Aren’t you concerned to see an abnormal amount of cheaters on UE4 games as a result of the released source code?
What will you do to prevent the foreseeable rampant abuse?
Good point! I’m waiting for answers too. And more: what we have to do to prevent bad behaviors?
Source code or no source there will always be cheaters, It’s what you do as a developer to minimize that. I’ve seen games that do not have a released engine to public get cheaters like flies (BF4, CoD) a few to mention.
He is right, but I still do wonder if its going to be any easier to code for hacks. But then again make sure your game has dedicated servers then hardly nothing to worry about since the admins on there will shut them down 
Yes i agree Meathead, There is the ability to implement an anti-cheat like PB or VAC and so on too and after that you can develop a custom solution for your insect problem to run as a side / tracking these hacks.
A positive side effect of releasing the source code is that you all can now report any suspicious code paths directly to us!
If you or anyone else finds something in the source code that we should look at, please report these findings directly to security-exploits@epicgames.com.
I’m afraid of network packet factoring and memory hacks because they are easyer to do now.
This said thank you for providing the email, please keep cheats in the back of your mind, you guys might be in a great position to develop an anti cheat plugin/service.
Oh and I just wanted to add: Epic please don’t change your terrific feedback, it is making our 15 men studio switch from Unity to Unreal less painfull. Im seeing jaleous developers the other side of the fence now 
This is something that cannot be ignored but having access to the full source allows you to make your own anti cheat system 
There is no requirement to release any of your edited code so in the end it doesn’t affect your full game too much if enough effort is taken, still cheaters will always find a way so the best thing to do is always have admin tools and other related things if your game fits into that category or style.
As somebody who has worked on Unreal Engine hacks in the past, some obfuscation of UObject would likely go a long way to slowing down the reverse engineering methods you’d need for an aimbot, but you’re always going to be vulnerable to packet or memory hacking as long as you assume input from the client is legit.
Cheaters->Ban.
Enable players to report unusual activity. Less time consuming than actually overwhelming your self with building a cheat proof system.
Exactly… Source code or not, it doesn’t make much of a difference UNLESS: You publish your entire game as source code too…
Other than that you have to be either quite naive to think that not having server side protection will get your far or you are just inviting the wolfves to your home.
There are no games that can be made reasonably safe without server side protection. For games like Battlefield 3, adding server side protection can be quite tricky & too complex. In that case you need to fallback on sanity checks. For instance you should be worried if a player manages to move with the speed of light across your map. That’s just impossible. Also you should be worried if a player:
- Can kill people through walls, unless allowed by game mechanics
- Other players repeatedly type “report cheater” into the console
- Players are on top of the leaderboard => make “ghost view” possible to allow admins to actually follow such a player when he plays and see if he can do anything unusual which means he is probably cheating.
- use other statistics & heuristic to identify potential cheaters and then use ghost view to validate your claims…
Build games where cheating is irrelevant. Oh wait, I forgot everyone these days want to make MMOs / MOBAs.
At this case, deal with it. Any competitive game relying on OpenGL/DirectX will have cheaters.
And when you ban the cheaters, be prepared for DdoS
Memory editors like cheat-engine are easy to workaround, but GLX cheats are almost undetectable.
A lot of security protocols are also open source too. This is because it allows anybody to find exploits and report them.
Well and of course because “security” protocols mean that they are secure indeed and not just obscure, like say “compiling my source code into obscure binary format”… “Security” here means that regardless how well you know the protocol, it remains secure.
Unfortunately, “security” in terms of cheating is hard to achieve for any game that uses non-deterministic game logic, like Battlefield or any other game that makes use of advanced physics and needs realtime multiplayer synchronization.
In contrast, games like CandyCrush can be made 100% anti-cheat secure if you exclude bots from the bill.
Then there are of course games like “Go” or 20 years ago also “Chess” that were technically not cheatable, because it would constitute a major technical challenge to create a bot for them that actually can defeat good human players (here only talking about bots, since those games are ridicously easy to make 100% “conventional” cheat proof).
I know the thread is a bit older but the matter will always remain.
First of, I have a little experience in terms of anticheat …
Over 10 years ago, I developed with my team an anti cheat engine for the game TacticalOps (UT99 Engine).
The anti-cheat engine is today still running. The TO Community know it as ESE…
Design of our native AntiCheat-Engine :
- only one DLL on the client side + a key XML file
- Proxy Server
- UScript Plugin for the Game Server
- Master Server (can Manage all the Dedi. Game Server and Player)
- Network Secure using ECC and AES
Some little things :
- Can I stop all cheats? : in user mode “Yes” but Kernel based Cheats thats change the ShadowTables “No”
- What should I do? : never rest … “Cheatcoder never sleeps ;-)”
- How do I get started and what do I need? :
- First, you should develop a concept (Client / Server).
- Concentrate on things that are outside of the game. (the latest cheats hack DirectX and OpenGL dlls. Helios do it on all Games (ArtificialAiming))
[If you know what you’re doing, you can stop Helios Cheats very simple. He change some Code in the Dx/OGL and redirect it to his cheat. I found it before years very easy and quick.] - What I want to check (signature-based / replacement function tests / Pointer replacement /…)
[signature-based like PunkBuster is a bad way!!!] - You need a very fast and efficient test framework (we use very small and fast ASM code)
- You need to have deep operating system knowhow and you should have ambitions to hack.
- You need alot of free time…
You’ll never reach 100%. believe me …