How about if instead of all damage/movement/ammo/armor etc handled by the server what if the server just had a way of checking as the game was being played. then labeling someone as a cheater.
Well as far as I know all movement is already handled by the server (this is why on slow links you get an "ice skating" effect), the damage and everything has to go through the server anyways as the clients are not directly linked, so why can't the server correct the values?
I like your idea coupled with mine, you'd see everyone in a mad rush to frag the cheater:)
There really is no way at all to prevent hacked clients as long as the server trusts the clients.
Well thats what I'm talking about. Since the clients are open source why should the server trust all the clients? The server should rightly assume all clients are hacked.
The only way for the server not to trust the clients would be to offload everything to the server except inputs, which makes the client effectively just a remote viewer. Of course this is obviously impossible because it would render the game absolutely unplayable. Everything is "cheatable" basically, except the inputs.
Well, all the maps, skins, etc would be local, the client would be doing all graphics rendering. I'm not suggesting something like X where the entire graphics output is displayed over the network. More along the lines of IRC, where the server checks everything the client does and "allows" it to do operations, or disallows it to do operations (can't join a channel you're banned from, etc).
Such as, say you wan't to fire your shotgun at AC_QuakeWeenee but you don't have any shells left, server doesn't know you have a hacked client which gives you unlimited ammo however, but it doesn't matter, the server would keep track of the clients ammo, and would disallow it from firing (maybe not on the clients machine, but to everyone else, the cheater never fired).
As for damage, let the server deal that out too, I mean come on, this is what servers are FOR.
There's absolutely no reason why this stuff shouldn't be offloaded to the servers. If you only have to worry about cheat servers, then that decreases the overall amount of people that can possibly cheat, and if you find one, just switch servers.
I know this isn't perfect. Someone brought up the idea of hacking the client to make all enemies glow red regardless of lighting or other visual hacks, well sure you can do this, but it's a lot less then being able to increase your damage or give yourself unlimited ammo or such.
I was actually thinking about this some time ago and I concluded that the only way to have no one be able to cheat is with a closed-source system of checking.
You know I'm sitting here thinking about this and I don't think this is so.
That's one way to do it, however, another way would be to have all damage allocation from weapons, and all damage recieved to armor, health, etc, be done at the SERVER side and not the client. Offload all the cheatable stuff to the server, that way hacking the client is useless because the client isn't the one doing all the damage assessment.
I know this would totally break the Quake protocol and would require enormous rewrites to both the quake client and server, but it's doable, and you can keep everything open source, the only problem now is people having cheat servers.:)
It would probably increase lag aswell, as the client would have to check with the server to see if it was allowed to do anything (ie: walking [server wouldn't let client walk through walls], firing weapon [server would have to make sure client had enough ammo], etc.) but with broadband hitting almost everywhere now, maybe it won't be such a problem in the future.
This is interesting... Slashdot is encouraging citizens of other countries to try to affect decisions in nations not of their immediate concern.
While I don't even think it's a bad thing as we do it in so many other areas for good, (ie: Save the Rainforest, etc) I think you're quite farsighted. Not everyone who reads slashdot is from the states, and to say that they are would be complete arrogance.
Why should a Brazilian representative care about what some fool in New York thinks?
Because that "fool" just might be an expert on the subject.
Great, the rest of the world supports it, but his constituents just care about getting those damn strip miners out of their backyard.
What? I thought we were talking about government software choices here?
The CD-R tax story from a couple days ago also comes to mind. Non-canadians are probably signing it with something like "Toronto, Ontario" so that the petition people can say "this many canadians voted for it" and then the officials can reply, "there aren't even that many people in that city."
Or perhaps real Canadians like me who read slashdot every day see the story and find the link to the petition, (where, BTW, we'd never find elsewhere, good luck finding it through "conventional" sources) and signs it?
I'm all for the ideals behind the story, but I'm curious as to what influence a non-national has over a delegatory representative...
And who are you to say the submitter wasn't Brazilian? Or for that matter, that Brazilians don't read slashdot?
It would be nice if the code were available to be tampered with, fine-tuned, and "improved". It would also be nice if only "real" improvements - not quick'n'dirty shortcuts - were used in crunching the data. But how to tell?
