Like I said, this would be one of many heuristics that can be used.
How about a cheat that allowed people to kill teammates? I'm sure Quake already checks for that (see John Carmacks comments), and anyways this type of option is a server side switch. The server (right now) knows who killed who and if somebody does this it would be easy to kick him/her out.
I mean, if someone had a cheat that exited a level, that wouldn't raise their score but it would really disrupt the game and suck, and have to be fixed. This can only be done by the person that has access to the server. A client hack for this would change the cheaters level (map) but not everybody elses, just because a client is modified doesn't mean that the server has been hacked.
Disruption of gameplay is the big one The problem you're trying to solve is more of spam/annoyance, that is a differnt problem from somebody cheating to try to get high scores. You don't need a hack to annoy other players, this happens all the time now. It happens over and over when I play Counter Strike (Half-Life mode) , when friendly fire is on, there are idiots that get a kick out of killing their teammates. In this case... You can't produce code to prevent stupidity(first law of User Interfaces) But you can ban by IP or serial number, like they do in Half-life.
Would it be easy for people to code in checks for the fake players into the auto-aiming clients?
Yes. If you set up transparent targets, the proxy could check for transparency and not bother itself with it. Also, how about "human" players just shooting the fake targets by accident ? Will they get kicked out ? I don't think this scheme solves the problem.
But first , let me point out that your example is a bit off. Player B doesn't need to download all of the players properties from the server , because the scheme is that the server knows and manages everybody's health. Also, the problem with skins, custom sounds, etc. is not related at all to the GPL Quake since you can do that with closed source version already. I think the current scheme is to simply ignore custom sounds/skins/etc and just use the standard ones, so that if you look like Barney you still look like a grunt to me:) [this is how it works in half-life]
Anyways, I think the general point you were trying to make (and very valid) is that waiting for the server to "approve" an action might take too long, and you're right. Unless we get really fast network connections, the only other way around this would be to use a hybrid approach hwere the server sortof trusts the clients, but then "audits" some players (randomly, or top players) and even if it let's actions go through (for speed) it might still reserve the right to analyse them and kick you out later. Once a cheater has been detected , his/her actions could be undone or simply ignored and the player is kicked out/banned from the server.
... to your scheme would be to only audit the "n" top players, because who cares if someone is cheating if they have a crappy score right ?
This would also allow the situation to have multiple servers with different levels of cheater prevention mechanisms. For example, the more bandwith you have the bigger the guarantee is that nobody is cheating (set n to "all"). For low bandwith situations n can be set low (1 , the best player) but you have less "assurance" that others are not cheating on that server.
I'm sure others can come up with many more simple heuristics to overcome the bandwith problem.
I think you missed the biggest point in his reply, which can be summarised by this quote;
Anytime you rely on the client exclusively to report valid values you shift trust into an untrusted space. The users machine is not trusted, so why does it suprise anyone that someone would cheat?
That's what need to be addressed here. Trusting client machines to tell you that RapTOR has killed lunaTic with a shotgun is not the right way to keep track of stuff in a distributed world.
You are making an assumption that the SETI@home protocol is very difficult to hack under a closed source model. However, if a decent programmer was intent on screwing up the SETI data, I'm sure she or him could do it very easily right now.
Again, data should be validated on the server. Why would you trust arbitrary packets coming anywhere from the internet and not check for their validity on the server ? We don't do this with the HTTP protocol, and we shouldn't do this with any protocol out there.
In the case of SETI a good dose of server side validation and encrypted password protection and authentication would be a much better solution than , "you can't break me because you don't know how I work".
This is probably not a good answer now (slow networks) but maybe a solution, when everybody has faster connection, is to basically have servers that don't trust clients ?
For example, if somebody make a modification that allows unlimitted ammo, a better place would be to move the keep_ammo_count:) code in the server , not the client.
Another example would be a modification that allowed invalid movement (ex: going through walls, running too fast, flying). This could be countered by the server monitoring movement and enforcing the proper laws of physics in the virtual world.
