While you may not be removing all the cheaters by giving a cvar to disable client side plugins, you will be preventing the people who are too stupid to do some of the more complex cheats. Why make it easier to cheat? Learning how to Lua script (Or script in sourcepawn) isn't all that hard, especially if you have a shell to plug into that handles all the major hooking you need to do. The fact is, there are a lot of people who know how to read instructions and can install sourcemod into the client directory pretty easy. And from the sounds of it, there are pre-written lua scripts that they can learn from to do whatever they want with the new client lua interface. However, giving servers the option to disallow clients with plugins loaded just like having the option to filter out clients that have failed md5 checksums for their textures isn't that bad of an idea. I can see where client side plugins are useful, ESEA and such aside. However, they have no place, or legitimacy being run on regular servers. While not all users do it for malicious intent (Hey look, I was at a LAN!), the fact is most users that use that interface, are doing so for malicious reasons.
Again, it may not stop the big boys, but making it easier to cheat just doesn't make sense in my book. On Fri, Apr 2, 2010 at 9:43 PM, AzuiSleet <[email protected]> wrote: > So consider Valve does disable clientside plugins, what will change? > Absolutely nothing. All the cheaters will continue to use their cheats > that don't rely on clientside plugins. Everyone else will use a > network proxy, which can replication all the malicious exploits you're > worried about. With a network proxy you just send net_SetConVar to > force any cvar on the client. There's also the magic of the exploits > in the netcode that aren't fixed, like net_StringCmd before you do any > sign on, which is what the NULL player crash is. There's also the > client disconnect control command, which is again being exploited by > the lua clientside plugin, but is trivial to do with a network proxy. > > In the end Valve needs to fix the real exploits, which are the source > of the issue, not disable a very useful feature. > > On Fri, Apr 2, 2010 at 8:22 PM, Charles Mabbott <[email protected]> > wrote: > > > > --- Scott Highland wrote: > > Maybe you could explain why this whole list, and the company that runs it > > should all agree to completely remove the ability to incorporate > > modifications just because it would suit YOUR needs as an anti-cheat > > function to thwart the .3% of TF2 players that are abusing it in this > > fashion? That's a pretty self-centered way of thinking and kind of > > ridiculous, it's sad so many of you don't seem to see it this way. > > --- > > > > The only suggestion I have seen that seems appropriate is a server CVAR > that > > forcefully unloads any non-valve released client plugins. (sv_pure > extension > > could be pretty good, but has a couple of issues). Which would allow > > everyone a decent options. A CVAR was added to effectively disable Mic > spam, > > remove the wait command from client scripts. Of which a very small > portion > > of the population actually used, however, it only takes one aimbot to hop > > into a full server and empty it in a matter of minutes and does a number > to > > the games overall population. How many games that made zero efforts > against > > cheating and other aspects do you think hold an audience? That is what > most > > of this discussion is about. A new threat is out there, all be it small > at > > the moment, but might as well get the counter measures in place now. > > > > Some client side plugins are legitimate as I pointed out, and loosing > those > > functions would be a hinderance to many players, but asking for Valve to > > give server ops an option to disallow client plugins on their servers > isn't > > too much of a stretch since there is now a very public website and > scripts > > that from what I read serve no purpose other than exploiting the game > > environment. Rather than having multiple parties code anti-cheat plugins, > a > > bunch of server ops with something extra to worry about, it be a nice > > addition if Valve could give an option to server admins to disable > non-valve > > released client plugin. I don't think that is an unreasonable thing to > ask > > for if it's possible. > > > > I think the blanket removing of the feature entirely is a bit over the > top > > myself. > > > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > -- "All programmers are playwrights and all computers are lousy actors." - Unknown "When I do good, I feel good; when I do bad, I feel bad, and that is my religion." - Abraham Lincoln Mark J. Gunnett [EoE]SniperFodder{AL} _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
