Mods to the game.

[jorrit]

Originally posted by tangerine
What if the tag was encrypted ? Server would send a randomly generated public key, client would use it to encrypt the tag and send it to server. So the message that client sends to server is different each time it connects. And the tag could be updated with the updater every week.

This one would require cracking skills at machine-code level, hopefuly.

What prevents a client modder to just change this routine too and make sure the right encrypted tag is sent to the server? i.e. the client is Open Source. Any security that depends on the client doing something is no security at all because everything can be faked there. Only the server can do checks but the server can\'t trust ANYTHING the client does because the client can (in theory) fake everything.


Greetings,

[tangerine]

Because the modder doesn\'t have the tag and he can\'t sniff it from the network. He can sniff the encrypted tag, but the encryption key is different for each authentication so he can\'t simply send the sniffed encrypted tag. The real tag is hidden somewhere in compiled binary and you would have to crack it on machine code level.

Client can fake anything, but some fakes are much harder to do than other fakes.

[Vengeance]

Closed source programs and ones with encrypted registration keys are routinely hacked in a matter of days, even without the source.  I am surprised that anyone is still so naive as to think that security by obscurity is even worth considering, especially in an open source context.

As we see what people come up with for mods, we may try to build some kind of plugin architecture that allows people\'s mods to be independent of the main executables, so they are not overwritten by the updates.  It is hard to design that now, however, since we don\'t know what the mods of the future are. :-)  Also it is too much work to create such a system now--gotta get CB released asap!

- Venge

[tangerine]

Sure but that requires much higher knowledge level than to be able to build PS and know basic C++. I really doubt that Psybur would be able to hack into admin accounts, or fly around hydlaa, if PS was closed source

Commercial games get cracked fast but I don\'t really think that people able to crack machine code will waste their time with cracking PS at this moment. Is PS a target with importantce similar to, say, Windows XP ? But in the long run, it\'s probably pointless.

[Mage of Darkness]

hmmmm in other games ive seen them have a protection guard such as gunbound and some other game that i used to play and outa curiousity cause i cant understand computer talk well but couldnt something like that be put onto PS?

[Seytra]

Originally posted by lynx_lupo
*yawn*  Of course source mods are allowed, see the intro post for further explanation(what good is a mod if none will use it?). It\'s GPL...

This is what I said, actually: the clarification in this very thread is an expansion to the PS license that allows modding which the vanilla PS license on it\'s own in fact would forbid.
I\'ve even explained why it can do this despite all GPLness of the source.

@Encryption and compiled-source tags: This is totally against any GPLness of the source. If you cannot compile the source of PS and have it work exactly like the precompiled binaries, what good is it, really? If you start doing this, it\'s not GPL anymore, because the compiled version includes things that aren\'t released as source, which is required for the GPL. So if that is what the devs wanted, they wouldn\'t (or shouldn\'t) have picked the GPL in the first place. It\'s certainly not what I want.
Furthermore, do you actually think that it is hard to find the tag in the compiled binary? Even if it\'s encrypted in the binary, there will be someone who\'ll find it and spread the word. seriously, if you use this approach, it\'ll be even more damaging to the majority of players because

1) the source isn\'t there, making bugfixing / improvements impossible to be submitted by the players themselves, reducing quality and development speed while adding to dev workoad

2) it\'ll be harder to find flaws in the code that actually allow cheating, therefore a maybe smaller number of cheaters can go undetected for way longer and have more opportunities to cheat. A security flaw that isn\'t being known cannot be fixed. Opensource helps a great deal with that detection. (I don\'t trust closed-source software anymore because of this and malware reasons.)

I strongly believe that closing the source (or part of it) isn\'t the answer to any kind of problem.

Also, for the percieved missing interest of skilled ppl. in cracking PS: it only takes one single skilled person to invest some days (or maybe weeks) in doing this. If there are ppl. cheating just to gain crystals that aren\'t of use and that will have only a minor impact on CB money, don\'t you think that someone will be taking up the chellenge, just because it is there? This is, in fact, the motivation of a lot of crackers. Like climbing mountains: because it\'s there. No need for it, no real benefit other than having done it. There are way more than 100.000 registered accounts, you\'d think there will have been someone with enough knowledge. Maybe they haven\'t cheated because it was no challenge? As has been said: a clientside security algorithm must not rely on obscurity. It must be just as hard to circumvent it for the inventor of it as for someone who doesn\'t have access to any knowlegde of it. This is the only way to have security; everything else is just lying to oneself.

[tangerine]

You could save the time spent on writing your speach because nobody is going to do that. I am not in favor of this too, just speaking about it theoretically.


> a clientside security algorithm must not rely on obscurity.
> It must be just as hard to circumvent it for the inventor of it
>  as for someone who doesn\'t have access to any
> knowlegde of it. This is the only way to have security;
> everything else is just lying to oneself.

Heh, have you even thought about security in open source 3d games ? Securing a game is a bit different from securing a ftp server.  It is just not posible, practically.

[Seytra]

Originally posted by tangerine
You could save the time spent on writing your speach because nobody is going to do that. I am not in favor of this too, just speaking about it theoretically.

Well, I hope so, but I just wanted to make sure that everyone actually considering it knows what it\'s about IMO. Also, why are you posting theoretical arguments that you do not wish having an argument about?

