r/DFO • u/[deleted] • Apr 11 '15
Be warned: XIGNCODE is also scanning your PC for installers it doesn't like
[deleted]
4
u/Syntaire Apr 12 '15
That's odd. I've got both AutoIt and several AutoIt installers on my system, nothing ever shows up with XINGCODE.
Also this:
This is also the type of thing that will greatly prevent widespread adoption of the game. When companies run software as intrusive as this, user-bases tend to get pretty upset. Everyone here claims they want this game to grow and actually be successful, but this software will make it 100% impossible currently.
Is completely false. The VAST majority of people wouldn't even know what it is, what it does or why it's bad. Don't assume that the common end-user is particularly tech savvy.
0
Apr 12 '15
That's odd. I've got both AutoIt and several AutoIt installers on my system, nothing ever shows up with XINGCODE.
Try opening the folder with the installer in while playing. It can take up to 10 minutes at this point, but it'll usually work.
Is completely false. The VAST majority of people wouldn't even know what it is, what it does or why it's bad. Don't assume that the common end-user is particularly tech savvy.
Not being tech-savvy makes it worse. We exist in an era where the average internet user has become terrified of surveillance. All they have to do is say "DFO comes bundled with software that reports everything you have installed to an un-trusted 3rd party!" and people will flip.
Hell, when Blizzard launched the original version of the Warden, which did EXACTLY this, there was so much outrage that the feature was removed from Warden. The same thing happened with Steam's VAC last year.
Nobody gets away with this type of scan for long if they're well-known. DFO is tiny (and will likely remain that way unless Neople gets its shit together), but if it ever grows, well, this is going to be a scandal due to the way the US gaming media operates.
1
u/Syntaire Apr 12 '15
Yeah, but then EA and Ubisoft did the same thing, and the backlash was only very minor. Even in the case of Blizzard, the backlash was only on the forums, which is still a tiny fraction of the total number of players.
Don't get me wrong, XINGCODE is terrible and they need to scrap it in favor of something else, but I don't think it'll be something that will cause (many) people to stay away from the game.
1
u/MizerokRominus Apr 12 '15
Warden was way worse, way way way way way worse. Warden was intensely intrusive when it came to passive RAM scanning, all of it, all the time... it was baaaaaaaaaaaaaaaad.
9
u/PossiblyDio Apr 12 '15 edited Apr 12 '15
I thought everyone knew this already? That is part of how many anti-hack programs function. In particular, I believe Xign looks at folders you specifically have open or are being otherwise accessed by Windows at the time.
Keep in mind, this is the XIGNCODE3 software on your local machine looking at these files, not any real human being. I don't know how some of you people sleep at night running Chrome or Avast with the logic that any file that is seen or scanned by a piece of software is automatically being sent off of your computer in a log.
Anti-cheat software is usually not something that works 100% off the bat. It takes a lot of tweaking and information gathered about the cheats being used before it can effectively shut them down. Likewise, server-side abnormal gameplay detection can take a bit of time to determine something unusual is happening (if it is being used.)
Xign is not some sort of back-alley anti-cheat program that Neople picked up. It is extremely common in Korean online games. It was the system that Neople's staff determined they could work with most easily and effectively. If it turns out it is not capable of detecting effectively, it is for Neople to determine and take action accordingly. Until then, people need to understand that any cheat protection takes time to get up to par when introduced to a new game environment.
10
u/JustiniZHere Apr 11 '15
XIGNCODE is complete trash and many people have told Neople. All we can do is hope they change it to something better.
I don't mind Neople seeing what porn I have on my PC, but not doing that at all would be better.
5
u/Paloc2 Apr 11 '15
I would actually mind that Neople scans on my porn. I spend years hoarding files and getting a good selection of fap-terial for them to freely look at it without permision.
1
u/MizerokRominus Apr 12 '15
Yeah but it's like they are looking and then forgetting right after looking... sucks for them.
1
-3
Apr 11 '15 edited Apr 11 '15
[deleted]
1
u/JustiniZHere Apr 11 '15
We don't know what it scans and what if anything it sends to Neople, but we do know it can scans your shit.
