want to play FFUR? Join a FFUR server. While I strongly believe the ability to mod this game is its bread and butter, the modding situation in multiplayer is getting way out of hand. Im pretty confident that most people here would voted "No" play coop exclusively on private servers with a handful of friends and such. Good for you. Now theres the rest of us, the competitive players, CTF, TDM, C&H. Have you thought about the new leagues being organised? How are they suposed to keep mods in check. What currently keeps people from having sound mods explicitely made to give away enemy's location? Hearing other people's footsteps from a mile away? What keeps people from modding their soldiers to be running around in neon pink camo? There has already been a mod to change the angle in 3rd person. Where do you think this is going to stop? Either PB or a similar feature needs to be implemented before any competitive gaming can take place in ArmA. Dont be selfish, if you dont want to run PB just turn the damn thing off on the server you play on. Just dont prevent people who want PB from getting it. Share this post Link to post Share on other sites
Maddmatt 1 Posted April 10, 2007 my point is:people are struggling to run arma as smoother as they can, People want to run the game smooth with the recommended specifications, if you say it will take some CPU usage it means that, with it, it will slow the game even more. I bet all recomended spec's players (like me) dont wan't to run the game even worst. If that thing will make the game slower, i still vote NO! otherwise you will change my mind. It wont make the game slower. In MP with the server handling the AI, your CPU wont be stressed. Many people have dual cores anyway, so it can run off the other core and have absolutely no performance impact whatsoever. Share this post Link to post Share on other sites
Dwarden 1125 Posted April 10, 2007 ... yes PB is optional (in pure term ON/OFF by demand)... in older games if You clicked no on PB eula question while installing game PB wasn't installed in new games i think it installs auto but no eula question/activation till You enable it for first time still You can disable it both as client and admin anytime YOU wish... 1. there were anticheats like PB in past , most of them failed - Vietcong got 2nd party built HRADBA (development halted years ago) - SOLDNER got internal WACHE (died with Soldner) - there are also two MMO oriented ACs named GameGuard and HackShield for MMOs used mainly in Asia region games (both are miserably coded) - and there was tons of 3rd party ones for multiple games and there is VAC from Valve software (used in theirs HL and Source based games and some other titles like Red Orchestra Ostfront 41-45) one of main VAC pluses is install & forget way yet in no way there is single one offering same feature set like PB ... back to Your comment that Devs get lazy and implement no non PB solution .. untrue most of games contain code for files (so called pure) and memory checks to prevent basic type of tampering with game yet You can't await them to shell another 6 months of worktime and million bucks to develop own anticheat on level equal to PB ... it's easier, faster and cheaper to lease PB... (blame market that there is no better option to PB) now cheating level in game with PB while PB is OFF would be same as cheating in game w/o PB at all IF they are equal in MP popularity ... i wonder where got the idea that existence of PB increases number of cheats for game , it's just wrong ... number of cheats increases rapidly if there was game source release (aka Quake 3 released under GPL) or game extreme well done documentation (Unreal Engine 1,2,3) and modding/scripting feature set (more open game = more cheats) 2. what lame BF2 stats, lock system based on stats got with enabled /disable PB ? EA in first line leased PB to prevent cheaters to cheat on stats to gain easier unlocks on official servers so they of course will run with PB enabled (if not that's another story about how lame unlock system, expansions packs for XY bucks etc are) .. i fail to see point of discussing this ... 3. admin rights demand is past for games with 1.5 client , yet first of You was NOT needed to run game in admin account (again typical uninformed myth) what was needed were certain ADMIN rights for the game process Quote ]Debug Programs Load and unload device drivers Manage auditing and security log Modify Firmware environment values Profile Single Process You must agree that game process itself is supposed to be trusted (if You got valid legal copy) so there should be no reason to worry anyway ... most of PC users were in that times running theirs browsers in admin mode so what's the security buzz about ? noone said it was perfect solution or there weren't issues with other sw (e.g. DeepFreeze) but while fighting cheaters You needed such privileges ... let's get over this as new version with OS driver service solution is user friendly ... --- flagged for use of RAMdisk ? what one i use and used multiple ones and never got flagged in any PB supported game ... w/o knowledge about what happened exactly i can't tell more.. yet it could be simply code flaw, You reported ? any fix since ? connection issues, code bugs or config issues (messed up by server admin) are problem which exist in any software not just PB ... so called false PB global bans where You heard that? no virus can trigger PB Global Ban ... maybe raise violation and get user kicked but definitely not global ban ) as usually this "myth" raise from casual cheaters chitchat(these who never code just use others products) and users w/o any knowledge about PB false PB violations and kicks are removed from system, and announced on game support pages for public knowledge (contrary to VAC where exist no informations about any false positive removal ) so called cryptic messages are quite easy to understood if You know how PB works... related to ArmA if You think what's in is enough then You completely wrong , already broken ... that site is old, it's funny how it note "better methods" yet noone deployed them yet PB is software with constant development cycle (to match game development change, OS changes, security trends and to adapt newer cheats) but still it's produced only by humans thus inperfect yet after years working with it i can vouch that it's more useful than problematic ... Share this post Link to post Share on other sites
