Slashdot Mirror
Using MAC Address to Uniquely Identify Computers
An anonymous reader writes "One of Australia's gaming networks, GamesArena has recently imposed a third party program required to access their gaming servers. One of it's features is that it records your NIC's MAC address to identify your computer, and subsequently in future, ban you if you cheat/break the rules etc. The response from players is mixed. It is not open source software, nor is it optional to install. "Install it or find another server to play on". Question remains, is it going too far?"
Definitely not- unfortunately it won't work since MACs are changable.
not banned anymore :D
What would Brian Boitano do?
Don't go telling the general public MAC addresses are changeable. If someone creates a program to easily do the change, we could have some major routing issues should people choose the same MAC addresses.
How can you change a MAC address other than by purchasing a new NIC?
1) Get your mac adress banned
2) Sell Network Card
3) Some one buys new card
4) They are banned
There will be plenty of second hand NICS for sale becuase of this. its a 1 2 3 profit plan.
It's all too easy. Figure out their IP, get their MAC, put it on your router, get banned, change your MAC back, enjoy your new unopposed domination.
Too many violations from that IP range? Ban the /24 it came from. Send back a "Too many cheaters from your ISP" error.
MACs are too easily changed, but then again, so are IP's. But considering most gamers have DSL with a static IP, an IP ban is a much better option.
I know that if i changed my network card then my MAC Address will change too, but can i change it or spoof it via any currently available windows based software ? i know that it is possible via *nix but this doesnt really help the gamers
any ideas how its possible ?
AJ
As if people whining on CounterStrike weren't bad enough, now we have to listing to 14 year olds complain about having to buy a new NIC every time they cheat online.
"It's hard to be a man when there's a gun in your hand"
...until the MAC address generators have gone through all the "MAC-space" of possible addresses...
Wireless APs like Linksys' already come with a web admin that lets you specify *any* MAC address, apparently to please some cable/adsl providers that measure traffic/authenticate (partly) based on this.
Why not provide a public key server and ask people to submit they public OpenPGP key, signe by P. Zimmermann himself ? Get your identity trusted by Z. or go play somewhere else... After all, this seems to imply they want "real" players!
Notepad specialist & FAT administrator, group training available
Not to sound like a troll, but I thought they the MAC address was burned in to the chips themselves? Thats that they always told us in College. Then again, I didn't go to a very reputable college. =D
There's really no need to change your MAC address.
They're violating the simple rule about never trusting the client. All you have to do is modify this third-party program to have it spit out a random MAC address each time and *poof* the system is worthless. You don't even have to change your MAC address. And since MAC addresses are only used at the Ethernet level, not at the [TCP|UDP]/IP level, it doesn't matter that the server thinks your MAC address is different than it is.
They've been trying this crap for years with cable modems. Until I got a router, I used to use two different machines, each with the same MAC address installed. Worked out great. It's easy to change, too. It's also let me on at friends' offices, where access is MAC controlled. We log on a machine, write down the address, shut it down, boot mine up, change the address, and log on.
Who does it stop? Honest people.
Who won't it stop? The same people hacking their games in the first place.
The power of accurate observation is commonly called cynicism by those who have not got it. - G.B. Shaw
ifconfig eth0 hw ether aa:dd:rr:ee:ss
Of course it's not open source; the last thing they want is users making changes to this program. Then it would be of no use to them.
-- Cheers!
Which MAC-address will the server see if I'm behind a firewall ? The one from my firewall, or the pc which I'm woking behind ?
I keep a fresh supply of token ring cards handy to swap out if the need arrises.
And im not joking:
http://gambit32.org/albums/other/aag.jpg
...once more and more hardwired IDs come out. In a year or two I wouldn't be surprised if PC ID software similar to this will extract IDs from video chipset, motherboard chipset, CPU, and hard drive, all invisibly and seamlessly. And although crackers will doubtless gleefully vomit out ways to spoof them all to allow criminals to run rampant, most nasties won't bother to use it all.
J.E.B.
Joshua Corps
No, it's not going too far. The game server admins can run the server however they choose fit. If you don't like the rules, don't use the server!
However, the majority of people don't know how to reset their MAC addresses. Also, as I believe to be true, some broadband providers specifically use MAC addresses to verify access. For instance, my Comcast cable modem does everything by MAC, so if I change my NIC in my machine, I need to power off/on the cable modem in order to get back through to the Internet. Although this is sort of a minor issue, some other ISPs may be more strict about MAC changes.
Overall, the admins figure they will cut out 99% of the hacking attempts as people would just go elsewhere, or once they did cheat, just wouldn't know how to change their MAC.
What happens if you are logged in via dial-up? Will it ban the MAC address of the box at the ISP that you're dialed in to? :)
NAT routers such as the Linksys range allow you to specify the MAC address from their web-based setup - ideal if your broadband provider insists on you registering (and limiting the number of) MAC addresses of all the machines going to connect.
I wonder what they'll do when they discover several simultaneous connections to the server (and sessions) from the same MAC?
The only thing you can accurately describe as "Scotch" is a sticky tape made by 3M. And it's
Does not the current IPv6 address allocation standard specify using your MAC address as the suffix portion of the IPv6 address? This is merely a taste of things to come if/when IPv6 becomes widely deployed, when your very IPv6 address can uniquely identify the hardware you are on (unless you use IPv6 NAT, of course.)
And yes, presently, you can probably change the MAC address of your system. However, once software vendors and DRM technologies and other things start locking themselves to your computer hardware, I suspect changing the MAC address would cause problems. The only thing this game company has to do is when the game is installed is to lock the licence to the present MAC address so it will not run with a changed IP address without a new licence.
Why would this be going too far? This is "just" a tracking mechanism for your MAC address, to make sure you've not been banned by this site. In my opinion, there are plenty of examples of going WAY too far with tracking mechanisms and other invasive software that is actually transferred to your computer... ala Kazaa, Morpheus, etc.
;-) )
You also have to admit that much of the population won't know how to change their NIC's MAC and/or won't want to go to the expense of buying a whole new NIC if they get banned (picture a 15-year old asking dad for a new NIC every week, for example), so it would be effective on some level.
Of course, I suppose that won't necessarily stop spammers who know how to use the holes... but what will stop spammers? (And can you let me know about it?
I think it's just another system that works, but has holes like any other.
- Proofs of Sturgeon's Law Delivered Daily -
here's how to change it for nt/2000
windows2000faq
-advanced tab in adapter properties
linux
eepro100 list
-ifconfig eth0 hwaddr ether 00:11:22:33:44:55
this is exactly why microsoft's registration process uses a lot more than just the mac address.
Nope, MAC addresses won't work. You'd have to have a unique number that's hard coded into something expensive. The Pentium III's CPUID feature would work. However, as much as I hate cheaters in my favorite games, I don't like an ID number open to abuse.
Quake III has recently enabled anti-cheat software called Punk Buster. It does a ban via your Quake III CD-Key, so you can't play on any Punk Buster enabled servers if you get banned. But with the game under $20 at BestBuy, I'm not sure if it will stop many of the problems.
Cthulhu Saves.
When I was involved with the initial deployment of DSL service in Canada, our customer ran into an interesting problem: many of the low-cost NICs that they shipped with the DSL modem had the same MAC.
