[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Game idea....

To: linuxgames@sunsite.auc.dk
Subject: Re: Game idea....
From: Bert Peers <rat@larian.com>
Date: Thu, 08 Jul 1999 12:24:49 +0200
Reply-To: linuxgames@sunsite.auc.dk

Christian Reiniger wrote:

> Brad Johnson schrieb:
> > effort for it? I know it happens in Quake, but don't forget that Quake is one
> > of the most popular games around. I doubt the amount of people willing to
> > hack apart an open source Linux game to cheat will be very high.
> Depends. But IMHO we´re focusing too much on Quake-style games here.
> What about the UltimaOnline-style ones? How much can those be affected
> by cheating? There´s no noticeable benefit from fiddling around with the
> client-side display (well, you could save some torches, but that´s it)
> and both your player data and the world data are stored on the server...

Well, yeah, but remember how badly Diablo servers got h4x0red way back ?
That's a different story from merely getting an unfair edge over other players,
this involves exploiting holes in the protocol to effectively change what's
going on *on the server*...  Now ofcourse, this really *is* a different
topic, it's about server security etc, nothing different from making Apache
secure, but, the trick is that the proxies for Q2 are basically doing exactly
the same, albeit that "protocol exploit" is slightly differently interpreted
than usual...  so imho the problem is bigger than just "proxies doing the
aiming in FPSes", it's just as well possible that people make a proxy
for a RPG style C/S game that will transform a normally non existing
"impulse 10" style command into some funky sequence that suddenly
gives the player full mana again, *on the server* !...  And that's again
something that gets much easier with open source.
Even if the server is secure (may actually be easier with open source,
again see apache), you simply have the problem that as soon as any
checks, for reasons of efficiency, are done on the client, a proxy may
bypass them.  Is the client responsible for checking mana before
sending a RequestCastSpell (HeavyBoom) to the server ?  Well
a proxy would ofcourse just send that without checking anything.
Plenty of room to cheat in any kind of game as soon as the client
is not a dumb terminal.  Which it almost never is for reasons of
bandwidth, as pointed out..

Also, somebody said the problem is not that big, because not much people
will bother to hack their client..  I dunno about that.  There aren't really
that many hardcore Q1 Q2 players after all, and if you look at how many
of them play with the true original completely unmodified game, that % must
be an all time low...  There just might be more regular UO players than
Q'ers.. ?  If a hack was easy enough to apply ("unzip this in to ...") and
the edge clear enough, it wouldn't take long ... :(  Just look at the
number of pages cheatcodes and walkthroughs still take in game review
mags...

Some more cents :)
Bert
--

-=<Short Controlled Bursts>=-

Prev by Date: Re: Game idea....
Next by Date: Re: Game idea....
Prev by thread: Re: Game idea....
Next by thread: Re: Game idea....
Index(es):
- Date
- Thread