Interesting article IMO and loved the "we had a load of trusted partners we could update the dedicated server software on" comment myself...
Crysis 2: how Crytek UK beat the hackers
by Wesley Yin-Poole
19/07/2011 @ 10:01
Those who played the PC version of sci-fi shooter Crysis 2 online upon release know it suffered from cheaters.
But Crytek UK, which created the multiplayer portion of the game, has combated many of the exploits and hacks used by those cheaters to gain an unfair advantage in the game. Ahead of its keynote at the Develop conference this week, the Nottingham-based studio has revealed to Eurogamer how it did it, and how the cheaters gained a foothold in the first place.
Using hacks, players were able to give themselves extra points, trigger infinite energy cheats and exploit bugs that meant that you did not have to reload or suffer from recoil. All of this contributed to an unfair advantage. "We had patch windows open to us, and it was just about getting the right fixes into the right patches and getting them out to the community as soon as possible," Mark Tully, Crytek lead programmer, told Eurogamer.
"One thing we did have on our side on the PC, where most of the hacking was taking place, is the dedicated server program. That meant we had a load of trusted partners we could update the dedicated server software on. We probably updated that about four times for every client patch we updated the end user with.
"There was a lot of stuff going on behind the scenes to catch the cheaters at their dedicated servers and just kick them from the game. That's probably where a lot of the effort was. "What people were seeing was, cheats that were working one day would suddenly not be working the next day even though nothing had apparently changed. It was just the server had been updated."
But how did Crysis 2, a triple-A, high-profile multi-platform game from a proven developer, ship with such a susceptibility to cheating? According to Crytek UK, the developer simply didn't expect the game to get hacked on the scale it did.
"We did feel like the game seemed to attract a lot of attention from hackers and cheaters," Tully said. "More than we anticipated." CryEngine 3, the Crytek-owned game engine used to create the game, also played a part.
"CryEngine as a whole is a very moddable thing," Tully explained. "It's a very flexible engine. Particularly on PC there are a lots of hooks that are perhaps left exposed that shouldn't be left exposed, which can leave you open to hacking if you're not careful.
"Obviously with the push onto consoles, which don't really suffer from the same kind of hacking and exploiting to the level they do on PC, it hadn't really been focused on as like, we need to go through the PC version with a fine tooth comb and close all these doors, many of which we weren't specifically familiar with, they weren't ones we'd actually added in multiplayer, but ones that had come with the CryEngine if you will.
"That was probably something we would have benefited from spending time on." And if it could go back and create the game again, Crytek UK wouldn't repeat its mistakes. "The things we've done post release are things if we'd thought about it beforehand and known it was going to happen, we could have done those," Crytek UK principal programmer Pete Hall explained.
"For example, on the PC, people were able to edit some of the data in the game and then go and play online, which wasn't our intention at all. It was as much a bug as anything else.
"Things like that we would definitely of fixed up in a heartbeat." Now, four months after release, Crytek is happy with the state of Crysis 2's online multiplayer. But the developer promised to dip back into support of the game if a hack emerges that demands attention.
"We're relatively happy with how things are at the moment," Hall said. "But there's always the thing with people cheating that they naturally are continually looking for an edge over other players. So new things will come to light and we probably will want to go back and look at them as they do.
"But I don't think there's anything we're aware of at the moment we desperately want to fix."
"It's an ongoing battle with the hackers. There are a lot more of them than there are of us."