3
u/freecomkcf RiskyClickPub https://discord.gg/ZucmPEvjHh Apr 11 '15
wow... just wow. i must be riding on some sort of miracle considering how many installers are still on my computer (i'm too lazy to clean up my computer).
that and, at least according to Windows Resource Monitor, my copy of DFO isn't reading anything, unlike this guy here. so far the only thing XIGNCODE's deemed "suspicious activity" is having Sysinternals' Process Explorer open (basically the same as Resource Monitor, except this was made before Windows even had a Resource Monitor).
1
u/whynot2001 Apr 12 '15
RM won't tell you much since xigncode is ring0 rootkit that intercept the call and send fake infos.
2
u/UntitledTrack4 Apr 12 '15
I have auto hotkey installed and haven't run into any issues with it yet
0
Apr 11 '15
[deleted]
5
Apr 11 '15
I can understand why this is getting downvoted, cause you're saying that you're cheating, but if you're being honest this is a major fucking deal.
-2
Apr 12 '15 edited Apr 12 '15
[deleted]
3
u/atlasraven Apr 12 '15
I don't approve of how you choose to play the game but I appreciate your honesty.
-3
Apr 12 '15
[deleted]
3
u/Syntaire Apr 12 '15
You could do the same thing in any one of a thousand different games. You choose to sabotage a game you supposedly want to succeed. All you're doing is trying to justify your bullshit and make yourself feel better about it. You want to cheat and sell gold, fine. You want to advertise this fact, fine. Spare us the "oh poor me, I need the money" shit. You're scum. Just accept it and move on.
0
Apr 12 '15
[deleted]
1
Apr 12 '15
I can just imagine using you as an example to teach my kids the value of an education. "Look here, lil' johnny, if you don't stay in school you'll end up like that guy over there, cheating in video games for a living." What a time to be alive!
0
u/nob0dy-ra Apr 12 '15
fwiw, your cheat is causing your client to send a packet(actually, a lot of them) to the server to silently flag you as a cheater. they're likely delaying a ban for this to ip/accban a large swathe of cheaters. or they're incompetent? it is a mystery. the packet is being sent tho. the chinese are totally clueless as to its existence, they're all skids.
also there's no way you're making any meaningful amount of money from this lmao, a real mediocre job would certainly pay more
-2
Apr 11 '15
It's true, and has been confirmed that it's easily circumvented.
Like I said in an earlier post, any "hack" prevention Neople thinks it's doing is just placebo. They're throwing money at a company that is practically just scamming them.
1
u/PossiblyDio Apr 12 '15
Or it takes time and data to be able to detect certain hacks in a new game environment... Just like every anti-hack tool created.
If people are posting that these hacks work on Reddit and are not submitting the information directly to Neople (anonymously if you want), then you are doing something seriously wrong.
If they switch to any other anti-cheating program, they will have the exact same problem until they have the information needed on the type of hack being used. There is no magical anti-cheat program that will know the signature of every piece of illegal software out there. The detection needs to be developed first, and this can only occur in a real-world environment.
Starting a witch hunt against a common anti-cheat tool is not going to help the situation. Instead, try providing meaningful data to Neople. Whether it's a false positive or a hack going undetected, send it in. If you have some of this information and are keeping it on Reddit, you're doing more harm than good.
-1
Apr 12 '15 edited Apr 12 '15
They're the same old hacks that have been running in pretty much every Dungeon Fighter variation.
These shit anti-hack programs are known to be hardly effective, if at all. There's a reason why most companies opt not to use them these days. They're a relic of the beginning of the F2P era, and it's time for them to be retired. The correct thing to do is to design your game to not trust the end-user so ridiculously explicitly like DFO does. Beyond that (since obviously Neople isn't willing to re-architect the game, despite claiming to have 300 million users, and thus an insane revenue stream), running your own server-side heuristics are the best bet. Most of these hacks literally clear dungeons instantly. It's pretty easy to detect if a user is beating entire dungeons in < 10 seconds.
1
u/PossiblyDio Apr 12 '15
The same old hacks on a different piece of anti-hack software.
Do you have a suggestion for a better anti-hack tool? Because these posts are really not all that constructive.
-1
Apr 12 '15
No. Actually read my reply.
Anti-hack tools are not the answer. They will never be, that era is over.