Not as hard as you might think. Some people have already suggested these, so I'm just regurgitating, here's some ways:
1- Release most of the code except the part that sends data back to the server, this way people could optimize the rest and submit it to SETI themselves, SETI could check it, "bless" it with the rest of the code and release it.
2- Release all of the code except one part that could contrain an encryption key which would encrypt the output to the servers so people could optimize the code and submit it, SETI could test, bless, release, etc.
To maintain scientific integrity I think its understandable that some part(s) of the code must remain closed, so write that code into a atatic library and LGPL the client so people could submit their optimizations, SETI could therefore check ALL variants and "bless" them by linking the two and releasing the binary.
I'm trying to get over to their webcast, but it doesnt seem to want to let me play the "live audio" because I dont have the RA Plugin, which G2 Alpha for Linux doesnt include (and they have G2 Icons on the site). So why didnt they just set it up to launch the player instead of require the plugin? They're basically cutting out Linux users from hearing the launch of their Linux Distrib... This is odd..
I'm wondering if we should really be surprised by this or not? ZDNet has proven itself to be in MS's pocket many times in the past, and MSNBC, well, the MS isnt there just to make it look good.
The subversive way they're writing these articles, no links, no attribution to author, only taking the extreme points of view, etc. just makes me belive that they're trying to spin it all and make us all look like a bunch of jerks.
I saw many posts about this only being a Finding of Fact and not a verdic which were, rightly so, moderated up, and neither of these articles mentioned that. No mention about the moderation score of the quotes mentioned, or even the moderation scheme.
Its just a downplay spin, more FUD for the fire, but this time not about Linux, but its users and advocates. I suppose MS is taking the position that if you cant FUD off the product, FUD off the people who use it. I think we need to be very careful about this in the future.
First of all, I find it pretty interesting that they quoted the only paragraph that held them in any sort of positive light, a 200+ page Finding of Fact, and what does MS quote? One paragraph...
"We continue to be guided by the most basic American values: innovation, integrity, serving customers, partnership, quality, and giving back to the community." -- Bill Gates of Microsoft
I've never seen them innovate, they've shown no integrity, their customer service costs extra, the only partnerships they want is ones which make them money, and just exactly what have they given back to any sort of community?
Seeing that made me think of one we sang in school, and it goes a little something like this:
Joy to the world, the school burned down, And all the teachers are dead. The janitor is gone, We flushed him down the john. The principal is dead, We shot him in the head. oo-OOOOO-oo The School Burned Down.
While you are correct about having to click banner ads to get into MP3 sites being common, I think most MP3 trading doesnt happen on these sites. I know I use IRC for most of my MP3 needs and can usually find whatever I want within minutes on just one or two channels. Other then specifics, I trade with friends. The banner ad BS is precisely what keeps me FROM going to those sites. If I were BPI, I'd love these banner ad sites and go after the people who trade them freely...
"It has always been the case that piracy has links with pornographers and organised crime. What is most repellent about this is that it is likely to attract the younger user." -- Emma Fanning of BPI
Hrmm, so now by downloading mp3's you're a pornographer and part of the mob? heh. What exactly is she saying here? That crime bosses are luring new recruits into the family by offering them mp3's as candy? Thats pretty heavy. I think this is a really large smear/FUD campaign which is backfiring pretty badly. I'd hate to be part of BPI's PR crowd right now.
Slashdot Mirror
How about if instead of all damage/movement/ammo/armor etc handled by the server what if the server just had a way of checking as the game was being played. then labeling someone as a cheater.
:)
Well as far as I know all movement is already handled by the server (this is why on slow links you get an "ice skating" effect), the damage and everything has to go through the server anyways as the clients are not directly linked, so why can't the server correct the values?
I like your idea coupled with mine, you'd see everyone in a mad rush to frag the cheater
-- iCEBaLM
There really is no way at all to prevent hacked clients as long as the server trusts the clients.
Well thats what I'm talking about. Since the clients are open source why should the server trust all the clients? The server should rightly assume all clients are hacked.
The only way for the server not to trust the clients would be to offload everything to the server except inputs, which makes the client effectively just a remote viewer. Of course this is obviously impossible because it would render the game absolutely unplayable. Everything is "cheatable" basically, except the inputs.
