From 0ea5fc66924303d1bf73ba283a383e2aadee02f2 Mon Sep 17 00:00:00 2001 From: neodarz Date: Sat, 11 Aug 2018 20:21:34 +0200 Subject: Initial commit --- pipermail/nel/2001-December/000823.html | 103 ++++++++++++++++++++++++++++++++ 1 file changed, 103 insertions(+) create mode 100644 pipermail/nel/2001-December/000823.html (limited to 'pipermail/nel/2001-December/000823.html') diff --git a/pipermail/nel/2001-December/000823.html b/pipermail/nel/2001-December/000823.html new file mode 100644 index 00000000..db00119c --- /dev/null +++ b/pipermail/nel/2001-December/000823.html @@ -0,0 +1,103 @@ + + + + [Nel] open source MMORPG and hacks/cheats question (probablyoff topic) + + + + + + +

[Nel] open source MMORPG and hacks/cheats question (probablyoff topic)

+ Daniel Miller + miller@nevrax.com
+ Mon, 17 Dec 2001 12:07:37 +0100 +

+
+ +
At Nevrax our thoughts run as follows:
+
+Game clients are very easy to reverse engineer or hack on a PC.
+Server/ Client data packets are even easier to hack.
+
+We assume that whether the source code for the client is open or closed, it
+will inevitably be modified.
+
+The only way to avoid cheating is to take all game sensitive decisions
+server-side and to treat client as a kind of dumb terminal. This has
+implications throughout the game design.
+
+For instance, to avoid a hack from making invisible players visible, it is
+up to the servers not to transmit update information for invisible players
+to the clients. This means that invisible players can not make 3d-positional
+noises as this would give an exploitable piece of information.
+
+The front end servers clearly have to be robust too which means that all
+incoming data from the clients is treated with caution - packets containing
+invalid data are simply ignored.
+
+
+In a nutshell - we assume that servers are trustworthy and that clients are
+not.
+
+
+Daniel.
+
+-----Original Message-----
+From: nel-admin@nevrax.org [mailto:nel-admin@nevrax.org]On Behalf Of
+Vincent Caron
+Sent: Sunday, December 16, 2001 7:13 PM
+To: nel@nevrax.org
+Subject: Re: [Nel] open source MMORPG and hacks/cheats question
+(probablyoff topic)
+
+
+There's a bit more than the 'security through obscurity' debate in this
+question. It is actually more a question of trust, or if you prefer,
+_what_ or _who_ needs to be secured ? The game ? The player moves ? The
+server knowledge ?
+
+Eric S. Raymond (with a nice link to Carmack's tought about this) did a
+nice essay, back to the time where 'cheating drivers' (making walls
+transparent) were about to be unveiled for FPS games :
+
+http://www.tuxedo.org/~esr/writings/quake-cheats.html
+
+
+_______________________________________________
+Nel mailing list
+Nel@nevrax.org
+http://www.nevrax.org/mailman/listinfo.cgi/nel
+
+
+
+ + + + + +
+

+ -- cgit v1.2.1