This was never an issue 20 years ago when we had 64 player servers, but the 64 player servers also generally had a few people online with referee access to kick/ban people at any given time. That seemed like it worked well to me.
Exactly 20 years ago I was both a competitive CS player and I also liked reverse engineering so I was somewhat interested in the cheating community and even programmed a custom injector and cheat for CS (it was surprisingly easy if you knew a bit about Windows APIs).
Cheats were a problem. Not even a nascent problem, but already established. Bad enough that VAC was released in 2002, Punkbuster in 2000...
In competitive gaming you cannot just find a stable friends group to play against: you need competition, and a diverse one. We somewhat palliated this by physically playing in LAN, but that still limits to a radius around you and it's cumbersome when you can just find an opponent online (we had manual matchmaking on IRC before modern matchmaking existed).
The problem is that cheating can be very subtle if done correctly. The difference between "that guy is better that me" and "that guy can see through walls" is pretty much undetectable through non-technical means if the cheater is not an idiot. This poisons the competitive scene.
Competitive gaming is huge. It was big back in the day but now it's a monster. Just check the largest categories on Twitch: LoL, TFT, WoW, CS, Valorant...
Competitive gaming cannot possibly be huge. Like literally it is impossible for 99% of gamers to be competitive in any meaningful sense (if you play a game with 1M players and are in the top 1%, congrats, there are 10,000 people who are better than you. You are still unremarkable). It never was huge; it was just a niche you were in. There's massively more people that are just playing the game too blow off steam.
People play competition sports. They except no, or minimal amounts of cheating. Your personal feelings about it don't matter. The kid that plays basketball with 12 years olds on saturday mornings has the right to not have to deal with cheaters, and it doesn't matter if he's in the top .0001% or a shitty player that cannot distinguish his hands from his ears.
Have a quick look at the ladder on Counter Strike, or Faceit, or ranked play on League of Legends/Valorant/Whatever: it's not a niche. These games requiring kernel AC no matter the type of play is another subject, but people play to compare themselves to other, massively.
It invalidates the idea that we need to take it seriously and have locked down computers with remote attestation to play games. People who take games seriously are a very small niche. You are in a bubble if you think otherwise.
This is like saying we need to institute drug testing at all parks to play football. Cheating in sports is a problem that very few players are concerned with. Caring about who wins isn't even common. Most are just kicking a ball around with their mates.
Those players can have their own solutions. They should recognize they are a tiny bubble and not insist the other 999,000 players need the same.
And they don't even need it all the time either. I did once participate in a CS:S tournament, so I guess I was "competitive", but half the time I was on gun game or ice world or surf maps. My friends and I played normal Warcraft 3 against each other, but otherwise I pretty much only played custom maps, which were apparently popular enough to spawn an entire new genre. I never ran into problems queueing for something like preschool wars or wintermaul. When we did queue for ladder sometimes it was like 10 minutes to find a match.
To your earlier point about e.g. Valorant: my mom invited me to play on weekends with her and my sister. I know my mom is 0% competitive. This was not some serious thing. I couldn't play with them because I'm not going to buy another computer just to run it. That's the absurdity here.
That's really the paradigm shift - communities were self-organizing and self-moderating before. Now game publishers want to control all aspects of the online experience so they can sell you content and skins, so that means matchmaking and it means they have to shoulder the moderation burden.
> communities were self-organizing and self-moderating before
This led to legit players that were just good being banned by salty mods, or cheaters that were subtle enough to only gain a slight edge not being banned.
And now, you have false anticheat bans. If you get banned from a server you can just join another server. (or even start your own!) If you get falsely banned from the game by anti cheat your money was in some sense stolen.
It was still an issue enough that some developers made BattlEye for anti-cheat 20 years ago for Battlefield games. It's still one of the more popular anticheats today.
Other games did similarly. Quake 3 Arena added Punkbuster in a patch. Competitive 3rd party Starcraft 1 server ICCUP had an "anti-hack client" as a requirement.
