The Next Research Frontier: Game Cheating

Opinion: Game cheating may be a wussy thing to do, but it's technically interesting and can have virtual economic implications.

After recognizing that I had a computer gaming problem in college (this is where I spent my time in the early 80s), I basically swore the things off.

Back then, decent gaming hardware could only be found in arcade games; graphics hardware for general-purpose microcomputers was a joke.

But when the hardware got more sophisticated and the sophisticated games moved to the PC, users asked the obvious question: How can I cheat on these games?

Thus cheating has a long and rich history in the gaming business. Users do it. Graphics hardware vendors do it.

James T. Kirk got a commendation for doing it.

Now the guys who brought us the definitive book on rootkits—Greg Hoglund, founder of, and Dr. Gary McGraw, CTO Cigital—are working on a book titled "Exploiting Online Games: How to Break Multi-User Computer Games," expected in the summer or fall of 2007.

I have examined what the publisher calls a "shortcut," which is a short (45 pages in this case) PDF of a material presaging the book itself.

The shortcut is called "Cheating Online Games" and is available for $9.99.

The shortcut got me nervous at the start with a discussion of software piracy, making me wonder if the chapter was all about violating licenses—not an honorable form of cheating.

But before long it gets to the point: Using Blizzards World of Warcraft (WoW) as an example, they show how many important, point-generating activities in games (such as killing monsters) are mundane and repetitive. They demonstrate scripts to automate them.

Such cheating with a macro (called "farming" in these circles) can and has gotten users (or at least their accounts) banned from WoW.

It turns out that the virtual worlds in these huge multi-player games develop problems analogous to real-world problems, and the "government" needs to protect against them.

The economy of one such game, Ultima Online, experienced a currency crisis from massive inflation after an exploit of the game allowed counterfeiting of the virtual money used there.

It gets even worse: Last year one Chinese gamer killed another after he found out the other had sold his virtual sword.

Hes serving a life sentence. So the stakes are high, in a virtual sense.

The game companies have an obvious interest in stopping cheating and they publish policies against them, the violation of which can cause you to be cast out of the virtual world.

But they also engage in system monitoring that bothers Hoglund and McGraw, who have written a program, available online and included in source form in the PDF, to show what the WoW monitor program (called the Warden) does on your PC.

/zimages/6/28571.gifReporting spyware attacks can be more trouble than its worth. Click here to read more.

Im not sure Im as outraged at the privacy violations committed by the Warden as Hoglund and McGraw are, but it does bother me.

As they show, the Warden examines aspects of all other windows in the system. This means that the program has to be run as an administrator under Windows—always a bad idea and in conflict with standard practice on Windows Vista.

Even as a reformed and abstinent gamer I enjoyed "Cheating Online Games" immensely.

I do think that anyone who uses a macro to run their game for them diminishes themselves by doing so. But research such as this fits squarely into the same tradition as the authors research on rootkits, which doesnt advocate malicious code but helps us to understand it.

If these large, multi-player role-playing games are as big and important as the authors contend, then they are platforms and its important for us to understand them.

Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983.

/zimages/6/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.