Well, all the maps, skins, etc would be local, the client would be doing all graphics rendering. I'm not suggesting something like X where the entire graphics output is displayed over the network. More along the lines of IRC, where the server checks everything the client does and "allows" it to do operations, or disallows it to do operations (can't join a channel you're banned from, etc).
Such as, say you wan't to fire your shotgun at AC_QuakeWeenee but you don't have any shells left, server doesn't know you have a hacked client which gives you unlimited ammo however, but it doesn't matter, the server would keep track of the clients ammo, and would disallow it from firing (maybe not on the clients machine, but to everyone else, the cheater never fired).
As for damage, let the server deal that out too, I mean come on, this is what servers are FOR.
There's absolutely no reason why this stuff shouldn't be offloaded to the servers. If you only have to worry about cheat servers, then that decreases the overall amount of people that can possibly cheat, and if you find one, just switch servers.
I know this isn't perfect. Someone brought up the idea of hacking the client to make all enemies glow red regardless of lighting or other visual hacks, well sure you can do this, but it's a lot less then being able to increase your damage or give yourself unlimited ammo or such.
-- iCEBaLM
I was actually thinking about this some time ago and I concluded that the only way to have no one be able to cheat is with a closed-source system of checking.
:)
You know I'm sitting here thinking about this and I don't think this is so.
That's one way to do it, however, another way would be to have all damage allocation from weapons, and all damage recieved to armor, health, etc, be done at the SERVER side and not the client. Offload all the cheatable stuff to the server, that way hacking the client is useless because the client isn't the one doing all the damage assessment.
I know this would totally break the Quake protocol and would require enormous rewrites to both the quake client and server, but it's doable, and you can keep everything open source, the only problem now is people having cheat servers.
It would probably increase lag aswell, as the client would have to check with the server to see if it was allowed to do anything (ie: walking [server wouldn't let client walk through walls], firing weapon [server would have to make sure client had enough ammo], etc.) but with broadband hitting almost everywhere now, maybe it won't be such a problem in the future.
-- iCEBaLM
Anyone who would base their business on free software has got to be entirely insane.
Apache runs the majority of the web, Apache is free, Apache is stable.
IIS runs about 35% of the web, throwing a bunch of A's on port 80 crashes IIS, IIS costs a lot of money.
A programs price tag is no guage for its effectiveness. Never forget that.
-- iCEBaLM
Oh, and it seems like the submitter IS Brazilian, as his email address is in .br
-- iCEBaLM
This is interesting... Slashdot is encouraging citizens of other countries to try to affect decisions in nations not of their immediate concern.
While I don't even think it's a bad thing as we do it in so many other areas for good, (ie: Save the Rainforest, etc) I think you're quite farsighted. Not everyone who reads slashdot is from the states, and to say that they are would be complete arrogance.
Why should a Brazilian representative care about what some fool in New York thinks?
Because that "fool" just might be an expert on the subject.
Great, the rest of the world supports it, but his constituents just care about getting those damn strip miners out of their backyard.
What? I thought we were talking about government software choices here?
The CD-R tax story from a couple days ago also comes to mind. Non-canadians are probably signing it with something like "Toronto, Ontario" so that the petition people can say "this many canadians voted for it" and then the officials can reply, "there aren't even that many people in that city."
Or perhaps real Canadians like me who read slashdot every day see the story and find the link to the petition, (where, BTW, we'd never find elsewhere, good luck finding it through "conventional" sources) and signs it?
I'm all for the ideals behind the story, but I'm curious as to what influence a non-national has over a delegatory representative...
And who are you to say the submitter wasn't Brazilian? Or for that matter, that Brazilians don't read slashdot?
-- iCEBaLM
At least the email addresses aren't available now and I like that considering all the domains I host.
I suppose it better for you, but perhaps someone needs to contact a domain holder, good luck...
-- iCEBaLM
-- iCEBaLM
Hate to be a nationalist but how does the policy..Affect me as an American.
It doesn't, but not everyone who reads slashdot is american.
-- iCEBaLM, Proud Canadian
It would be nice if the code were available to be tampered with, fine-tuned, and "improved". It would also be nice if only "real" improvements - not quick'n'dirty shortcuts - were used in crunching the data. But how to tell?