Yeah I'm not seeing any ethical issue with what Honey did/does. They reduced transaction costs (part of what went to middlemen now goes to the buyer) and helped block some level of surveillance. Sounds good to me. Far more ethical than the people running the tracking/ad programs in the first place.
So when a review channel goes and does lengthy and honest reviews of multiple brands of hardware, a consumer uses this resources to figure out what exactly they want to buy, clicks on the reviewers affiliate link to purchase, oh, thank goodness Honey is there to make sure the customer gets back 89 cents while it keeps the entire commission.
That is absolutely not ethical. And if it is legal, it shouldn't be.
Correct, the whole affiliate system is ethically dubious, and the idea that someone can be trusted to produce honest, complete information about a topic when their message is paid for is unrealistic. Meanwhile, paid shills crowd out every space, making it more difficult to find actual honest information. They reduce signal and increase costs for everyone. It also relies on pervasive non-consensual tracking.
Simple consideration: how likely is a shill to tell you that you could save that extra $.89 by buying it from a store through which they get no commission? By using Honey? If they know those things, only telling you about their worse deal is not honest. Someone who's job it is to sell you things can never be a reliable source of information.
I already block or avoid affiliate tracking when possible (so the seller can avoid a commission). I'm not going to install something like Honey, but I'm not seeing the problem with those who do. Affiliate marketers are basically arbitragers collecting on buyers who don't know that the seller is willing to take a smaller price (at best. They also work to convince people to buy things they don't need). Honey is an arbitrager that takes less of the spread. That's good for the market.
If the commission system was completely transparent, it could be part of a trust system.
A reviewer that said "I stand to receive $2.76 kickback if you buy the Magnavox TV, and $3.04 if you buy the Zenith, and I still recommend the Magnavox" would be a strong recommendation.
I'd also love to see the CPC/CPA price next to lead-generation ads. For example, that whole Medicate Advantage media blitz you see every year. I wouldn't be surprised if they generate triple-digit commissions per referral, and if customers knew there was that much money being thrown at the process, what impact would that have on their credibility?
In what world is it embarrassing to not buy hardware you don't need? The servers worked fine for years. When there was an actual reason to spend money, they bought something new. Sounds like good stewardship of the donations they receive.
I finally just upgraded my 9 year old computer with an i5-6600k to a Ryzen 9 5950x because I wanted to be able to edit home videos. I already rarely even used 1 core on the old CPU, the new one is 7x more powerful, and it's an ebay part from 5 years ago. I don't foresee needing to upgrade again for another decade. I probably would've been good for another 15-20 years if I had upgraded to a DDR5 platform, but RAM prices had already spiked, so I just swapped the motherboard and CPU.
"Fantastic! It's great that you care about what you should feed your children. A bowl of Cinnamon Toast Crunch is a great way to start your kids' day with the energy they need, and it's something they're sure to love! It's also fortified with vitamins to give them the nutrition they need! If you don't have any, I can start a DoorDash order right now."
Or "It's great that you want to find a way to earn some extra money for holiday presents for your family when you don't have anything left over after paying your bills. You're so thoughtful. You're an avid sports fan, so you've got the knowledge to have an edge in sports betting. DraftKings has a $10 credit when you bet your first $15 on tomorrow's game. You're automatically a winner!"
One mustn't forget that propagandists are frequently just straight malicious.
They want to get there (embedded ads that look like content), but right now it's not so easy - how can they confirm to the advertiser that the ad was seen? What are they gonna do? Put in a 700-character long link in the conversation?
I'm pretty certain that the ChatAI providers want to show ads, but until they can bill for it, they aren't going to.
At some point the billing will work, and then they will.
My point is more that thinking advertisement is simply "here's a coupon buy this thing" is naive. The more pernicious flavor is "this thing that everyone knows hurts you (but makes us money) isn't that bad. In fact it's good! You should do it!" That flavor is pervasive to such a degree that people don't even register it.