Under most circumstances, this is seldom an issue since the NICs aren't likely to be deployed on the same network segment. However, when the MAC is used for other tracking services (in this case, a layer-2 NAT), you have a problem.
And of course, as others have said, most NICs permit the factory MAC to be overridden.
You have to change your network card? Is your username bound to one mac address? Or can I have lots of them? Really it doesn't matter. Companies like this won't ever catch on very big. With all the compaines out there right now giving you a free taste 1st(most don't even require registering) no one will pay the up front cost(even if it is time of install or time of registering). Like Balmer said, We can't beat free. If they want to implement this kinda stuff they have to offer a free service 1st to the people just to get them to consider their pay service. Then spin it by saying "are you tired of playing on our free servers with all the cheeters and annoying people?"
I would say it's rather fair.
This should encourage people not to use cheats which increases a fair game. I see no problem with that. It should make online gaming more fun.
And also if it can be used to track illegal copies. You should pay for the games. I have no problem with that either. A companie writes a game and should get payed for it.
Here I only mention two mayor problems with games and if extreme measures have to be taken for people not to cheat or even buy the game like they should do... why not. There is no law that says it's ok to screw others. Is there?
Privacy is terrorism.
"The response from players is mixed. It is not open source software, nor is it optional to install."
Neither is windows for playing many of todays top-selling titles. I want an outcry here but I don't see it. Is it because software not being open source does not matter to the average user or is it because people are too ignorant to care? It is funny to see an outcry when a company tries to stop actual cheating which spoils the game for all, instead of putting energy where it matters.
You can change the MAC address of the on-board nic in the BIOS on this motherboard. I'm sure there's plenty of others...
No Norm, those are your safety glasses; I'll wear my own thanks...
Why is this considered to affect anyone's rights? It is a private company setting conditions for use of its resources, same as if they were writing a license for people to use their software. They have an indisputable right to do this.
As the blurb says, find another server to play on. This is not like the government forcing everyone to submit to their dictates.
It only harms their business, no one else.
People should not fear their government. Governments should fear their people.
>If someone creates a program to easily do the change
what, like ifconfig?!
The following may be considered circumvention devices because they have no significant use other than to circumvent access control to copyrighted software update files:
Will I retire or break 10K?
>"...Question remains, is it going too far?" Definitely not-
Thanks for answering that one for us. Without your moral framework we would be lost in the chaotic hell of self determination.
Why stick up for big business?
I think PKI would be ideal for this purpose. MAC addresses obviously not. Maybe adding PKI code to games would even encourage people to buy a personal certificate. I never had a good reason to buy one but a cheater free CS-server is certainly worth it. They could even bundle games with Verisign certificate vouchers or something. If some people are worried about there privacy you could just create games certificates. Of course people should keep there private keys private.
The glass is half-full. With poison. And there are cracks in the glass. The dirty, dirty glass.
This is just as silly as gun control because it makes the assumption that you can pass "laws" that will stop people that, by their very definition, do not obey laws!
...cheat the protection.
Here, they're saying "we're going to introduce a software "lock" that will prevent you from cheating." Great. So the people who want to cheat in the game are going to (say it with me now)
Are the people who wrote this bit of client-side [*cough*] security really under the impression that MAC addresses are immutable? Perhaps they know damned well it isn't but was kinda hoping that nobody would tell their client? This has the earmark of an initiative by some dip in a suit who never bothered to consult a single knowledgable, technical person.
Whatever. It might take two days before a patch/spoofer is readily available for the habitual cheaters. All it has to do is spit out a fake MAC address when queried.
My
Limekiller
Can you here the disappointment in CmdrTaco's snippet? I'm surprised he bothered posting this article. Taco has already thought of this and realized that it won't work.
He's tried everything and he still can't shake the Trolls. Hell, even if he disables AC the Trolls login now.
This type of thing has been going around with most colleges that contain large networks. They use it to monitor your bandwidth and if it exceeds a certain amount they will disconnect you for a month (happened to someone I know, not a happy person upon this occuring).
This has been going on for a while, though without MAC addresses, a much simpler system. Most multiplayer games thesedays come with a CD-Key thats authenticated by a central server whenever you play a game. The CDkey usually has a unique ID strapped to it that is publically accessible by admins or players. You ban the ID, they cannot connect to the game without changing their CDkey (which means either buying a new copy or finding another cdkey that works online, neither are 'easy'). If MAC addresses can be changed, then as soon as a couple of like-minded gamers find out about that, you can count on their being a guide on how to do it for gamers eventually. The best way handle this is on both a MAC, and CDkey-ID level. Ban their MAC, and ban their ID, that will stop all but the most determined/knowledgable.
"What can a thoughtful man hope for mankind on Earth, given the experience of the past million years? Nothing." -Bokonon
It's actually because your cable modem router (unless it's connected directly by USB to your computer, it's not a modem -- it's a router, routing IP traffic over the cable xDSL link) has your old MAC address in the ARP cache, so it gets temporarily confused. Power-cycling clears out the cache. No magic tricks involved. ISPs simply can't know the MAC addresses on your network, unless they've hacked your router to give them some kind of inbound access to your network.
And ban the ~252 other potential hosts on that network?
You have to weigh the damage that a cheater is causing against the damage that loss of about two legitimate players on the same /24 would cause. If a fellow is making a big enough fool of himself, and the service isn't yet popular enough that a ban might cause a financially significant number of cancellations of service, a "Too many cheaters from your ISP" message may be warranted.
Will I retire or break 10K?
Call me crazy, but how, exactly, does ones MAC address end up being sent over anything but your local ethernet network?
Once that packet hits your internet gateway, the ethernet header containing your MAC is stripped, and an HDLC or FR packet is constructed from the ethernet payload and sent out over the WAN link.
Are they really embedding MAC addresses into the payload? This will only work if you actually have an ethernet card in your computer. So only those lucky enough to have broadband will be effected?
So have they come up with a foolproof way of detecting cheaters and people using hacks? Sure, there are client-side/server-side program combinations to identify the use of known cheats (see Half-Life) but if they start to let server admins or "regulars" report cheaters then this just isn't going to work. Even server admins will kick-ban people who aren't really cheating simply because the player is dominating. At the very least, they better be only identifying cheaters by detecting known programs or modifications.
On a related note, either Half-Life or the Counter-Strike mod will dump detected cheaters into a global database. This database is not being used for anything right now but it may be in the future.
Many ethernet drivers with this capability have an option for just this. For example, if you have a 3c918, click "configure" under network properties in win2k for that adapter. Select the "advanced" tab. On the left, you'll have an option called "network address" that's normally set to "Not Present". Change it to a specified value, and type in "DEADBEEFBABE" or whatever MAC address you want.
Bingo.
Black holes are where the Matrix raised SIGFPE
No, it's not going too far. The game server admins can run the server however they choose fit. If you don't like the rules, don't use the server!
Tell that to your local electric power company. What if the server company with the crappy policy is the exclusive server in your area for a particular game? Do they really want the loss of customers that a policy of "one strike and you buy a new network card, or a new computer if you have onboard networking and the MAC is hardwired" would cause? Do they want the badwill that would inevitably build up as accidental permanent bans force users to put up anti-that-server web sites?