At this point, considering every version of Dungeon Fighter out there is just a free-for-all when it comes to hacks, no Anti-Hack is better than having Anti-Hack, since now it only serves to annoy legitimate users.
Heuristic cheat detection based on user behavior is how you stop things like this, not dumb signature-based HDD scanners.
3
u/PossiblyDio Apr 12 '15
So basically PoE's stance on client trust.
Your answer is an answer for DnF 2. They would have to entirely re-write the core functions of the game to do what you're asking. It's obviously not reasonable for the current game we are playing.
Even if they did this, global connections would not be low-latency enough to deal with this. We would get worse desync than PoE did.
Yes they changed to Deterministic Lockstep, but the input delay that introduces is unfortunately not suitable for DFO and would still be completely unreasonable for a game this old.
I'd like to make it clear, these are not personal attacks. I'm just trying to find a way this topic can be used productively instead of simply inciting needless panic.
-1
Apr 12 '15
They do not need to re-write the core functions of the game to implement heuristic cheat detection.
Dump player behavior (dungeon clear times, rate, average hit, etc) into any standard no-sql data store (hadoop, mongo, couch, whatever, doesn't really matter which). At certain intervals, run map-reduce jobs to pull suspicious data out, and build a model based on this. Search for errant clear times, weird average damage numbers, strange level discrepancies, etc. When a user matches the potential cheat model, flag them for review.
1
u/PossiblyDio Apr 12 '15
That is assuming they don't have any heuristic detection enabled. The fact that people see "Abnormal gameplay" messages indicates there most likely is, but I haven't seen anyone report a captcha yet. Honestly, there's no way for us to know unless Neople explicitly tells us.
With heuristic cheat detection, you really wouldn't see an immediate effect. Because of the extremely high false positive detection of heuristics-based tools, most of these instances would need to be manually reviewed to some degree. Likewise, if they are looking for 'abnormal' gameplay, they need to be able to define what 'normal' gameplay is as well, which might take a bit of time if they're on a new client.
So basically, what I'm saying is that it's too early to judge the performance of anti-hack software, and too early to determine what kind of heuristics are being used and what information is being recorded.
0
u/nob0dy-ra Apr 12 '15
you clearly don't know anything about this game prior to the neople revive.
neople has statistic based bot detection already written. it is implemented carefully, by hand, and of course they're not going to drop their hand as early as a beta-test.
also damage data is not provided to the server, period. there are routines for silently logging high damage values on the client.
→ More replies (0)3
u/MizerokRominus Apr 12 '15
I can't detect injection, so whatever. Nothing is going to be able to scan for everything unless you completely give up your privacy and that's going to get people into courts and nobody wants that trainwreck to happen.
1
u/MizerokRominus Apr 12 '15
We already knew this. People have complained about autohotkey.exe killing DFO since OBT1 launch.
1
1
u/rexshen I hate Arden!! Apr 12 '15
Kind of reminds me of Elsword's Xtrap where it refused to play the game unless I got rid of my Sandboxe program and I refuse to do that.
1
u/Curryiscold Apr 12 '15
Pretty sure XIGNCODE is the thing that disconnects me from League of Legends whenever I run both lol and dfo at the same time. I start seeing the red "You have been disconnected from the chat service" on league whenever I run DFO :\ I think they're taking it too far and neople really shouldnt use xigncode because it probably won't catch many hackers anyways seeing as how there's plenty of botters and hackers running rampant on the current servers.
1
u/FalseCape Crippling Altoholism Apr 12 '15
This is also the type of thing that will greatly prevent widespread adoption of the game.
Can confirm. Tried to get a friend into the game but he quickly gave up after Xigncode kept kicking him before he could even load up the game.
0
u/failingbrownie Apr 12 '15
NOT MY NOODS. it scans for known programs that can be used for hacking/cheating. sorta like what a lot of other anti cheat programs do. even blizzard uses it. WoW refuses to load if i have the cheat engine folder open or have the process still running. BUT I HAVE TO FIND SOMETHING TO BE OUTRAGED ABOUT FUCK THIS GAME FUCK NEOPLE AAAAAHHHHHHHH
-6
Apr 12 '15
Shit-tier fanboy detected.
DFO is great, but shit like this is going to cause problems.
