The development team releases the contents of the security update of the social VR platform 'VRChat'
by
As of July 25, 2022, the development team of the social VR platform ' VRChat ' that allows you to communicate with people all over the world and play your own games in the virtual space online using the VR headset Explains 'safety and security fixes' that will be rolled out in the future.
The VRChat Security Update — VRChat
https://hello.vrchat.com/blog/vrchat-security-update
◆ Implementation of Easy Anti Cheat
Easy Anti Cheat is an anti-fraud tool developed by Epic Games, known for its 'Fortnite' and 'Gears of War' series. The VRChat development team said, 'Easy Anti Cheat is a lightweight, effective, privacy-focused anti-cheat service.'
Thousands of users report that their accounts have been stolen each month on VRChat, but in many cases clients have been tampered with to secretly record a variety of information, including keystrokes. The cause is that you are using. Using a tampered client poses a great risk to the user and a heavy burden on the operator, leading to a poor overall game experience. The development team explains that Easy Anti Cheat was introduced to block these tampered clients and solve many problems from the ground up.
According to the development team, Easy Anti Cheat will only be active when VRChat is launched. Also, even if you have used a mod created by volunteers in the past, Easy Anti Cheat will not work if you completely delete it. However, if you still have the mod installed, you will get an error and you will not be able to load VRChat. Also, if you try to load the mod while VRChat is running, the connection will be disconnected and the application will shut down.
Affected mods only rewrite the client's program, and if it's your own program loaded via SteamVR, such as Playspace Mover, OVRAS, OVR Toolkit, or XSOverlay, it's affected by Easy Anti Cheat. There seems to be no.
by
◆ Adoption of secure instance
In VRChat, a space called 'instance' is created on each server based on the specification called 'world'. The user joins this instance with an avatar and communicates.
There are several types of instances, and for Friends instances, only the instance creator and his friends can join the instance. However, if you created an instance via the website version and gave the link to someone who wasn't your friend, you could join even if you weren't your friend. Also, even if it is a Friends instance, if you create a portal that will be the entrance to it in a public instance, you can move through the portal even if you are not a friend.
According to the development team, it was the intended specification that non-friends could access the Friends instance depending on the method, but as a result, it caused a lot of confusion and problems. So the development team announced that they would introduce a 'secure instance' that would improve the instance specifications.
The secure instance makes it possible to create a locked portal. This locked portal can be created with Friends Instance and Friends Plus Instance, and even if it is installed, it will only be displayed to the creator's friends. So if you set up a locked portal on your public instance, you won't get people who aren't your friends.
Of course, you can also set up an unlocked portal, so you can invite non-friends to your Friends instance as before.
Also, in the past, if you knew the instance ID set for the instance, you could join the instance even if you were not invited. However, it is possible to lock the link on a secure instance. In this case, even if someone other than the authorized user browses the instance page of the website, the instance ID will not be displayed and you will not be able to access the instance.
The development team says it plans to announce and deploy some features designed to make VRChat better and more secure in the coming weeks. 'I'm not ready to announce anything else (at the time of writing), but there will be more announcements in the near future,' the development team commented.
In addition, it seems that users are complaining about the fact that Easy Anti Cheat made it impossible to introduce MOD. In particular, there are many cases where it is possible to reduce the operation weight of the client and improve accessibility with MOD, but on the other hand, there is an opinion that cracking down on client tampering with Easy Anti Cheat will only be a cat-and-mouse game.
Reasons for the violent ups and downs of overseas VRC | Potato Journey | note
https://note.com/potatovr/n/n993d3164e0a9
Related Posts:
in Web Service, Game, Security, Posted by log1i_yk