Will I retire or break 10K?
They'll have the knowledge to change their MAC (or find it easily)
Cheat programs are inherently "underground" programs, wherease you can find MAC changing references everywhere.
And it won't be long before a hacked version of this client becomes available that doesn't even require you to change your local MAC, it'll just misreport it. So no issues with the cable modem provider.
retrorocket.o not found, launch anyway?
All this is going to far for my taste, they try to stop a social problem with non-working technical 'solutions'. After all games should be fun to play, but banning people will not be fun, so I think this is the wrong direction. Instead of banning people I would like to see a solution in the direction of a web-of-trust. A web-of-trust that rates players ability, there experience, there teamplayer, if they are cheater or not and things like that. So if somebody want to start a match he will not only be able to pick a random server, but instead pick one with players that are close to his abilities, so that the game will result in a fair play, instead of having a bunch of newcomers overrun by experienced players. There could be server that are locked and only accessible for players with a specific trust or ability level and things like that. After all I think that such a solution could result in more fun for the player, while cheater would probally have a harder time, since they would play mostly against other cheaters. This might not work for eSports and things like that where people play for money and where cheating is a considered a crime, but it should be enough for Joey Gamer who just wants to have fun.
The MAC is 48 bits, split in two, don't remember how many bits each part. One part is the manufacturer id, the other is the specific card, such as a sequential serial number. MACs are assigned when built, non-changeable, a truly unique card id.
However, you can tell the OS to report a different MAC. That's what "changing your MAC" means, it doesn't actually change the MAC on the card, but it changes what the OS reports.
This is also a good example of why Palladium and trusted computing can't have just any old OS running on a computer. DRM requires complete control, not just a little bit of special software.
Infuriate left and right
There's a big hullabaloo about this, but I met one of the guys writing this software (a close mate of mine did the interface / icons etc), and he was your regular average geek... Apart from recording your mac address, it's pretty good software. Seems better than gamespy that's fer sure, and has a built in irc client.
Personally I don't think the mac address recording is all that bad... Your average person who cares that it's recorded can change it easily, and your average 12 year old cheating 5||21p7 |1DD13 probably won't even know why he got banned...
Send lawyers, guns, and money!
Blue skies, Barthy Burgers, girls...
It's solid code of honor amongst Clans not to cheat. Anybody as dedicated to playing online action games would render his pasttime pointless by cheating. And if anyone found out you've cheated your way into Ladder position you'd get an extremely hard time (on and offline).
:-)
And when you're playing on a public server, cheaters are easyly identified by playing like crap and either scoring immediate kills once they actually *do* manage to hit or by simply not throwing the towel no matter how many times you flak them at point-blank. Both area mostly less than minor drags to a skilled player and have a somewhat funny aspect to it.
I've seen entire matches in UT (1st) where cheaters we're just plain ignored because of the simply fact their skill level (not trained by playing under real conditions) rendered them something more like 'moving obstacles' rather than actuall participants.
Anyhow, some one using more subtle cheats, such as see-through textures or so, can be anoying. Then on the other hand, if you're that good to know for shure that someone is using such a cheat, you'll be playing clan games most of the time anyway. And I haven't met a single Clan player cheating yet. At least none of mentionable Clans.
BTW: I once had a cheater on my team in a pub UT CTF match. I switched sides and telefragged him 'til he gave up and disconnected. That was fun.
We suffer more in our imagination than in reality. - Seneca
Like i dont have a spare Nic card
NIC's MAC address to identify your computer
Shouldn't that read "NIC's MAC address to identify your NIC"? And even then, it isn't fool proof as the MAC address can be changed...
-- Mike
Don't gamble...
Anything that makes it harder for people to gamble the better.
thank God the internet isn't a human right.
Yet again "anti-cheat" technology that just serves to infuriate real games, and is easily bypassed/defeated by the cheaters themselves
Now we all know that that cheating in online games is for the most part a Bad Thing (tm). We all remember the original Quake bots (my personal favorite was the StoogeBot) that required a certain measure of circumventing of built-in precautions. Generally when people were caught, they heard about it. Flames, kicks, bans, you name it.
Now we have issues of people using similar circumventions to get around copy protection instead of anti-cheating measures. I realize that this isn't exactly the same thing, but the two scenarios have a common theme: people using third-party software to use a product in a manner in which it was never intended.
What I find amusing is that generally (at least on Slashdot) the circumvention of copy protection is usually regarded as a Good Thing (tm), but becomes less desirable when it comes to games.
Could it be that third-party circumvention is a good thing as long as it doesn't negatively affect you?
"Ask not what your country can do for you." --John F. Kennedy
Since anything that runs on a client can be compromized (there is _no_ way to make sure this doesnt happen) the only real option for games is to just send pre rendered graphical images to the client which in turn sends back the client keystrokes. this is ofcourse way too bandwidth and serverside intensive to work with current technology, imagine doing this for a MMORPG with 60k users online simultaniously :) .. and even if you use this method the cheaters can respond by writing pattern-reqognition systems which still will be able to autoaim and such (although it raises the bar considerably).
it DOES remove the threat of wallhacks and clientside radars but a good game protocol shouldnt send information about things outside of the clients vision anyway.
K
-- gunzip-howto.tar.gz
But the whole argument for this particular program to be open source is really pointless because they've chosen to break the #1 rule of multiplayer programming: Never trust the client. So it really does not matter if it's open source or closed source; the protection will be broken very easily, either by a script kiddie with a very basic understanding of a MAC address, or by somone who can reverse-engineer the data sent between the client and server.
--LordKaT
I wonder how many people will change theirs to same as mine...
-- bartman
If they want something static, why go with MAC? They could just make an MD5 of some system specific info. That can't be easily tampered with. I'm not suggesting this, just making a statement :-)
Ok, that's the dumbest thing yet... You can fake IP's, everyone knows that... But, you can also fake MAC Addresses... HEll my LinkSys Router does it, Cisco's do it, and I'm sure most other devices like that do it too..... Besides, like mentioned earlier, you can always rewrite your frame generator to spoof or report and invalid MAC, ... this is all fairly easy to do, so why waste time doing this. I have already admin'd a Counter-Strike server, if someone wants in and wants to cheat bad enough, they will do it.. PERIOD!, no matter how hard you lock it down.. so quit the whinning and get back to kicking them.!!
a) tokens for which you must pay. Obvious drawback - who will pay?
b) tokens given by some central authority based on your real life ID (SSN or something) one token per customer. Obvious drawbacks - troublesome as hell, privacy issues.
Of course, if you're caught cheating/hacking, your token is revoked and
a) you have to pay for another one
b) you won't get another one, since you've already used your SSN.
I don't know if this is 'easy to implement', but sure is hard to get around.
PS. Whoever modded parent 'offtopic' is a moron - sorry, had to say that.
As stated about "changing the MAC" is really just having the OS report a different MAC than the one burned into the network card. However, is it not possible to query the physical card vs. the OS?
If they are doing it that way, then there won't be any cheating.
It is thier network, and they can take thier computers and "go home" if they wish.
Whether it's in the name of catching cheaters or catching terrorists, our freedom and autonomy are about to evaporate.
