Seems like the ppl from evenbalance have gone mad:
starting with this version 1.082, Win32 versions of PB now require the game to be run as the administrator user or equivalent
It’s just plain stupid to force an online game to run with admin privileges on windows. This would be a big breach in every sane security concept for windows systems. For me this means the death to PB, luckily the ETPro anticheat is already there.
Luckily for me I’m one of the admins from the german wolfmap server, so I can switch PB of on this one.
I’m guessing from the kick messages that was happening of “losing key packets” PB is getting around a direct PB hack released, which was making PB completely ineffective against all cheats previously detected. By the looks of things they tried to do it without admin privledges, and couldnt do it because everyone was just getting kicked, so they had to do it the other way.
so my guess is the choice was PB requiring admin user or PB that does not detect cheats. 99% of people are running admin user, and its hardly essential for security except in e.g. workplace, public computers etc. ET downloading and running nay old file from servers is an issue, but thats ETs security issue, not PBs, and can be a concern wether running admin or not.
This would be a big breach in every sane security concept for windows systems.
security != windows systems
What pisses me off so much is that I do have Administrator privledges yet it says that I dont. Now just to make sure I went into control panel, click on user accounts and sure enough right under my name it said “Computer Administrator”. Now just to make sure I even created a new account and gave it admin privledges as well and it still did not work.
Well, in the past you could run as non-admin, thus slightly limiting the damage potential of a trojan mod. Especialy if you created a limited rights user expressly for that purpose. PB has now effectively made this impossible.
The quake3 autodownload system is certainly stupid, and this is compounded by the fact that you pretty much need to have it enabled to play on et public servers (because of the stupid way campaigns are done), forcing all players to run as admin is still a truely stupid idea.
Finally, this will almost certainly prevent people form playing from internet cafes and lan centers.
The autodownload could be much better simply by distinguishing pk3s that contain game code and ones that don’t. Ones that contain gamecode should require confirmation before they are used.
edit:
I suggest that everyone who understands what a stupid idea this is write to evenbalance and let them know.
Well those two facts above combined with the issue that as of last thursday my server has started locking up, and not forgetting that etpro has its own cheat detection, I have now disabled PB on my server :), mostly to track down whether it is the cause for the lockups, in which case it will probly remain off and I’ll passwordprotect the server instead.
I turned PB off on my servers a while back, because they hadn’t updated at all in a couple/few months, every haX out there worked under PB, while NONE worked under etpro3.
The new crop of issues and ‘admin-required’ bollocks just makes it less likely that PB’ll ever return.
Hopefully ETPro will add bad-names dup-name kicking. Then PB really won’t be needed for anything. 
Dg is correct. I did see a post on one of the cheat sites about a way to manipulate punkbuster packets so the hackers can run previously detected hacks. 
Fairplay to punkbuster for trying to thwart the hackers once more.I just hope it doesn’t make it too difficult for server admins to run pb on their servers.
Feckin’ hackers
Yep, big respect for evenbalance for doing everything they can to stop the cheaters. I’m not worried about the administrator thing (unless I will get the same problem as WhiteAngel), but the fact that you might not be able to play from a computer cafe worries me a bit. That’s a bummer. It’s annoying that it got this far.
fwiw, pb detections have been updating regularily. The client & server program updates are seperate from cheat detections. None of the cheat sites I check have had any ET cheats working for the past month, with the exception of those working on getting this PB hack going in ET. It’s ETPro anticheat that hasnt been updated for almost a month (5th May was the last one [edit: until today]). Currently [er or at least until yesterday], there are public hacks that work with ETPro. PB is detecting them. There arent any public ones I’m aware of that etpro is detecting and Pbcurrently is not - though this does happen for a short time quite frequently. Even when etpro updates detections, how may servers install the latest one? How many even have a clue they release updated detections? Last time I saw “so and so is cheating and kicking has been disabled” the admin thought it was a PB bug.
Bani has said somewhere on his forums that ETPro anticheat should be used in conjunction with PB, neither are close to perfect measures. I dont know any admin who would ban for a supposed etpro detection, the only admin I know that kicked a clan out of a tournament for etpro detection hastily and to much embarassment and apology reversed the decision very soon afterwards, when it was discovered etpro “detections” are completely unreliable.
ETPro anticheat is a very useful measure for both publics and competition, but it doesnt come close to replacing PB.
Theres a few hacks out that it says right in their description… “Doesn’t work with etpro” btw. Also had 2 players fess up they were cheating when I saw the so and so is cheating in red in the logs… Pb didn’t catch them. Still best to have both though.
I agree that Windows does not have all the security it should have enabled from the start however a) provided the software creators do not make it impossible to lock down the system there is really no problem to make it safe and b) name me another OS that have no security flaws. Linux is not the answer here since it has at least the same amount of security patches 
the difference is the way the OS works where you don’t normally run as root, but sooner or later I guess that will happen here as well, then we’ll see 
You sure you got it the right way around? Last time I checked ( couple/few weeks ago ), I was able to use a hack fine under PB, but no under etpro.
There’s quite a few people playing on my servers/in my league that play from cafe’s, so having to be admin is a pretty big ‘piss-off’ requirement :(.
theres only been 2 hacks released that worked on etpro and that was on 2 of the major forums where all the hacks are released… yet they have all worked for more than a week before pb detected them and even the coders who right the cheats say etpro aic is farrr more effective than pb
I spoke with Bani yesterday and he’s fairly adamant that with the 3-0-1-testbugfix5, ETPro’s anticheat makes PB unnecessary. While there are still some features in PB like bad name filters and screenshots not available in ETPro, PB is in danger of turning way too many server admins off and finding themselves left in the lurch.
People are still being kicked from my servers even when they have admin on their pcs. Im seriously considering disabling pb on my pub servers.
Yes, somehow false positives which are indistinguishable from real violations are acceptable 
As far as I can tell, you cannot reasonably ban based on etpro AC output, because when a cheater report is later found to be a false positive, there is now way to tell which bans should be removed.
Why does PunkBuster now require players to run the game as an administrator under WinXP/2K?
Because some cheats/hacks cannot be detected otherwise.
Is there some way to modify my system configuration to be an administrator equivalent from PunkBuster’s perspective?
Yes. This can be accomplished by setting certain privileges for the user that will run the game. To do this, first temporarily log in as an Administrator. Then go to Control Panel => Administrative Tools => Local Security Policy. This will open up the Local Security setting window. Expand the Local Policies folder and select User Rights Assignment. This will bring up a list of security settings for the computer. You will need to add the user that will be launching the game to have the following privileges. If the user is logged while making changes, the user must be logged out and back in for the changes to take effect.
Debug Programs
Load and unload device drivers
Manage auditing and security log
Modify Firmware environment values
Profile Single Process
Take Ownership of Files or other objects
This is done by double clicking on the setting and then the “Add User or Group” button. You can either type the user or group name into the field or click on advanced to select from a list. If you select advanced, you may need to click on the “Object Types” button and make sure all 3 boxes are checked. Then click OK. Click on the “Find Now” button to generate a full list of all users and groups on the system. Highlight the user you want to add the rights to and click “OK”. Keep clicking “OK” untill you are back at the Local Security Settings window. Repeat this process for the rest of the list. That user will now be able to play on PB servers without getting kicked for “Inadequate O/S Privileges”.
