aboutsummaryrefslogtreecommitdiff
path: root/pipermail/nel/2001-December/000823.html
blob: db00119cd2348ba4fd3ad849a9546e6276304f31 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
 <HEAD>
   <TITLE> [Nel] open source MMORPG and hacks/cheats question (probablyoff topic)</TITLE>
   <LINK REL="Index" HREF="index.html" >
   <LINK REL="made" HREF="mailto:miller%40nevrax.com">
   <LINK REL="Previous"  HREF="000822.html">
   <LINK REL="Next" HREF="000826.html">
 </HEAD>
 <BODY BGCOLOR="#ffffff">
   <H1>[Nel] open source MMORPG and hacks/cheats question (probablyoff topic)</H1>
    <B>Daniel Miller</B> 
    <A HREF="mailto:miller%40nevrax.com"
       TITLE="[Nel] open source MMORPG and hacks/cheats question (probablyoff topic)">miller@nevrax.com</A><BR>
    <I>Mon, 17 Dec 2001 12:07:37 +0100</I>
    <P><UL>
        <LI> Previous message: <A HREF="000822.html">[Nel] open source MMORPG and hacks/cheats question (probably
 off topic)</A></li>
        <LI> Next message: <A HREF="000826.html">[Nel] peer to peer ?</A></li>
         <LI> <B>Messages sorted by:</B> 
              <a href="date.html#823">[ date ]</a>
              <a href="thread.html#823">[ thread ]</a>
              <a href="subject.html#823">[ subject ]</a>
              <a href="author.html#823">[ author ]</a>
         </LI>
       </UL>
    <HR>  
<!--beginarticle-->
<PRE>At Nevrax our thoughts run as follows:

Game clients are very easy to reverse engineer or hack on a PC.
Server/ Client data packets are even easier to hack.

We assume that whether the source code for the client is open or closed, it
will inevitably be modified.

The only way to avoid cheating is to take all game sensitive decisions
server-side and to treat client as a kind of dumb terminal. This has
implications throughout the game design.

For instance, to avoid a hack from making invisible players visible, it is
up to the servers not to transmit update information for invisible players
to the clients. This means that invisible players can not make 3d-positional
noises as this would give an exploitable piece of information.

The front end servers clearly have to be robust too which means that all
incoming data from the clients is treated with caution - packets containing
invalid data are simply ignored.


In a nutshell - we assume that servers are trustworthy and that clients are
not.


Daniel.

-----Original Message-----
From: <A HREF="mailto:nel-admin@nevrax.org">nel-admin@nevrax.org</A> [mailto:<A HREF="mailto:nel-admin@nevrax.org">nel-admin@nevrax.org</A>]On Behalf Of
Vincent Caron
Sent: Sunday, December 16, 2001 7:13 PM
To: <A HREF="mailto:nel@nevrax.org">nel@nevrax.org</A>
Subject: Re: [Nel] open source MMORPG and hacks/cheats question
(probablyoff topic)


There's a bit more than the 'security through obscurity' debate in this
question. It is actually more a question of trust, or if you prefer,
_what_ or _who_ needs to be secured ? The game ? The player moves ? The
server knowledge ?

Eric S. Raymond (with a nice link to Carmack's tought about this) did a
nice essay, back to the time where 'cheating drivers' (making walls
transparent) were about to be unveiled for FPS games :

<A HREF="http://www.tuxedo.org/~esr/writings/quake-cheats.html">http://www.tuxedo.org/~esr/writings/quake-cheats.html</A>


_______________________________________________
Nel mailing list
<A HREF="mailto:Nel@nevrax.org">Nel@nevrax.org</A>
<A HREF="http://www.nevrax.org/mailman/listinfo.cgi/nel">http://www.nevrax.org/mailman/listinfo.cgi/nel</A>


</pre>




<!--endarticle-->
    <HR>
    <P><UL>
        <!--threads-->
	<LI> Previous message: <A HREF="000822.html">[Nel] open source MMORPG and hacks/cheats question (probably
 off topic)</A></li>
	<LI> Next message: <A HREF="000826.html">[Nel] peer to peer ?</A></li>
         <LI> <B>Messages sorted by:</B> 
              <a href="date.html#823">[ date ]</a>
              <a href="thread.html#823">[ thread ]</a>
              <a href="subject.html#823">[ subject ]</a>
              <a href="author.html#823">[ author ]</a>
         </LI>
       </UL>
</body></html>