Anyways, I think there might be other alternatives that keep the whole thing Open Sourced. After all, this (hacked clients) is not a new problem nor one exclusive to online gaming.
Imagine if in your websites you relied on your JavaScript code to do all the data validation and integrity checks and you had none on the server side ! It's like letting a user validate his/her credict card and your server just going "no problem"...
Like I always tell my coworkers here when we do distributed apps, never trust the client (code that is), it can always get hacked or spoofed.
And I was very impressed at some of the features. The quality of the voice / sound output is not bad. And it is thiner and more lightweight than any other Wince device I've seen. However, it's still not as thin as my Palm V and is kindof longish for most pocket IMHO.
My biggest gripe as somebody mentioned before, is the darn Wince interface. The START menu has to go. The device I previewed had so many things in that menu it was very confusing.
The other thing I tough was neat was the scroller thingy on the side of it, very usefull. The problem I see with that is that in my Palm V there are no little gadgets on the sides, and that space is reserved for covers, pens and the likes. I really need this since I store my pen there and also I have a special cover for my Palm.
Another big problem is the speed of the thing. It just seem to draw very slow sometimes. Specially when running an app and popping up the darned START menu. Very , very slow.
Now imagine if this device was running another OS... the possibilities...
Just look around for the "Palm USB Kit". It's made by Palm and cost about $35-$45. I bought it online (don't remember which site tought).
Basically , it's an adapter for serial cradles that converts from serial to USB. It also has the software to upgrade the Palm Desktop to understand USB.
The only complaint I have about it is that the Palm Emulator (POSE) doesn't understand USB so I can't upload the freaking ROM from my Palm V !!!:(
Aside from that, it's a great product and works very well. I'm still waiting for better USB in Linux so I never have to boot Win98 (gack) anymore.
Yes, there are more Wince devices coming, just check this. Why would anybody bet the farm on a loosing product , I have no idea. Sometimes I think some companies would do anything (like loose money) just to partern with MS. This might just be an example of monopoly power in action, who knows ?
... is maps. I recently downloaded a map of NY subway and they routes where coded in greyscale. It was very difficult to distinguish between them, so I think color conveys a lot of information in this particular case.
There are other minor things like charts and games but I don't think they're that important (at least not to me), but maps is kind of hard to work around right now unless you heavily edit the map.
Did you just say voice recognition ??? Just why would you expect voice recognition to work well in a PDA when it barely works on a fully loaded PC ?!?!
Now this type of feature is obviously contradictory to the aforementioned Palm "Zen" philosophy...
... I love my Palm V and I could care less about color, but they have to do this to compete. Sooner or later the Wince devices are going to catch up in price, battery life and form factor/weight.
It's good that Palm is keeping up, and don't forget, this doesn't mean all new Palm models will be in color. I'm sure they'll still provide the old black & white Palms until color has been proven to be cheap enough.
... before *not* recommending it. Thinking that the Pepsi girl is annoying (aside from being a bit mean spirited) is not a good nor intelligent reason to see a movie.
BTW - I also saw Sleepy Hollow. I think Bicentenial man is a much, much better film. It might have tried to make you cry to hard, but it had a decent story and a lot of thought proviking ideas. Sleepy Hollow was a mess. After the third beheading I was hoping the hero would be the next victim, usually not a good sign. Oh, and the scenes with the horseman with his head on !!! ARGH ! Was he on drugs or what ?
Slashdot Mirror
BTW - I just got the RoadRunner service. What's the best/easiest Linux firewall out there ?
Basically I want something to cancel any incoming unsolicited traffic, and a log file showing me who's trying to hack in and how would be nice too.
Thanks
Like I said, this would be one of many heuristics that can be used.
...
How about a cheat that allowed people to kill teammates?
I'm sure Quake already checks for that (see John Carmacks comments), and anyways this type of option is a server side switch. The server (right now) knows who killed who and if somebody does this it would be easy to kick him/her out.
