Cheating and Security of Aoe DE II

Dear Forgotten Empires Team,
please let people know about the information you received from the RedRocket Team (https://redrocket.club/). AoE II DE is vulnerable to cheating (you can basically do anything, even control your opponent units, cancel opponent research at 99%, …).

Source: https://www.gamestar.de/artikel/podcast-aoe-2-cheat-hack,3372066.html (sry it is german).

Seeing you are only applying security on the interface not the basic functions makes me worry that this may be hinting at possible security risks (Remote Execution Bugs or similar), a scary thought.

When will there be a patch?

Also, RedRocket said that they reported this to you 6+ weeks ago and you did not respond at all. Only after the biggest german games media (GameStar) picked it up and made a request to Microsoft you responded. That’s not open and transparent community management. You can do better. I even dare say that the community deserves better!

Thank you.

11 Likes

Devs know it. I’ve found a lot of exploits as well like making PALADIN in feudal age, even tested them on MP. But the sanity check will worsen the already ever lagging condition. It’s a 90’s game, engine is same. The original AoE had some checks. Voobly had it too. But in DE, alot of things are scrapped. Understandable.

Every online game can be hacked. The main ques lies in integrity. If everyone starts killing because they can where would the world be?

Also, it’s better if u remove the post, u know…

For AOE2, server-based sanity checks can detect a variety of cheats without introducing lag because the sanity check doesn’t need to be applied real time. The sanity check thread is simply an observer. Paladin in Feudal Age? Cheat detected. Villager deleted by opposite-player client? Cheat detected.

The second issue that needs to be addressed is transparency in refereeing and penalties. Every professional sport (even the olympics) publicly communicates the accusation, investigation result, and outcome. If players know that cheating will get caught and punished, it will have a significant deterrent effect. Frankly, there should be a forum page that lists the player name, cheat description, and outcome. If you cheat, the world should know it. Social pressure is very powerful.

The last issue is to ensure that family-sharing accounts are impacted. If a shared account cheats, the primary account should also have the punishment applied.

Thank you for your replies :slight_smile:

I did not want to encourage people to cheat with my post but I think one should be allowed dicuss the issue openly as I am sure it will help the game overall. (edited)

I have also posted about the issue over at AoC Zone and some have responded there. In case you are interested here is the link:
https://www.aoezone.net/threads/cheating-and-security-of-aoe-ii-de.177839/

Thank you and have fun!