AMD Counter-Strikes Itself, Pulls Driver After Anti-Lag Feature Causes CS2 Bans

L

Lakados

[H]F Junkie
Joined
Feb 3, 2014
Messages
10,703
https://www.tomshardware.com/news/a...ounter-strike-2-bans-after-valve-roasted-them


AMD quickly withdrew its latest Radeon driver this afternoon because using it with Valve's Counter Strike 2 could result in a ban by the Valve Anti-Cheat tool (h/t @9550pro). AMD promises to fix the issue, whereas Valve plans to identify affected users and reverse their ban once everything returns to normal.


One key feature AMD added to its AMD Software: Adrenalin Edition 23.10.1 driver for Radeon graphics processors was Anti-Lag+ support for Valve's Counter Strike 2 game. But as it turns out, Anti-Lag+ feature support was implemented by detouring engine.dll functions, which VAC considers cheating and acts accordingly by banning users.


I mean it's kinda funny.
 
Odd implementation.

Hooking the graphics API makes enough sense, but are they actually including game specific fuckery to implement this? It seems like the driver doesn't handle this and it's not quite a universal solution?

How Valve worded their tweet is ambiguous.

Do they just mean "yeah it's a renderer hook and they got detected by mistake because they're not on the whitelist because they had a stupid oversight like they used a different code signing certificate"

Or

"They literally targeted certain aspects of this particular game and its engine because just touching the renderer wasn't enough and that made the anti cheat mad because they're really doing some weird shit to make this work"
 
socK said:
Odd implementation.

Hooking the graphics API makes enough sense, but are they actually including game specific fuckery to implement this? It seems like the driver doesn't handle this and it's not quite a universal solution?

How Valve worded their tweet is ambiguous.

Do they just mean "yeah it's a renderer hook and they got detected by mistake because they're not on the whitelist because they had a stupid oversight like they used a different code signing certificate"

Or

"They literally targeted certain aspects of this particular game and its engine because just touching the renderer wasn't enough and that made the anti cheat mad because they're really doing some weird shit to make this work"
Click to expand...
To me it feels more like the later, and if that is the case; what other fuckery might AMD be doing hooking into the rendering pipeline in this maner?
 
socK said:
Odd implementation.

Hooking the graphics API makes enough sense, but are they actually including game specific fuckery to implement this? It seems like the driver doesn't handle this and it's not quite a universal solution?

How Valve worded their tweet is ambiguous.

Do they just mean "yeah it's a renderer hook and they got detected by mistake because they're not on the whitelist because they had a stupid oversight like they used a different code signing certificate"

Or

"They literally targeted certain aspects of this particular game and its engine because just touching the renderer wasn't enough and that made the anti cheat mad because they're really doing some weird shit to make this work"
Click to expand...
Well Reflex was baked into the engine, and it works in the game, and Nvidia had to work with them to embed it into the Engine.
AMD didn't work with them to implement AL+, they instead circumvented the game's normal render pipe and passed it into a custom driver framework they built for the game.

That right there is exactly how most of the games cheat engines, such as wall hacks, radar exploits, and such work, using hacked versions of the GPU drivers to change the render outputs.

Getting that flagged by the game for cheating was guaranteed, and I am honestly shocked AMD didn't think of that before hand.
 
socK said:
Odd implementation.

Hooking the graphics API makes enough sense, but are they actually including game specific fuckery to implement this? It seems like the driver doesn't handle this and it's not quite a universal solution?

How Valve worded their tweet is ambiguous.

Do they just mean "yeah it's a renderer hook and they got detected by mistake because they're not on the whitelist because they had a stupid oversight like they used a different code signing certificate"

Or

"They literally targeted certain aspects of this particular game and its engine because just touching the renderer wasn't enough and that made the anti cheat mad because they're really doing some weird shit to make this work"
Click to expand...

My understanding is that anti-cheat works by making sure the binaries in the render path are bit for bit identical with the game release.

Any change at all should trigger bans, because then you don't know what the hell it is. Sort of like "Look for expected checksum of render path components, if differs at all from what is provided by developer, then insta-ban".

It sounds like AMD tried to intrude downstream, which in turn had an impact on the bit for bit identical nature of the render path, resulting in triggering the anti-cheat system the way it is intended. They really should have known better.
 
ZeroBarrier said:
To me it feels more like the later, and if that is the case; what other fuckery might AMD be doing hooking into the rendering pipeline in this maner?
Click to expand...
Game-specific optimizations for GPU drivers are 100% about fuckery, if AMD, Nvidia, or Intel can fuck around and do a bunch of custom things to get an extra 10% performance with no noticeable artifacts or glitches for the player then it's a good optimization.
I am sure the drivers are loaded with some bat shit sorts of things.
 