mahuja 12 Posted April 10, 2007 Warning: There exists sarcasm below this sentence. Proceed at your own risk. I ended up spending quite a bit of time picking your post apart; you gave me plenty to work with. yes PB is optional (in pure term ON/OFF by demand)... in older games if You clicked no on PB eula question while installing game PB wasn't installed in new games i think it installs auto but no eula question/activation till You enable it for first time still You can disable it both as client and admin anytime YOU wish... Yes I can, so they can rightly call it "optional" - but will I get any sort of quality gaming that way, even if cheaters are taken out of the question? Remember, I'm not disputing the name optional - even playing the game in the first place is optional, after all. I'm just saying that it's hardly a realistic, viable option. As a slightly far-fetched analogy: suicide is always an option; it will get you out of whatever trouble you're in. If it's a viable option is another matter entirely. Quote[/b] ]1. there were anticheats like PB in past , most of them failed To quote/paraphrase another poster in this thread, that the others are also failures is not an excuse for this failure. Â ("You're excused for failing to assassinate me because everyone else has also failed" ) I guess you would not call PB a "failure"? Yet you do call everything else a failure; just how is PB really that different? Quote[/b] ]yet in no way there is single one offering same feature set like PB True, but the most interesting features shouldn't be much harder for the devs of a game to implement, like the remote screenshot. Well, unless they have software patents, but that's just evil. And akin to holding us hostage. Quote[/b] ]... back to Your comment that Devs get lazy and implement no non PB solution .. untrue most of games contain code for files (so called pure) and memory checks to prevent basic type of tampering with game yet You can't await them to shell another 6 months of worktime and million bucks to develop own anticheat on level equal to PB ... No, but I *do* expect a reasonable job. And if you can read between the lines of your own quote, they won't do that because PB is supposed to do it for them, and they can save that money. In fact, this is a way of thinking that I have come to expect from EA, which I believe is EB's biggest customer. Quote ]it's easier, faster and cheaper to lease PB... (blame market that there is no better option to PB) Again, I do not excuse a failure due to the lack of anything better. One way the market can rectify this is to wait</b> until there actually is something workable. I have not seen PB as such. Quote ]now cheating level in game with PB while PB is OFF would be same as cheating in game w/o PB at all IF they are equal in MP popularity ... i wonder where got the idea that existence of PB increases number of cheats for game , it's just wrong ... While I do understand the arguments about why PB would "attract" cheaters, and agree, I also think the effects of those things are neglectible; so I basically agree with you here. On the other hand, I'd like some proof, and not just anecdotes, of how PB really reduces the amount of cheating by a noticable degree. Someone mentioned far cry before and after PB. Of course adding PB would drop the immediate number of cheaters; but given time to adjust? Â Far cry is... old enough, (without the same 'still interesting' effects we saw with OFP) that they probably lost interest rather than try readjust, so that probably won't do as evidence. Quote ]number of cheats increases rapidly if there was game source release (aka Quake 3 released under GPL) or game extreme well done documentation (Unreal Engine 1,2,3) and modding/scripting feature set (more open game = more cheats) Raises to me an interesting question: How does Punkbuster fit within that picture? It is very well known that if you can handle the sources available to you (realistically the worst case is usually nameless assembly code from disassembly) you can make a game do anything - transmit the correct hash for a file that has been modified, for example. Quote[/b] ] 2. what lame BF2 stats, lock system based on stats got with enabled /disable PB ? EA in first line leased PB to prevent cheaters to cheat on stats to gain easier unlocks on official servers so they of course will run with PB enabled (if not that's another story about how lame unlock system, expansions packs for XY bucks etc are) .. i fail to see point of discussing this ... The real point I tried to raise was that with the unlock system in place, PB itself fit the definition of a cheat: it gives advantage to those who use it. (PB is, naturally enough, required for the ranked servers, which is required for the unlocks.) I guess the "solution" would be to have a separate ranking system for non-pb servers. Quote[/b] ] 3. admin rights demand is past for games with 1.5 client , yet first of You was NOT needed to run game in admin account (again typical uninformed myth) what was needed were certain ADMIN rights for the game process Pay attention to what people write if you're about to respond... "By following the instructions for how to run a game without admin permissions, " Quote[/b] ]Debug Programs Load and unload device drivers Manage auditing and security log Modify Firmware environment values Profile Single Process You must agree that game process itself is supposed to be trusted (if You got valid legal copy) so there should be no reason to worry anyway ... I suppose you're not even aware that in that one last sentence you declared your incompetence on computer security... Let me spell it out for you - those rights are not given to the game, but to every program the user runs. The reason a person does not want to run as administrator all the time is so that any malware don't have admin rights. And either of the first two allows a hacker, or capable malware, to gain full admin rights by virtue of what functionality they allow. Hell, the second is the reason why the serious malware would want admin in the first place!