Cheating in multiplayer games is nothing new and every launch title suffers its share of problems, but Ubisoft’s The Division has had more than most. While the game launched to positive reviews and high initial sales, it’s had serious technical and cheating issues since. A significant number of glitches have allowed players to quickly gain access to endgame gear that was supposed to take months to achieve, and Ubisoft has been perceived as chasing problems rather than getting in front of them.
Now, new analysis from game network consultant Glenn Fiedler suggests that Ubisoft’s latest title isn’t just buggy — it’s written in a way that’s going to permanently prevent the company from fixing its own problems unless they commit to a total network code overhaul. The problem, according to Fiedler, is that Ubisoft’s game appears to be based on a trusted-client model.
As the name implies, a trusted-client model means that information relayed from the client is assumed to be accurate and is implemented as such in the game world. In its simplest form, this allows for hacks that would fire ludicrous numbers of bullets per second or assign billions or trillions of health to a character that might ordinarily have a few hundred hit points.
Developers can guard against egregious incidents like this through the use of server checks that determine whether or not the player has a weapon capable of firing sixty trillion rounds per unit of Plank time, or whether there’s actually a solid object between the player and their target. The problem, as Fiedler explains, is that game engines aren’t just a never-ending series of server checks to determine whether a player is actually allowed to do something. There’s no way to check every single relayed value for every single player quickly enough to allow for lag-free play, and no competitive shooter uses this method.
The model games like Counterstrike use is called server-authoritative. I’ll let Fieldler explain:
It’s common to use a trusted client model on console games, which are locked down in other ways and can’t be cheated in the same fashion, but it’s almost impossible to secure a trusted client game against online cheating. Game developers can patch memory exploits and institute aggressive server checks, but there’s always going to be another hack, another hole, and another problem.
Fieldler notes that he’s 100% behind the dev team and hopes they have a method of addressing this problem that will patch it and close the loopholes without requiring a ground-up redesign of the network code. But based on what he’s seen so far, he’s not optimistic. Ubisoft has yet to respond to this information; we’ll update if the company issues a statement.