I mean, if someone had a cheat that exited a level, that wouldn't raise their score but it would really disrupt the game and suck, and have to be fixed.
This can only be done by the person that has access to the server. A client hack for this would change the cheaters level (map) but not everybody elses, just because a client is modified doesn't mean that the server has been hacked.
Disruption of gameplay is the big one
The problem you're trying to solve is more of spam/annoyance, that is a differnt problem from somebody cheating to try to get high scores. You don't need a hack to annoy other players, this happens all the time now. It happens over and over when I play Counter Strike (Half-Life mode) , when friendly fire is on, there are idiots that get a kick out of killing their teammates. In this case
You can't produce code to prevent stupidity(first law of User Interfaces)
But you can ban by IP or serial number, like they do in Half-life.
Would it be easy for people to code in checks for the fake players into the auto-aiming clients?
Yes. If you set up transparent targets, the proxy could check for transparency and not bother itself with it. Also, how about "human" players just shooting the fake targets by accident ? Will they get kicked out ? I don't think this scheme solves the problem.
But first , let me point out that your example is a bit off. Player B doesn't need to download all of the players properties from the server , because the scheme is that the server knows and manages everybody's health. Also, the problem with skins, custom sounds, etc. is not related at all to the GPL Quake since you can do that with closed source version already. I think the current scheme is to simply ignore custom sounds/skins/etc and just use the standard ones, so that if you look like Barney you still look like a grunt to me :) [this is how it works in half-life]
Anyways, I think the general point you were trying to make (and very valid) is that waiting for the server to "approve" an action might take too long, and you're right. Unless we get really fast network connections, the only other way around this would be to use a hybrid approach hwere the server sortof trusts the clients, but then "audits" some players (randomly, or top players) and even if it let's actions go through (for speed) it might still reserve the right to analyse them and kick you out later. Once a cheater has been detected , his/her actions could be undone or simply ignored and the player is kicked out/banned from the server.
... to your scheme would be to only audit the "n" top players, because who cares if someone is cheating if they have a crappy score right ?
This would also allow the situation to have multiple servers with different levels of cheater prevention mechanisms. For example, the more bandwith you have the bigger the guarantee is that nobody is cheating (set n to "all"). For low bandwith situations n can be set low (1 , the best player) but you have less "assurance" that others are not cheating on that server.
I'm sure others can come up with many more simple heuristics to overcome the bandwith problem.
Have you seen the size of the Quake binary ? This would really suck up bandwith !!!
I think you missed the biggest point in his reply, which can be summarised by this quote;
Anytime you rely on the client exclusively to report valid values you shift trust into an untrusted space. The users machine is not trusted, so why does it suprise anyone that someone would cheat?
That's what need to be addressed here. Trusting client machines to tell you that RapTOR has killed lunaTic with a shotgun is not the right way to keep track of stuff in a distributed world.
You are making an assumption that the SETI@home protocol is very difficult to hack under a closed source model. However, if a decent programmer was intent on screwing up the SETI data, I'm sure she or him could do it very easily right now.
Again, data should be validated on the server. Why would you trust arbitrary packets coming anywhere from the internet and not check for their validity on the server ? We don't do this with the HTTP protocol, and we shouldn't do this with any protocol out there.
In the case of SETI a good dose of server side validation and encrypted password protection and authentication would be a much better solution than , "you can't break me because you don't know how I work".
So what's to prevent the modified client from reporting the wrong binary checksum ? The solution is to remove validation from the client completely.
"proxy cheat" resulted in zero records found at blue's I'll look around the other gaming sites, I've never heard of that.
This is probably not a good answer now (slow networks) but maybe a solution, when everybody has faster connection, is to basically have servers that don't trust clients ?
:) code in the server , not the client.
For example, if somebody make a modification that allows unlimitted ammo, a better place would be to move the keep_ammo_count
Another example would be a modification that allowed invalid movement (ex: going through walls, running too fast, flying). This could be countered by the server monitoring movement and enforcing the proper laws of physics in the virtual world.
