Author |
Message |
CypherJF I gargle nitroglycerin
Gender: Joined: Aug 14 2003 Posts: 2582 Location: USA Offline
|
Posted: Wed Mar 23, 2005 10:05 pm Post subject: |
|
|
|
|
indeed -- nothing gets done unless TW needs it. :/ (or for general security of the game) _________________ Performance is often the art of cheating carefully. - James Gosling |
|
Back to top |
|
|
Mr Ekted Movie Geek
Gender: Joined: Feb 09 2004 Posts: 1379 Offline
|
Posted: Wed Mar 23, 2005 10:25 pm Post subject: |
|
|
|
|
I emailed Priit an ASM dump of code showing a bug in Cont 0.39pr3 months ago. No reply. _________________ 4,691 irradiated haggis! |
|
Back to top |
|
|
elux Newbie
Joined: Mar 20 2005 Posts: 8 Offline
|
Posted: Wed Mar 23, 2005 10:38 pm Post subject: |
|
|
|
|
It's not like Priit gets paid for subspace development, so you can't actually get mad at him for being busy with other things. It's entirely up to him if he decides to keep working on the client or not. However, I do think if he's decided to dump the project he should pass down the source code to yourself or someone else involved in continuum development. That will probably never happen though.
Peter |
|
Back to top |
|
|
Cyan~Fire I'll count you!
Age:36 Gender: Joined: Jul 14 2003 Posts: 4608 Location: A Dream Offline
|
Posted: Wed Mar 23, 2005 11:29 pm Post subject: |
|
|
|
|
I think you just discovered why we're a little ticked at him, elux. He's forced us all into a corner. _________________ This help is informational only. No representation is made or warranty given as to its content. User assumes all risk of use. Cyan~Fire assumes no responsibility for any loss or delay resulting from such use.
Wise men STILL seek Him. |
|
Back to top |
|
|
Mr Ekted Movie Geek
Gender: Joined: Feb 09 2004 Posts: 1379 Offline
|
Posted: Wed Mar 23, 2005 11:56 pm Post subject: |
|
|
|
|
Well, we (hosts) were not forced to use Cont. We can still all go back to VIE. |
|
Back to top |
|
|
CypherJF I gargle nitroglycerin
Gender: Joined: Aug 14 2003 Posts: 2582 Location: USA Offline
|
Posted: Thu Mar 24, 2005 12:14 am Post subject: |
|
|
|
|
Well if it wasn't for cheaters we could easily do so... |
|
Back to top |
|
|
Bak ?ls -s 0 in
Age:25 Gender: Joined: Jun 11 2004 Posts: 1826 Location: USA Offline
|
|
Back to top |
|
|
Grav@work Guest
Offline
|
Posted: Thu Mar 24, 2005 3:11 am Post subject: |
|
|
|
|
Security will be an issue but not one as severe and common, I believe, as that it will ... to be continued soon. |
|
Back to top |
|
|
Maverick
Age:39 Gender: Joined: Feb 26 2005 Posts: 1521 Location: The Netherlands Offline
|
Posted: Thu Mar 24, 2005 3:24 am Post subject: |
|
|
|
|
Mr Ekted wrote: | We can still all go back to VIE. |
VIE server is downloadable somewhere? _________________
|
|
Back to top |
|
|
Gravitron VIE Vet
Age:41 Gender: Joined: Aug 02 2002 Posts: 993 Location: Israel Offline
|
Posted: Thu Mar 24, 2005 4:17 am Post subject: |
|
|
|
|
Maverick wrote: | [..]
VIE server is downloadable somewhere? |
Sure, if you hack onto the PC of GS, MGB, divine or any of those other ppl who got it.
As I been saying, there will be cheating, of course, perhaps even a newer more difficult to detect one, but I doubt it will be of the proportions as Ekted say, as that it will utterly destroy the game.
The main problem with twister been inexperienced staff who were unable to block the cheaters from reentry (only sysop could, as *kill bans merely targeted the macID).
Now with BanG, and proper training, it wouldn't be that much of a problem.