</b> The third allows it to turn off the auditing - to hide its tracks. I'm guessing the fourth allows for the near scrapping of hardware. Again, it's not the game or PB that's the problem here, it's the other stuff, including malware, that also gets the rights PB wants. For the reasons outlined above, running without admin is equivalent to running with admin, making the "myth" quite true anyway. Quote ]most of PC users were in that times running theirs browsers in admin mode so what's the security buzz about ? Because doing something stupid (doing everything as admin) should be optional. If you also want to play a PB game, that becomes a big hassle, and let's face it; even in the face of minor hassles, users select the more convenient, less secure solution. And again, option has a dual meaning - the theoretical options is always there, but it's not really there in practice... And it's real options that have a meaning. Quote[/b] ]let's get over this as new version with OS driver service solution is user friendly ... I repeat that this is a moot point for vista (and if contradictory to what I saw on EBs faqs they also used the service stuff on 2k/xp) other than to illustrate that they quite explicitly do not care about your computers security to achieve their goals. (Why do I have to repeat myself so much?) Quote[/b] ]flagged for use of RAMdisk ? what one i use and used multiple ones and never got flagged in any PB supported game ... w/o knowledge about what happened exactly i can't tell more.. yet it could be simply code flaw, You reported ? any fix since ? I was disconnected from every game after a few seconds, with a message that told me absolutely nothing - and not because it gave too much technical detail... I contacted EB, they told me to check a log file it generated somewhere. The contents, "O/S Interrupt" I think, let them list off a bunch of non-cheat software causing that, ramdisks topping the list. I wondered what the heck that osint was supposed to detect, but they graciously neglected to reply. Assumably they couldn't say they were just kicking for abnormalities...? (If it works now, and your ramdisks aren't very different from what I used?) I am someone who does some weird things to my system occasionally. Should this really disallow me from playing? As I said earlier, it's usually not worth much with punkbuster disabled simply because you depend on how others use their options. See Theoretical vs Practical options. Quote[/b] ]connection issues, code bugs or config issues (messed up by server admin) are problem which exist in any software not just PB ... Without PB it worked perfectly every time, as long as my internet connection was up. With... If it really was something with the server config, why wasn't the server empty? Or it is really that hard to use competently? Â Why should we assume everyone hosting an arma server will understand how to do it so much better? Quote[/b] ]so called false PB global bans where You heard that? "Usually from everywhere, like a PB global ban, until they can figure out what causes it" ...and fix it Note the word like. The effect of whatever is giving you troubles entering pb servers is the same as if you had an actual pb guid ban; except you can fix the issue, while a ban won't get removed under any circumstances. (...can we claim per-hour compensation for the time spent fixing their mess? Probably not, I expect their eula actually covers that. What category do you think their reasons are in?) Quote[/b] ]no virus can trigger PB Global Ban ... maybe raise violation and get user kicked but definitely not global ban ) A hardware ban is triggered only when the user tries to mess with PB itself. That is pretty close to the official wording. This is pure software, any program could potentially start doing such things - including a virus payload. A virus doing that, or even a series of them doing it in various ways, would create so many false positives that they would be hard pressed to filter them out; probably forcing them to abandon the entire system of HW bans. That is one possible result of the aftermath I would be interested in seeing how developed. Again, read what you're responding to; I didn't say such a virus existed, only that it's possible, and I'd like to see what the aftermath of such a virus would be. Quote[/b] ]so called cryptic messages are quite easy to understood if You know how PB works... Not if the messages doesn't give any real information. Like that case with the ramdisk, it was akin to saying "Error." Or are they offering courses with certifications in punkbuster operation now? I suppose they would like to do background checks so they don't teach the stuff to those who would exploit the knowledge... Quote[/b] ]related to ArmA if You think what's in is enough then You completely wrong , already broken ... The system for signing addons shows a lot of promise. In saying "already broken" you either misunderstood what I referred to, or you simply didn't read what I said. It is not currently finished, AND, no servers that I know of actually use it. And I haven't yet seen anything, online, that cannot be reliably explained as bug/lag/desync. At worst (if anyone found how to deliberately trigger it) exploit, which is outside of PB's domain anyway. Quote[/b] ]that site is old, it's funny how it note "better methods" yet noone deployed them yet PB is software with constant development cycle (to match game development change, OS changes, security trends and to adapt newer cheats) but still it's produced only by humans thus inperfect yet after years working with it i can vouch that it's more useful than problematic ... I agree with above, with the exception of the last bit. After some months of using it I don't want to touch it again. This is not purely because of the bad experiences I've had with it, but also the underlying reasons for my problems. If you have a computer on which you ONLY play PB games, perhaps another couple, primarily singleplayer, and perhaps some word processing, I can't imagine you'll ever have much of a problem... (End sarcasm warning) Dwarden.... You do not read the post you are responding negatively to. This is very disrespectful. You start a discussion of a partially subjective, and also rather sensitive, subject, and refuse to take serious, substantial arguments opposed to your bias seriously. You insult others intelligence, and create conflict. ultracrepidarian: (n., adj.) a person who gives opinions beyond his scope of knowledge. Also known as False Authority Syndrome. Referring primarily to your comment on computer security. Ignorance is excusable, but not when you're asserting it. (Note my relatively heavy use of words like maybe, may, probably, possibly, etc) I do not find these things befitting of anyone wearing a moderator tag. Share this post Link to post Share on other sites
