Sign in to follow this  
suliman

how to prevent save cheating? (for games where saving is NOT allowed)

Recommended Posts

suliman    1652

Hi

In many games such as xcom or others, there is a big point in the player not being able to go back if something went "bad". Actions should be permanent. The punishment/difficulty for "failing" something ingame can differ, but generally you don't want the player to be able to cheat.

 

However it seems to be hard to technically prevent save cheating (the user just finds and backups the "savefile" and restores it later). Any good way to actually stop this from being possible? Hide or nest files or something? I mean, if i save progress in the exe instead of in a separate "savefile" the player can just backup the exefile...

 

(And plz dont just answer "if the player wants to cheat, let him/her". That doesnt help me.)

 

Thanks!
Erik

Share this post


Link to post
Share on other sites
suliman    1652

no serverside stuff plz:)

 

I know its impossible to stop it completely for someone who really wants to mess with the files on their computer. But any concrete tips on making it less easy?

Can i hide files so the user doesnt see them? Or stamp them somehow so copies can be detected ingame and not be loaded?

 

Thanks again

Share this post


Link to post
Share on other sites
dave j    681
I don't think it's a case of making it less easy for them to do as less desirable. If you allow the player to save whenever and wherever they like they'll always be tempted to save just before a difficult bit and reload if they fail. Instead you could have a limited number of save locations that are sufficiently far apart that going back to a saved game would lose a significant amount of progress. This would at least discourage them from going back to a saved game even if it didn't prevent it.

Share this post


Link to post
Share on other sites
Waterlimon    4398

Make it possible to get through the game very very easily if you have access to cheats. If the player uses cheats, all challenge is removed and the game is no longer fun. The player cannot easily limit himself to a "fun" amount of cheats because it would be a completely arbitrary limit controlled by the player and again challenge is removed.

 

The only option left is to play the game without cheats if you want to be entertained.

Share this post


Link to post
Share on other sites
kop0113    2453

The way nethack does it is by running the game with the s-bit set (as root). So when the player saves, the data gets written to /var/games/nethack which the user has no write access to. This means on shared systems where the user has no admin access, they effectively cannot interfere with the save file.

 

So some flaws...

 

1) Nethack is open source so you can modify the code to remove the requirement.

2) Copy the binary, drop the s-bit and hex edit it to point to your home directory

3) chroot to create a fake root environment where you have control over the save file

 

Again, this system is most effective when playing the game over ssh where only the game launches as the shell and you are locked into it.

 

So I guess the best option you have is to make it too "impractical" to backup the save file and restore it on error. Perhaps forcing players to use a specially formatted memory stick and note down the device ID. This means that the player would need to do a full disk image on the usb stick to restore the data...

 

Make sure your game is really graphical and 3D making use of almost every graphics card extension known.. Otherwise players could just run your game in a virtual machine and save the entire state.

Edited by Karsten_

Share this post


Link to post
Share on other sites
rip-off    10976

Imagine a game like X-Com (which I haven't played, but I know the basics of). Due to the use of random numbers to determine if an alien is hit, or if one of your troops dies, or even the A.I. decisions, replacing a save file can help because next time the random numbers will be different different. So, why not make them the same - load the state of the generator from the save file and continue to use it going forward. So the next time the player loads the game, the same stream of numbers is waiting to be used.

 

Now, because the order of generation requests will be different, for example the player choosing to spend action points on shooting  rather than moving, etc, this results in the random numbers being used for different things. However, consider instead of having a single generator for all actions, you have a number of separate generators - one for user actions, one for enemy actions, one for random events, one of A.I. decisions, and so on. This way, if the player is due a "hard time" due to a particularly unfavourable sequence of numbers for their actions (e.g. a string of poor accuracy), or the enemy is due a streak of "lucky" numbers, replacing the save file won't help - it will just change some of the details of exactly when they appear.

 

I'm just making this up right now, I haven't tried it and someone might be able to spot a major flaw in such an approach. In particular, I wonder if it would even be obvious to the player that this is going on - they might try save "cheating" anyway while the game mitigates the effectiveness of the tactic. Such players might come away thinking that the game is just fundamentally unfair and stop playing.

Share this post


Link to post
Share on other sites
Pink Horror    2459


Imagine a game like X-Com (which I haven't played, but I know the basics of). Due to the use of random numbers to determine if an alien is hit, or if one of your troops dies, or even the A.I. decisions, replacing a save file can help because next time the random numbers will be different different. So, why not make them the same - load the state of the generator from the save file and continue to use it going forward. So the next time the player loads the game, the same stream of numbers is waiting to be used.

 

The latest version of X-Com that I've played has a "Save Scumming" setting for whether it saves its random number seeds. I don't know if it's one global seed, per team, per soldier, per action, or something else. Generally, if I reload after some bad dice rolls in a strategy game, I'd just retreat or find cover. I wouldn't try to do the same thing over and over. If I knew I was due a "hard time", I'd make sure I was in good cover and as far away as possible from the enemy, and I'd try to use up my inaccurate shots, so there's still a way to game the situation.

Share this post


Link to post
Share on other sites
Nypyren    12063

You could use an NTFS alternate data stream.  Very few people know about them, and it would take someone with a disk I/O monitor to realize what you're doing.