And aside SVS zones, and even there, twister really is hard to put to practice without being detected.
Server side measures can also be put in place to prevent twister, anyway.
As for whatever new cheat if at all, if it become commonly spread, then it won't be a problem to disassemble it and find a way to stop it as well.
If it's not public, who's to say it's any different than nowdays (if there's a person who cheat with continuum, and do it smart, who can tell then? since continuum is considered 90% trusted hack-proof).
I sincerely believe that VIE can be made to work, and cheating on it can be coped with, if people who have the knowledge put their arm to working on patching it out.
The real reason I would find to object using VIE, would be due to the new features of continuum.
The lvzs are unsubstituteable for the proper functioning of some zones, not to mention 32bit GFX make for a nicer eye-candy and the extra tiles/bigger map are always nice to have as expansion of the designer's options.
For the SVS zones, this may prove less of a problem.
Ekted, lets continue this discussion in private.
Perhaps, unlike certain parties here, we can reach a concensus like mature adults. |
|
Back to top |
|
|
Bak ?ls -s 0 in
Age:25 Gender: Joined: Jun 11 2004 Posts: 1826 Location: USA Offline
|
Posted: Thu Mar 24, 2005 4:50 am Post subject: |
|
|
|
|
by using subspace all the issues of using an open protocol are put into play. Server side checks can do little unless you force the server to play a client for each player connected to the server (in effect the same problem as creating a new client). Even if you manage to pull that off and not kill the server's CPU, you can cheat by taking advantage of anything random in the game... spawns, damage, prizes in greens, you name it. Zones like EG won't be able to allow people to prize prox one out of 10000 greens since a realatively easy hack would be to "randomly" pick prox whenever the player feels like it.
Packets will be effectively unencrypted, so I could send the server anything I want or force my client to receive anything I want (making warping your guy around easy). |
|
Back to top |
|
|
Gravitron VIE Vet
Age:41 Gender: Joined: Aug 02 2002 Posts: 993 Location: Israel Offline
|
Posted: Thu Mar 24, 2005 8:14 am Post subject: |
|
|
|
|
*Watchgreen
EG is full of moderators, all sitting on their buttocks and abusing.
Maybe if they have a person suspected of abusing green prizing they will have something else to focus on other than prizing themselves and sniffing flag locations in an all-moderator-private-team.
Server side can detect twister, like it detect softice.
Server side can force players to download and run 1.35 client.
SubSpace is humans against humans, which also includes staff against cheaters.
About time staff be more privvy and trained to actually do good for their zone community, instead of just act as if they are the leet-messiah.
Thing is, as long as a cheat is done on a massive scale, and affect a certain aspect in an obvious way, then it WILL be caught. |
|
Back to top |
|
|
Cyan~Fire I'll count you!
Age:36 Gender: Joined: Jul 14 2003 Posts: 4608 Location: A Dream Offline
|
Posted: Thu Mar 24, 2005 11:11 am Post subject: |
|
|
|
|
Ugh. If I was staff, I certainly wouldn't want to *watchgreen players all day. |
|
Back to top |
|
|
Cerium Server Help Squatter
Age:41 Gender: Joined: Mar 05 2005 Posts: 807 Location: I will stab you. Offline
|
Posted: Thu Mar 24, 2005 11:41 am Post subject: |
|
|
|
|
Gravitron wrote: | *Watchgreen
EG is full of moderators, all sitting on their buttocks and abusing.
Maybe if they have a person suspected of abusing green prizing they will have something else to focus on other than prizing themselves and sniffing flag locations in an all-moderator-private-team.
Server side can detect twister, like it detect softice.
Server side can force players to download and run 1.35 client.
SubSpace is humans against humans, which also includes staff against cheaters.
About time staff be more privvy and trained to actually do good for their zone community, instead of just act as if they are the leet-messiah.
Thing is, as long as a cheat is done on a massive scale, and affect a certain aspect in an obvious way, then it WILL be caught. |
Grav... All those little security checks the server does relies on the client sending the correct info. the VIE protocol doesnt encrypt the packet IDs... so a cheat program could filter packets with very little effort, making server side detection of anything nothing more than overhead.
