Recent testing revealed that Arch Linux, Pop!_OS, and even Nobara Linux, which is maintained by a single developer, all outstripped Windows for the performance crown on Windows-native games. The testing was run at the high-end of quality settings, and Valve's Proton was used to run Windows games on Linux.
And that definition depends on how you define “benefitting the user”. If someone has an online match ruined by a hacker, I’d argue that they would have benefitted from the game running some kind of anticheat.
Do we define user as the singular individual person? Or do we consider the user as a collective, and factor in the larger benefit to the masses? It could even be argued that the people running cheats are the ones running malware (specifically, malware that targets the other users in the match) and should therefore be treated the same way we treat people who use more traditional viruses and trojans at the detriment to others. The same way you wouldn’t want some virus-ridden machine connecting to your home network, (you’d probably want everyone to at least be running a basic virus scanner and have common sense when browsing,) you would want everyone in the game running anticheat to ensure there is no malware.
Very few people would say that it’s okay to waste others’ time and computer resources on a bitcoin miner trojan… Most people would (correctly) determine that it is theft. But then when it comes to online games, the same people feel entitled to waste other peoples’ time and computer resources by ruining their matches.
If your security relies on software in the control of the end user you have a problem.
That’s largely a corporate decision that is out of the hands of the programmers. Generally speaking, security specialists would agree with you. But running anticheat on the server costs server resources, which means you need more servers to accommodate the same number of players. Running it client-side is a cost cutting measure mandated by the corporate bean counters who did the math and concluded it’d be cheaper for the company to spend the users’ computer resources instead.
While I agree that client-side security isn’t the best solution, it’s certainly better than no solution. It’s the same argument people have against self-driving cars. The self-driving cars don’t need to be perfect; They just need to be better than the average driver. If they can reduce the number and severity of accidents that are currently happening without them, then they should be implemented. Even if the solution isn’t perfect. Because an imperfect solution is better than doing nothing at all.
You’re right and it’s a pragmatic approach to the problem. They only need broad technical effectiveness to change user behaviour.
I’d argue that it’s not strictly cost cutting but cost transferring. The total client resources most likely exceed that which would be needed on servers.