Not as hard as you might think. Some people have already suggested these, so I'm just regurgitating, here's some ways:
1- Release most of the code except the part that sends data back to the server, this way people could optimize the rest and submit it to SETI themselves, SETI could check it, "bless" it with the rest of the code and release it.
2- Release all of the code except one part that could contrain an encryption key which would encrypt the output to the servers so people could optimize the code and submit it, SETI could test, bless, release, etc.
To maintain scientific integrity I think its understandable that some part(s) of the code must remain closed, so write that code into a atatic library and LGPL the client so people could submit their optimizations, SETI could therefore check ALL variants and "bless" them by linking the two and releasing the binary.
-- iCEBaLM
I'm trying to get over to their webcast, but it doesnt seem to want to let me play the "live audio" because I dont have the RA Plugin, which G2 Alpha for Linux doesnt include (and they have G2 Icons on the site). So why didnt they just set it up to launch the player instead of require the plugin? They're basically cutting out Linux users from hearing the launch of their Linux Distrib... This is odd..
-- iCEBaLM
160,000,000,000 * 1022 = 163,520,000,000,000 bits
163,520,000,000,000 / 8 = 20,440,000,000,000 bytes
20,440,000,000,000 / 1024 = 19,960,937,500 kbytes
19,960,937,500 / 1024 = 19,493,103.02734375 Mbytes
19,493,103.02734375 / 1024 = 19036.233425140381 Gbytes
19036.23342514038 / 1024 = 18.590071704239 Tbytes
That is some bandwidth on ONE FIBER....
-- iCEBaLM
I'm wondering if we should really be surprised by this or not? ZDNet has proven itself to be in MS's pocket many times in the past, and MSNBC, well, the MS isnt there just to make it look good.
The subversive way they're writing these articles, no links, no attribution to author, only taking the extreme points of view, etc. just makes me belive that they're trying to spin it all and make us all look like a bunch of jerks.
I saw many posts about this only being a Finding of Fact and not a verdic which were, rightly so, moderated up, and neither of these articles mentioned that. No mention about the moderation score of the quotes mentioned, or even the moderation scheme.
Its just a downplay spin, more FUD for the fire, but this time not about Linux, but its users and advocates. I suppose MS is taking the position that if you cant FUD off the product, FUD off the people who use it. I think we need to be very careful about this in the future.
-- iCEBaLM
First of all, I find it pretty interesting that they quoted the only paragraph that held them in any sort of positive light, a 200+ page Finding of Fact, and what does MS quote? One paragraph...
"We continue to be guided by the most basic American values: innovation, integrity, serving customers, partnership, quality, and giving back to the community." -- Bill Gates of Microsoft
I've never seen them innovate, they've shown no integrity, their customer service costs extra, the only partnerships they want is ones which make them money, and just exactly what have they given back to any sort of community?
-- iCEBaLM
Seeing that made me think of one we sang in school, and it goes a little something like this:
Joy to the world, the school burned down,
And all the teachers are dead.
The janitor is gone,
We flushed him down the john.
The principal is dead,
We shot him in the head.
oo-OOOOO-oo The School Burned Down.
-- iCEBaLM
While you are correct about having to click banner ads to get into MP3 sites being common, I think most MP3 trading doesnt happen on these sites. I know I use IRC for most of my MP3 needs and can usually find whatever I want within minutes on just one or two channels. Other then specifics, I trade with friends. The banner ad BS is precisely what keeps me FROM going to those sites. If I were BPI, I'd love these banner ad sites and go after the people who trade them freely...
-- iCEBaLM
"It has always been the case that piracy has links with pornographers and organised crime. What is most repellent about this is that it is likely to attract the younger user." -- Emma Fanning of BPI
Hrmm, so now by downloading mp3's you're a pornographer and part of the mob? heh. What exactly is she saying here? That crime bosses are luring new recruits into the family by offering them mp3's as candy? Thats pretty heavy. I think this is a really large smear/FUD campaign which is backfiring pretty badly. I'd hate to be part of BPI's PR crowd right now.
-- iCEBaLM
Why can't a supposedly futurist organization like The Planetary Society catch up the the 1990's and accept email submissions?
"You may submit your entry by email to tps.planetary.org. You must include the words Name
the Penguin Contest in the subject line."
Hope that helped...
-- iCEBaLM