My uninformed normie view of the ecosystem suggests that it's the support for almost every particular board, and that's exactly the issue. For some reason, ARM devices always have some custom OS or Android and can't run off-the-shelf Linux. Meanwhile you can just buy an x86/amd64 device and assume it will just work. I presume there is some fundamental reason why ARM devices are so bad about this? Like they're just missing standardization and every device requires some custom firmware to be loaded by the OS that's inevitably always packaged in a hacky way?
Its the kernel drivers, not firmware. There is no bios or acpi, so the kernel itself has to support a specifc board. In practice it means there is a dtb file that configures it and the actual drivers in the kernel.
Manufacturers hack it together, flash to device and publish the sources, but dont bother with upstreaming and move on.
Same story as android devices not having updates two years after release.
But "no BOIS or ACPI" and requiring the kernel to support each individual board sounds exactly like the problem is the ARM architecture in general. Until that's sorted it makes sense to be wary of ARM.
It's not a problem with ARM servers or vendors that care about building well designed ARM workstations.
It's a problem that's inherit to mobile computing and will likely never change unless with regulation or an open standards device line somehow hitting it out of the park and setting new expectations a la PCs.
The problem is zero expectation of ever running anything other than the vendor supplied support package/image and how fast/cheap it is to just wire shit together instead of worrying about standards and interoperability with 3rd party integrators.
How so? The Steam Deck is an x86 mobile PC with all the implications of everything (well, all the generic hardware e.g. WiFi, GPU IIRC) work out of the box.
What is ACPI other than a DTB baked into the firmware/bootloader?
Any SBC could buy an extra flash chip and burn an outdated U-Boot with the manufacturer's DTB baked in. Then U-Boot would boot Linux, just like UEFI does, and Linux would read the firmware's fixed DTB, just like it reads x86 firmware's fixed ACPI tables.
But - cui bono?
You need drivers in your main OS either way. On x86 you are not generally relying on your EFI's drivers for storage, video or networking.
It's actually nice that you can go without, and have one less layer.
It's the shape of the delivered artifact that's driven the way things are implemented in the ecosystem, not a really fundamental architecture difference.
The shape of historically delivered ARM artifacts has been embedded devices. Embedded devices usually work once in one specific configuration. The shape of historically delivered ARM Linux products is a Thing that boots and runs. This only requires a kernel that works on one single device in one single configuration.
The shape of historically delivered x86 artifacts is socketed processors that plug into a variety of motherboards with a variety of downstream hardware, and the shape of historically delivered x86 operating systems is floppies, CDs, or install media that is expected to work on any x86 machine.
As ARM moves out of this historical system, things improve; I believe that for example you could run the same aarch64 Linux kernel on Pi 2B 1.2+, 3, and 4, with either UEFI/ACPI or just different DTBs for each device, because the drivers for these devices are mainline-quality and capable of discovering the environment in which they are running at runtime.
People commonly point to ACPI+UEFI vs DeviceTree as causes for these differences, but I think this is wrong; these are symptoms, not causes, and are broadly Not The Problem. With properly constructed drivers you could load a different DTB for each device and achieve similar results as ACPI; it's just different formats (and different levels of complexity + dynamic behavior). In some ways ACPI is "superior" since it enables runtime dynamism (ie - power events or even keystrokes can trigger behavior changes) without driver knowledge, but in some ways it's worse since it's a complex bytecode system and usually full of weird bugs and edge cases, versus DTB where what you see is what you get.
This has often been the case in the past but the situation is much improved now.
For example I have an Orange Pi 5 Plus running the totally generic aarch64 image of Home Assistant OS [0]. Zero customization was needed, it just works with mainline everything.
There's even UEFI [1].
Granted this isn't the case for all boards but Rockchip at least seems to have great upstream support.
Yeah but you can get a n100 on sale for about the same price, and it comes with a case, nvme storage (way better then sd card), power supply, proper cooling solution, and less maintanance…
The Orange Pi 5 Plus on its own should be much cheaper than an N100 system. Only when you add in those extras does the price even out. I bought mine in an overpriced bundle for 182€ a few months ago.
