gamedevlists-general Mailing List for gamedev (Page 71)
Brought to you by:
vexxed72
Menu
▾
▴
gamedevlists-general — List for discussing general game development issues
You can subscribe to this list here.
| 2001 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(3) |
Oct
(28) |
Nov
(13) |
Dec
(168) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2002 |
Jan
(51) |
Feb
(16) |
Mar
(29) |
Apr
(3) |
May
(24) |
Jun
(25) |
Jul
(43) |
Aug
(18) |
Sep
(41) |
Oct
(16) |
Nov
(37) |
Dec
(208) |
| 2003 |
Jan
(82) |
Feb
(89) |
Mar
(54) |
Apr
(75) |
May
(78) |
Jun
(141) |
Jul
(47) |
Aug
(7) |
Sep
(3) |
Oct
(16) |
Nov
(50) |
Dec
(213) |
| 2004 |
Jan
(76) |
Feb
(76) |
Mar
(23) |
Apr
(30) |
May
(14) |
Jun
(37) |
Jul
(64) |
Aug
(29) |
Sep
(25) |
Oct
(26) |
Nov
(1) |
Dec
(10) |
| 2005 |
Jan
(9) |
Feb
(3) |
Mar
|
Apr
|
May
(11) |
Jun
|
Jul
(39) |
Aug
(1) |
Sep
(1) |
Oct
(4) |
Nov
|
Dec
|
| 2006 |
Jan
(24) |
Feb
(18) |
Mar
(9) |
Apr
|
May
|
Jun
|
Jul
(14) |
Aug
(29) |
Sep
(2) |
Oct
(5) |
Nov
(4) |
Dec
|
| 2007 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(11) |
Sep
(9) |
Oct
(5) |
Nov
(4) |
Dec
|
| 2008 |
Jan
|
Feb
|
Mar
|
Apr
(1) |
May
(34) |
Jun
|
Jul
(9) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(4) |
| 2016 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(1) |
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Colin F. <cp...@ea...> - 2002-10-31 17:18:52
|
2002 October 31st Thursday I wanted to summarize some of the things I learned about cell phone development over the past few days -- because almost everyone who reads this list will eventually have a cell phone, and some basic facts about cell phone carriers may greatly influence the experience you have with your cell phone. PHONE MODELS, CARRIERS, AND PROGRAMMING ENVIRONMENTS: ===================================================== A given phone model (e.g., Motorola T720, ... ) for a given carrier (e.g., AT&T, Verizon, ... ) executes a single type of code (e.g., J2ME, BREW, ... ). If you get a contract with Verizon, and you choose the Motorola T720, the phone executes BREW only. If you get a contract with AT&T, and you choose the Motorola T720, the phone executes J2ME only. It's critical to note that if you get the same model phone with a different carrier, it may fundamentally execute a different kind of code. The two major platforms are: J2ME and BREW. WHAT IS SO WRONG ABOUT "BREW": =============================================== BREW is "Binary Runtime Environment for Wireless", a proprietary platform developed by QUALCOMM. To learn more about BREW, visit their WWW site: http://www.qualcomm.com/brew The BREW version of the ARM compiler required to develop code for your own phone costs $1,500. No application (even those you download yourself via a data cable) can survive on your phone for more than three months, at which time you need a new "signature" from QUALCOMM. If you are developing an application for a BREW phone, you must submit all source code, original and compiled art assets, and documentation to QUALCOMM -- just to get a "signature". Once you develop an application or even simple resources like "desktop wallpaper" or "ringer tunes", you need a closed technology called "Get It Now" (a service of QUALCOMM, not the carrier) for people to download your creations (for a fee). All phones with Verizon contracts use BREW. A person who worked at a company that does BREW development told me that the fact that BREW was a closed platform (very costly to acquire compiler, very costly to share your creations with others, hard to acquire temporary "signatures") results in higher quality products in the market. But for the consumer the situation is actually very bad, since this closed system pretty much guarantees that anything you can possibly download is going to cost money! Even if I wanted to give away my cool ringer sounds or desktop wallpaper, I think I'd need an elaborate partnership with QUALCOMM just to let you download my creations via "Get It Now". BREW destroys the value of an otherwise advanced phone (e.g., Motorola T720). When I purchased the phone I had dreams of uploading cool pictures for my desktop, and playing sound clips from movies and video games whenever the phone "rings". Wouldn't it be cool to have your phone do a Ren & Stimpy voice ("You EEE-diot!") or Ms. Cleo ("Oh my goodness!"), or any sample you could find? Well, unless you're willing to pay a third party some money, you can't do any of this with a BREW-based phone. I am returning my phone and cancelling my contract today (within 15-day trial period) to get the exact same phone (Motorola T720) with a carrier that chose J2ME for their phones (e.g., AT&T). WHAT IS J2ME? =============================================== J2ME is "Java 2 Platform, Micro Edition", a "highly optimized" Java runtime environment. To learn more about J2ME, visit Sun's WWW site: http://java.sun.com/j2me Chances are that you have already done some Java programming in your life! I was very surprised to learn that J2ME really does have a lot of Java functionality! You can create threads, sockets, etc, very easily. You can distribute the *.JAR and *.JAD files. I never liked the idea of "Garbage Collection" on any platform (Java, C#, etc), or the fact that every Java temporary value is an object that must be garbage collected (so something like s = "a" + "b" + "c"; leads to a temporary object "ab" (or "bc") that might persist for quite a long time!). Actually, there's a lot I don't like about Java, but it is FREE and well-documented, and millions of people have developed code for Java. I'm sure there are lots of discussion forums for J2ME. (Contrast all of this with the BREW situation!) In fifteen minutes of WWW surfing I found tons of cool applications, images, and sound effects for the Motorola T720 J2ME version -- all FREE. People wrote some crazy applications for their phones, like WWW servers and databases! I'm told that the gaming or multiplayer experience won't be real-time for years (since phones don't recognize multiple simultaneous button pressing, and there's a lot of LATENCY in network traffic), but I am very excited by being able to take full advantage of the multimedia aspects of my property (phone) without having third parties (QUALCOMM, Verizon, Microsoft MSN) invading my privacy and extorting money from me when they made no contribution to my product. GENERAL SUMMARY: ============================================ When I learned that I couldn't even set my "desktop wallpaper" on my new Motorola T720 phone without paying Verizon / QUALCOMM, and uploading my personal images to a stranger's server, I was stunned and depressed. I wondered how "The Man" was able to get this far in a free market. Now I know, from experience, that it's just the ignorance of the consumer; I just wasn't aware how radically different the phone experience could be, just based on partnership decisions of the carrier. Business and development models like BREW / "Get It Now", and information gathering strategies like ".NET Passport", "Real One Player", "Microsoft Windows Media Player", etc, have greatly held back the promise of technology by setting up barriers and telling the consumer (by actions, not by promises to the contrary) that his or her privacy has no value whatsoever. How can even the most forgiving personality avoid becoming cynical when giant corporations, which could comfortably grow without uploading every CD track title and WWW site URL that you visit, do it anyway just to derive marginally more cash from you? I hope developers will not get suckered in to the BREW paradigm. And, ultimately, I think consumers will discover and choose the open paradigm (e.g., J2ME). It may be true that BREW / "Get It Now" is sufficiently closed to turn more downloads in to cash for the developer -- but the closed nature may be the exact reason the entire market shifts to something like J2ME. Also, a small J2ME developer can get 100% of the purchase price of any item, and developement tools are FREE. I gotta go; I have a phone to return! I am voting with my wallet. --- Colin cp...@ea... |
|
From: Gareth L. <GL...@cl...> - 2002-10-30 10:38:27
|
