Despite the name, VRChat is not a VR-only space and it's incredibly popular. Recently though, they added in Easy Anti-Cheat and the community is currently very unhappy with it.
Why does such a social space need anti-cheat though? As they said in their announcement modified clients became a big problem. They allowed users to "attack and harass others" which caused endless moderation problems. Plus, they explained that every month "thousands" of people have their accounts stolen due to these modified clients. So it is a big issue.
The downside is that some big features that a lot of people enjoyed have been lost, since no modified clients can be run, and some people can't play at all due to it. The developer said addressing those concerns is their "highest priority" and they're moving around their roadmap for it.
Since Easy Anti-Cheat supports Linux, the developers ensured and tested it working for Proton and Steam Deck so there should be no issues continuing to run it. As they said in their blog post announcement:
Does this prevent people from playing VRChat on platforms like SteamOS on the Steam Deck? What about Linux via Proton?
No, we’ve tested this! EAC works fine on these platforms. Thanks to Valve and the Proton team for all their hard work.
Clearly they've hit a nerve with the community though, as it's now getting review-bombed on Steam with the most recent user reviews hitting Overwhelmingly Negative.
To be fair, modified clients always were violating the TOS, afaik. There can be good reasons to have a modified client, but a lot of nasty things were done using these as well. Plus VRChat had a massive issue with people exploiting things in many ways that ruined the experience for a lot of people. I've been away from VRChat for a while, but I guess that didn't get any better.
So I absolutely can see why they did it, if it is the best way to do it and if it will be of any help, I can't say.
At least it still works on Linux, yay.
In my view the players who were running with modified clients and harassing people got what they deserved. Should have just kept it civil and not abused the developers trust/acceptance.
Honestly, from what has been said / what was happening this sounds reasonable to me. Shouldn't have abused it..
I say this as someone who used to make video game mods, and who regularly mods my games. However, I do it offline as to not interfere with others peoples experience.
My view pretty much is, and always has been: Sure go ahead and mod your games, cheat and have fun. But keep it offline and don't use it to cheat or abuse other players.
In this case: Blame the people running modified clients and abusing people. Not the developers.
Last edited by BlackBloodRum on 27 July 2022 at 12:00 pm UTC
QuotePlus, they explained that every month "thousands" of people have their accounts stolen due to these modified clients. So it is a big issueSo let me get this right, they have an issue with either their servers or client that permits someone with a mod to be able to seemingly steal login credentials and rather than fix the underlying problem, they decide the much more rational solution is to add an anticheat..... WHAT?
Account/credential stealing, client crashing server and clients, malicious scripts/mods... what's going with net code/online part of this VR app?
https://steamcommunity.com/id/Nursie_Sama/recommended/438100/
Last edited by mr-victory on 27 July 2022 at 3:05 pm UTC
Of course, there must be a better solution so that people can use mods - ideally a better infrastructure so that people can use whatever compatible client without causing the problems, but if they just implement a modding system that is comprehensive enough it should be alright. But I can see why they needed an immediate solution, even one with severe downsides.
Quoting: BlackBloodRumIn this case: Blame the people running modified clients and abusing people. Not the developers.
I gotta disagree. The real problem is server side. They don't check for abusive behaviors in the clients? Or have any decent moderation to remove bad actors? IMO the client level is the worse place to be dealing with the problems. In short short client side hacks are always the result of lazy poor game design (maybe in some cases bandwidth saving).
Say someone's using a client to see through walls... Umm ok so why did the game transmit what was behind the wall to the player before he was supposed to be able to see it. Or walking through walls (again the server should be able to note when a player is able to get somewhere he's not supposed to).
Bottom line is, Anti cheat software is intrusive, and it's always going to be bypassed. General rule of thumb in security is "Always assume the client is evil" and... in short. Client side security is guaranteed to fail. At the end of the day actual cheaters can usually get past easy anti-cheat.
Secondly no ones mourning the actual abusers who lose their mods and clients, but the non abusers who wanted or needed them. IMO the inevitable result is going to be within a week or 2. the abuse rate will be similar to what it was before... but legitimate users will be down due to lack of clients. I've seen no shortage of games that try to slap on the easy anti-cheat bandaid, but not do anything else, and the end result is pretty universally malicious actors find a way around easy anti-cheat.
See more from me