I dont like it any more than you do, but Continuum has done a lot for us simply by changing the method of encryption. If you argue this, youre just being dumb.
Secondly, if you think EG mods cheat, dont play there. Personally, Id rather have mods that just sat around periodicly abusing the *flag command than deal with a swarm of 13 year old pricks with twister. But to each his own...
Finally, the original VIE server is on the SS CD. And I know for a fact GS, MGB and divine werent the only three to buy it. |
|
Back to top |
|
|
Cerium Server Help Squatter
Age:41 Gender: Joined: Mar 05 2005 Posts: 807 Location: I will stab you. Offline
|
Posted: Thu Mar 24, 2005 11:44 am Post subject: |
|
|
|
|
Oh, and most randomization uses seeds, so technically the server _could_ tell which greens players should be getting |
|
Back to top |
|
|
Mr Ekted Movie Geek
Gender: Joined: Feb 09 2004 Posts: 1379 Offline
|
Posted: Thu Mar 24, 2005 12:08 pm Post subject: |
|
|
|
|
Cerium wrote: | Oh, and most randomization uses seeds, so technically the server _could_ tell which greens players should be getting |
Not so. All clients have different greens. I have proved it. Of course, this is only because greens were not implemented properly in the VIE client. |
|
Back to top |
|
|
Cerium Server Help Squatter
Age:41 Gender: Joined: Mar 05 2005 Posts: 807 Location: I will stab you. Offline
|
Posted: Thu Mar 24, 2005 12:45 pm Post subject: |
|
|
|
|
Oh... whoops.
Scratch that then. |
|
Back to top |
|
|
Gravitron VIE Vet
Age:41 Gender: Joined: Aug 02 2002 Posts: 993 Location: Israel Offline
|
Posted: Thu Mar 24, 2005 2:57 pm Post subject: |
|
|
|
|
They do?
I did notice that prizes and shrapnel are unsynched in continuum.
However, in VIE I could've sworn that prizes and shrapnels were synched, for the most part.
Like, if you pick cloak, and the other guy is also a cloaker, he also got cloak.
Turrets also shared prizes, and thus forth.
BTW, when I say original VIE, I mean one that has monitor, putfile and etc. working.
Why did you make me read that? Ugh.
*washes hands*
Never press the click here to view button again.
Last edited by Gravitron on Thu Mar 24, 2005 3:04 pm, edited 1 time in total |
|
Back to top |
|
|
CypherJF I gargle nitroglycerin
Gender: Joined: Aug 14 2003 Posts: 2582 Location: USA Offline
|
Posted: Thu Mar 24, 2005 3:03 pm Post subject: |
|
|
|
|
Yes, you can get a copy of the VIE subgame off of the SS CD - there is an ISO of it on SSDL.
Again, could go back to VIE but as I had said before, you give up all security . I could care less about LVZ honestly - zone's shouldn't be so dependent on it. :X
But, someone could also just make a new client and hax0r subgame again and make it work w/ theirs...
I know there are a ton of programmers on here who think their leet, but yet ... doesn't take the challenge to make a new client ? ... hmm I know I've tried it and didn't get very far w/ it .. though at the time I didn't really realize what I was getting myself into hehehe |
|
Back to top |
|
|
Gravitron VIE Vet
Age:41 Gender: Joined: Aug 02 2002 Posts: 993 Location: Israel Offline
|
Posted: Thu Mar 24, 2005 3:14 pm Post subject: |
|
|
|
|
Well, mods were put there to begin with for few reasons.
To help introduce newbies onto the game (Q&A).
Manage events (if at all) and proper flow of gameplay.
Bust the hammer on people breaking Jeff's rules (no racism, no cheating).
Nowdays, all they do most of the time is abuse powers out of bordom.
They NEED to start monitoring players around, keep them occupied.
Otherwise, you might as well just fire them, since everything is so "calm", or at the very least hack subgame and cut on their powers (or remove all mods, and put in a bot that will serve certain "staff" people as gateway to its commands, this way you can truely control what people can and cannnot access at which conditions and prevent abuse).