 

To make it harder for someone to notice the ADS in a disk monitor, you can put the ADS *on the folder itself* with the same name of a standard, red herring file in the folder.

 

Example:

 

Folder:Save1.dat   <- this is the ADS

Folder/Save1.dat   <- this is the red herring (just write a ton of random bytes to it to make it look encrypted)

 

The : and / will be hard to spot in the disk monitor and it may appear to the cheater that only one file is being accessed.

 

Here's the fun part:  Copy/pasting something with an ADS attached to it *does not copy the ADS*.  This means that if the player makes a backup of their save folder, then restores it later, the original ADS will either be unmodified or completely lost.

 

 

The most obvious downside is that people unaware of the ADS will not be able to make any kind of backup of it.  If they try to copy the game to a new computer, their game will be lost.

 

It's not perfect, but it'll probably confuse the hell out of people for a while.  Still, it only takes one person leaking the information about how it works for the technique to be ruined.

Edited by Nypyren

Share this post


Link to post
Share on other sites
frob    44908

The way nethack does it is by running the game with the s-bit set (as root). So when the player saves, the data gets written to /var/games/nethack which the user has no write access to. This means on shared systems where the user has no admin access, they effectively cannot interfere with the save file.
 
So some flaws...
 
1) Nethack is open source so you can modify the code to remove the requirement.
2) Copy the binary, drop the s-bit and hex edit it to point to your home directory
3) chroot to create a fake root environment where you have control over the save file
 

There are common and well-documented work arounds that don't involve root and don't involve anything particularly sneaky. You can copy the file from /var/games and overwrite an existing file if it came from there.

Even though the regular user cannot do much the file, they can read, copy, and move them with relative impunity. Keeping a collection of ascention-ready save files from /var/games/nethack is a common thing, as is keeping a backup save file of your current quest. Count me among the guilty on a shared system, especially after facing a group of randomly generated baddies with multiple wands of death. The first one fired and destroyed my amulet. The second fired and I resisted, then "would you like your possessions identified?" For a few years after that I kept copies of my save file that I updated after playing.

Share this post


Link to post
Share on other sites
joshbyrom    351

I would just like to point out that saving the game remotely adds complexity and further requirements to your project without providing a feasible return in most cases. Intercepting the call for a save game file and injecting your own is a lot simpler, in many circumstances, than performing intense decryption. Many forms of encryption, worth a lot more than any save game editor, have stood the test of time for dozens of years.

Edited by recursively

Share this post


Link to post
Share on other sites
Nathan2222_old    395

Hi
In many games such as xcom or others, there is a big point in the player not being able to go back if something went "bad". Actions should be permanent. The punishment/difficulty for "failing" something ingame can differ, but generally you don't want the player to be able to cheat.
 
However it seems to be hard to technically prevent save cheating (the user just finds and backups the "savefile" and restores it later). Any good way to actually stop this from being possible? Hide or nest files or something? I mean, if i save progress in the exe instead of in a separate "savefile" the player can just backup the exefile...

I was wondering the same thing but for single player games (will probably never make an mmo/mo etc.).
I guess i/you could implement an automatic autosave without the option for 'no autosave' and when the player opens the game, you can only load your career (like nfsmw).

Share this post


Link to post
Share on other sites
LennyLen    5715

 

Hi
In many games such as xcom or others, there is a big point in the player not being able to go back if something went "bad". Actions should be permanent. The punishment/difficulty for "failing" something ingame can differ, but generally you don't want the player to be able to cheat.
 
However it seems to be hard to technically prevent save cheating (the user just finds and backups the "savefile" and restores it later). Any good way to actually stop this from being possible? Hide or nest files or something? I mean, if i save progress in the exe instead of in a separate "savefile" the player can just backup the exefile...

I was wondering the same thing but for single player games (will probably never make an mmo/mo etc.).
I guess i/you could implement an automatic autosave without the option for 'no autosave' and when the player opens the game, you can only load your career (like nfsmw).

 

 

He's already stated that this is basically what he wants to implement.  His question is "how to stop people from cheating?"

Share this post


Link to post
Share on other sites
Hawkblood    1018
Use encryption to prevent data manipulation. Use save file verification to prevent copying—this can be done by having a “master date-time stamp” file that is located somewhere other than where the save files are. This “master date-time stamp” is a file with each save file’s date-time creation AND modified info recorded. This will work because when a file is copied it generates a new date-time stamp within Windows and any modifications will cause the game to reject it.

Share this post


Link to post
Share on other sites
LennyLen    5715


This will work because when a file is copied it generates a new date-time stamp within Windows and any modifications will cause the game to reject it.

 

These checks can be fairly easily circumvented by disassembling the program and finding the offset for the function that does the check and changing the next instruction to 'return' thus bypassing the entire check.

Share this post


Link to post
Share on other sites
LennyLen    5715


Most users wouldn't have a clue how to do that.

 

True, most won't.   but it's far more easier for crackers to bypass checks then to circumvent encryption, and as soon as one has done that they can make it availaible to most users.

Share this post


Link to post
Share on other sites
DejaimeNeto    4221

True, most won't. but it's far more easier for crackers to bypass checks then to circumvent encryption, and as soon as one has done that they can make it available to most users.

Or simply get a tool to change these dates after the modification.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this