Despite the name, VRChat is not a VR-only space and it's incredibly popular. Recently though, they added in Easy Anti-Cheat and the community is currently very unhappy with it.
Why does such a social space need anti-cheat though? As they said in their announcement modified clients became a big problem. They allowed users to "attack and harass others" which caused endless moderation problems. Plus, they explained that every month "thousands" of people have their accounts stolen due to these modified clients. So it is a big issue.
The downside is that some big features that a lot of people enjoyed have been lost, since no modified clients can be run, and some people can't play at all due to it. The developer said addressing those concerns is their "highest priority" and they're moving around their roadmap for it.
Since Easy Anti-Cheat supports Linux, the developers ensured and tested it working for Proton and Steam Deck so there should be no issues continuing to run it. As they said in their blog post announcement:
Does this prevent people from playing VRChat on platforms like SteamOS on the Steam Deck? What about Linux via Proton?
No, we’ve tested this! EAC works fine on these platforms. Thanks to Valve and the Proton team for all their hard work.
Clearly they've hit a nerve with the community though, as it's now getting review-bombed on Steam with the most recent user reviews hitting Overwhelmingly Negative.
Article taken from GamingOnLinux.com.
Some you may have missed, popular articles from the last month:
The comments on this article are closed.
All posts need to follow our rules. For users logged in: please hit the Report Flag icon on any post that breaks the rules or contains illegal / harmful content. Guest readers can email us for any issues.
Good to hear it still works on linux.
To be fair, modified clients always were violating the TOS, afaik. There can be good reasons to have a modified client, but a lot of nasty things were done using these as well. Plus VRChat had a massive issue with people exploiting things in many ways that ruined the experience for a lot of people. I've been away from VRChat for a while, but I guess that didn't get any better.
So I absolutely can see why they did it, if it is the best way to do it and if it will be of any help, I can't say.
To be fair, modified clients always were violating the TOS, afaik. There can be good reasons to have a modified client, but a lot of nasty things were done using these as well. Plus VRChat had a massive issue with people exploiting things in many ways that ruined the experience for a lot of people. I've been away from VRChat for a while, but I guess that didn't get any better.
So I absolutely can see why they did it, if it is the best way to do it and if it will be of any help, I can't say.
1 Likes, Who?
I've seen a few testimonies, it appeared most public lobbies were just unplayable because of grieffers who just crashed other clients (likely with modified clients) but this allowed people to make security mods which prevented this kind of stuff. Overall it seems VRChat just killed the mods (and the modding community), let's see if at least this is worth it I guess.
At least it still works on Linux, yay.
At least it still works on Linux, yay.
1 Likes, Who?
So, it sounds like initially the developers were accepting and trusting of mods to the client and such giving people some freedom of choice. However, people abused that trust and used it to harass - in multiple ways: abuse, account stealing, crashing games etc - innocent players so in order to protect their game and players they had to put an anti-cheat/mod in place?
In my view the players who were running with modified clients and harassing people got what they deserved. Should have just kept it civil and not abused the developers trust/acceptance.
Honestly, from what has been said / what was happening this sounds reasonable to me. Shouldn't have abused it..
I say this as someone who used to make video game mods, and who regularly mods my games. However, I do it offline as to not interfere with others peoples experience.
My view pretty much is, and always has been: Sure go ahead and mod your games, cheat and have fun. But keep it offline and don't use it to cheat or abuse other players.
In this case: Blame the people running modified clients and abusing people. Not the developers.
Last edited by BlackBloodRum on 27 July 2022 at 12:00 pm UTC
In my view the players who were running with modified clients and harassing people got what they deserved. Should have just kept it civil and not abused the developers trust/acceptance.
Honestly, from what has been said / what was happening this sounds reasonable to me. Shouldn't have abused it..
I say this as someone who used to make video game mods, and who regularly mods my games. However, I do it offline as to not interfere with others peoples experience.
My view pretty much is, and always has been: Sure go ahead and mod your games, cheat and have fun. But keep it offline and don't use it to cheat or abuse other players.
In this case: Blame the people running modified clients and abusing people. Not the developers.
Last edited by BlackBloodRum on 27 July 2022 at 12:00 pm UTC
4 Likes, Who?
Plus, they explained that every month "thousands" of people have their accounts stolen due to these modified clients. So it is a big issueSo let me get this right, they have an issue with either their servers or client that permits someone with a mod to be able to seemingly steal login credentials and rather than fix the underlying problem, they decide the much more rational solution is to add an anticheat..... WHAT?
6 Likes, Who?
So VRChat Inc. buyout incoming by Meta or something else or it become, little by little, Epic Online Services/Epic Game Store (kinda) exclusive.
Account/credential stealing, client crashing server and clients, malicious scripts/mods... what's going with net code/online part of this VR app?
