Hacking & Cheating

[kinshadow]

With all the stuff that MMOGs are going through now-a-days, I was just wondering how (or if) the dev team is combating cheating in a OSS environment.  Beyond a \'trust you players\' system, do you just make the client as light as possible (i.e. just key-frame interpolation,etc.)?  How do you keep out Bots?

[Kiern]

More than likely bots will not be usable because the devs have made it clear they want more interaction than point-and-click

as for other cheats...I dont know how they would do that other than have many people patrolling the game making sure everything i s all good

[kinshadow]

Originally posted by Kiern
More than likely bots will not be usable because the devs have made it clear they want more interaction than point-and-click

Good point.  So what about macros?  Would it be better to allow a game facility for such activity instead waiting for someone to hack it in for personal gain?

[Cyonamie]

in a simple game like runescape macros would be a possibility.  planeshifto n the other hand, sure u could sit somewhere and attack somethin over and over, but the spawn times could be varied according to population of the server, adn the spawn point could vary, makin it hard to cheat in that way. manuevering thru planeshift with a macro is probably way outta the question, the graphics make it to hard to get an accurate map of the area nad teh get the computer to run thru it

[kinshadow]

Originally posted by Cyonamie
manuevering thru planeshift with a macro is probably way outta the question, the graphics make it to hard to get an accurate map of the area nad teh get the computer to run thru it

I was thinking more along the lines of spell/weapon combo macros or skill/money making macros.  Someone would still be piloting the char, but would be able to automate a feature (equip, cast, strike etc) faster than would normally be possible.

I was also thinking Bots wouldn\'t be that hard either.  Simply have another machine (or hacked client) running a char w/  a simple AI that just follows your main char.  If you need the bot you just \'say\' a command to it and it starts whacking a MOB or something.  You could even map hacked-up versions of PS\'s NPC\'s to a client.  As for graphics, etc...you don\'t have to deal with the GUI if you hack the client.  With it OSS, you simply grab the interfaces you want.

[cmhitman]

Personaly as a gamer, i feel that if you have the time and know how and are willing to do all that seemingly difficult crap just to cheat, hell let \'em do it, they\'ve earned it.
Its only those bastards that pass they\'re hacks around and make it so every tom dick and harry is mess\'n over a perfectly good game that i have to disagree with. Other than that go ahead all you cheaters hell by the time you do all the macro code and work out a good way to cheat, I\'ll probable already have done all that i want to do in the game and be bored.

[Jessyn]

Damn script kiddies.....

Too bad there is no legal way to cause hardware damage to ppl we catch cheating  8o

Jessyn

[Link]

Yes, they are script kiddies, one partially real hacker makes a hack for a game, then everyone downloads it and calls themselves hackers, it\'s real lame. Where is the fun in cheating?! You play games to have fun, but what fun is it if you start out at the top, or the whole world is wire frames?

[Vengeance]

I think cheats should, and will be, illegal and impossible.

Macros to \"train up\" or power level may be possible, but we will do whatever we can to detect and destroy these. :-)

- Venge

[Link]

The best defense is good honest players, and good honest mods, those two together will be able to spot cheaters, When someone does the same thing over and over,It\'s pretty obvious, in which case a player can call a mod and they can examine them and deal with them.

[Xolon]

Thanks to the 3D environment planeshift has, cheating would become very difficult. You would have to deal with not only the \'x\' and \'y\' coords, but also the \'z\'.
Using macros or bots will become a pain in the ass or even impossible

About cheating using faster casting, money makers etc. wont be the easiest thing aswell, as you wont download important data to your comp. which can alter your gameplay.

Unfortunatly each game has his cheaters, there just always there... but im sure the devs and all the PS fans will keep there eyes open for these kind of players..

-Xolon-

[Snodgrass]

I have often thought that a great way to tell if a system is being cracked is to flag the number of system control hits to the server.  A human can only hit complex commands so fast.  If the rate is unusually high it\'s probably due to a cracker.  Hackers build things, crackers take things apart.  

[Link]

No, it would most likely be niether a cracker or hacker, they don\'t deserve that title. It would most likely be a script kiddy with a key binder.

[kinshadow]

Originally posted by Snodgrass
If the rate is unusually high it\'s probably due to a cracker.  Hackers build things, crackers take things apart.  

Whatever,  I hate when security/integrity discussions degrade into that \'white-hat\' / \'black-hat\' / \'hacker\' / \'cracker\' crap.  Call it what you want, but the point is that a couple of k3wl d00ds can ruin a the game for a bunch of people.  For instance, in UO there was a cheat program (called UOX I think) that used packet pushing and DoS techniques to lag everything around themselves.  I fear that malicious behavior may end up being a major problem with the source available and the game being free (no consequences for getting caught... just make a new account).  I agree that most will be clueless \'script kiddies\', but that doesn\'t curtail the damage they can do.  Unfortunately, I guess the only way to gaurd against it is to keep one eye on the code and one eye on the logs.  Do what you can initially and fix what comes up when it comes up.

[Vengeance]

kinshadow you are right about how to combat it.

The other main way is the best way, imho, which is to design in immunity from malicious attacks from the beginning.  In a world where the source code is open, security through obfuscation (the main way commercial apps try to attain security) is impossible.  Instead, we must make things inherently secure, through features like a thin client.

Even with smart design, having peer review and just getting attacked are the only ways to do it.  Unlike commercial software, we can continue to improve the security indefinitely, just like Linux vs. Windows.

- Venge