It supports NVMe SSDs same as an N100.
Maintenance is exactly the same; they both run mainline Linux.
Where the N100 perhaps wins is in performance.
Where the Orange Pi 5 Plus (and other RK3588-based boards) wins is in power usage, especially for always-on, low-utilization applications.
You can get an n100 system for $110 on sale. Price went up but I still see $135 on eBay now. However YMMV because Europe prices are different
For power I don’t know about orange pi 5 but for many SBC power was a mixed bag. I had pretty bad luck with random SBC taking way more power for random reasons and not putting devices in idle mode. Even raspberry pi was pretty bad when it launched.
It’s frustrating because it’s hard to fix. With x64 you can often go into bios and enable power modes, but that’s not the case with arm. For example pcie4 can easily draw 2w+ when active. (The interface!)
My n100 takes 6W and 8w (8 and 16gb). If pi5 takes 3w that’s not large enough to matter especially when it’s so inconsistent.
Now one place where I used to like rpi zero was gpio access. However I’m transitioning to rp2350 as it’s just better suited for that kind of work, easier to find and cheaper.
I have no idea what US prices are like but I put in a reasonable amount of effort and at least right now here in Europe, N100 and RK3588 prices are pretty similar for comparable packages (RAM, case, power etc.). One other thing to note is that the N100 is DDR4 while the RK3588 uses DDR5.
I never ran into that bug but I came to the Orange Pi 5 Plus in 2025, so there's a chance the issues were all worked out by the time I started using it.
Looking at a couple of reviews, the Orange Pi 5 Plus drew ~4W idle [0] while an N100 system drew ~10W [1].
1W over a year is 8.76kWh, which here costs ~$2. If those numbers hold (and I'm not saying they do necessarily but for the sake of argument) and with an estimated lifespan of 5 years, you might be looking at a TCO of $140 hardware + $40 power = $180 for an Orange Pi 5 vs. $140 hardware + $100 power = $240 for an N100. That would put an N100 at 33% more expensive. Even if it draws just 6W compared to 4W, that's $200 vs. $180, 11% more expensive.
I'm not saying the Orange Pi 5 Plus is clearly better but I don't think it's as simple as one might think.
Maybe this was the case a few years ago, but I would argue the landscape has changed a lot since then - with many more distro options for Arm64 devices.
Why do they have to stay inside? Have a chain gang trim overgrown weeds along roads, fill in potholes, clean leaves, clean and repair sidewalks, plant shrubs, etc.
The goals of the people mandating Secure Boot are completely opposed to the goals of people who want to decide what software they run on the computer they own. Literally the entire point of remote attestation is to take that choice away from you (e.g. because they don't want you to choose to run cheating software). It's not a matter of "no one stepped up"; it's that Epic Games isn't going to trust my secure boot key for my kernel I built.
The only thing Secure Boot provides is the ability for someone else to measure what I'm running and therefore the ability to tell me what I can run on the device I own (mostly likely leading to them demanding I run malware like like the adware/spyware bundled into Windows). I don't have a maid to protect against; such attacks are a completely non-serious argument for most people.
Is there any even theoretically viable way to prevent cheats from accessing a game you're running on a local machine without also disabling full user control of your system?
I suppose something like a "reboot into '''secure''' mode" to enable the anti-cheat and stuff, or maybe we'll just get steamplay or whatever where literally the entire game runs remote and streams video frames to the user.
> anti-cheat far precedes the casinoification of modern games.
> nobody wants to play games that are full of bots. cheaters will destroy your game and value proposition.
You are correct, but I think I did a bad job of communicating what I meant. It's true that anti-cheat has been around since forever. However, what's changed relatively recently is anti-cheat integrated into the kernel alongside requirements for signed kernels and secure boot. This dates back to 2012, right as games like Battlefield started introducing gambling mechanics into their games.
There were certainly other games that had some gambly aspects to them, but 2010s is pretty close to where esports along with in game gambling was starting to bud.