Yeah, this definitely won't work with my Sun IPX. (As if that's an issue...) Ever since I left it in the trunk of my car for an entire winter (a harsh one, at that - nary a night of temperatures above -10F did we see, and quite frequently it was much colder even than that), the NVRAM gets reset when the box is powered down. So now I get errors from the PROM at power-up, because my MAC address is ff:ff:ff:ff:ff:ff and my machine ID is also all 1's. So I have to write some Forth every time I boot up (the only bad part being that I have to do it at the console, and I don't have a serial console cable, so I have to lug out the behemoth 19" monitor that goes with it), in order to set my MAC address to something valid and to generate all the parity and checksums and whatnot.
For a bunch of reasons, but two to think about:
1) Many windows drivers let you put in arbitrary MAC's. Ban me? No prob, I'll change it to something else.
2) Many firewalls will let you do the same thing.
3) Ethernet cards cost what...a dollar or two at a used computer swap meet? If it comes down to it just keep a stack of 10.
It appears this is intended to catch people clever enough to cheat, but not clever enough to change their MAC address.
Another example of poorly contructed solutions to a badly defined problem.
You were mistaken. Which is odd, since memory shouldn't be a problem for you
But the MAC-method obviously isn't a viable solution. I was actually hoping that matters would turn out better with internet console gaming, but seeing that XBoxs and PS2s can me mod-chipped I'm not setting my expectations too high.
The only solution I came up with that might work better is making the first sign-in/subscription rather hard. For example by sending each player a letter by snail-mail with their sign-in code. Thus if you get banned you need days to sign in again.
But I don't think there is a technology solution, because basically everything on a home machine can be hacked. Be it the game itself or some driver.
I remember everyone accusing anyone that was any good of being a cheater two years ago. I heard it's worst now.
Now I am reading there are methods to ban players - Punk Buster and now this.
Just one problem:
Are we going to have courts? Evidence? Or are people to be banned based solely on the testimony of "Nadbuster "?
Hell, in real life, with professional law enforcement personnel, mistakes happen - even in CAPITAL CRIME trials.
Glad I only play online with friends now...
Robots are everywhere, and they eat old people's medicine for fuel.
Simple: if you are winning at Counter Strike despite a ping of 1,000+, then you must be cheating.
I mean, duh...
--- My dad's political betting
It is not open source software, nor is it optional to install.
If they're really interested in blocking cheaters, etc., how in the world could anyone see fit to question 1) why it is not open source, and 2) why it is not optional to install ? If it was either of these things, then 1) it would be trivial to alter the source to render the code useless, or 2) people just wouldn't install it and cheat anyways.
Agendas aside, people have to start using some common sense before whining about issues which make no sense.
Definitely not
Are you nuts? Of course its going to far!
If Google really cared they would fix Android Chrome to reflow text, instead of discriminating
No thanks about drawing commercial CAs into it. If a game publisher *was* to implement such a system, they would simply make themselves a CA and distribute their CA cert with the software. They *could* go so far as including a private key with each copy of the software, but costs would skyrocket if releasing en mass. The system I would envision here is that one purchases the game, gets online, and goes to the server and registers the CD-Key in exchange for having a private key signed. The advantages would, of course, be that the authentication mechanism is not prone to theft (i.e. the server being connected to never sees your important credentials, no vulnerable information is transmitted over the wire), and could be more enforceable (coming up with a keygen is one thing, trying to fake a 4096 bit key with signed certificate is another), provided the process for getting a certificate were sufficiently rigorous.
Hell, if the game was critically dependent on online functionality, you could let the game go free on the net and just sell CD-Keys. If any small projects want to try to make it big without the potentially crippling barrier to entry into mass distributers, this would be the way I would think... Stick it on Gnutella and let people *think* it is illegal to download and its popularity could be good...
XML is like violence. If it doesn't solve the problem, use more.
Comment removed based on user account deletion
That's what I would do if I were writing the software. Bwa ha ha ha, etc.
:wq
Well, that's two corrections so far, mea culpa it seems ... the cards we manufactured had the MAC in NVRAM, I suppose someone could have changed it, but I didn't think the OS ops actually did so for any cards. Mea culpa, eh, sorry about ass-u-me-ing something.
Infuriate left and right
Actually it does; in an ethernet frame. That's how your switch "learns" the mac addresses of all the NICs connected to it before you've run anything higher in the OSI model.
-ted
There are a few other problems with this software (it's called COGS) than just the fact that it can't really block dedicated cheaters. Sure, measures to block cheaters are fine, but this one went too far.
1. It's buggy as all hell, everytime I log on it downloads a new patch, and still doesn't always run properly. And this is after supposedly extensive testing.
2. It's unsecure, it transmits your username and password as get parameters for authentication.
3. Originally it was going to be released without Mac and Linux versions. (This has since been changed.)
4. It's basically trying to replace programs we already know and use. It has an in-built IRC client that automatically connects to the GameArena server (which we obviously already had), a server browser (we already had ServerQuery [serverquery.qgl.org] which is lightweight yet adequate, also GPLed) and even a web browser that opens the main GameArena site. All activities we had perfectly fine utilities for, yet someone has made a half-arsed effort to replace them.
Perhaps if it had been better executed we would have been a bit more accepting, but the amateur coding effort along with the draconian "use it or leave" policy has left a lot of gamers with a negative view of COGS.
Z
At the two cable ISP's that I've had experience with, they use the MAC address to do DHCP assignemnt. So if you change your MAC you wont get an IP.
I have been accused of cheating at CounterStrike more than once, and have been banned from the KGB servers for killing clan members too often (I guess) - but I NEVER cheat. People get bent out of shape when you kill them too frequently, they assume that if you are much better than they are that you must be cheating. Good grief. Fortunately there are a large number of good alternative servers out there - for these guys, I hope they are careful before they ban someone for being ACCUSED of cheating.
KK4SFV
e8johan wrote:
:)
> I want an outcry here but I don't see it. Is it
> because software not being open source does not
> matter to the average user or is it because people
> are too ignorant to care? It is funny to see an
> outcry when a company tries to stop actual
> cheating which spoils the game for all, instead of
> putting energy where it matters.
This is not just a little utility for sending a MAC address. It is a browser (based on Internet Explorer: grand champion of security holes), a chat program, a client for their gaming system, etc. It has access to the machine's MAC, its web cache, its web history, etc. We have their word that it is not spyware. Do you honestly trust some internet company to be telling the truth about piracy issues in this day and age? Especially when they are giving away the program and the gaming memberships? If the program were open source (impossible because of the IE componenents) we could tell for sure.
The program imposes two further restrictions:
1) If you want your money's worth, you are pretty much restricted to Windows. Yes, they have clients for Mac and Linux, but at a decreased experience. Granted Linux does not have that much in the way of commercial gaming (TransGaming, please fix), but the Mac does. Heck the makers of Everquest have even been mumbling something about a Mac version.
2) The MAC feature attempts to glue the account to a single machine. Say you are at your friend's house. Your friend has a completely legal setup, no warez or anything. You still can't log into your account and play because the MAC address is different. You could use your friend's account, but if you cheated, they wouldn't be able to use their account anymore (without changing their MAC or buying a new card).