Dwarden 1125 Posted April 10, 2007 ... tried keep answers simply and short (but that is impossible in Your case) early parts like like optional == optional why keep running around ? ... skipped in past many failed > aka vanished from software market ... skipped development cost and time >> well if You still "demand" in house solution, then You should blame developers for leasing any middleware engines (unreal engine, source engine, quake4 engine etc) physics (like Havok, Ageia) Environment (like Speedtree) animations (like Natural motion) sounds (like Miles) AI and tons others in short it's sooo easy and cheap to develop all in-house because You said so i'm sure EA done theirs job to calculate cost of developing own anticheat solution and leasing already working one (not to mention that little important detail You need that at game release not 5 years later) enough for this point , skip to next one wanna proofs it work > just look at anticheat community groups like PsB, PBB, AASA, AON, ACI etc. that it enough to made sure it works to catch cheaters / drop cheating level or manage several dozens or hundreds game servers so You can see the logs self ... skip to next point Quote[/b] ]Raises to me an interesting question: How does Punkbuster fit within that picture? erm guess you missed the point of PB covering these engines Q3 source was released, now imagine how ET MP is cheat infested w/o PB existing ... UE2,2.5 is well documented, mod-able, just try compare how easy is to use cheat in UT2003 w/o PB and in Americas Army (both UE2.5) compared this to new engine built from scratch hard mod-able then of course number of cheats will be way lower than for known engines yet yet ArmA is more in first group than in second ... skip to next point BF2 unlocks and PB cheat for these who use it ? WTH ? what ? does use of 5.1 soundcard vs no sound classify as cheat too ? lol ...  not to mention u can always play on all unlocks server or else ... i wonder why EA decision about BF2/2142 feature set links to PB and use in other 20+ games or future titles not from EA ? skip to next point Quote[/b] ]I suppose you're not even aware that in that one last sentence you declared your incompetence on computer security... Let me spell it out for you - those rights are not given to the game, but to every program the user runs. The reason a person does not want to run as administrator all the time is so that any malware don't have admin rights. And either of the first two allows a hacker, or capable malware, to gain full admin rights by virtue of what functionality they allow. Hell, the second is the reason why the serious malware would want admin in the first place! The third allows it to turn off the auditing - to hide its tracks. I'm guessing the fourth allows for the near scrapping of hardware. Again, it's not the game or PB that's the problem here, it's the other stuff, including malware, that also gets the rights PB wants. For the reasons outlined above, running without admin is equivalent to running with admin, making the "myth" quite true anyway now this point needs serious answer seems like You aren't aware that You can run certain process under certain account / privileges ... thus You don't need to use admin account to run game (aka what i said grant certain privileges to process in question) just hint right mouse button on executable and choose option "Run as..." also there is tool from Microsoft , named DropMyRights to change/lower rights on applications on demand (this will work other way as above, You can run as admin all the time yet lower privileges to applications You consider as insecure (e.g. browser or any networking software and so on) so please increase Your education on subject before You call someone incompetent or unqualified next time ... yet again why virus / trojan / adware / spyware / malware / badware discussion ? you worried that they somehow abuse PB (then i suggest use qualite HIPS etc.) then You should be worried about anything on your system with ring0 rights system is secure only to level of users Common sense, most of incidents lie in problem between chair and keyboard not software used * yet that is important factor after user error skip to next point i guess i skip them all maybe i grow tired after years to try explain simple features again and again or how simple things works ... each PB system message got purpose, there are specific and generic ones ... in short compare PB to antivirus software including various detection methods (heuristic code identification, hash signature identification and so on) no matter what chance that error occurs exist same as like with antivirus error messages You can't await that developer will tell You what error message was triggered by as some info can be used by other side Your problem with ramdisk could be related to time when PB was experimenting with low level detections or to another problem with specific debuggers Quote[/b] ]I agree with above, with the exception of the last bit.After some months of using it I don't want to touch it again. This is not purely because of the bad experiences I've had with it, but also the underlying reasons for my problems. If you have a computer on which you ONLY play PB games, perhaps another couple, primarily singleplayer, a nd perhaps some word processing, I can't imagine you'll ever have much of a problem... (End sarcasm warning) Dwarden.... You do not read the post you are responding negatively to. This is very disrespectful. You start a discussion of a partially subjective, and also rather sensitive, subject, and refuse to take serious, substantial