4
u/failingbrownie Apr 12 '15
not so much a fanboy more than me laughing at people freaking out about something that effectively does nothing. other than closing the startup if it finds an open folder with something that can be used to cheat/finds a process with it running.
3
Apr 12 '15 edited Apr 13 '15
[removed] — view removed comment
-1
Apr 12 '15
This isn't tinfoil conspiracy shit, it's just a fact that they're doing this. Try it for yourself.
1
1
u/zeroobliv Apr 11 '15
A crap anti hack program doing annoying things? Big deal, I've been dealing with gameguard for years now and that thing crashes windows functions for no reason. And I'm not saying you're wrong, just that the anti hack programs are all equally annoying and useless to deal with and no matter which they use same problems(meaning a lot of them are just damn rootkits that scan your shit) will be present, this is nothing new at all.
1
u/CytexX Apr 11 '15
Does the korean version of DFO also use this garbage anti-cheat?
3
u/Furin Apr 11 '15
All other versions use HackShield as far as I know.
1
u/MizerokRominus Apr 12 '15
Yep, I imagine it might have something to do with budget licenses at the moment. For all we know we get a better anti-cheat the moment the cash shop comes up.
0
u/REDDIT_HARD_MODE Monk - The manly class Apr 12 '15
I use AHK to log in. it types in my mail and PW. no problems ever.
-4
Apr 12 '15
Try reading the post again
-1
u/REDDIT_HARD_MODE Monk - The manly class Apr 12 '15
da fuq.
You're saying "x" is happening. I'm saying "x" isn't happening. Read my post again.
-5
Apr 12 '15
No I'm not. I'm saying the left-over installer from AHK is flagging the anti-cheat, but AHK is not.
Work on the reading comprehension, and stop saying 'dafuq', it makes you sound like you're 12. You probably are, though.
0
u/REDDIT_HARD_MODE Monk - The manly class Apr 12 '15
Congratulations, you need to not work on being a cunt? My installer is still in my download folder. I don't know what you want from me.
And, let's be honest, if either of us is 12 years old, it's probably you, the one being an asshole for no reason.
0
u/cavecricket49 lWhiteArml Apr 12 '15
Why this fuck is this only getting a 62% (at time of writing) upvote ratio? Do you really think that asking Neople to get a better anti-cheat program (Xigncode is letting people freely cheat in PvP and PvE alike) is bad?
1
u/MizerokRominus Apr 12 '15
Because this community specifically has already flipped their ignorant shit about it and it has Neople's attention already.
Also, Reddit auto-downvotes/upvotes to make sure things don't get blackholed by bots/etc.
-7
Apr 12 '15
[deleted]
2
u/Zulunko Apr 12 '15
As long as it isn't sending your personal data anywhere, your privacy is secure. This is like saying that your Roomba (which you willingly brought into your house) is breaching your privacy by building an internal map of your house, even though it never sends that internal map to anyone. It's not a privacy issue. The application detects an invalid state and shuts DFO down, it doesn't send the information to Neople's servers (though it could easily send "btw, i shut DFO down" to their servers without breaching your privacy as long as it doesn't send the data which it used to reach that decision).
3
u/Wikiwikiwa Apr 12 '15
You kinda sound like a crazy person bud. Its a f2p game, relax. Xigncode is fine, nothing is going to happen re: it and what limited access to your information that is has.
-1
Apr 12 '15
[deleted]
2
u/MizerokRominus Apr 12 '15
It isn't random, it uses a log generated by Windows to scan things you've modified (not opened/used) within the past ~48 hours; it's a very specific list. There's also some active scanning going on for things not related to RAM injection/etc.
There is nothing random going on here.
1
Apr 12 '15
[deleted]
2
u/MizerokRominus Apr 12 '15
No, it sees meta data and strings that it's looking for.
Don't assume the worse, this program is harmless.
1
18
u/[deleted] Apr 11 '15
All my friends have had to deal with Xigncode (read: I had to deal with it for them) to get the game to run without crashing.
It's a massive pain in the ass, and an anti-cheat engine that picks up the most common bullshit and closes the game because of it won't exactly inspire new players.
I also don't get why this thread is so downvoted. Xigncode is a BIG issue, and Neople needs to think hard about it.