Personally I prefer offline (especially console) gaming. I pay a lot for a game, and if I want to cheat, or access all the characters and features I paid for, I can. Besides, nothing online beats the cameraderie of having a real friend right there with you, laughing at all the silly stuff.
"Godzilla and Jaguar: Punch! Punch! Punch! Hit! Hit! Hit!
We die if they stop fighting for us."
Jet Jaguar Song, "Godzilla vs. Megalon"
I know all the unfortunate evils of Punk Buster, it's a lose-lose situation. Cheats were destroying my favorite Quake3 mod - Urban Terror. It's still optional for everyone, but if I don't install it I can't play on my favorite servers. I have been a fan of id software since the Wolf3D era, and if id ok's Punk Buster, I'm inclined to trust their decision.
Cthulhu Saves.
Gees what a load of typos. Guess I didn't get enough sleep these days. Been playing too much Kohan:IS and UT2003. Would've you guessed? :-)
We suffer more in our imagination than in reality. - Seneca
Set up a few computers with bots hacked onto them and have the clients send out increments of MAC addresses, until all of them have been marked as cheaters.
Once nobody can connect they wont be able to use the system anymore. Shouldnt take too long if a few people here help out.
-- 'The' Lord and Master Bitman On High, Master Of All
This sounds like a good application for GPG. Join a league, get your key signed, get on the "good list." Cheat (get caught cheating), and your public key is placed on the signed "bad list." Servers would "belong" to leagues by checking the league listings to authenticate users.
If you get on the bad list, you can make a new key, but you have to start from scratch paying dues or otherwise earning "member in good standing" status.
Thanks again Phil!
--- Nothing clever here: move along now...
There was once a very nice multiplayer games called NetTrek which also had a problem with cheaters on several servers (Due to the nature of the game, such clients were called Borg).
NetTrek addressed the problem of cheating on two levels. At a first level there were official, signed clients for different operating systems. So you had the source and could use your own localized or even borgified client in regular games, if you liked. But in order to participiate league games, you had to use their approved binary. That helped a little, but of course it would still be possible to write a borg client that parsed the X11 output of a signed binary and synthetized X11 events.
The other level at which NetTrek addressed the Borg problem was much smarter, though: The game server tried very hard not to send information to the client that the player should have no knowledge of. So one could borg an aimbot or other targetting helps, or write macroborgs that fire complicated predefined sequences of moves, but one could not reveal maps other otherwise gain more information than what was visible on screen anyway.
I'd like very much to hear what has become of the original NetTrek designers, and what modern games asre doing in order to prevent cheating. Are these techniques still useable?
Kristian
What's the big deal? If a private network doesn't want to let you in, why should they? A unique MAC addess is just another way of establishing who you are.
-- Slashdot: When Public Access TV Says "No"
How on earth can they ban me using my .Mac address form Apple? This just seems crazy. Well if they do I will just go get another one. -peel
> All you have to do is modify this third-party program to have it spit out a random MAC address each time and *poof* the system is worthless.
How about just not cheating at all?
I think their solution will reduce the number of medicore cheaters (ie, gamers who know nothing about computers), but it won't stop the geek of courses. But from their POV, isn't even a moderate reduction in cheating worth their time and effort even if some will find ways around it?
so if its always changeable why do places like ebay depend on this strategy to weed out fraud.. what are they incompetent?
Don't Tread on OpenSource
It seems people tend to confuse privacy with anonymity. Privacy means preventing others from getting information about you -- whether it's what kind of toothpaste you use or your SSN. Anonymity means preventing others from finding out who you are. The two are related, in that in practice they often go hand-in-hand. But they are distinct.
-Thomas
I'm using a PC.
For many people, being anonymous online means "I can do whatever I want" because there are no significant consequences for their misbehavior. To these people, I say: life is much nicer when you are nice to other people. Try it, you might be surprised.
-Thomas
Maybe there are some people that think that but I don't, and I didn't get the impression most of the posters do. These people have every right to ban cheaters anyway they can. But the fact of the matter is that this just won't work. It'll be childs play to defeat, and may well cause more inconvenience to random non-cheaters than the people they are trying to get rid of.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Friends don't let friends enable ecmascript.
Great. This is another way to get rid of those pesky, honest players and my enemies.
I'll just assume their MAC address, misbehave like hell. Their MAC gets banned, and I get rid of the losers.
Alone, I shall reign through spite and malice.
Stop the brainwash
Any self-respecting cheater will get around MAC checking without any trouble. But I sure wish someone could come up with a good method of blocking cheaters for real. They completely ruin the game. I can't even play online games any more.
It seems to me, though, that it should be possible to engineer a game such that it's not possible to cheat. You can't stop people from hacking the client, but you could make the server detect "impossible" things and shut down the offender. I.e., someone moving way too fast. You could also design the client/server protocol such that not enough information is ever sent to the client to allow bots to do things like aim weapons flawlessly, unless they are able to interpret visuals like a human.
Microsoft machines will tell you their MAC when you do a NBTSTAT on them. At least one ISP I know of blocks NetBIOS traffic because of uncontrolled file sharing, but I don't know how common that is.
I think it's more likely that the ISP is blocking NetBIOS traffic because of all the security problems associated with it, rather than file sharing.
Since the ifconfig man pages contain instructions on how to change MAC addresses and
Since changing the MAC address would allow a cheater to circumvent access controls
Then are the ifconfig man pages now illegal in the US under the DMCA?
They're not using ARP. You have to download a program that sends your MAC address to the server.
0 1 - just my two bits
Mod me as redundant if you must, but I don't see what to say since in the parent text, the comment was made that MACs were addressable. I just want to know how much money was spent on this "ingenius" idea; fees that will be passed on to the consumer.
For this example, 2k Under Network Connections, you is looking at conn props, click 'Configure' button under network card. Click 'Advanced' tab. Highlight 'Network Address'. Click radio button to set a value. Enter whatever you like. You can be MAC address #1 if you like. King of the World! Voila! You have new MAC addy. No regedit or nasty some such ways of BSOD. I hope I am not redundandant.
Moderation in All Things... Especially Moderation - gurutc
Ok, so I bet when you create the account, it registers your NIC address, meaning if you change your MAC address like so many people have mentioned, you will have to re-register. Chances are each time you register you need to use a different e-mail address. Man, that must really make cheaters buy hundreds of Hotmail accounts (sure they may use other free services, but c'mon, it's fun to toy with M$. admit it).
today is spelling optional day.
There's got to be some way to statistically detect cheaters, like watching some critical factors. For example, if someone is beating everyone else by 100 frags (or whatever equviliant you use for your particular game), then they MIGHT be cheating!? The credit card companies do this to detect credit fraud, and it's unusually good at picking out unusual activity. Dunno, might be computationally intensive, but a neat thing to look at.
The average script kiddy is not going to know how to use IPFILTER or IPTABLES to mask the MAC address of a card, or how to use the NIC software to edit it, or even how to use the Windows XP MAC-Bridge function to mask it.
The average script kiddy will get banned and either buy another NIC, or be gone for good. The people with the technical savvy to be able to clone a MAC addres do not, in my experience, cheat / cheat at the level of being banned. Either they (like myself) only play games recreationally or not at all, or they play it just with friends so they don't care about cheating.