Account/credential stealing, client crashing server and clients, malicious scripts/mods... what's going with net code/online part of this VR app?
0 Likes
So there's a bunch of people wandering around being total assholes just because, and that's why we can't have nice things. Not a new story.
8 Likes, Who?
soulsource Jul 27, 2022
9 Likes, Who?
mr-victory Jul 27, 2022
Oh my... The backslash is HUGE! So huge that VRChat is hardly an important game anymore.
https://steamcommunity.com/id/Nursie_Sama/recommended/438100/
Last edited by mr-victory on 27 July 2022 at 3:05 pm UTC
https://steamcommunity.com/id/Nursie_Sama/recommended/438100/
Last edited by mr-victory on 27 July 2022 at 3:05 pm UTC
1 Likes, Who?
Hmm, I had heard the news second-hand and was wondering why the heck a chat app needed anti-cheat. Seems like a really dire situation.
Of course, there must be a better solution so that people can use mods - ideally a better infrastructure so that people can use whatever compatible client without causing the problems, but if they just implement a modding system that is comprehensive enough it should be alright. But I can see why they needed an immediate solution, even one with severe downsides.
Of course, there must be a better solution so that people can use mods - ideally a better infrastructure so that people can use whatever compatible client without causing the problems, but if they just implement a modding system that is comprehensive enough it should be alright. But I can see why they needed an immediate solution, even one with severe downsides.
2 Likes, Who?
In this case: Blame the people running modified clients and abusing people. Not the developers.
I gotta disagree. The real problem is server side. They don't check for abusive behaviors in the clients? Or have any decent moderation to remove bad actors? IMO the client level is the worse place to be dealing with the problems. In short short client side hacks are always the result of lazy poor game design (maybe in some cases bandwidth saving).
Say someone's using a client to see through walls... Umm ok so why did the game transmit what was behind the wall to the player before he was supposed to be able to see it. Or walking through walls (again the server should be able to note when a player is able to get somewhere he's not supposed to).
Bottom line is, Anti cheat software is intrusive, and it's always going to be bypassed. General rule of thumb in security is "Always assume the client is evil" and... in short. Client side security is guaranteed to fail. At the end of the day actual cheaters can usually get past easy anti-cheat.
Secondly no ones mourning the actual abusers who lose their mods and clients, but the non abusers who wanted or needed them. IMO the inevitable result is going to be within a week or 2. the abuse rate will be similar to what it was before... but legitimate users will be down due to lack of clients. I've seen no shortage of games that try to slap on the easy anti-cheat bandaid, but not do anything else, and the end result is pretty universally malicious actors find a way around easy anti-cheat.
7 Likes, Who?
Server side AC isn't a silver bullet to every problem. In the case of VRchat, it might be a good solution, but look at their model - it wouldn't work. Remember that SS-AC is computationally very expensive, because everything happens on the server (duh!) and now remember that VRchat is a free game.
It's easy to see its success in hindsight and say "lazy devs, should have used server side", but that's not how a business model works. There's uncertainty and success is the biggest uncertainty of all, so you're not buying a massive server cluster (or paying for an elastic version in a cloud instance) for a free game in the earnest hope it does well and you can sell skins. Nope, you move everything client side and if you're successful, then you can cross/burn those bridges when you come to them.
Honestly, SS-AC usually introduces so much lag/latency that it's rarely a good solution. I think Faceit and Fair..fight (I think?) are the only two vaguely viable solutions out there AND THEY STILL RELY ON CLIENT SIDE PROTECTIONS! The Fairfight, I seem to remember needed kernel/rootkit client side protections, I think.
So please have some empathy here. This situation is because cheaters are dicks. Not devs. They're just trying to earn their living like everyone else. They're not "lazy" or "incompetent" just because cheaters are assholes.
It's easy to see its success in hindsight and say "lazy devs, should have used server side", but that's not how a business model works. There's uncertainty and success is the biggest uncertainty of all, so you're not buying a massive server cluster (or paying for an elastic version in a cloud instance) for a free game in the earnest hope it does well and you can sell skins. Nope, you move everything client side and if you're successful, then you can cross/burn those bridges when you come to them.
Honestly, SS-AC usually introduces so much lag/latency that it's rarely a good solution. I think Faceit and Fair..fight (I think?) are the only two vaguely viable solutions out there AND THEY STILL RELY ON CLIENT SIDE PROTECTIONS! The Fairfight, I seem to remember needed kernel/rootkit client side protections, I think.
So please have some empathy here. This situation is because cheaters are dicks. Not devs. They're just trying to earn their living like everyone else. They're not "lazy" or "incompetent" just because cheaters are assholes.