arguments opposed to your bias seriously. You insult others intelligence, and create conflict. ultracrepidarian: (n., adj.) a person who gives opinions beyond his scope of knowledge. Also known as False Authority Syndrome. Referring primarily to your comment on computer security. Ignorance is excusable, but not when you're asserting it. (Note my relatively heavy use of words like maybe, may, probably, possibly, etc) I do not find these things befitting of anyone wearing a moderator tag. You think i'm gunna take your half myths half rumor based Arguments seriously ? can't be serious... IF you want to bring on table serious arguments i can base upon (PB logs, OS logs, dumps, etc) we can talk about ... somehow i'm not surprised with amount of "PB experts" with myths leaked from cheat forums on purpose ... i take swift approach w/o mercy to such posts  ... maybe it will be harsh to You but IMHO Your post consist from 1/3 from trolling, 1/3 of myths and 1/3 of negative view by problems in the end try to find way How would You react in my position ? pat You on back, say "You right, PB is pure badware!" ? not gunna happen after years of satisfied use of PB as client and game servers admin in dozens games ... no i'm not gunna say it was swift dance w/o hitch but via cooperation with EBI staff all problems were solved Your remark about "False Authority Syndrome" is funny as it turns toward You ... what i wrote about PB is based on my past years work and not built upon some "thin" air myths ... and in comment about computer security, Ignorance ? You failed self on that area ... re-read my line Quote[/b] ]3. admin rights demand is past for games with 1.5 client , yet first of You was NOT needed to run game in admin account (again typical uninformed myth) what was needed were certain ADMIN rights for the game process notice the ending "what was needed were certain ADMIN rights for the game process" then return back to middle of this reply and read the bold text about privileges per process then i need wonder why You started about ignorance or insulting others Intelligence ... wasn't that exactly what You done ? and IF someone thinks that I in this or other threads insult others, theirs Intelligence, trying create conflicts by negative approach and thus NOT deserve moderator tag then post it RIGHT here and send copy in private message to SHADOW ... so ... i guess i'm done on this Share this post Link to post Share on other sites
kegetys 2 Posted April 10, 2007 seems like You aren't aware that You can run certain process under certain account / privileges ...thus You don't need to use admin account to run game (aka what i said grant certain privileges to process in question) just hint right mouse button on executable and choose option "Run as..." A game requiring administrator rights to run is bad design. Simply running the game on admin priviliges opens a security hole in your system, especially when it is a multiplayer game. Games are quite often buggy and buggy software with admin priviliges = potentially compromised system. Example of this is the OFP "partition wipe" bug - that bug wont get to wipe your partition if you run the game with restricted rights, it will only delete itself. Games also surprisingly often have buffer overrun holes which can potentially be exploited in multiplayer (OFP for example has such) which can lead to remote code execution. Something like this happening either accidentally or by exploit is of course rare, but I'd rather not take the chances so I run all games with my restricted account. And there is no reason why a game would need anything more. I personally cannot play any punkbuster games because of the admin rights requirement. In the few games I have tried, there's usually only very few non-punkbuster servers and those often have cheaters on them because the game relies on PB for cheat protection. Doesn't make for a very pleasant multiplayer experience. Share this post Link to post Share on other sites
Dwarden 1125 Posted April 10, 2007 erm Keg you do not need full admin privs for that process only these 5 listed ... yet this "bad design" was 'fixed' (as it caused troubles) in new PB client build (1.5+) ... Share this post Link to post Share on other sites
kegetys 2 Posted April 10, 2007 erm Keg you do not need full admin privs for that process only these 5 listed ... Permission to load a device driver is enough for the application to be able to do anything it ever wants in your system (Code loaded as a driver will have even higher rights than the administrator account does, and it can run programs on other user accounts including administrator). If you allow that you might as well run it as admin in the first place. Share this post Link to post Share on other sites
Dwarden 1125 Posted April 10, 2007 yes but limiting the rights and with use of correct HIPS/sandboxing etc. You can control with what such process interacts... i agree with bugs in games self but many games are linked to ring0 drivers anyway (securom, safedisc, tages, starforce, etc) which may lead to unwanted results (as these are buggy too)... in the end You can say that PB driver and services can turn security threat too (and w/o certain privileges You can forget about chances to detect certain cheats) and so on ... while i can understood the "need" for security but then IF extreme security REQs are in place then man can end with question `why use MS platform?' Â ... or other way around why use such important system for gaming ... Share this post Link to post Share on other sites
kegetys 2 Posted April 10, 2007 while i can understood the "need" for security but then IF extreme security REQs are in place then man can end with question `why use MS platform?' Â ...or other way around why use such important system for gaming ... To me there is really nothing "extreme" about it at all, it is normal procedure. First thing I ever do in a new windows install is set up a restricted account for me to use. There's nothing extremely important on this system, just personal files, but I still rather keep my system secure and in good condition, and use a restricted account. It will give me a quite good increase in security with very little hassle to set up; Good things work as usual and bad things stay out, that includes things like Starforce that I cannot accidentally install if I dont know in advance a game/demo has it. SF will need to kindly ask for admin priviliges and I can then make the decision wether I allow it or not. Share this post Link to post Share on other sites