I think this is an effective step in the right direction. If Valve implimented this on WON, the quality of the game Counter-Strike would increase massively.
heck, if these people are so bound and determined to track down cheaters and keep them out, they just need to have firmer rules on their user account creation... eg. maybe have users sign up with a non-anonymous email account (non-yahoo, hotmail, etc) and have the user respond from their "real" email... its not totally effective, but... most people wouldnt go to the trouble of having more than 3 real email accounts... and that way they can ban users and not mac addys... but in my opinion.. people stay away from cheaters anyway
They can ask anything they want, regardless if it makes sence or not. Its their stuff..
Now this does sound pretty stupid with the ease of chaning MAC addresses, but its their choice, as is your choice to use or not to use their services.
What next... dongles?
---- Booth was a patriot ----
It's not as difficult as you might think. It would be quite easy for a script kiddy to type "ifconfig eth0 hw ether 11:22:33:44:55:66" and many windows ethernet drivers include the option to change it in the device properties. All one has to do is open up the device settings and change the "Network Address", or Media Address, or whatever the people writing the driver want to call it. Not to mention most script kiddy would be able to google for all the above information to get around the ban. Granted this is highly dependent on your NIC and I'm sure not all of them would have one that makes it this easy, but I doubt they will give up that easily either. I don't think this would stop anyone. Well, maybe once 281,474,976,710,656 MAC addresses are banned.
I work tech support at a small liberal arts college, and we require all students to register their machines within three weeks of getting on campus. We then lock their ports to their MAC addresses. If you need to move or change your card you can re-register, usually the change goes through in a day. We did it to make it easier to detect and limit email worms. If we see it coming from some specified port we close it off and the flag passes to the techs. So far it's worked pretty well, often we get people coming to us complaining that "their Internet doesn't work," usually it's because they got Klez and we shut their port off. Decent alarm system, really.
No statement is true, not even this one.
I live in Mexico. Dynamic 256/128k DSL goes for about $49/month while Static 256/128k DSL goes for like $89/month. Static would be kind of cool, but not THAT cool.
Besides, there's a certain additional amount of anonymity that one achieves with dynamic IP. If you always come from the same IP it's much easier to track you. Not that coming from dynamic IPs protects you, but it at least adds one more step to figuring out who came from a given IP address on a given day/time. It will generally require the cooperation of your ISP.
That said, my IP address hasn't changed in months. Static IP for the price of dynamic. :)
Same reason why they need undercover cops, its because we have undercover criminal. If they have to become cheater to bust those stupid cheater, I say go with it! As long as no one show me that punkbuster send others stuff than game related info, I am all for it!
Amongst the many things that would make MSN broadband completely worthless (in my opinion) is its dsl modem that acts as a firewall and keeps you from playing games.
You wouldn't be able to change the MAC address with that modem unless you reverse engineered the firmware.
"FuckStar31337 is using a wireframe hack. Press K to cast your Kick Vote."
Sure, I could get booted out of games arbitrarily by assholes, but I wouldn't want to play with said assholes, anyway. Not that I've even played a game since about 1999...
This will never work.
I looked into this once and it is impossible. Because of ISP's like AOL, and the cable modem people, there is no way to authenticate any IP address. Their cache systems are so bad. I had a friend of mine on cable hit a test page, and the cable company accessed the data from a different IP address for EACH GRAPHIC, and dumped it into their cache, before sending it to my friend. I had 9 different IP addresses from one page request.
Not exactly a unique way of identifying someone.
http://www.ntfaq.com/Articles/Index.cfm?ArticleID= 23256.
If he's running OS X, he can use ifconfig to set his MAC (as mentioned by numerous people).
Gameranger may also have been blocking a parent IP or domain.
@home became Rogers Internet in Canada. On the main page they explain how to use a router to connect your connection to your PS2. How can they filter out whether your using a PS2 or another PC. In Canada, the modem holds the MAC address, simply leave the modem off for 5+ hours, it clears the memory, and you have a fresh start.
It is a source of constant amazement for what passes as news at /.
/. I stopped talking about 1995 technology in 1996.
Don't get me wrong. I love the dot but come on. Show a little integrity and don't insult your own audience's intelligence.
Oh wait. Every one fell for it! All these arguements over nic selling and mac changing and this and that. All pointless.
This issue was blown out of the water over SIX YEARS ago. When I was a fresh geek trying to get into networking everyone was going to manage on NICs. They learned quickly what a waste of time it was. This SP will learn that lesson as well. Geez look at TFC. It gives you a CD assigned ID. A little tougher to forge. But if they are gonna make you install software why not just use a GUID to generate a private key to identify the machine.
Get with it
I completely disagree about average joe cheater being able to know how to change his MAC address. I spent 6 years so far in online gameing community, and the average joe cheater is an idiot, generally not very savvy. Of course there is the smart Joe cheater that will eventually release a program that will change the mac address for you, but thats niether here nor there nor central to the argument.
Also the big thing this will do will stop a lot of college cheating (perhaps a lot is a strong set of words), because a lot of college students cant get on the network if they have a mac address otehr than the one they signed up with.
I know at the university of kansas if you want to get on the network with a diffrent computer (despite the fact that you paied for blanket access or so you think) you have to sign up for a new account (which is another 120 dollars) and getting your account switched over to a new computer is a headache beyond imagining, it involves multiple calls to our network administration offices, and a personal visit.
I think the MAC address, possibly couple with a hardware ID type system might be very plausible.
If you don't vote, you don't matter, so don't waste your time telling me your opinion
If that happens at the Game maker/developer level for example EPIC or ID, they better be prepared for me to sue their ass's. That or you better make dam sure your refund department changes its stance. If I pay $50 to play a Online game and then you ban my entire ISP, which in all likelyhood is the only broadband I can even get, you can be sure I'm going to sue you in small claims court. There is no way a company could get away with that.
Now if some individual running a game server wants to ban someone, thats up to them. But the game maker better stay well away from the issue.
BTW most gamers do NOT have static IP's.
If you wanna get rich, you know that payback is a bitch
If you use a NIC it probably means you have Broadband, Some carriers require you to register your NIC, and I'm pretty sure most of these are in Australia, so it isn't a simple matter of just changine your MAC because if you change it your Broadband will go down.
Must admit that this sounds better, altough I think I would prefer a third party as a CA. But that's just a gut feeling. Your suggestion just to sell CD-keys/certificates is actually quite nice. One could also image certificates with expire dates or certificates you can only use a predetermined number of times.
The glass is half-full. With poison. And there are cracks in the glass. The dirty, dirty glass.
As the software runs on the client machine, I don't think it matters if you have a hub that returns a different MAC, the software will still record the MAC of the machine you were on.
Of course, what will happen is a cracked version will be released that lets you specifiy the MAC you want to report in a config file.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
It's a game server. It's for playing a bloody game. If you don't like their rules, go and play on your own server. Personally I don't object to this, because if I want to play online games I want to be reasonably sure that the other players aren't cheating. This at least shows an attempt to stop the average wallhack Joe Lamer from fucking it up for everyone else.