7 Likes, Who?
mr-victory Jul 27, 2022
IMO the inevitable result is going to be within a week or 2.EAC was already bypassed when it was in beta, which is a 24 hour period.
3 Likes, Who?
Server side AC isn't a silver bullet to every problem. In the case of VRchat, it might be a good solution, but look at their model - it wouldn't work. Remember that SS-AC is computationally very expensive, because everything happens on the server (duh!) and now remember that VRchat is a free game.
It's easy to see its success in hindsight and say "lazy devs, should have used server side", but that's not how a business model works. There's uncertainty and success is the biggest uncertainty of all, so you're not buying a massive server cluster (or paying for an elastic version in a cloud instance) for a free game in the earnest hope it does well and you can sell skins. Nope, you move everything client side and if you're successful, then you can cross/burn those bridges when you come to them.
Honestly, SS-AC usually introduces so much lag/latency that it's rarely a good solution. I think Faceit and Fair..fight (I think?) are the only two vaguely viable solutions out there AND THEY STILL RELY ON CLIENT SIDE PROTECTIONS! The Fairfight, I seem to remember needed kernel/rootkit client side protections, I think.
So please have some empathy here. This situation is because cheaters are dicks. Not devs. They're just trying to earn their living like everyone else. They're not "lazy" or "incompetent" just because cheaters are assholes.
I totally agree with you, one thing that you are missing is cost/benefit balance. Is they are really starting to get in trouble and threading on legal ground because of unhappy customer it will be cheaper to put Easy Anti-Cheat and moving liability to another please.
Just a thought, when the team is small this could be a daunting task to get it right with a custom made solution and if not done right is game over.
0 Likes
"No, we’ve tested this! EAC works fine on these platforms. Thanks to Valve and the Proton team for all their hard work."
Kudos to them for this though, yeah? I mean, how many other developers / publishers have folks practically begging for exactly this and not even getting so much as a "yes" or "no" answer, and here these folks just go and do it.
Last edited by BlooAlien on 27 July 2022 at 5:18 pm UTC
Kudos to them for this though, yeah? I mean, how many other developers / publishers have folks practically begging for exactly this and not even getting so much as a "yes" or "no" answer, and here these folks just go and do it.
Last edited by BlooAlien on 27 July 2022 at 5:18 pm UTC
8 Likes, Who?
The real problem here is you can't host your own servers with EAC off. Official ones can and should use some kinda protection ideally serverside but killing off a massive active modding community is just shitty. Imagine if Minecraft in response to some people using cheat clients like baritone decided to add forced AC that broke every mod.
1 Likes, Who?
The real problem here is you can't host your own servers with EAC off. Official ones can and should use some kinda protection ideally serverside but killing off a massive active modding community is just shitty. Imagine if Minecraft in response to some people using cheat clients like baritone decided to add forced AC that broke every mod.
this will not work it may work for the new versions of the game before a modder made a mod to bypass the EAC or players will stick to a version of the game that does not have EAC
players that like to play with mods play Minecraft java edition
0 Likes
The real problem here is you can't host your own servers with EAC off. Official ones can and should use some kinda protection ideally serverside but killing off a massive active modding community is just shitty. Imagine if Minecraft in response to some people using cheat clients like baritone decided to add forced AC that broke every mod.
this will not work it may work for the new versions of the game before a modder made a mod to bypass the EAC or players will stick to a version of the game that does not have EAC
players that like to play with mods play Minecraft java edition
Yes your right. It's more like if Minecraft was an always online game and they could force you to use a version that didn't support mods. Which is even worse.
1 Likes, Who?
The real problem here is you can't host your own servers with EAC off. Official ones can and should use some kinda protection ideally serverside but killing off a massive active modding community is just shitty. Imagine if Minecraft in response to some people using cheat clients like baritone decided to add forced AC that broke every mod.
this will not work it may work for the new versions of the game before a modder made a mod to bypass the EAC or players will stick to a version of the game that does not have EAC
players that like to play with mods play Minecraft java edition
Yes your right. It's more like if Minecraft was an always online game and they could force you to use a version that didn't support mods. Which is even worse.
Minecraft has always online DRM in that you have to login to download the game, and you have to login on subsequent attempts to play (if you want multiplayer that is) oh and don't forget they'll take away sound files from previous versions of the game so you can't play those versions with sound properly. Minecraft is a bad example but I get what you're driving at.
0 Likes
gradyvuckovic Jul 28, 2022
So weird to see a developer answering 'Will it work on Linux?' in the actual announcement for adding EAC to a game. Like we didn't even have to chase them up, they just knew it was important enough to specify at the start, and knew it was important enough to check and verify the game will still work fine on Linux/Deck.
Really is the year of Linux gaming!
Really is the year of Linux gaming!
6 Likes, Who?
Patreon
PayPal
See more from me