Dwarden 1125 Posted April 10, 2007 that was just applied to extreme other way around as extreme would be wish that something "similar like PB" named GACI generic anticheat interface appears as part of every major OS kernel that way You can blame for potentical security issues whoever made OS and demand another security hotfix somehow i fear this is just dreamy wish ... Share this post Link to post Share on other sites
nuxil 2 Posted April 11, 2007 For god sake dont put Pb on arma.. we dont need more 3rd party software.. Pb is bullshit anyway.. people who wants to cheat always find a way to cheat. why not just make the server better,, wher you can put autokick/ban on thouse who have Tked to mutch. if i see people with a score of -5 i know what he have done. dont we all. and make the server so you can add the ip or mac to your own list. also only allow the mods you want, if you want any, but there a porblem keeping track of all the mods beeing made today.. :\ i see there was a Major minus.. where it sais the cpu usage increases by 1-5 %.. i dont think people will like that mutch as arma already demands so mutch of the system. Also this isnt Bf with its wallhacks, surfe on uav's etc etc.. and i think the average age of a arma player compared to other games i think i a bit +_x years older, Good Admins might not be the answer alone, but and a better tool to manage the server is what we need. also Anyone here played Americans army ? well how many times havent I/You been kicked for no reason by Pb? kick for 1 min bla bla bla.. Screw Pb. My vote is NO!!! Share this post Link to post Share on other sites
StryDa 0 Posted April 11, 2007 Just saw this. I think PB will cause numerous problems and conflicts with the addon community. As it stands PB can't even control cheaters and people who spoil games in bf2... they are useless there and they will be more useless here in a community that makes hundreds of addons. As someone said before, this isn't BF2 with all the stupid hacks, and a bigger percentage of the people don't play this for the fps style game. But more of a realism coop CTi type game. Also most people cheat on BF2 cause it has a rank system and they want to be top of it. I never saw cheating in ofp to major problem until the "supercheat" came around. Every n00b had it and annoyed everyone. But thanks to people in the community it was starting to be recognised and banned from servers. I think PB will just make MP too stupid and will change alot of the way we used to play in ofp that everyone is trying to bring to ArmA. StryDa Share this post Link to post Share on other sites
Dwarden 1125 Posted April 11, 2007 re nuxil: i can understood your frustration about TK but that's not related to cheating itself (even some cheat groups love to TK) i'm sure in future TK gets solved by good server scripts and BIS self ... about banning by IP / MAC ... banning by MAC is nonsense - You can change this in BIOS, in OS and in NIC config ... not to mention abuse method (run server to know MAC of player X, then change your MAC into his and go on server Y and get banned by MAC, change your mac to something else and laugh that valid innocent player got banned) banning IP , with todays world full of dynamic IPs on cable, DSL and wifi providers it's slowly turning useless too , yet sometimes is useful to ban whole C groups or higher (not to mention possible IP spoofing) now we get ArmA MP ID based on KEY ... but problem is there is still working keygen so i guess that mean problem again right ? don't mix mods with cheats You don't need mods to use cheat there are already wallhacks in ArmA used from e.g. BF2 btw... re StryDa: it will cause no conflicts with addons as it can be configured for (just check addons/mods for other PB covered games) i'm quite sure You don't want Your CTI ruined by someone who knows where all Your units are, what's theirs weapon/ammo status, what's your resources status, what Your units see etc ... all this can be done via cheats and way more... i wonder how PB can change MP into stuping and way we play the game ? (not to mention You can always play with friends w/o any PB used e.g. on LAN party) ArmA cheating is now on rise but the real boom happens after US release ... Share this post Link to post Share on other sites
Tom_Anger 0 Posted April 11, 2007 I would like to see PB as a server side option and for those who wish to use addons/mods all they have to do is turn PB off - simple as that. Â I would like PB on this game full blown for events and the possibility of fun squad matches. Multiplayer maps are going to start coming out of the wood work soon, hopefully, and I don't want to get dissapointed by some weird file hack..... ArmA can be PB friendly and if issues come up just turn it off until it is fixed. Â Many games in the past had issues and that is what we did. Â The alternative is to use some auto screenshooter running (which takes up little memory) and when you play a mission/match/etc it buffers to your pc and when the match is over it uploads to a central FTP. Â That is how we stopped cheaters in Ghost Recon Advanced Warfighter over at http://graw.pro-gamingleagues.com/ Just offering my polled answer of YES if it can be controlled. Share this post Link to post Share on other sites