Instead of motivating them to abuse, it'll motivating them to seek out people who cheat to give them the excuse to execute their powers.
Still, with vigilant staff, I doubt people will be able to cheat without being caught (especially that nowdays all it takes is a ?Help and you have mods swarm all over the person scrutinizing him out before he is even aware of it...kind of hard to cheat/get away with it like that).
I know Aaerox could hack subgame like priit did to manipulate it in whatever way he wishes.
He did it to infantry's mini server...(also added a SQL DB -ala biller- to it, and rerouted the entire mod/smod/sysop system authority through it don't even need to enter a pw to login either you are approved and have powers or you're not) |
|
Back to top |
|
|
Mr Ekted Movie Geek
Gender: Joined: Feb 09 2004 Posts: 1379 Offline
|
Posted: Thu Mar 24, 2005 3:24 pm Post subject: |
|
|
|
|
Gravitron wrote: | They do?
I did notice that prizes and shrapnel are unsynched in continuum.
However, in VIE I could've sworn that prizes and shrapnels were synched, for the most part. |
Cont uses the same algo for greens as VIE. I have ripped the VIE ASM for greens to understand how they worked, and tested with 2 clients. The way it is designed, some of the greens will be the same and some will be different. This is not intentional. It's just the way timing and deaths are handled by the protocol.
I use to have screencaps of 2 VIE client radars taken at the same time to show how different the greens are, but I can't find it any more. The bottom line is: if you are an admin using *watchgreen and see a player gets prize that "wasn't there", do not assume they are cheating..unless there's a real abnormal frequency of it, or they get an abnormal distribution of certain types of greens. |
|
Back to top |
|
|
CypherJF I gargle nitroglycerin
Gender: Joined: Aug 14 2003 Posts: 2582 Location: USA Offline
|
Posted: Thu Mar 24, 2005 3:28 pm Post subject: |
|
|
|
|
So, all-in-all, there is no solid solution to determine if someone is cheating... :/ |
|
Back to top |
|
|
Mr Ekted Movie Geek
Gender: Joined: Feb 09 2004 Posts: 1379 Offline
|
Posted: Thu Mar 24, 2005 3:44 pm Post subject: |
|
|
|
|
Nope. Imagine if we had an open-sourced client. All you'd need to do is adjust bomb range by a few pixels when calculating prox. They would take 100's of points less damage, and there would be absolutely no way to detect it since all clients have a "different view of reality". |
|
Back to top |
|
|
Gravitron VIE Vet
Age:41 Gender: Joined: Aug 02 2002 Posts: 993 Location: Israel Offline
|
Posted: Thu Mar 24, 2005 3:59 pm Post subject: |
|
|
|
|
Who ever said ANY kind of cheating has ANY kind of a solid solution?
However, you are reffering to a completely different situation.
Greens that weren't there? I'm not even sure how to take that.
What we're talking about, plain cut, clean and simpe, people ordering specific prizes, and this is exactly what watchgreen was made for.
People who green super/shields/prox too frequently, have god-mode super/shields, l4 weps without flag, greening same prize (guns/bombs/nrg) or certain sequence inorder to get a full ship very fast, etc. things.
And that, an experienced mod would easily be able to follow up on.
And cheating really would only work in SVS zones.
Quite frankly, last I played with lag and what not, it was already there, I mean, you can't tell who IS and who ISNT cheating, so why even bother, heh. ;(
BTW Ekted, continuum protocol was broken and people are already doing that.
Or are they just having a shitty routing dropping packets like baudchaser said?
Who can tell...the devil?
I know I can't. |
|
Back to top |
|
|
Bak ?ls -s 0 in
Age:25 Gender: Joined: Jun 11 2004 Posts: 1826 Location: USA Offline
|
Posted: Thu Mar 24, 2005 4:18 pm Post subject: |
|
|
|
|
Quote: | Server side can detect twister, like it detect softice.
Server side can force players to download and run 1.35 client. |
No, the server can't do any of those. |
|
Back to top |
|
|
|