Anyways, I think there might be other alternatives that keep the whole thing Open Sourced. After all, this (hacked clients) is not a new problem nor one exclusive to online gaming.
Imagine if in your websites you relied on your JavaScript code to do all the data validation and integrity checks and you had none on the server side ! It's like letting a user validate his/her credict card and your server just going "no problem"...
Like I always tell my coworkers here when we do distributed apps, never trust the client (code that is), it can always get hacked or spoofed.
... is there more info on this ? I've never heard of this "episode".
Augusto
Mandrake would be more like Rogue , no ? :)
Absorbs the RedHat distro and looks better
Here's the link for this product : Palm USB Kit.
But look around, you can get a better deal elsewhere.
And I was very impressed at some of the features. The quality of the voice / sound output is not bad. And it is thiner and more lightweight than any other Wince device I've seen. However, it's still not as thin as my Palm V and is kindof longish for most pocket IMHO.
... the possibilities ...
My biggest gripe as somebody mentioned before, is the darn Wince interface. The START menu has to go. The device I previewed had so many things in that menu it was very confusing.
The other thing I tough was neat was the scroller thingy on the side of it, very usefull. The problem I see with that is that in my Palm V there are no little gadgets on the sides, and that space is reserved for covers, pens and the likes. I really need this since I store my pen there and also I have a special cover for my Palm.
Another big problem is the speed of the thing. It just seem to draw very slow sometimes. Specially when running an app and popping up the darned START menu. Very , very slow.
Now imagine if this device was running another OS
Just look around for the "Palm USB Kit". It's made by Palm and cost about $35-$45. I bought it online (don't remember which site tought).
:(
Basically , it's an adapter for serial cradles that converts from serial to USB. It also has the software to upgrade the Palm Desktop to understand USB.
The only complaint I have about it is that the Palm Emulator (POSE) doesn't understand USB so I can't upload the freaking ROM from my Palm V !!!
Aside from that, it's a great product and works very well. I'm still waiting for better USB in Linux so I never have to boot Win98 (gack) anymore.
Have you read the Fantastic Five ? Pretty cool comic, but is going to be canceled :(
Yes, there are more Wince devices coming, just check this.
Why would anybody bet the farm on a loosing product , I have no idea. Sometimes I think some companies would do anything (like loose money) just to partern with MS. This might just be an example of monopoly power in action, who knows ?
Too true
... is maps. I recently downloaded a map of NY subway and they routes where coded in greyscale. It was very difficult to distinguish between them, so I think color conveys a lot of information in this particular case.
There are other minor things like charts and games but I don't think they're that important (at least not to me), but maps is kind of hard to work around right now unless you heavily edit the map.
Did you just say voice recognition ???
...
Just why would you expect voice recognition to work well in a PDA when it barely works on a fully loaded PC ?!?!
Now this type of feature is obviously contradictory to the aforementioned Palm "Zen" philosophy
... I love my Palm V and I could care less about color, but they have to do this to compete. Sooner or later the Wince devices are going to catch up in price, battery life and form factor/weight.
It's good that Palm is keeping up, and don't forget, this doesn't mean all new Palm models will be in color. I'm sure they'll still provide the old black & white Palms until color has been proven to be cheap enough.
... but a modified quake 2.
... is allowed right now. I wonder where people are grabbing the code from, it doesn't seem to be available.
... before *not* recommending it. Thinking that the Pepsi girl is annoying (aside from being a bit mean spirited) is not a good nor intelligent reason to see a movie.
BTW - I also saw Sleepy Hollow. I think Bicentenial man is a much, much better film. It might have tried to make you cry to hard, but it had a decent story and a lot of thought proviking ideas.
Sleepy Hollow was a mess. After the third beheading I was hoping the hero would be the next victim, usually not a good sign. Oh, and the scenes with the horseman with his head on !!! ARGH ! Was he on drugs or what ?