Zarathustra[H] said:
My understanding is that anti-cheat works by making sure the binaries in the render path are bit for bit identical with the game release.

Any change at all should trigger bans, because then you don't know what the hell it is. Sort of like "Look for expected checksum of render path components, if differs at all from what is provided by developer, then insta-ban".

It sounds like AMD tried to intrude downstream, which in turn had an impact on the bit for bit identical nature of the render path, resulting in triggering the anti-cheat system the way it is intended. They really should have known better.
Click to expand...

They wouldn't edit files, they're doing something in memory. At minimum they've probably hooked the graphics API, but a remaining question is if they've tampered with other parts of the engine.

So they've almost certainly injected something into the process, and presumably made zero attempt to mask it. Which makes sense, because why would they. Tools like recording software, overlays, etc. all do this - except they're explicitly whitelisted.

So I'm assuming either:
1. That's where they fucked up and they didn't get this whitelisted, somehow
2. They're doing something extra strange and that behavior got flagged - like there's legitimate reasons to tolerate graphics hooks and... probably absolutely none for other parts of the engine
 
Seeing the terms "Counterstrike" and "cheating" brings back old memories of the original from the 90's.

Back then, the old common sayings in the Team Fortress Classic community were "I only cheat in Counterstrike!" or "everyone cheats in Counterstrike!"
 
Lakados said:
Well Reflex was baked into the engine, and it works in the game, and Nvidia had to work with them to embed it into the Engine.
AMD didn't work with them to implement AL+, they instead circumvented the game's normal render pipe and passed it into a custom driver framework they built for the game.

That right there is exactly how most of the games cheat engines, such as wall hacks, radar exploits, and such work, using hacked versions of the GPU drivers to change the render outputs.

Getting that flagged by the game for cheating was guaranteed, and I am honestly shocked AMD didn't think of that before hand.
Click to expand...

I guess they thought their implementation was clever in the sense that they could ram it though without developer intervention.

Injecting a dll and hooking the graphics API is how a million tools function. AMD's own recording software will do this. So that in and of itself isn't super worrying...

Except those tools are deliberately trusted and do a clearly defined thing.

If AMD really needs per-game trickery to make this work, it sounds like a step further into very murky territory. Because at that point you need to hope they're not fucking up some other part of the engine in whatever bizarre and undocumented way.

I'm guessing there's a reason why it's not done in the driver. It's just not a very good reason.
 
Twisted Kidney said:
"Unforeseen Consequences" are pretty common with AMD drivers.
Click to expand...
1697468773690.jpeg
 
socK said:
They're doing something extra strange and that behavior got flagged - like there's legitimate reasons to tolerate graphics hooks and... probably absolutely none for other parts of the engine
Click to expand...
It’s this one, overlays passively monitor, so they are present but don’t change output.
AL+ injects into the render path and re orders the commands then uses the injected tags to identify the correct order of the frames for output. While actively buypassing parts of the games engine and using a driver based one instead.

That sort of behaviour would be very hard to differentiate official AMD drivers from most of the other cheats out there.


Edit: there are some easier methods for identifying what is a driver and what is a cheat but it would require game devs to run some pretty serious kernel level active scanners that not many would welcome on their system.

AMD should just sit down with dev’s to get it baked into game updates.
 
Last edited:
GoldenTiger said:
Yep!
Click to expand...

1_rick said:
View attachment 606451
Click to expand...

I hate that this is exactly why AMD can't break the market in any meaningful way, they want almost as much as nVidia but their product is demonstrably inferior. If you're a gamer looking for a video card and you find out AMD cards can get you banned from your shitty e-sports shooters which are you going to pick? The threads about these bans and the cause will long outlive the fixes.

It's not fair, but it's reality. Everyone has bugs, AMD just has more and they tend to be bigger than average.
 
Twisted Kidney said:
I hate that this is exactly why AMD can't break the market in any meaningful way, they want almost as much as nVidia but their product is demonstrably inferior. If you're a gamer looking for a video card and you find out AMD cards can get you banned from your shitty e-sports shooters which are you going to pick? The threads about these bans and the cause will long outlive the fixes.

It's not fair, but it's reality. Everyone has bugs, AMD just has more and they tend to be bigger than average.
Click to expand...