mahuja 12 Posted April 11, 2007 Keg's got a clue This is something that even microsoft is trying to recommend as standard practice by now. Â Did you know that the 'made for windows' logo requires a program not to require admin? That is, however, about as far as MS can go in making people safe from adminning themselves without necessity. (If some future release forces admins to have red background and windows classic looks, no aero or such, plenty of "You're admin, do you REALLY want to do this?" they might succeed.) other way around as extreme would be wish that something "similar like PB" named GACI generic anticheat interface appears as part of every major OS kernel You haven't heard of it then? Trusted Computing Alliance According to the Electronic Frontier Foundation, one of the fundamental premises behind trusted computing is that the owner and his software cannot be trusted. Anticheat is one of its applications. Generally I dislike it, for the same reasons EFF/FSF does; but it may prove to be "the final solution" as far as anticheat goes. Or at least as close as we're gonna get. And option != option - to really drag that example of mine out far, did you really consider suicide an option instead of replying to my post? I don't believe so; but it's still called an option. What I'm trying to say is that anytime you're touting the word optional in relation to PB, you're essentially doing misdirecting marketing. Yes, you can turn it off for special circumstances, but don't even think that you can avoid using it at all. (Which is what the common interpretation of "PB is optional" is) And expect internal anti-cheat, the part that does everything when PB fails (as in having to be turned off for a person to play, because of something it's allergic to, again my experiences) to become more and more lacking for it. That they should just use third-party instead of inhouse, (your words) is exactly what I mean happens with PB, making them ignore their own anti-cheat solution, eroding the word "option" even further. I believe everone who is supposed to make any sort of informed decision about PB in a game should also be allowed the truth about PB and security. We're well into the voting, and 20 or so pages into the discussion, though. As I have argued, keeping X from cheating ranks way higher than allowing X to keep his/her computer safe. They do seem to do a rather good job of closing holes found in their software; in that part they are responsible people, but their design (at least up to the point where everybody can use the 'service mode' ) made for a computer hard to secure. Saying "everybody runs admin anyway" is a circular argument. The advantage of 5.1 vs no sound, or even vs stereo sound, is comparable; but there, monetary expense is a lot of the reason some people don't use it, as is space. None of those factors are really the case with PB, esp since the monetary expense is invisible to the end user. For that reason, others do use PB, dropping the value of non-PB even more, and further killing "optional". --- I guess "incompetent" was a strong word. I apologize for going out a bit strongly. However, you failed to specify crucial points for making your proposition work; not omitting those would make your argument show its true complexity, but still needs to be included. I'm quite aware of those tools... but I did not include them (assume them included) in this discussion because: Security is all about people. Runas: As I said, people hate discomforts and inconveniences. Having to right click and choose "run as" every time is more than you can ask of a person. He'll forget to do it every so often, and it won't work. And god bless if every launcher out there actually can do this... How long does a person put up with this? Generally speaking, not long. At first, i switched between accounts. But instead of switching constantly, I found myself staying in the admin account. Even though I knew that was a bad idea. (Now? I use the discontinued Tiny Firewall) DropMyRights for this usage is a stillborn proposal. This is way outside its application area. More importantly: "Normal" people shouldn't even have to know about these. Yet it would be very wrong to take the attitude that they shouldn't be secure because they're not geeks. (As it relates to this discussion, nongeeks invariably run as admin to use "bad" software (as defined on one of those sites I linked to) including PB games, making themselves far less secure.) The path to security in this situation is way too long. Well, again, unless they got the service method going for all windowses, contrary to what I recently (during my posting to this thread) saw on their site. (If they DO have it working for 2k/XP, please tell me, so I can stop posting that disclaimer.) ---- "You think i'm gunna take your half myths half rumor based Arguments seriously ? can't be serious..." The problem, as I see it, it that you've been seeing any argument against your (maybe well reasoned) bias as such without actually checking if they have any merit. In more common wording, you're not taking people (with differing opinions) seriously. Preassuming that they don't know what they are talking about (as I got the impression you were doing with me) is an insult to that persons intelligence. Oversimplifying (leaving out crucial points) doesn't help. And when you're additionally taking up points I answered in the post you are answering, you show you didn't even read it properly. At best/worst (depending on viewpoint) it was a presentation issue of mine. If so, please tell me how I should have raised my points in such a way that you would not have been so dismissive of them. Either way, I think you can agree that this is a sensitive issue. As is anything that keeps people from playing their favourite legitimate games legitimately, be they anti-cheat or play prevention systems aka copy protection systems, or technical issues related to hardware or drivers, or yet other issues. (I guess I got caught by this myself, sorry.) I have had some direct bad experiences with PB, sure. But I am also security-aware enough to see PB wasn't all blessing in that area. The sum of things was such that I was not sad about leaving PB behind, and do not have a wish to cross paths with it again. >somehow i'm not surprised with amount of "PB experts" with myths leaked from cheat forums on purpose What I've been saying is 100% my own experience, at least where I have asserted anything as true. As for the rest, I try to apply common sense; disallowing all mods would be bad for EB, so they very probably found a way to allow that. If it raises the bar of competence required of server admins, is an open question of its own. (Extra PB specific setup, especially if it is not immediately obvious, will get missed often, I think.) >in the end try to find way How would You react in my position ? pat You on back, say "You right, PB is pure badware!" ? Never expected such a thing. You want PB in there, you like it, and all of that - I can respect that, even though I am of a different opinion due my experiences. However, when you (IMO) lie* ("optional") and omit (forces lower security, except vista**) to get your view through, I (esp being of another base opinion) naturally do wish to call you on it. * Lie may be an inaccurate word, in that it implies that you know you are doing it. I suspected not, and tried to clarify why I think it's incorrect. ** I'm generously keeping the possibility open for 2k/xp despite what I saw on their site. I would guess that at worst it should be a matter of time. At best what I read was inaccurate. Share this post Link to post Share on other sites
