[TTT] Players hacking, and evidence gathering - Garry's Mod

So, I seem to have split my server's staff team on this as half think that the method of gathering evidence we use is unethical, and the other half feel it's justified if we pre-warn users that it will happen if they cheat. How do we do it? We take a screenshot of the player's client if we detect a variety of hacks on their client, then send it to our web server, if it happens multiple times the system then automatically bans the player. Some of our staff believe that we should never take a screenshot from the user's client, with or without prior warning/consent, others believe that it's okay if they violate the rules and we pre-warn them. The only reason we use these screenshots is for enforcement of the bans or to clear allegations in the case of false-positives. To the point of what I want to ask, do you guys believe it's okay to do this with a strict privacy policy in place on handling them, taking into account that it is sent directly from the user's client without our administrators intervening.

I'm confused, what do you mean "to the web server." Are you not the server owner?

[QUOTE=Te Great Skeeve;41286105]I'm confused, what do you mean "to the web server." Are you not the server owner?[/QUOTE] I am, and I meant that we use a POST request to forward the base64 screenshot to a web server which stores it for use with ban appeals and such, this is done directly from the offending user's client itself.

Why don't you just say in your MOTD or rules or whatever that you reserve the right to take screenshots of clients whenever the moderator(s) feel necessary? ` It depends on your implementation, if you take screenshots automatically without anything on the players, than that's silly. If you allow moderators and administrators use of the screenshot system and take them automatically if you detect certain activity ( forcing sv_allowcslua for example ) then having the system there greatly outweighs privacy issues.

[QUOTE=>>oubliette<<;41287036]Why don't you just say in your MOTD or rules or whatever that you reserve the right to take screenshots of clients whenever the moderator(s) feel necessary? ` It depends on your implementation, if you take screenshots automatically without anything on the players, than that's silly. If you allow moderators and administrators use of the screenshot system and take them automatically if you detect certain activity ( forcing sv_allowcslua for example ) then having the system there greatly outweighs privacy issues.[/QUOTE] That's kind of how I was thinking it would work. The staff don't actually have access to force a screen capture though, the system detects the cheats then does it on its own; however there are still some cheats I can't pick up as of this moment in time. The way I was going to balance out the privacy issues, was a warning on the loading screen then a notice on the top of the screen for the first 30 or so seconds of joining (including after map changes).

It's a security thing so I don't see why not(If you warn them they can easily turn it off). There shouldn't really be anything to hide or be private about, although we did catch a player watching porn on his steam overlay browser one time...

I don't really see how it would be "unethical". If you did something like dump their cheat or crashed their game or computer somehow, then maybe you would be getting a bit further into the grey area. Make sure your staff realise that you're not taking a screenshot of the entire desktop or whatever, only the game window. Speaking of, if you're using the method I think you're using, it's not exactly something I would recommend relying on. I've managed to find a way around it already, and if I can do it, so can others.

[QUOTE=SashaWolf;41289683]I don't really see how it would be "unethical". If you did something like dump their cheat or crashed their game or computer somehow, then maybe you would be getting a bit further into the grey area. Make sure your staff realise that you're not taking a screenshot of the entire desktop or whatever, only the game window. Speaking of, if you're using the method I think you're using, it's not exactly something I would recommend relying on. I've managed to find a way around it already, and if I can do it, so can others.[/QUOTE] if someone took my cheat from my folder, I would be pretty pissed.

[QUOTE=Johnny Guitar;41291290]if someone took my cheat from my folder, I would be pretty pissed.[/QUOTE] and who gives a shit if it pisses you off? It's your fault for cheating on their server in the first place. [editline]3rd July 2013[/editline] If you weren't using it and they took it then yeah that's unethical.

[QUOTE=Johnny Guitar;41291290]if someone took my cheat from my folder, I would be pretty pissed.[/QUOTE] Then you should probably secure your cheat better (thought you probably can't see this because you are banned ;_;). [editline]3rd July 2013[/editline] [QUOTE=BubbleWizard;41293195]and who gives a shit if it pisses you off? It's your fault for cheating on their server in the first place.[/QUOTE] It's a mutual thing. Chances are their server has some custom made anticheat that someone probably worked really hard on since there are no good public ones that I have seen. Wouldn't it be a shame if I posted a full dump of it + code that would bypass it on someplace like hackforums? If someone who does not want their cheat dumped is cheating on your server, chances are it's not public, so all that is necessary is a ban. Then again, as I told the dude above, it's kinda the developers fault for not taking steps to secure their cheat from being stolen/detected by an anticheat, but meh.