This sounds like more of a problem with shitty esports game than a problem with AMD's driver. Remember, AMD didn't ban these people. The counter strike developers did.
 
DukenukemX said:
I don't see how this is AMD's fault when it's the games anti-cheat that's having a problem?
Click to expand...
Well AMD could have let the various developers know they were doing this so they could add some app signatures to their white lists.
Or they could have given the developers a heads-up that they were going to be circumventing their render delivery pipeline with their own so the developers could take preemptive action.
Or AMD could have realized that what they are doing is the exact thing that most cheat engines do for "visual aids" such as seeing through walls, or far-sight, radar hacks, night vision, etc... And called it off as a terrible idea before they started.
 
Lakados said:
Well AMD could have let the various developers know they were doing this so they could add some app signatures to their white lists.
Or they could have given the developers a heads-up that they were going to be circumventing their render delivery pipeline with their own so the developers could take preemptive action.
Or AMD could have realized that what they are doing is the exact thing that most cheat engines do for "visual aids" such as seeing through walls, or far-sight, radar hacks, night vision, etc... And called it off as a terrible idea before they started.
Click to expand...
Still seems like a problem with how the anti cheat works. If changes to a graphics driver trips a ban, then maybe developers need to stop depending on automated systems that can trigger a false positive. You know, hire moderators to monitor players for cheating?
 
staknhalo said:
AMD pulled the driver - if the fault wasn't at the driver end no reason to pull it - it would have just been on the devs to update their games
Click to expand...
Made sense to pull the driver since this would upset a lot of players. That's like Tide removing Pods from store shelves because teenagers were eating them due to how much they looked like candy. You can't blame Tide because teenagers are stupid. In this case, you can't blame AMD for removing drivers because the anti-cheat systems in games are stupid.
 
DukenukemX said:
Still seems like a problem with how the anti cheat works. If changes to a graphics driver trips a ban, then maybe developers need to stop depending on automated systems that can trigger a false positive. You know, hire moderators to monitor players for cheating?
Click to expand...
It's not a driver, for Anti-Lag Plus AMD is diverting the game's output renderer, and replacing a part of the game's back of house with one AMD built for it specifically (which is why it only works in 12 games despite being driver-side).
That is not a false positive, that is 100% from how to write cheats for multiplayer games 101.

AMD detours the output between the game engine and the display adapter, So it is taking the commands from the game output, modifying them, and reinserting them back into the game in a way that the game isn't supposed to detect, exactly how cheats do, modern anti-cheat software is explicitly looking for that sort of activity. And not just CS2, but also Fortnight, Overwatch 2, Call of Duty, Apex Legends, and MechWarrior Online, it's not just one game looks like AMD has gotten a lot of players banned from a lot of multiplayer games from this.
 
DukenukemX said:
Still seems like a problem with how the anti cheat works. If changes to a graphics driver trips a ban, then maybe developers need to stop depending on automated systems that can trigger a false positive. You know, hire moderators to monitor players for cheating?
Click to expand...

I don't think you understand the volume. VAC alone had like 760,000 bans last year.
 
DukenukemX said:
Made sense to pull the driver since this would upset a lot of players. That's like Tide removing Pods from store shelves because teenagers were eating them due to how much they looked like candy. You can't blame Tide because teenagers are stupid. In this case, you can't blame AMD for removing drivers because the anti-cheat systems in games are stupid.
Click to expand...

Nah it's more like telling you you don't understand what's going on here once again apparently while you pretend you do
 
And surprise surprise, Steam does not have a customer support phone number to help those that innocently got caught in this ban wave.

Even Electronic Arts has a support phone number.
 
ZodaEX said:
This sounds like more of a problem with shitty esports game than a problem with AMD's driver. Remember, AMD didn't ban these people. The counter strike developers did.
Click to expand...
and it was a preview/beta release, so you had to manually choose to use it....
 
pendragon1 said:
and it was a preview/beta release, so you had to manually choose to use it....
Click to expand...
Actually it was a WHQL Certified General Release that was pulled....

(Adrenalin Edition 23.10.1)
Release File Name: (whql-amd-software-adrenalin-edition-23.10.1-win10-win11-oct11-rdna.exe)
Release Date & Time: (18:17:12 October 13, 2023)
Source for Data: (https://web.archive.org/web/2023101...n/support/kb/release-notes/rn-rad-win-23-10-1)

Either way though you have to manually install the driver whether it is a preview driver or a WHQL Release on the main driver page.
 
Last edited:
ZodaEX said:
This sounds like more of a problem with shitty esports game than a problem with AMD's driver. Remember, AMD didn't ban these people. The counter strike developers did.
Click to expand...

