Author Topic: Open Source=Bad?? (Read 1189 times)

Ankaret · « **on:** February 16, 2004, 08:40:38 am »

Well, if this game is Open Source, doesn\'t that mean that any hacker could just hop right in and screw us all over at any given moment, or am I wrong?? Isn\'t that why Valve isnt releasing HL2, because since someone stole it, its open?? Will there be any way for us to stop hacking/and account failures due to hackers when this game starts to become popular?? I really think it\'s great that we can contribute to this game, but I dont know if it will be worth it if stuff like that ends up happening. Does anyone know more about this?? Maybe Im just not thinking clearly.

Xandria · « **Reply #1 on:** February 16, 2004, 09:46:00 am »

About any decently good hacker knows how to decompile an executable and come up with the source code for a program; having access to the source up front only saves them a few hours of work. The effect of hacks on a gaming community seems to not be so much dependant on how often/bad the hacks are, but rather how long it takes for them to be prevented in the game (by patches and the like).

And don\'t listen to anything about that Valve/HL2 issue; there\'s way to much gossip and no facts. As of now, I don\'t think anyone outside of Valve and/or the alleged hacker know exactly what happened.

aineko · « **Reply #2 on:** February 16, 2004, 02:41:11 pm »

Since it is open source, the only thing you can trust is the server.

You can\'t put a some code in your client that does like myplayer->giveDiamond(1000); Althoug that would be nice :-)

Let\'s take another example: The dice.
It\'s not the client that says: aineko rolled a 6 sided die for a 4.
The client only tells the server that I want to roll a 6 sided die. The random function is implemented in the server. Therefor I can not cheat on it unless the server has a bug that allows to roll a 0. *hint hint*

If everything important is handled by the server and the server code is bug free, then this game is inhackable. No mather how much you reverse engineer.
Open source can be as secure as, if not even more secure than closed source. Take a look at windows and linux, what\'s more secure?

Deddarus · « **Reply #3 on:** February 16, 2004, 04:01:58 pm »

yeah the only form of major client/side hacking i encountered on the server i used to work on was due to the fact we had a client-side map !!!!

other considerations were unattended macroing of skills and a lil 3rd-party proggy known as speedhack... however these could have all been avoided by a better server/client setup

as for HL2 ... by all accounts they were way behind schedule when the code was leaked + they used the leak as a convenient excuse to postpone the release date

aineko · « **Reply #4 on:** February 16, 2004, 04:14:12 pm »

It looks like there are some lines of code in the PS server that looks for speedhacks (if you walk faster than allowed and so).

Axsyrus · « **Reply #5 on:** February 16, 2004, 04:24:23 pm »

yes, there is some sort of anti-cheat code in the server, it will look if your position has moved too fast, and if it did, it will.. dunno what it will do actually :P

Xalthar · « **Reply #6 on:** February 16, 2004, 05:12:34 pm »

The version I heard of the HL2 hacker issue was that micro$oft and their n00b outlook express \"griseprogrammering\" was the cause of all valve\'s trouble

hook · « **Reply #7 on:** February 19, 2004, 09:16:14 am »

open source security:
first of all, there\'s a few things that we have to make clear. open source is just the source (=programming) code to which anyone (or anyone under some restrictions) can look at, or use it. most programmes or games don\'t run directly from the source (code), you have to compile it (possible exceptions: things made in python, svg, and so on). you play a binary version of that programme, compiled for your structure and operating system, and sometimes even other dependancies (optional libraries, etc.). so, in the end run, everyone runs a binary, which is just as hard to tweak as the closed-source binary - i mean a binary\'s a binary :rolleyes:
hmm, have you ever wondered why so many servers run apache and mysql? both are open-sourced and i don\'t remember them having any more problems then some expensive MS server ms-sql or oracle, novell servers.
plus there\'s even a security benefit: since the code\'s open, the bugs are easier to be pinpointed and thus easier and faster fixed

of course the bugs are theoretically harder to be found in a closed source, but when they\'re found and exploited, the developers have a harder time pinpointing where the problem is.

so, i wouldn\'t just go around and freaking out, because i use something that\'s open source ...in fact, i\'m using (almost) only open-source applications and games, and i have to say that i had less problems then my brother on the same PC with windows

also, open source brings freedom: if you like what you see, you can just take that peice of code, or the whole code and tweak it to suit you or to make a new programme or game. of course you have to aknowledge the author of the original programme and (in most cases) license your code with the same license (free and open in most cases).

security in planeshift:
planeshift\'s (trying to be) made, so that even if you tweak your client, you won\'t be able to cheat (well, except probably if you hook up an AI system with the PS client ...but that\'d be possible even if it weren\'d open-sourced)
most importaint things are carried on on the server side, which is just as hard to hack as any server from a closed-source game.

...oh, and while we\'re at it ...try to hack your PS cleint ...or if you\'re very enthusiastic, try to hack the PS server

...you\'ll see how much \"easier\" it is

...i alow you even to use cheating apps and search the internet for PS server exploits ...have fun trying :]

in conclusion, i\'m pretty sure that cheating in PS or even hacking it is just as hard as any other MMORPG, just the bugs and holes are likely to be fixed sooner. plus it gives you freedom to tweak your client as you\'d like it - there\'s a few threads on how to tweak your character\'s look and how to tweak the look and feel of the GUI ...well, i don\'t see any harm in THAT :]

...just sit back, and enjoy your stay here at PS ...and if something bad happens, say it, and it\'ll get fixed :]

Deddarus · « **Reply #8 on:** February 19, 2004, 05:02:45 pm »

once consideration... what would happen in the event of a DDOS?

ie.

do u have any preventative measures (are there any?)

how would the host (fragnetics right?) react - do they have other organisations relying on the same line?

only bringing this up cos on my last server someone got banned and got revenge by getting some guy to DDOS us.... what followed was our host fineing us for exceeding bandwidth limits and suing us for compensation due to all the companies they host having poor service..... then of course we threatened to counter sue for their lack of server protection till they dropped it.... then we went after the guy that started it all cos we had info on his credit card fraud activities and, with co-operation from his isp, we gave his local police a nice neat case

woooah boy.. back on topic..... so yeah.. jus wondering... u guys got this 1 covered?

hook · « **Reply #9 on:** February 20, 2004, 12:04:56 am »

* wonders how much do DDOS attacks have to do with the openness of the source code * O_o

Deddarus · « **Reply #10 on:** February 20, 2004, 01:43:03 am »

nothing at all.... sorry yeah i went off-topic a bit but the talk of hackers etc in this thread just started me thinkin

Author Topic: Open Source=Bad?? (Read 1189 times)

Ankaret

Open Source=Bad??

Xandria

(No subject)

aineko

(No subject)

Deddarus

(No subject)

aineko

(No subject)

Axsyrus

(No subject)

Xalthar

(No subject)

hook

(No subject)

Deddarus

(No subject)

hook

(No subject)

Deddarus

(No subject)