I think you're right about the cheating problem, and that I'd underestimated the needs of the game programming houses that do not want to run servers. Still, they need to solve the cheating problem. Maybe Slashdotters can design an architecture they can plug into and guarantee no cheats. Is this technologically possible? Also, a given game probably only needs to stay secure for a decade.
Yeah I wish that you could get one key per person/IP or person/mac address (not sure if that could be done). Then you have a revocation list problem for the keys of cheaters that need to be revoked.
Netrek does not have a large cheating problem. The true state of the game is known only to the server. Clients are given only the information that they would know. Clients use RSA keys to authenticate to the server. If a client is cracked, the client key can be quickly revoked and new clients distributed. If the clients are kept simple, several clients and keys could be distributed on a CD. Most clients would be under 100k. The art and graphics could be shared by all clients and take up the bulk of the CD. If anyone cracks one of the clients, its key can be revoked and there is no need to re-release a new CD. More clients, all randomly linked and encrypted on the disk, can be right there. The main thing is that the server only allows blessed clients to play, and only shares with any connection what it could know.
I have a separate rant about letting clients know information that they shouldn't, and about letting clients decide what the state of the game is; I will spare you.
Slashdot Mirror
Nod, they can already use your cell phone to spot your location. They love knowing where we all are. That's why I wear a hat lined with tinfoil. :)
I think you're right about the cheating problem, and that I'd underestimated the needs of the game programming houses that do not want to run servers. Still, they need to solve the cheating problem. Maybe Slashdotters can design an architecture they can plug into and guarantee no cheats. Is this technologically possible? Also, a given game probably only needs to stay secure for a decade.
Yeah I wish that you could get one key per person/IP or person/mac address (not sure if that could be done). Then you have a revocation list problem for the keys of cheaters that need to be revoked.
I have a separate rant about letting clients know information that they shouldn't, and about letting clients decide what the state of the game is; I will spare you.