[QUOTE=BubbleWizard;41293195]and who gives a shit if it pisses you off? It's your fault for cheating on their server in the first place.[/QUOTE] Personally, I believe that taking the cheat itself would be going against the entire point of the script. It's an [b]anti-cheat[/b], so it should be a preventative measure and shouldn't interfere with the client's operation in any way. While it would be useful to find out what cheats are running and decompile them in order to stop them in the future, I don't see a reason to do that if the system can already detect it. :P If it can't, I can always look on Hackforums or MPGH for scripts that people use on most servers.

Shit man, taking pictures without the players knowing. You're the Gmod NSA!

By using cheats you are exposing yourself to something that could be stealing more than any anti cheat ever could anyway. At the same time by cheating you acknowledge the consequences whatever they are... The only people that don't agree with it are people that cheat themselves, thats probably your own staff. Why would they complain about something that makes their life easier. There is nothing ethical about cheating...

I wouldn't say it's wrong... Which means you should send me the code to take pictures of players screens as I really cba making it.

I have never encountered cheaters except a few ghosts during my 200 playtime of TTT.

[QUOTE=Bat-shit;41303368]I have never encountered cheaters except a few ghosts during my 200 playtime of TTT.[/QUOTE] In the 6th months of my server being online, I've had everything from players using aimbots to wallhacks and role detectors that edit the GUI. However, it's only recently that we've discovered quite a lot of them because of the new anti-cheat system we're implementing :) It all depends on what kind of server you go to, their staff and users themselves. Some servers are peaceful and mainly to themselves with a large community that wouldn't do such a thing, others are open with a small community and much larger outside users who have no such obligation to the server itself.

[QUOTE=Crashdoom;41303435]In the 6th months of my server being online ... [B]new[/B] anti-cheat system we're [B]implementing[/B] :)[/QUOTE] That made no sense. Also there's a difference between taking someone's script and leaking it to pastebin or wherever.

I do it and have gather a good collection of player screenshots. If you caught hacking you deserve a ban. Mind you I collect all player screenshots and there updated regularly. [url]http://www.sourcetribe.co.uk/screenshots/[/url] [url]http://www.sourcetribe.co.uk/screenshots/index.php?id=STEAM_0:1:59811481[/url] While I collect player screenshots we also have an observer. Some players who have been banned for hacking don't always should up on screenshots and it pretty easy to catch those players.

[QUOTE=>>oubliette<<;41304051]That made no sense. Also there's a difference between taking someone's script and leaking it to pastebin or wherever.[/QUOTE] Do pardon me, I simply meant that it's still in the works, while it's officially active we haven't completed all of its functions so some features are incomplete. Prior to this system, we had no factual evidence that people were cheating.

The law states you need to have to user agree if you are taking any data from their computer without their consent, you also need to state the purpose (anti-cheat blah blah), and who will see the data, how long it will be kept for, and exactly what data you will be taking. If all those are in your terms somewhere and you make sure the user agrees to them (keep a record in a database, not just something they see when they join, its a law requirement), then from a legal viewpoint you wont be doing anything wrong, take a look at Punkbuster's T&C for an example. However from an ethical point of view I would never join a server that would take screenshots of my screen, even for anti-cheat and I think its a bad idea, imo find a better or different method.

Not sure if you all know this as well but taking screenshots of a client's screen will show the steam-overlay (if they are in it) and you can pretty much read steam chats. Also as far as taking someone's script; if they hack they should expect consequences and majority of hackers (who are good enough to code a decent hack) can and sometimes will do the same with the anticheat (and pastebin it). Edit, [url]http://jonzky.com/garrysmod/potential/2013_Jul_03/STEAM_0_1_58058392/1372883632.jpg[/url] (An example of a clear hacker - though screenshots are automatically taken when the AC detects hacks. ) - The players are banned anyway - screenshots are just icing on the cake. Also I was considering releasing a c++ module that ftps the images to a webserver if there's any interest in it.