Am I the only one that was wondering what the heck this story had to do with Macs and Apple? Damm, I feel so un1337.
I stole this Sig
my toshiba laptop has a reprogrammable mac address on it's network card!
I can spoof all I want.
Cheating as an art form
You were mistaken. Which is odd, since memory shouldn't be a problem for you
You can ban CD keys. Basically the only way around that is to buy a new copy of the game, which I doubt many people are willing to do.
Teh CD keys are also an effective anti-piracy measrure, and one that isn't bothersome to legit users. When you are using the game for local play, the CD key doesn't matter, it's never checked. When you play on the Internet, however, the CD key is authenticated.
When you first go to play multiplayer games, you client talks to the master server and lets it know what it's key is, the server chekcs and authenticates this against its list. Then, when you connect to a server the server checks your key, and asks the master if this is a legit key and if that key has authenticated. If not, the server refuses the connection.
Hence, you can ban a CD key, and be very certian that the person it belongs to has been completely banned. Things like key generators aren't effective because while they can know the algortihm used to make legit keys, the keyspace is huge and they have no way of knowing which are actually legit and which aren't.
So it ends up working out pretty nice for both parties. Bioware gets some copyprotection that there is actually a reason for srever owners to want to use.
Banning isn't the only reason they are implementing this. According to the FAQ,
"A major issue with [people finding/connecting through other gamebrowsers such as GameSpy, in-game-browsers, etc] is that users would frequently be playing on the GameArena servers whilst being almost totally unaware of the other services offered by GameArena, for example the files library, the ladders, GameCreate, the messageboards, and the statistics. "
I have a feeling that the real intention behind this is to make sure that their other services are promoted to people playing on their servers. I'm not going to argue if this is a good or bad thing, but I believe that it is the real reason behind the requirement.
Price, Quality, Time. Pick none. What, you thought you had a choice?
Q. How can I change my media access control (MAC) address under Windows NT 4.0?
c es\\Parameters.
A. Each network adapter card has a MAC address, which machines on local subnets use to talk to each other. MAC addresses are usually burned into the adapters during the manufacturing process. To overwrite a network adapter card's default MAC address, perform the following steps:
1. Start the registry editor (e.g., regedit.exe).
2. Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servi
3. From the Edit menu, select New - String Value.
4. Type a name of NetworkAddress, and press Enter.
5. Double-click the new value, and enter the adapter's new MAC value.
6. Click OK.
7. Close the registry editor.
8. Reboot the machine.
This makes me very happy- One should be able to deliver their cutting remarks and wage psychiological warfare upon the weak with one liners like "Yeah thats what your mom did last night, cock jocky."
That is the essence of multiplayer gaming, and any attempt to deprive us of that should be fought bitterly.
Call me dumb, but it seems to me people are overlooking the fact that this is a client software download and install. Perhaps the client software somehow records your MAC address at the time, and that is what is sent to their servers for authentication ever after. Perhaps they are aware of how easy it is to spoof a MAC address? So they could be generating an ID from the installation and initial connection to their servers, then stored on your machine inside their client. Change the MAC address any way you want (new nic, change direct, whatever), and they still know it's coming from you.
I'm not saying this is what they did, just wondering why everyone is so quick to assume they are smarter than they guys who designed this. Are you trusting their FAQ to give you COMPLETE details on how they are authenticating? Like a virus, once you let them install a game client, you are no longer in control. Still beatable, but the hassle of getting rid of the client completely (they could be writing files ANYWHERE once you let them install), combined with the fact that even if you succeed, you will have wiped out your client (and presumably therefore lose access to any history or scores on the servers), means this could be more effective than people are giving it credit for.
Spoofing MAC's is easy. I just wouldn't be so arrogantly sure that they've overlooked how simple it is to change a MAC address.
With all this talk about comparing MAC addresses and changing them or buying new cards, its easy to overloook to obvious method of circumventing the program...
Take the NIC out of the computer (who needs a network anyways?) and play over dialup!
Urgo: "I want to live. I want to experience the universe and I want to eat pie!"
Jack: "Who doesn't??"
...Come to think of it, that's probably why game companies already do just that... Ban by IP is a joke, ban by MAC isn't any better, Ban by CDKEY is practically the only thing you can do.
Of course there is the smart Joe cheater that will eventually release a program that will change the mac address for you, but thats niether here nor there nor central to the argument.
..and I go to a pretty large school that uses MAC addresses to authenticate client computers..but only when requesting an IP from the DHCP server. We all have static IP addresses, but they're assigned by a DHCP server that hands them out based on MAC addresses, if you statically assign one not in use to your computer, you'll get on fine and no one will probably notice for a good while, so long as you don't keep it on 24x7. I wouldn't be surprised of other colleges did something similar.
If there is a program that allows you to do it, then Joe Cheater *does* know how to do it, regardless of his knowledge of what goes on behind the scenes.
--- What
...nor is it optional to install. "Install it
or find another server to play on".
Doesn't the presence of the word 'or' in that sentence PROVE that it's optional?
Hmmm. Total set of possibilities is 365*365, or 133225 different combinations of two people with two birthdays. Of those 133225 possibilities, 365 of them involve the two people having the exact same birthday. So:
/365
133225
======
365 (unsurprisingly)
1/365 times, two people have the same birthday. I think the two person case is special because if x equals y, y must also equal x. The -1 is really familiar, but the brute forcing above just doesn't flesh it out.
--Dan
That's the tragedy of the commons. All it takes is one asshole to ruin it for everyone. The only solution is to regulate it, and the only way to regulate it online is to block ISPs of bad users, because ISPs are slightly harder to change than MAC addresses.
--
Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
Well no, it won't. If everyone uses DE:AD:BE:EF:BA:BE at a LAN party, then yes, things will break. If you're the only DE:AD:BE:EF:BA:BE on your segment, who cares. MAC addresses, by design, are only significant on the local LAN.
If someone (Telstra) ignores the RFCs and writes something that changes that, and it breaks their system (GameArena), then that's their own stupid fault.
I find your ideas intriguing and I wish to subscribe to your newsletter.
So long as you don't change things that break your local segment (ie: duplicate MACs), then you're fine - go for your life.
I find your ideas intriguing and I wish to subscribe to your newsletter.
Not really a valid comparision, since the power company and other utilities tend to be regulated.
Perhaps it was a bad comparison, but unregulated monopolies do exist. Look at the owner of any subsisting copyright or patent.
You're talking about two different things - what a game server admin can do legally, and what conduct the user community is going to accept.
They're not entirely different. If a game flops because of the behavior of the publisher's exclusive server provider, the publisher loses the money it invested in developing and marketing the game and creating the server infrastructure. If the publisher loses too much money, it has its hands tied legally (bankruptcy law).
It is legal for the admin to decide who gets to play, but you have to be careful not to alienate the userbase.
Really? If you're a big company, you reserve the exclusive right to run servers for a game that you publish, and running a server for a given game is no longer profitable, you shut down the game's server. You don't care about alienating a particular game's userbase because alienating the userbase boosts your bottom line, that is, unless the game's userbase decides not to buy your next game.
(oh, and any scheme which is built on trusted clients will be crackable)
Except in the USA, one of the world's largest markets for PC video games.
