I thought the latest version of baconbot had TTT specific hacks?
People will always find ways to hack in TT, it is the server owners job to prevent this as much as possible not just BKU's.
The only thing bbot does is show information that exists in the Lua environment of the player's gmod (ie. their client). The server sends this information to those clients. I'd hardly even call it a hack, it just shows what is there. TTT itself is as prudent as possible about sending clients info, like which players are traitor. Innocent players will not have that information anywhere, not even in their game's Lua state. So bbot can't just show that.
Instead, it uses information that gmod always sends to clients: the weapons someone carries. There is no reason to send this info to anyone except the player who is carrying those weapons, but gmod does this because it allows for more Lua scripting stuff. I have no way of preventing this. So bbot just checks every player's weapons to see if they're carrying a traitor weapon and then flags them. (Note that picking up a dropped traitor weapon as innocent will therefore wrongly flag you, and buying only radar/body armor will not flag you 'cause they aren't weapons. It is not foolproof.)
Bbot bypasses Scriptenforcer, and it can be bypassed primarily because VAC doesn't work. It doesn't work in gmod because if it did, then you couldn't load custom binary modules as addons, which are nice for scripting/sandbox/whatever. It's a fundamental conflict of interest between sandbox players/scripters (don't care about cheating) and competitive gamemodes (do care about cheating). This will never go away.
This is one of the very few valid reasons why a non-gmod version of TTT could be an improvement: I would have almost full control over what information goes where. And VAC would actually work. But before anyone asks: no, I'm not going to rebuild TTT as Source mod.
Author