Ok, I asked our (Amazingly talented) sound guy here, this is a quote of = his responce. ------------------------------------------------------------------------= ---- ----------- http://www.hollywoodedge.com/the_acb/webpage.cfm?&DID=3D9&WebPage_ID=3D1= 6 would be a good place to start - hollywood edge provide a load of good = quality free sfx on their site. You can also request a free cd that has all = the free sounds available on the site. Unfortunately, good quality, well recorded, useable sfx are never cheap. There are a lot of rubbishy cds around, but I wouldn't waste your money - there probably won't be much = worth having. =20 http://www.sonicfoundry.com/products/NewShowProduct.asp?PID=3D533 sonic foundry are really more interested in the home composer market. = They have a very cheap cd with 1001 sfx, about half of which is useable. =20 If there's something specific that you need, you can try http://www.sound-effects-library.com/ here, it's possible to audition = and download the sfx you require, so you don't end up buying 4000 sfx you = don't need, just to get the two that you do...=20 ------------------------------------------------------------------------= ---- ------------- Hope that helps, it sure looks like it should ;) > -----Original Message----- > From: Ignacio Casta=F1o [mailto:cas...@ya...] > Sent: 28 October 2002 02:15 > To: gam...@li... > Subject: [GD-General] Free music and sounds >=20 >=20 > Hi, > I'm writting a little comercial game and I'm looking for free=20 > sounds and > music for it. Does somebody know where to find that? > I don't know how expensive something like that can be. Does=20 > somebody know a > cheap music provider? >=20 > Thanks in advance, >=20 >=20 > Ignacio Casta=F1o > cas...@ya... >=20 >=20 > _______________________________________________________________ > Yahoo! Messenger > Nueva versi=F3n: Webcam, voz, y mucho m=E1s =A1Gratis!=20 > Desc=E1rgalo ya desde http://messenger.yahoo.es >=20 >=20 > ------------------------------------------------------- > This SF.net email is sponsored by: ApacheCon, November 18-21 in > Las Vegas (supported by COMDEX), the only Apache event to be > fully supported by the ASF. http://www.apachecon.com > _______________________________________________ > Gamedevlists-general mailing list > Gam...@li... > https://lists.sourceforge.net/lists/listinfo/gamedevlists-general > Archives: > http://sourceforge.net/mailarchive/forum.php?forum_id=3D557 >=20 |
|
From: Iain R. <i.n...@re...> - 2002-10-30 09:27:20
|
Hello, I bought a CD called '6,000 Sound Effects' from Amazon. Not the best quality (many of them sound like they were recorded off the TV!) but some of them might do the job if you don't mind mono. It's about what you might expect for under a tenner. They are royalty-free. It's certainly not a total solution, and may only provide one or two sound effects you can actually use. As for music, it's not hard to come up with ambient music (ala Tomb Raider, Populous:The Beginning etc) with a MIDI keyboard if you have a few spare hours (you only need a few chords!). Iain > 1. Free music and sounds (=?iso-8859-1?Q?Ignacio_Casta=F1o?=) > Hi, > I'm writting a little comercial game and I'm looking for free sounds and > music for it. |
|
From: <cas...@ya...> - 2002-10-28 23:02:28
|
brian hook wrote: > Try sounddogs.com for _inexpensive_ (like $3 for a sample) sound > effects that you can preview. This is exactly what I was looking for! > If you're going for electronica/trance/house, then the easiest thing to > do is peruse places like ReasonStation, MP3.COM, etc. and look for > people that want to be known more than they want to make money. I'm rather not into techno, but I will try and see what can I find. Thanks for all the input! Ignacio Castaño cas...@ya... _______________________________________________________________ Copa del Mundo de la FIFA 2002 El único lugar de Internet con vídeos de los 64 partidos. ¡Apúntante ya! en http://fifaworldcup.yahoo.com/fc/es/ |
|
From: Jamie F. <ja...@qu...> - 2002-10-28 13:42:39
|