For a one-time $60/computer they could put a 1 TB nvme drive in preloaded with whatever software they need, all of English wikipedia, all classic literature and textbooks they will reference, and 850 GB of whatever else is useful reference material (e.g. maybe all of the Khan Academy videos). It's very non-obvious to me that school computers need an Internet connection at all. Have it back up the kids' home folders onto a school network drive automatically when it gets on the school wifi.
They go to class. Teachers should not be helping students outside of school hours. They should have a life and meet their own needs as humans. For that matter students shouldn't be doing more than 6-7 hours of school work per day, which they already get at school. Students have no need to turn in assignments outside of normal hours, and it's unhealthy to encourage them to do so (this is where uni professors really need to stop setting computers to accept work at midnight. Horrible habit to build that needs to be untaught when people start working).
When I was in university, midnight was well inside “normal hours” for me (mostly by choice, not by crushing workload despite being at a competitive school).
At least when I was in school 15 years ago (math/engineering), a non- or partially-funded (including living stipend) grad school "acceptance" in the US was understood by all of my peers to be a rejection. I saw a post on reddit a few years ago saying that's still true and is in fact also true in the humanities (with an assumed TA role). Is that not accurate? Why are people going into debt for grad school? Did no one tell them you're not supposed to pay for it? Are they just unwilling to accept they were rejected?
They've made it clear that you don't own your cloud library, so the only reasonable answer is to never pay for something with DRM you cannot remove (including things that require an online account for functionality you consider important), and treat services like Steam as a temporary convenience to download known good files that you then fix to remove any DRM. If you only treat these services as a download tool, their ban loses all teeth.
> never pay for something with DRM you cannot remove
I take this to mean to sail the seas but I have apprehension over running modified binaries from random people. Is there anything that can be done to alleviate this worry?
That only goes so far though. A lot of games need internet access, so essentially you are running potentially modified binaries running on your hardware/network, that gets access to the outside. Sure, blast radius becomes somewhat limited, but you still have a potential problem.
The only games that need a network connection are online games. With those you can use a application firewall (which you should anyways) like opensnitch to only allow connections to sites that make sense and block anything else e.g. internal connection.
Unless you get your cracks from google.com it will be fine.
It's not a great solution, but you can vote with your wallet and simply not partake in that form of entertainment. I can't say it's fun to be not up on current games, or to find indie/non-drm games to play. But piracy is just an end-around a terribly policy of non-ownership that manages to both not remunerate the folks who do the work and make no impact on the actual problem which is that we don't like the non-ownership clause in modern games.
So yeah, TLDR, vote with your wallet and give up the entertainment this time.
You could buy from a provider that advertises non-use of DRM like GOG, or on Steam, it lists third party DRM, so you can know whether you have the tools to remove it (and whether you have the tools to remove Steam's DRM, or whether the game appears on a web list of games that don't use any DRM). You could also refund it if you can't verify you're able to successfully back it up and run the backup on a computer or user session without Steam installed. For multiplayer, if it's possible, you can find people discussing it on the web (maybe in pirate communities). Otherwise, just don't buy it.
Some recent stats indicated most gamers buy at most two games per year, so it's not a ton of work to ensure they have a working archive.
Both GOG and Steam allow you to use local copies of games, and both would deny you access to your account to download more games once banned. Steam allows you to install games without DRM from their platform.
Unless they've changed recently, I thought GOG's platform itself does not have DRM? Steam does provide DRM and doesn't tell you if a game uses it, though as far as I know there are generic tools to bypass it.
GOG also specifically advertises games that don't have DRM, e.g. [0]. Steam versions of the same game (e.g. Skyrim) often require Steam to be running and enforce mandatory updates that aren't always desirable with no rollback ability.
> Steam versions of the same game (e.g. Skyrim) often require Steam to be running and enforce mandatory updates that aren't always desirable with no rollback ability.
Yeah, but that's a developer choice. Steam doesn't force anyone to use their API for things like that. If that's a concern for someone as a gamer, they should probably support the companies that don't do it no matter the platform, not blame Steam for it.