Originally posted by tangerine
> a clientside security algorithm must not rely on obscurity.
> It must be just as hard to circumvent it for the inventor of it
>  as for someone who doesn\'t have access to any
> knowlegde of it. This is the only way to have security;
> everything else is just lying to oneself.

Heh, have you even thought about security in open source 3d games ? Securing a game is a bit different from securing a ftp server.  It is just not posible, practically.

Nah, it\'s not entirely different. You just need two brands of security, just as you need with email servers:

1) the classical one: preventing others from accessing restricted things like your account or other data. Other player\'s chars and admin stuff belongs to this. Same as FTP server

2) the SPAM/profiling security: basically automatically spotting unwanted behaviour, not actions, i.e., cheating, exploiting and modding to help with that.

While the first can be addressed by conventional means (encryption and good policies, perfectly possible in opensource), the second one is still in development. Still, there are a number of things that one can do, because cheating always is connected to typical observations: constantly better-than-average performance in a very limited set of things, typically beginning suddenly instead of improving at a natural rate. The system must learn to \"understand\" and \"deduce\". This will be done serverside but can be somewhat augmented (or better: made more easy) by designing the communication protocol appropriately. The client can fake anything, but it still is bound to the laws of the communication protocol. By sending only the info that is exactly required to the client or only allowing certain messages in specific contexts, the protocol can be \"hardened\", removing some opportunities for the cheater. It is, of course, an arms race, but so is every aspect of security. These things are also perfectly possible in opensource AFAICS.

[Adeli]

Regardless of what has been done, people will find a way to bypass it. There will be a few \'elite\' people who will be able to crack anything. And as Seytra correctly stated, they do it, just because they can. These \'elites\' are very skilled people and wouldn\'t even think of personal gain as a reward, like a true computer hacker, they challenge systems to beat them, not to mess up people\'s systems. It\'s the idiots that do the damage and give them a bad reputation. No prevention will ever hold up, it is pretty much pointless to include it, as anyone could find a way around anything with enough knowledge... You play multiplayer games, be prepared to deal with cheats... it\'s life...sadly.

I heard someone mention IP ban?? this is a BAD idea, who says they are even using their own IP? or that it\'s Static... mine for example is Dynamic, and I know people who ghost their IP.

It\'s like everything in life... what one creates, another can destroy.

[theRealGorbulas]

What\'s going to happen to the stuff that already has been modded. There are a few(not many) mods in the stuff linked to bellow in the sig. Aineko\'s stuff should have been put in a long time ago, but never has been. What mods have been patched in?
Give me a job or something. I had to abandon my user skinning support stuff, because it is too complicated and the code is too unstable(rapid changes). I also couldn\'t tell where to put some code because there aren\'t any skins in CVS, and I couldn\'t even tell if the server was telling the client what skin to use. The user selectable skin stuff might appear after CB is released, but maybe not.
I tried to start my own game, and I got three classes to init, but don\'t know what to do next. That stinks. I should figure out what I\'m doing first or bother someone into remaking Magic Carpet. That\'s a cool game, but it runs a little slow in DosBox.
My kernel is done compiling(again), and now I should have it all setup with Reiser4 and NBD so that I can convert my file system. I will stop writting now.

[tangerine]

> What mods have been patched in?

None I know about. Patching in mods that are adding features that are already in CB makes no sense.
And the CB gui code is entirely different from MB gui code. It was the choice of the mod authors to write code
that will be thrown out later.

CB does not support selectable skins. You have to modify the files.
And expect that next update might overwrite them.

[tangerine]

Your MB mods cannot be simply \"patched\" to CB code. CB uses entirely different widget library than MB. If you want your mods to work with CB, you have to rewrite them for CB.   Nobody will do this for you. And if you want your mods to be included in the official client, you have to ask some dev to get your CB code, review it and eventually commit it into cvs.

[icebr4kr]

Ok, I am glad Talad created this initiative as there is clearly a want for the ability to use non-cheating mods.

It is quite obvious we can\'t detect if the player is using mods, let alone if it is approved or not.  All cheat detection will be done on the server, and the network protocol will not allow the client to gain anything by faking messages (Paladin Jr will help detect speed-hacks).

That basically leaves mods that affect the display of things (something akin to Counter-Strike no-flashbang/smoke cheats) and automating user actions.  How will they be dealt with in an open-source environment?

[jorrit]

Originally posted by icebr4kr
Ok, I am glad Talad created this initiative as there is clearly a want for the ability to use non-cheating mods.

It is quite obvious we can\'t detect if the player is using mods, let alone if it is approved or not.  All cheat detection will be done on the server, and the network protocol will not allow the client to gain anything by faking messages (Paladin Jr will help detect speed-hacks).

That basically leaves mods that affect the display of things (something akin to Counter-Strike no-flashbang/smoke cheats) and automating user actions.  How will they be dealt with in an open-source environment?

If the modder is careful and tells nobody about his mod then it is not likely we\'ll ever be able to find that out. The only way we might find it out is if we somehow discover that the person is gaining skills (or whatever) faster then is normally possible. However, it is very hard to judge this as we don\'t really know what the upper limit of possible strength/whatever increase is. Of course if the gain is VERY out of proportion then we might possibly find out.

Greetings,

[theRealGorbulas]

I never said that I wanted to patch my MB stuff into CB. What do you mean by \"CB does not support selectable skins\"? Will everyone look the same?