[QUOTE=Jonzky;41304947]Also I was considering releasing a c++ module that ftps the images to a webserver if there's any interest in it.[/QUOTE] I don't think you can run modules on the client, if that's what you're saying in this. [editline]4th July 2013[/editline] [QUOTE=Pantho;41303306]I wouldn't say it's wrong... Which means you should send me the code to take pictures of players screens as I really cba making it.[/QUOTE] Weren't you in several of the threads where working code was released? Check the anticheat thread from awhile ago, there was like three pages of people talking about it.

[QUOTE=Jonzky;41304947]Not sure if you all know this as well but taking screenshots of a client's screen will show the steam-overlay (if they are in it) and you can pretty much read steam chats. Also as far as taking someone's script; if they hack they should expect consequences and majority of hackers (who are good enough to code a decent hack) can and sometimes will do the same with the anticheat (and pastebin it). Edit, [url]http://jonzky.com/garrysmod/potential/2013_Jul_03/STEAM_0_1_58058392/1372883632.jpg[/url] (An example of a clear hacker - though screenshots are automatically taken when the AC detects hacks. ) - The players are banned anyway - screenshots are just icing on the cake. Also I was considering releasing a c++ module that ftps the images to a webserver if there's any interest in it.[/QUOTE] You don't need a module. You can do it all threw php and have the web server handle the load. I use [code] ftp_fget [/code]

Not this again... if it makes you happier, i've been doing it for months: [url]http://94.23.42.215/screenshots/[/url] 95% people there actually cheated What if the cheater asks for proof you banned him for? What if he's using an advanced cheat that only triggered 1-2 anticheat checks and you're not sure either if he really cheated? Screenshot solves that problem and helps you get rid of those bastards. [B]It's a sandbox game[/B], you should take advance of all the tools Garry gave you to make a perfect server, and don't give a shit about ethic when it comes to cheaters and their screenshots. Also double-check if your admins use hacks if they think that it's "unethical"

You guys shouldn't get too cocky with this screenshot stuff. I've managed to find a way to bypass it, and that's without even touching anything in the engine that's driving the various lua functions that can be used to produce a screenshot. In this case, when I say bypass, I mean that you cannot see anything that my hack draws on the screen, with my chams being the sole exception. If I've been able to figure out how to do it, I'm sure others can as well.

[QUOTE=I am God.;41308289] [B]It's a sandbox game[/B], you should take advance of all the tools Garry gave you to make a perfect server, and don't give a shit about ethic when it comes to cheaters and their screenshots. [/QUOTE] If you don't give a shit about the law, I can guarantee that eventually you will get fucked over by someone who means serious business (however unlikely that may seem to you). At least chuck T&C in there, it's not like anyone really reads them anyway, plus it protects you.

Screenshots aren't an effective way of detecting cheating if you're up against people who know what they're doing. I suppose if you absolutely have to be rid of people who use public/paid hacks then you should do it, but VAC usually handles those people pretty effectively.

[QUOTE=SashaWolf;41307474]I don't think you can run modules on the client, if that's what you're saying in this. [/QUOTE] Its already working for me, its on the server. With the module you can easily decode it and change the extension (something I assume you can do in PHP as well).

Personally I thought this issue was resolved. If you want to take screenshots and you're scared about legal things, say that you're going to take screenshots in some T&C, lots of servers have rules that you agree to before playing, have the T&C there too. Screenshots [U]are[/U] an ethical way of detecting cheaters, a lot of cheaters don't know how to / cant / don't bother dealing with this method and it gives proof that couldn't be any clearer or more definitive. To some people, servers randomly grabbing screenshots of you talking to your friends and watching porn would seem like an invasion of privacy, but in almost all cases this would have been caused by some cheat detections, some solid ones, such as sv_allowcslua forcing. It's also like every other cheat detection method, something you shouldn't rely on. I could send completely black, completely white or no image at all by detouring the function. And as Sasha said there's ways to draw stuff that don't show up on screenshots.

[QUOTE=Hergs;41289579]It's a security thing so I don't see why not(If you warn them they can easily turn it off). There shouldn't really be anything to hide or be private about, although we did catch a player watching porn on his steam overlay browser one time...[/QUOTE] I hope that wasn't me :tinfoil: