Slashdot Mirror
QuakeForge And QuakeWorld Forever Merge
knghtbrd writes: "QuakeForge and QuakeWorld Forever, two of the largest projects based on Id Software's GPL'd Quake source, are teaming up to bring the world what we believe is the best Quake1 engine on the planet. The result for die-hard Quake players? QWF's cryptographic cheat prevention (which stop speed cheaters and auto-aimers cold) combined with QF's support for a zillion different operating systems. Here's a look at what can be expected along with press release. "
Wasn't it qwforever that had the story posted a while back about GPL violation (If not them, then who?)? What ever happened with that, does anybody know?
Communication is only possible between equals
http://www.quakesrc.org/security.txt : By Ender
- Issue: Client verification.
- Issue: Piggybacking.
- Solution: Checksum'ed Packets
- Issue: All of the above fail, thanks to the use of a few dozen crays..
Conclusion:QuakeWorld Forever uses a NetTrek style system of blessed binarys. That is, every official binary released by QuakeWorld Forever has embedded (in the most obscured way possible) a key. This symmetrical cipher is then used to encrypt, using GnuPG, the standard QuakeWorld connection challenge. If the server can decrypt and verify the challenge, the client is considered legit. A key generator is also provided for others to create their own binarys, for private games (eg, Clan or large LAN games). A CRC check of the binary is also employed, as the lightest possible security.
The first versions of the QWF software did use the above method, and for a time it worked. Due to some slackness with debug code and misuse of mallocs, one person DID suceed in extracting the key. However, a majority of cheats simply allowed the true client to connect, then after the initial connect verified the client proceeded to steal it's network connection to transmit altered data.
The current solution we are working towards is attached a integer hash of the packet data to each movement packet. However this is also subject to being faked. So, we employ Hack #1: At every client->server connection, whether a level change or initial connection, the server sends the client a unique random session key. This session key is then used to encrypt every packet, and the hash we transmit is the hash of this one packet. Because the key is per-session it is a fairly weak key for speed reasons, unlike the long challenge-key.
Actually, in truth, it is also possible that the server administrator might want other unverified clients to connect, for various reasons. One of the major disadvantages of the symmetrical cipher we use is that each server must have the same key as the client. Ergo, a new build of the server will require a new build of the client. This is why we intend to move towards a public key system once the merge with QuakeForge is complete. But to solve this problem, our next release will also include other anti-cheat methods designed by other engines. Most cheats current around are a simple case of the client lying to the server. Things such as speed-cheating can easily be fixed by simple sanity checks. The other cause of cheating is bugs, such as the timing bugs. Now, every piece of software has bugs, but any bug should eventually be fixed.
Between our blessed binary system, and simple sanity checking and bugfixes, OpenSource security methods are a viable alternative to closed source, as long as the SERVER is trusted. And we truely hope noone is lame enough to create a hacked server solely for the purpose of allowing themselves to win... Also new technology such as working bot detection methods will become avaliable and also have a place in such software.
Nothing exceeds the bounds of imagination.
(Added note: The reason for the long delay in public key systems can best be described by penpen, one of the people who wrote the majority of the security code:
We decided to use gnupg in our client. This was to save time and to make sure that it's actually as secure as it can be. The problem with this is that gnupg code is not written well for use as a library. This causes many problems. The most noticable are the fact we found it impossible to run things like RSA and ELGAMMAL pke algorithms. The gnupg people are apparently working on the gnupg to actually produce an Encryption library. Maybe once this is done the use of such algorithms will become a reality. Also we didn't use RSA because of the current patent on RSA in the US.)
Yes, I forgot my slashdot password...
== Ender, QuakeWorld Forever developer
Quake Standards Group President.
www.quakesrc.org
All files (exept for the work being done for the merge: it isn't ready yet) can be had from our downloads page. This includes the olde QuakeForge 0.1.1 release (source only), current CVS source snapshots, and Win32 binaries (both VC++ and Borland C++ 5.0 (?), but the latter is offsite). Anon Cvs accass can be had with:v sroot/quake login v sroot/quake co quakeforge
cvs -d:pserver:anonymous@cvs.quake.sourceforge.net:/c
no password
cvs -d:pserver:anonymous@cvs.quake.sourceforge.net:/c
As to cheat protection: Quakeforge currently has a speed cheat protection mechanism, and QWF has cryptographic protection (I don't know the link, sorry), that we will be ported to QF during the merge. I'm not sure how QWF implements it (though I believe it involves blessed binaries), but I do know that the exchanging of a secret that becomes part of the checksummed packet (but never transmitted) in a manner similar to APOP was discussed. With just this combination, almost all cheats will be rendered difficult if not impossible.
Some interesting features in that have been implemented in Quakeforge are the ability to separate out the game data directories and your game save directories which also results in being able to run the game from any directory once it's configured correctly, native ALSA 0.5.x sound support (Linux), lot's of GL eye candy, the speed cheat fix and lots and lots of bug fixes to both quakeworld and the original single player game.
Bill - aka taniwha
--
Leave others their otherness. -- Aratak
Sounds great! I hope the same thing happens to the Quake engine that has been happening to the Doom engine lately.
Anyone know if that annoying bug in GLQuake has been fixed, where whenever something happens to your status bar, the numbers quickly flip back and forth between the old value and the new value? Is it just me? That bug pretty much stopped me from playing GLQuake any more. Anyone else know what I'm talking about?
If a client is ever discovered to be cheating, it's key is revoked. The downside of this is that if one person manages to hack a client to cheat, everybody must get a new binary, otherwise they will not be able to play once the old key is revoked. So, though not bullet proof, hacked binaries are considered in the plan.
Bill - aka taniwha
--
Leave others their otherness. -- Aratak
Far as I know there is no build for win32. Plus you can't get a binary release (or at least a non-quake-fanatic like me can't find it). Someone prove me wrong here, on both counts if possible.
How we know is more important than what we know.
Try to keep up eh?
How we know is more important than what we know.
OffTopic:While certainly off-topic, I whole heartedly agree. I'm trying to get ahold of the script now to help write an alternative - if you are a PERL hacker, PLEASE email me! Bitchslaping trolls is one thing, bitchslaping people who moderate "poorly" (and only in Rob's judgement) is abusive.
OnTopic: If Quake 1 is now free software / open source, can it just be compiled for Win32, or does not still need the CD? I'd love to play it ( now that I have a machine capible of doing so) but am not much of a hacker - more of a good all around geek, but not a programmer really. How do I get the source, and how do I compile it? I'd like directions for both Win32, and Linux (Slackware 7.0).
Hey Rob, Thanks for that tarball!
"Going to war without France is like going deer hunting without your accordion." - Jed Babbin
Anyone have any technical details of the anti-cheat technology? I dug through the link and couldn't find anything (the link that promised "more details" didn't deliver).
--
Sometimes it's best to just let stupid people be stupid.
The source is found on quakeforge.net, or you can use their CVS. Of course, the merged tree talked about in the press release hasn't happened yet.
As for CDs:
No, you don't need a CD. However, you will need the shareware PAK file until openquartz ( on sourceforge) finishes its planned complete replacement. No, there's not much going on on the website, but the mailing list is active.
Jules
-- Any sufficiently advanced technology is indistinguishable from a perl script.
LionMan's right, we have one of the most powerful university computers in the UK, and it just outputs text from its calculations.
:)
Eyecandy isnt important while you're analysing your data.
You plot the graphs later
-Yarn - Rio Karma: Excellent
Oddly, reading through the description of the Encryption it seems that the plan is to use Twofish rather than a public key method. This may just be development lag (that URL points to beta code, I believe). There are good reasons for using assymetric rather than symmetric cryptography; I won't go into them here, however, since they're a little off-topic. Interested parties can mail me if they want to discuss the issues in more depth.
Ray Jones