Will I retire or break 10K?
Basically how the system (called COGS, for "Complete Online Gaming System") works is: All the game servers have been moved behind a firewall. By default, it blocks all access to them.
When a user wants to play, they fire up the COGS client. They enter a username and password, and it authenticates them with the server. Server then punches a hole in the firewall for that IP. The client has to keep running - it keeps a connection open to the server, exchanging tokens every 5 minutes or so - or the firewall will close again.
While people are connected, the client uses a combination of username and MAC to identify them - so the same user can be logged in from more than one place at once - and the same MAC could be in use by 2 people. If people were to be banned using this system, it would be the username that was flagged - and other mechanisms would be used to make it hard for the troublesome users to get a new username/password.
Those mechanisms might use MAC addresses, but they are not expected to be perfect anyway - usernames and passwords can be given from one person to another, and it's supposed to be easy for new users to create themselves an account, so there is no real way to prevent cheaters from coming back. However, with some protective measures in place, the path of least resistance becomes, "go and annoy people on a different server," so we still get rid of the idiots.
In a completely unrelated point, most gamers who've taken the time to discuss the new system, hate it. The COGS client includes an irc client (hardwired to their irc server, which doesn't like other clients connecting to it), and all sorts of other "junk". But that's a different matter...
GameArena have also "done the right thing" by making 3 clients available: One for windows, one for linux, and one for MacOS. So, any OS that could run any of the games for which they provide servers, has a COGS client they can run.
(if you're wondering why I didn't post this comment earlier, well, I'm actually in Australia, one of the people who use the game servers in question, and I only just woke up :P)
My Linksys router can has an option to 'clone' - i presume spoof MAC addresses. Check it out, y'all .. its under the advanced tab.
These cards are not maintained by Donald anymore: /usr/src/linux/driver/net/8139too.c
> 8139too.c: A RealTek RTL-8139 Fast Ethernet driver > for Linux.
>
> Maintained by Jeff Garzik >
> Copyright 2000-2002 Jeff Garzik
I've got one of those cards, they work 100% fine.
Great, I can now win by getting all my opponents banned from the game server:
/usr/sbin/getmacuserbanned.sh
for i in $opponent_mac
do
ifconfig eth0 down
ifconfig eth0 hw ether $i
ifconfig eth0 up
done
Xix.
"Everything is adjustable, provided you have the right tools"
I'm not even going to comment on what I think of this document as a whole. It's not even worth that. However:
I'm sorry?? Some game developers are cool enough to release versions of their software that runs on other operating sytems, and we applaud that. They run a games server service and they encourage developers who only develop for windows? Sheesh!
Another one:
Um, I think I missed something here... they even say this:
Err.. "COGS reports and stores some information which is vital to the service." Riiight. I'm sorry, how is this not spyware?
It's bad enough that this is compulsary.. let alone that it reports back.
and, finally:
Oh, real technical language used there I see. I am wondering: Does this idiot actually know what he is talking about? It seriously looks like he's gone to a meeting with techies, played buzzword bingo with them and decided to write this article.
You have a sick, twisted mind. Please subscribe me to your newsletter.
Not that I expect [the release of a video game server daemon independently developed through reverse engineering] to ever happen for a sufficiently complex game
Then what's bnetd? It's a program licensed under GNU GPL that lets anybody set up a competitor to Battle.net service. However, assuming enforceability of shrinkwrap EULAs, the Blizzard EULA specifically prohibits users from running or connecting to bnetd-type services.
Will I retire or break 10K?
Many of them based on id software's engines, there are many games nowadays that use CD keys to prevent piracy. One of the first was Half Life, and unfortunately Half Life sold very well and used too simple a key... so it is relatively easy to 'generate' a valid Half Life key.
However, Quake 3 and related games have a CD Key system as well, and their keys are much more cryptographically secure. They have a legal keyspace in the trillions, making it very difficult to generate valid keys.
The system works. You can crack the game to make the key unnecessary, but you cannot crack all the Internet servers you could connect to. So a warez monkey can only play the game in single player or on a LAN, not on random Internet servers.
"I will trust Google to 'do no evil' until the founders no longer run it." Hello Alphabet.
Telstra are a massive behemoth. There is frequent talk of 800lb gorillas referring to the RIAA. Well, in Australia, Telstra is King Kong to that Gorilla.
They tried this sort of shit years ago, with Wireplay, Telstra's online gaming network. it died, because people weren't willing to use a proprietary client to access games that were free elsewhere. When said client was also sucking down its own bandwidth, u can see why it failed. Now that more and more people are broadband, looks like they are trying again.
Don't get me wrong, they have to make money out of their investment somehow, but I don't think this is the way yet.
Yay me!
All this talk about MAC Addresses and banning is a side issue. Many of us GameArena users don't want to be forced to use their client with built int web browser/server browser/IRC client/authentication client just to play on the servers.
;)
These are the only servers that don't count against Telstra's, (GA is a subsidiary of Telstra) 3GB bandwidth cap. So a simple 'go play on another server if you don't like it' is pretty rude to paying Telstra customers. We pay for the servers, (indirectly), and yet can't access them without using COGS.
The conspiracy theorists in this community are expecting banner ads, spyware, forced surveys, possibly even subscription fees, (GA used to be a WirePlay franchise), to all stem from this client.
And for us linux gamers, we did finally get an auth-only client so we can now reach the servers - and better than that we didnt get any of the bloatware the windows people got
Almost every game makes this same "mistake" but usually it's because there is too much processing going on to handle it all at the server. How many cheaterstrike servers do you think there would be if they decided at the server side what you can and cannot see, which would make the cheater drivers useless? A game whose server requires a quad xeon isn't going to go far.
Games trust the client (to a certain degree) because some of the processing must be offloaded.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Just to add to the list.
Netgear FA311 - immediate option to change as above.
Ditto the unknown model of Allied Telesyn card I have. (another 10/100) PCI.
and yes, the average person trying to cheat is going to have to have been semi savvy to get the cheats working. So they probably know a little.
They tried this trick at Cardiff University too. They INSISTED you use one particular model of network card. (strangely the one they sold)
They couldn't of course insist you bought it from them. So for my brother I found someone I knew with the nick, copied his so it'd be from Intel's range and just changed his AN other card to use it.
Unsurprisingly, never a problem.
Ditto at my uni. They controlled by MAC (that you supplied) but were almost impossible to get hold of if you ever needed to change it. When I upgraded my machine I simply told it to use said old MAC.
Then had them both on one network at home because I forgot. Whoops.
A law that cannot be enforced because too many people refuse to observe it is probably a bad law, and should be amended.
Most dashslotters know that you can easily change the MAC address of a computer (PC, Macintosh, Sun ...) quite easily. If the "third party software" in question gets round the changes that something like ifconfig can make, well somebody will "reverse engineer" the software and distribute a patch.
The "MAC-based ban" mechanism will fail.
IANAOGP, but I think that the game server needs to be changed, to make it harder to break the rules, rather than trying to punish those who break them.
If you want to stop people from driving their cars too fast in a residential area, what do you do?
Modify the environment sufficiently, and people won't tryto cheat, because the extra effort won't be worth the marginal gain.