Nope.

A GPU is supposed to interract with a game THROUGH the API (DirectX, Vulcan, OpenGL, Whatever) and through the API only.

AMD is going in and mucking with the running game, and that is pretty bone headed.

This is 100% AMD's fault, and something even a moron should have understood they shouldn't be doing.

Whoever greenlit this at AMD doesn't belong working in this or any other industry.
 
Zarathustra[H] said:
Nope.

A GPU is supposed to interract with a game THROUGH the API (DirectX, Vulcan, OpenGL, Whatever) and through the API only.

AMD is going in and mucking with the running game, and that is pretty bone headed.

This is 100% AMD's fault, and something even a moron should have understood they shouldn't be doing.

Whoever greenlit this at AMD doesn't belong working in this or any other industry.
Click to expand...
Well that would not be totally fair IMO.
There is one example of an Nvidia driver feature being blacklisted in one popular online game, that is also enabled at the the driver level. Go research Hunt Showdown and the Nvidia Filters Ban.
This is not just isolated to AMD. The Hunt Ban on the Nvidia Filters implemented at the driver level happened in the last 1-2 years.

However I think that it would have been wiser for AMD to communicate with the developers to help the process along while avoiding the Banning issues. This does not affect only one make of card on the market it has happened to both Team Green, and Team Red.
 
Enigma said:
Well that would not be totally fair IMO.
There is one example of an Nvidia driver feature being blacklisted in one popular online game, that is also enabled at the the driver level. Go research Hunt Showdown and the Nvidia Filters Ban.
This is not just isolated to AMD. The Hunt Ban on the Nvidia Filters implemented at the driver level happened in the last 1-2 years.

However I think that it would have been wiser for AMD to communicate with the developers to help the process along while avoiding the Banning issues. This does not affect only one make of card on the market it has happened to both Team Green, and Team Red.
Click to expand...

I didn't say that AMD is the only company capable of fucking up. But they (and Nvidia apparently) should have known better.

Those two things are not mutually exclusive.
 
Zarathustra[H] said:
I didn't say that AMD is the only company capable of fucking up. But they (and Nvidia apparently) should have known better.

Those two things are not mutually exclusive.
Click to expand...
I would agree that the implementation without notifying the devs of what they were doing was short sighted.

Context is everything, But the way you put it with the direct reply to ZodaEX: (This sounds like more of a problem with shitty esports game than a problem with AMD's driver. Remember, AMD didn't ban these people. The counter strike developers did.) makes it seem as AMD has been the only one to mess up in this regard. And that the people behind said decision to implement the tech should be barred from the industry.

There is no official data from the Hunt team on how many members of the Hunt Community were actually banned for the use of Nvidia Freestyle. Would you have the same opinion for people that work for Nvidia in the case of Freestyle and Hunt, Should those people be barred from the industry as well?

I am not coming here as a fanboy, I just switched from Team Green to Team Red because of cost in the last year. The team red product that I now run is the first one I have ever owned.

<Flame Suit on>
 
Enigma said:
I would agree that the implementation without notifying the devs of what they were doing was short sighted.

Context is everything, But the way you put it with the direct reply to ZodaEX: (This sounds like more of a problem with shitty esports game than a problem with AMD's driver. Remember, AMD didn't ban these people. The counter strike developers did.) makes it seem as AMD has been the only one to mess up in this regard. And that the people behind said decision to implement the tech should be barred from the industry.

There is no official data from the Hunt team on how many members of the Hunt Community were actually banned for the use of Nvidia Freestyle. Would you have the same opinion for people that work for Nvidia in the case of Freestyle and Hunt, Should those people be barred from the industry as well?

I am not coming here as a fanboy, I just switched from Team Green to Team Red because of cost in the last year. The team red product that I now run is the first one I have ever owned.

Flame Suit on
Click to expand...

Yep. I'm no fan of Nvidia. I had never heard of this Nvidia issue before. If they made a similarly boneheaded decision to go in and mess with the game itself instead of staying entirely on their own side of the API, then that shows a fundamental lack of understanding of how these things are supposed to work, and maybe, just maybe this industry is not for them.

But I'd also struggle to think of any industry that is for them. If you are a programmer you should grasp basic data interfaces and know which boundaries you should and shouldn't cross, and if you don't I don't know what I'd feel comfortable having you programming. Certainly not medical device firmware, or software for automotive brake controllers or etc. etc.
 
Last edited:
You must log in or register to reply here.
Back
Top