The Next Research Frontier: Game Cheating

By Larry Seltzer  |  Posted 2006-08-07 Print this article Print

Opinion: Game cheating may be a wussy thing to do, but it's technically interesting and can have virtual economic implications.

After recognizing that I had a computer gaming problem in college (this is where I spent my time in the early 80s), I basically swore the things off. Back then, decent gaming hardware could only be found in arcade games; graphics hardware for general-purpose microcomputers was a joke. But when the hardware got more sophisticated and the sophisticated games moved to the PC, users asked the obvious question: How can I cheat on these games?

Thus cheating has a long and rich history in the gaming business. Users do it. Graphics hardware vendors do it.
James T. Kirk got a commendation for doing it.

Now the guys who brought us the definitive book on rootkits—Greg Hoglund, founder of, and Dr. Gary McGraw, CTO Cigital—are working on a book titled "Exploiting Online Games: How to Break Multi-User Computer Games," expected in the summer or fall of 2007.

I have examined what the publisher calls a "shortcut," which is a short (45 pages in this case) PDF of a material presaging the book itself. The shortcut is called "Cheating Online Games" and is available for $9.99.

The shortcut got me nervous at the start with a discussion of software piracy, making me wonder if the chapter was all about violating licenses—not an honorable form of cheating. But before long it gets to the point: Using Blizzards World of Warcraft (WoW) as an example, they show how many important, point-generating activities in games (such as killing monsters) are mundane and repetitive. They demonstrate scripts to automate them.

Such cheating with a macro (called "farming" in these circles) can and has gotten users (or at least their accounts) banned from WoW. It turns out that the virtual worlds in these huge multi-player games develop problems analogous to real-world problems, and the "government" needs to protect against them. The economy of one such game, Ultima Online, experienced a currency crisis from massive inflation after an exploit of the game allowed counterfeiting of the virtual money used there.

It gets even worse: Last year one Chinese gamer killed another after he found out the other had sold his virtual sword. Hes serving a life sentence. So the stakes are high, in a virtual sense.

The game companies have an obvious interest in stopping cheating and they publish policies against them, the violation of which can cause you to be cast out of the virtual world. But they also engage in system monitoring that bothers Hoglund and McGraw, who have written a program, available online and included in source form in the PDF, to show what the WoW monitor program (called the Warden) does on your PC.

Reporting spyware attacks can be more trouble than its worth. Click here to read more.

Im not sure Im as outraged at the privacy violations committed by the Warden as Hoglund and McGraw are, but it does bother me. As they show, the Warden examines aspects of all other windows in the system. This means that the program has to be run as an administrator under Windows—always a bad idea and in conflict with standard practice on Windows Vista.

Even as a reformed and abstinent gamer I enjoyed "Cheating Online Games" immensely. I do think that anyone who uses a macro to run their game for them diminishes themselves by doing so. But research such as this fits squarely into the same tradition as the authors research on rootkits, which doesnt advocate malicious code but helps us to understand it.

If these large, multi-player role-playing games are as big and important as the authors contend, then they are platforms and its important for us to understand them.

Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983. Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.
Larry Seltzer has been writing software for and English about computers ever since—,much to his own amazement—,he graduated from the University of Pennsylvania in 1983.

He was one of the authors of NPL and NPL-R, fourth-generation languages for microcomputers by the now-defunct DeskTop Software Corporation. (Larry is sad to find absolutely no hits on any of these +products on Google.) His work at Desktop Software included programming the UCSD p-System, a virtual machine-based operating system with portable binaries that pre-dated Java by more than 10 years.

For several years, he wrote corporate software for Mathematica Policy Research (they're still in business!) and Chase Econometrics (not so lucky) before being forcibly thrown into the consulting market. He bummed around the Philadelphia consulting and contract-programming scenes for a year or two before taking a job at NSTL (National Software Testing Labs) developing product tests and managing contract testing for the computer industry, governments and publication.

In 1991 Larry moved to Massachusetts to become Technical Director of PC Week Labs (now eWeek Labs). He moved within Ziff Davis to New York in 1994 to run testing at Windows Sources. In 1995, he became Technical Director for Internet product testing at PC Magazine and stayed there till 1998.

Since then, he has been writing for numerous other publications, including Fortune Small Business, Windows 2000 Magazine (now Windows and .NET Magazine), ZDNet and Sam Whitmore's Media Survey.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel