Update 7.3 - Stopping radar in its tracks with packet encryption

Update 7.3 - Stopping radar in its tracks with packet encryption

Tuesday, June 23rd 2020

I want to say up front that I have no insider knowledge on how this was implemented in the game or any other information related to this update. I have not spoken to anyone at PUBG about this so take all of this information with a grain of salt. Additionally, I do not have any experience with cheating in games other than being the victim of blatant cheaters. I’ll be speaking from a speculative and technical perspective. I have a background in software development and I’m active in the community. Here’s my take.

  • What did the “radar” software do and why was it cheating?
  • What does packet encryption mean and how does it prevent radar?
  • Why didn’t PUBG already ban people that are “known” radar users?
  • What does this mean for the game going forward?

I am hoping that in this post I can provide a fairly well rounded explanation of what these cheats did, how they are being made obsolete, what packet encryption is, and what it means for the game.

What is “radar” software and why is it considered cheating?

Radar software (as it relates to gaming consoles) is a specific type of hack that allows the cheater to run a program on another device, like their computer or phone, which will intercept data being sent and received by your console. This type of cheat allows the cheater to see everything going on in the game much like a radar would. In PUBG’s case, this software is listening for game data that your console is sending to PUBG servers and also listening for game data being sent from PUBG’s servers to your console. For PC gamers there are some differences but we’ll focus on console here.

The reason it’s called “radar” is because the cheater is able to see game data that they shouldn’t have access to. When you load into a game your console is constantly “talking” to the PUBG server the game is running on. You are sending data about your player to the server and the server is sending data about the whole game back to your console. Cheaters are able to gain access to player details like position, weapon load out, movement, player names, etc by intercepting this information as it travels to and from your console. Additionally they get general game data that shouldn’t be available to them like positions of crate drops, vehicle positions, world-spawn weapon positions, etc. This all happens in real time. For these cheaters, it’s like watching a 2d replay as you play the game. The cheater is able to know exactly where every player is and what weapons they have. You can see how this would be a monumental advantage... and that’s exactly what it was. It’s extremely hard to track and identify because it doesn’t manipulate the game at all and it doesn’t run on your console where anti-cheat software built into the game could potentially detect it. This is typically known as a man-in-the-middle attack .

I like to explain things using analogies… so here’s one for radar. We’ll also use this example in the next section when we talk about packet encryption. Let’s imagine that you live in California and your best friend lives in New York. You want to send them a hand written letter through the mail. This letter has personal information about you and your friend. You don’t want anyone but your friend in New York to read that letter. Now let’s imagine that somebody at the post office wants to steal the information in your letter. They could carefully open it, read it, then re-seal it and send it on its way. Neither you nor your friend would know that somebody else had read the letter. Now this “man-in-the-middle” has your personal details and neither of you were aware of it. That’s essentially what happens with packet sniffing radar software. The software intercepts data being sent, uses it to cheat, and nobody on either end is the wiser.

It is, in my opinion, the most egregious way a person can cheat in a BR style game. All forms of cheating are bad and should be handled decisively… but radar is like god-mode. Cheating in video games is rampant. If you’ve ever played a multiplayer game you’ve likely faced a cheater. This isn’t unique to PUBG. All multiplayer games with any level of popularity have cheaters. I’m not going to get into the ethics of cheating and what I think about people who cheat. I think my opinion is pretty clear on the matter.

What is packet encryption and how does it prevent radar?

It’s official... Packet encryption is here! With the release of 7.3 and the encryption that followed shortly after, radar should no longer be an issue. Now that you have a basic understanding of how radar cheats work we can go into how PUBG has implemented a code change to prevent game data from being intercepted.

From the explanation above, radar software intercepts data being sent to and from the PUBG servers. Let’s imagine that this data is in plain text or some form of human readable content. In that scenario it would be pretty easy for somebody creating software for cheaters to “read” that information and build something nefarious.

Let’s use our hand written, snail-mail letter example to explain encryption in this context. What if both you and your friend in New York had a secret code. This code could be used to jumble up your letter so that it’s unreadable while it’s in transit. Once it gets to your friend, they can use that same code to decode the message you sent, making it readable to them and only them. Think the Little Orphan Annie decoder pen from “A Christmas Story”. So now we have the ability to write a letter in normal language, encrypt the letter’s content using a special code, send the scrambled letter to your friend, then finally your friend can decode it when they receive it. Using this method you can now (relatively) safely send private information and even if somebody intercepts it, they can’t read it.

That’s what packet encryption is doing. Your gaming console is using a secret code to scramble the information being sent to the PUBG server. Once it hits the PUBG server, the message is decoded and processed. The same thing happens when PUBG sends information to your console. At the end of the day, this means that even if cheaters can access the messages being sent to and from the server, they can’t read anything in it… rendering the information useless.

Bye cheaters. We never wanted you here. You’re a plague to gaming.

Why didn’t PUBG already ban people that are “known” radar users?

This is a more nuanced question that the community has been wondering about. Again, I’m speculating here, but I think that PUBG was put in a tight spot with this specific type of hack. I’ll try to lay out my reasoning as to why they weren’t banned previously but I want everyone to know that this is just my speculation.

I think PUBG is in a policy issue when it comes to radar. It’s not like other methods of cheating where PUBG can write code to detect it or use anti-cheat software to flag a player’s account. It’s very hard, if not impossible, to detect. What this means is that if they decide to ban a player for using radar, they would be banning a player based solely on suspicion. There’s no clear line they can draw to decide who uses radar and who doesn’t. A player can LOOK like they are cheating but because we can’t always see things from their angle and we can’t hear their comms it leaves the door open for them to just have gotten lucky or maybe they are incredibly good players.

How could PUBG write a clear-cut policy for banning radar users?

Honest question here. PUBG is a large, global company. They can’t operate on wishy-washy policy at that scale. The stance PUBG has taken on cheating is this :

  • Cheaters degrade the experience for a large amount of players every time a cheater is in a game.
  • Cheating is one of the most important issues they are battling because of the degraded experience and integrity of the game.
  • Catching cheaters is like a chess game… PUBG makes a move, cheaters make a move, PUBG makes a move, cheaters make a move… and so on.
  • Whether you want to believe it or not, they take cheating seriously. They know that cheating in their game makes the game worse.

The problem, I think, is/was policy (as it relates to radar specifically).

Here’s a typical situation when trying to report radar cheaters.

Let’s isolate one scenario and break it down a little. Let’s say we have video evidence of a player that is spectating a suspected cheater. In the video, it looks like the player knows where a player is without any visual queues. The suspected cheater runs up to a player and throws a nade or shoots them in a suspicious way. If you watch that video in isolation, it would look like pretty concrete evidence. But what does PUBG think?

Again, I want to make it clear that I have no idea what PUBG’s policy is… this is speculation.

From PUBG’s perspective they probably have to ask themselves a number of questions.

  • What if this is the only instance where this player appears to know where other players are?
  • What if they had squad comms that said “Right in front of you, down the hill, toss a nade” because a teammate called it?
  • What if they saw the player before the video was recorded and followed them up the hill, knowing they would be there?
  • Could this player just have a very high game sense? If you ever watch some of the great players, they seem to just know where people are. They aren’t cheating but some of their plays seem superhuman. That’s because they have incredibly high game sense.
  • Do we have enough evidence to ban this player and can we prove it?

If PUBG were to ban the player in this hypothetical video they would be banning players based on suspicion rather than proof. Other bans that we see are indisputable like no recoil, speed hacks, team killing, moving through walls, etc. Video evidence can prove those scenarios. Game data can prove those scenarios. Video evidence and game data can’t prove radar usage but it can certainly raise a healthy level of suspicion. In many cases, it feels like proof enough… but again, we’re back to a policy issue. What is “proof enough” from a corporate policy perspective? What if PUBG accidentally bans a legitimate player?

From a corporate, policy level… is that enough to ban a paying customer?

It’s just a hunch but I feel like the top brass at PUBG is in a policy concern when it comes to this type of evidence and this type of cheating. I could be completely wrong but they are definitely not ignoring it. I know with 100% certainty that multiple people with the power to do something at PUBG watch video evidence and read the comments on social media, Reddit, and PUBG forums. For some reason they’re not able to ban people for radar even with evidence like this. To add to the problem, if they stated that it is a policy issue and their reasoning behind it the whole community would dump on them. It has reached a boiling point in the community where many players feel the evidence is a clear cut as it gets yet nothing is being done about it. It’s a lose-lose situation. Until now (hopefully).

Packet encryption solves multiple problems

If I’m right (and that's a big IF) about the policy decision it means that packet encryption solves two huge problems for PUBG.

  1. They don’t need to formulate a concrete policy for dealing with radar users.
  2. Radar becomes obsolete and they can focus their energy on other forms of cheating that still exist.

This is a huge win for both PUBG and for the player base. Players can be reasonably certain that they are on a level playing field and playing fair games. There are still other ways to cheat and there always will be. It’s also possible that somebody could “decode” the encrypted messages at some point. It’s very unlikely, but it’s possible. The good thing about encryption is that you can change the “code” and you have a brand new type of encryption with very little effort from a programming standpoint.

What does this mean for the game going forward?

This is the big question. There’s no doubt that this is a positive step forward for PUBG. I tweeted about this before where I mentioned that, in my opinion, this update is going to be one of the most important changes to the game (for console) in recent memory. Radar was turning into a real issue for console gamers. It became even more of an issue when ranked mode was introduced. Even if you rarely came across a radar user, there was always that suspicion in the back of your mind that somebody in your game had a massive unfair advantage over you. It was a cloud looming over every game played. On top of that, it made grinding the ranked leaderboards feel hollow. All it took was one look at the leaderboards and a small amount of investigation to quickly realize that many of the top ranked players were cheating. In a game like PUBG where so much of your success is determined by random elements it is very, very rare to have extremely high win rates. It was disheartening and it actively pushed loyal players away. Ranked mode, one of the best updates this game has ever seen, was being overshadowed by cheaters.

The future looks bright… if you’re willing to be optimistic

It’s no secret that I’ve been critical of PUBG when it makes sense. They need feedback from the community when they miss the mark. It’s also no secret that I believe PUBG can continue to succeed. I stand pretty firmly on the side of optimism for PUBG. Don't get me wrong, though. PUBG has plenty of room for improvement and I'm not oblivious to the obvious issues. More on that below.

My opinion on this update is that it will bring a higher level of integrity to the game for console players. It makes ranked mode more competitive. It gives the loyal, skilled players more of a reason to grind the leaderboards. It opens the door for tournaments and games that are promoted by PUBG now that they can say with a reasonable level of certainty that the games are fair. I think this is all really, really positive. Sure, it could have (and probably should have) come to the game sooner… but we’re here now and that’s a good thing.

The elephant in the room; my plea to PUBG

If you follow the game closely, we can address the elephant in the room. PUBG has to do better with player communication. They just do. We’ve been saying this for what feels like years and I personally feel like a broken record. I want to say up front that PUBG has been doing much better with communication. This isn’t up for debate. They have been doing better. Take a look at the forums, Reddit, Twitter, etc... They are out there and they are talking. It’s not at the level the players want, yet.

Now is the time for transparency

I feel like I truly understand a lot of the decisions PUBG makes. There is a seemingly endless list of variables that PUBG has to account for with every change they implement. Just to name a few, they have a massive global audience, multiple platforms to program for, an ever growing list of queues for players to choose from, etc. Let’s not forget how many employees PUBG has and the various community coordinators that all need to have a unified message. It’s a lot to think about and it’s challenging for even the most seasoned companies. I am sympathetic to the position they’re in and I recognize how difficult it would be to get it right.

If I could bend the ear of somebody at PUBG this is what I would say.
Please explain your decisions and game changes in more detail. Please be transparent about these fundamental changes and how they are implemented. I understand that there are trade secrets, there are things that have to remain private to the company, and there are things that can’t be revealed without exposing future plans. There has to be a middle ground, though.

I work in the software industry… there is a universal truth for anybody creating software and that is you have to set expectations. This goes both ways. Software is fluid. Things change. Good ideas can turn out to be terrible ideas once they are implemented… Crazy ideas can turn out to be wonderful, unexpected wins. Setting expectations is very, very hard to do. You can’t always explain your roadmap because your roadmap will change. There's no doubt that this is a concern for PUBG. Setting expectations at this scale to such a passionate audience has to be incredibly difficult to do.

What I’m hoping for is more transparency as it relates to changes that are either already here or ones that are definitely coming. For example… bots. I know the community would still love a detailed explanation about how bots are implemented. We don’t want vague answers that leave more questions than clarity. Nearly everybody is tired of seeing "soon"... at the same time, this directly relates to the fluid nature of software and the ability to successfully set expectations. Sometimes "soon" is the best answer they can provide and that's likely something we will need to come to terms with.

Let’s close out this blog post

I am optimistic about PUBG and I always have been. It's the most challenging, interesting, nuanced game I've ever played. This update that includes packet encryption is WONDERFUL (assuming it works as expected). This is a win for PUBG. This is a win for players. This is a win for the integrity of the leaderboards. This is a win. Period.

I will continue to be a positive voice in the PUBG community. I will continue to do my best to provide feedback and criticism in a respectful way. I have no patience or sympathy for people that are abusive and constantly negative. Zero. To those people… You do nothing to better the game, you do not add anything of value to the conversation, you are not helpful. Maybe that’s your goal, though. Maybe you just want to degrade the conversation to the point where no matter what happens, it’s negative. My plea to you is to slow down and recognize that there are humans on the other end of your messages. They are not robots. They are likely more passionate about the game than you are.

Criticism and constructive feedback is valuable. Personal attacks, abusive language, and toxic attitudes are not going to bring positive change and it will actively push PUBG away from interacting with you and the community in general.

We could all take a step back and realize that this game has brought most of us hundreds of hours of enjoyment and has transformed gaming for the better. Let’s all be a little more respectful to each other and let’s all try to present our ideas in constructive ways. That’s how we move forward as a community.

Here's to the future!