USMC NEEDER 0 Posted April 11, 2007 You know how good multiplayer will be with punkbuster! Share this post Link to post Share on other sites
kilo1-1 1 Posted April 11, 2007 I prefer that Armed Assault uses VAC but seeing that Armed Assault isn't a Valve game it isn't going to happen. PB is too easy to pass. Share this post Link to post Share on other sites
Dwarden 1125 Posted April 11, 2007 ... of course it works for w2k, XP, Vista ... it's posted in first post in thread, i posted it like 5 times already and at least once while answering You so one last time go there http://www.evenbalance.com/index.php?page=pbsvcfaq.php and read Quote[/b] ]Once the PnkBstrA service is running along with a new PB client version 1.500 and higher, running PB enabled games under Windows 2000, XP or Vista no longer requires Administrator privileges. Share this post Link to post Share on other sites
StryDa 0 Posted April 11, 2007 i see where your coming from Dwarden, but PB, no... i'd say go with another anti cheat system, VAC is ruled out ofc. And i don't really know of anymore. Anytime i've had a problem with cheating on BF2 PB team of monkeys shall we say take for ever to do anything. Then lots of people get banned for nothing because someone gets their CD key... I know PB don't have a big part is stats padding on BF2 etc, But they still don't act as they should. Why can't BIS look into and create there own "system" they have more knowledge of the game itself and could apply the anti cheat system more effectively so the Game and the anti cheat software can run in tandem smoothly. I haven't really got into ArmA Mp as much as i used to play ofp, im too amazed by the game still trying silly things in editor. But, Why should we have an anti cheat system when for about 1 - 2 years we had supercheat etc ruining CTi, CTF, coop games that the community was left to try and hammer out. It would be better if BIS could do this, instead of letting another company come in and ruin what they have. Just my ideas. StryDa Share this post Link to post Share on other sites
Dwarden 1125 Posted April 11, 2007 i guess you asking impossible developing state of art AC needs months maybe years of work with good team ... ofc i wish each dev studio/publisher got time/staff/money to deploy own AC but then reality check kicks in and ... anything is better than nothing ... Share this post Link to post Share on other sites
nuxil 2 Posted April 11, 2007 from what i understand.. bugs in the reason for cheats.. you exploit a bug in the system. a player found a way to do ""this & that""., and you call him a cheater B,cos it not suppose to happen in the system. i have to agree with a bit with StryDa. Now..Who gets to know the bug first?? bis or Pb ?.. well i thinks its Bis.. bis got a good comunity around itself that reports bugs fast. Who fixes this bugs? bis or Pb ?.. well i thik its Bis The arma devs can check what bugs needs to be fixed first and so on.. depending on the dammage the can cause.. now what I Think Arma needs. is in fact something like Apt.. you many think Wtf does Apt got to do with Arma and Wtf is Apt.. for thouse of you who has used linux with a debian install would probealy know it verry well.. im just talking about the Idea behind Apt. now my idea is simple. you got a master mirror where all the bugfixes are. eachtime you go online with arma. arma automaticly checks for updates. and if ther is any updates. arma update itself. if you do not update.. you can not play one the server that has been updated.. and you can only update arma if lets say krypted keys on each side match.. "somesort of gpg key maybe" All this would make arma almoust a ""Up to day"" game, since you are not upgrading eatch 2-3 months longer. you can install 1 fix if its been put on the mirror. I only have Bad experiance with PB and i really dont want to see it in arma. PS.. I whish i could Vote "NO" twise Share this post Link to post Share on other sites
Dwarden 1125 Posted April 11, 2007 bugs > exploits? =! cheats ... they similar yet not same ... example, cheater cheats in bug free and exploit free game ... Share this post Link to post Share on other sites
StryDa 0 Posted April 12, 2007 argghh i have something great to say and forget it as i want to post. Remembered now though :P From what i can see http://en.wikipedia.org/wiki/Punkbuster Punkbuster are active in FPS games mainly that the community is VERY divided. Where as on an RTS game, say C&C if some cheats the word gets around quick and no one will play with them. and will probably ban them. I think its similar with ArmA the community is closer and i know there are a few projects around ensuring if one server bans a tk it gets put on web so other can do the same. This is an easier way of controlling it for ArmA. It isn't a small enough community just to have word of mouth about glitchers or hacks. It isnt big to an extent that the information can't get from different parts of the community so has to use an anti cheat system. Im sure if BIS give it time and see what the hackers are doing to there game they can think of an easy way to stop it. File checking/File size checking... the basic things PB does.. this would alert the admin of a server. Which when banned could be uploaded to a BIS? page where all of the n00bs who hack tk can be recorded so people can just do a quick search to see if the person has a reputation. Or the server could just ban all the id's compiled on the list. Just some more ideas StryDa Share this post Link to post Share on other sites