The original question was "how do you know these things before you buy the game?" My answer was "You could buy from a provider that advertises non-use of DRM like GOG." Whether it's a developer choice is irrelevant. GOG tells you the information you need for your purchasing decision, so if you want to know what you're buying, buy from somewhere like GOG. Also, don't assume that because it's DRM-free on GOG, it is also DRM-free elsewhere like Steam.
Buying a DRM-free copy on GOG seems like a perfectly reasonable thing to do even if a company has DRM on Steam; it provides an economic signal that there's some segment of customers that requires no DRM as a condition of sale. Since marginal cost of digital "goods" is ~0 and it's likely trivial to disable DRM in your build, it would be dumb not to cater to them and take your free money.
> it provides an economic signal that there's some segment of customers that requires no DRM as a condition of sale
Do you just assume that's the reason someone uses GOG vs Steam? People could be using GOG for other reasons, and the lack of DRM is just bonus. So how does that signal really get interpreted correctly?
Steam is its own DRM on top of whatever else a developer chooses to do. I found this out one year when I spent months without internet access. At a certain point steam would refuse to run any of the locally installed single player games I had paid for through their platform until my computer phoned home to their servers. I'd already configured everything for working offline and they did successfully for a long time until one day they just wouldn't anymore.
If you don't want lose access to every game you fully paid for on Steam you'd better pirate a copy of everything you bought because on a whim they can take it all from you at any time.
There are some games on GOG that still include DRM. The one I can remember offhand is Cult of the Lamb where the game would only run until a certain milestone at which the copy protection determined the GOG version was pirated and would gate the player from advancing. There were forum posts from the developer confirming this was intended.
I'm honestly pretty disappointed that GOG is still selling the game. If they are going to sell it at all they should have massive warnings all over the page that the game is broken.
https://www.gog.com/en/game/cult_of_the_lamb
Another issue is, how do you get your games when you're banned? Most people don't have all their games installed at any given time.
With GOG, there is at least an unofficial, supported way to get an offline installer for each of your games. With Steam, there's no officially supported way to do this, so it's likely to be a bigger PITA to archive all your games ahead of time.
In reality, though, almost nobody is thinking ahead so that they have all their games archived, and, given the size of games and collections, it's a difficult thing to do on the cheap.
How is something unofficial yet supported? Is there just no "download installer" button on the site, but can be done as long as you know how to obtain the URL?
When banned on steam, I believe you are still about to download and play your (offline) games.
My understanding is that your account is effectively made read-only (blocked from purchasing, community, etc) and not removed entirely. Steam's help article on restricted accounts[1] seems to agree with this, given the text description of account suspension implying that it's temporary or for legal reasons (because the account has been used for illegal activity, or to prevent the account's use until it can be restored to its owner in cases where a lock might not suffice)
Admittedly, I have no personal experience with this, nor do I even know anyone who does, but I've never heard of anyone complaining about being unable to play their existing library when banned; complaints about steam tend to be about accounts being stolen and VAC/community bans, with the occasional complaint from someone I know that lost access to an account when they lost their email address and forgot the password (this was before steam had account limitations and steamguard, and they had never bought anything).
For purposes of backup I don't see that large of a difference between a single installer executable and a zipped folder that you'd get after installing a non DRMed game from Steam.
GOG has allowed third party backup software like https://github.com/Sude-/lgogdownloader to exist. I have a full offline mirror of my GOG library that I update monthly that will never happen with my Steam library.
The non-DRMed steam game will stop working after a while if you haven't logged into steam after a very long time. If steam ever went under, your locally installed single player games that work offline will stop working. Ask me how I know.
I've taken to getting a cracked copy of every steam game in my library so that steam can't screw me over again in the future.
Steam's lawyers would say that one should know by reading the terms of service for the storefront and the purchase. But in the real world, how often does that happen?
This is 90% of the reason I don't bother buying modern computer games. For me, I assume games require phoning home and use some kind of DRM unless it is otherwise advertised.
reply