Tuesday, December 15, 2009

Hey Blizzard

Hey, Blizzard! Have you been following the TSL2 qualification fallout? Do you learn anything from that? I suddenly feel scared about tournaments being run on battle.net 2. Will you provide sufficient guarantees that no one will cheat in tournaments now that you will own the data that the community can’t check? Or will all data be public (including players IP-addresses) so that we can check it on our own?

Do you already now have tools in place to catch abusers, win-traders and hackers? The old Starcraft ladder on battle.net was a joke from day one. I know you did better in Wacraft III, but it was still a ladder for casual players rather than the basis for an eSport.

How will all this turn out?


  1. I imagine that with the new observational capabilities, there will go with it a report function and "janitors" can join games and respond to those, similar to GMs in an MMO.

    Since they're probably also going to associate your account with your CD key, it's likely going to be expensive to do that stuff. If they do both of these things, the incentive to cheat in a competitive setting should be terribly low.

    If some chump on the Internet can think of it, I'm sure they've thought of it too.

  2. From what I have read, they will have up to 4 observer spots in the game.

  3. Sure, observer slots are nice and all, but there are no observers for the vast majority of ladder games played. Automatic counter measures will have to be in play. I just hope Blizzard step up to the challenge.

  4. I don't know if you understand the problem of hacks and games.

    You increasingly need to treat the target machines as though they were your own machines in order to detect hacks. Otherwise, they simply increase in sophistication.

    You start at ring 4, usermode stuff. This is detecting window titles and so on. Then the hacks jump up to another ring, then your detection jumps up to another ring, and so on and so forth until you can't go into more detail. Then you write kernel mode drivers, which control the APIs. A modified kernel may directly manipulate an API call.

    So then, eventually, your detection resorts to fingerprinting, because it has to. People have to verify their machine and software with you. If they are running a system you don't like, they can't use your software.

    Ignoring false positives and modified behavior (system drawing routines, for example, get severely damaged with HackShield), which is silly, because those are huge issues, there is the implicit issue of treating the machine as though it's not the user's machine.

    Nobody tells you exactly what information they harvest, how they harvest it, etc. They don't even have to tell you this before you purchase/download the game, so if you don't want it, you have to know what's up before purchasing/installing. Personally, I think that part should be illegal.

    Regardless, for the comparatively few that can screw things up, eventually you treat every user with a great deal of invasive measures, because they complain about hackers.

    Warden, for example, used to be a lot more invasive, but it still transmits a bunch of information that Blizzard has no business knowing.

    The absolute best design - and the one that everyone should prefer - is one that trusts the client with nothing. In this utopian software, you don't need hack detection because there's nothing they can hack.

    Obviously, you have to trust the client with some things, so there'll always be things to hack, but you can minimize the damage those do.

    There's no suitable software substitute for real humans. It's hard to determine many forms of hacking and botting in software, but it's real easy to determine for humans. Anyone who says "that should be easy" for automatic measures has no idea what they're talking about.