you can also buy CDs full of sound effects. usually they're intended for = tv, etc., but they're still useful. it can be a little awkward getting throug= h the licensing (they don't quite understand how games work, so don't quite have a business model that makes much sense to us), but will usually let = you use the stuff for very reasonable fees after you've talked to them for a bit. as for music, i don't know :) you could try seeking budding musicians :) jamie -----Original Message----- From: gam...@li... [mailto:gam...@li...]On Behalf Of Ignacio Casta=F1o Sent: 28 October 2002 02:15 To: gam...@li... Subject: [GD-General] Free music and sounds Hi, I'm writting a little comercial game and I'm looking for free sounds and music for it. Does somebody know where to find that? I don't know how expensive something like that can be. Does somebody know= a cheap music provider? Thanks in advance, Ignacio Casta=F1o cas...@ya... _______________________________________________________________ Yahoo! Messenger Nueva versi=F3n: Webcam, voz, y mucho m=E1s =A1Gratis! Desc=E1rgalo ya desde http://messenger.yahoo.es ------------------------------------------------------- This SF.net email is sponsored by: ApacheCon, November 18-21 in Las Vegas (supported by COMDEX), the only Apache event to be fully supported by the ASF. http://www.apachecon.com _______________________________________________ Gamedevlists-general mailing list Gam...@li... https://lists.sourceforge.net/lists/listinfo/gamedevlists-general Archives: http://sourceforge.net/mailarchive/forum.php?forum_id=3D557 |
|
From: brian h. <bri...@py...> - 2002-10-28 04:35:28
|
> I'm writting a little comercial game and I'm looking for free sounds > and music for it. I'm sure there are tons of archives out there for you to peruse, just be careful about legalities. Try sounddogs.com for _inexpensive_ (like $3 for a sample) sound effects that you can preview. For music -- you can probably find someone who'll do it for free so long as you're doing some style that is very commonly done in bedrooms. Techno, trance, electronica, etc. Finding high quality orchestral work isn't going to be cheap -- from an aspiring composer you may get it as cheap as $700-1000, but industry names can be 10-100x that. If you're going for electronica/trance/house, then the easiest thing to do is peruse places like ReasonStation, MP3.COM, etc. and look for people that want to be known more than they want to make money. -Hook |
|
From: <cas...@ya...> - 2002-10-28 02:05:27
|
Hi, I'm writting a little comercial game and I'm looking for free sounds and music for it. Does somebody know where to find that? I don't know how expensive something like that can be. Does somebody know a cheap music provider? Thanks in advance, Ignacio Castaño cas...@ya... _______________________________________________________________ Yahoo! Messenger Nueva versión: Webcam, voz, y mucho más ¡Gratis! Descárgalo ya desde http://messenger.yahoo.es |
|
From: <phi...@pl...> - 2002-10-24 16:22:53
|
In Kinetica we specified an inner and outer sphere. Volume fell off
linearly between the two. However, Kinetica's a fantasy racing game, so the
sounds weren't particularly subtle, and this simplistic method was enough
for us.
Cheers,
Phil
"Chris Cammack" <cl...@n-...>
Sent by: To: <gam...@li...>
gam...@li...urc cc:
eforge.net Fax to:
Subject: [GD-General] Sound Attenuation in Games
10/24/2002 07:37 AM
What kind of attenuation information do designers typically get to specify
when adding sounds to a game? Do you use one sphere or two? Do any of you
allow boxes or more arbitrary shapes?
Chris
-------------------------------------------------------
This sf.net email is sponsored by: Influence the future
of Java(TM) technology. Join the Java Community
Process(SM) (JCP(SM)) program now.
http://ad.doubleclick.net/clk;4729346;7592162;s?http://www.sun.com/javavote
_______________________________________________
Gamedevlists-general mailing list
Gam...@li...
https://lists.sourceforge.net/lists/listinfo/gamedevlists-general
Archives:
http://sourceforge.net/mailarchive/forum.php?forum_id=557
|
|
From: Chris C. <cl...@n-...> - 2002-10-24 14:38:01
|
What kind of attenuation information do designers typically get to specify when adding sounds to a game? Do you use one sphere or two? Do any of you allow boxes or more arbitrary shapes? Chris |
|
From: Mads B. D. <ma...@ch...> - 2002-10-20 15:07:11
|
On Sun, 20 Oct 2002, Colin Fahey wrote:
> I'm sorry that my question degenerated in to a massive
> critique of the software industry and giant corporations.
> Maybe someone can cheer me up with a statement like:
> "It's easy to develop for the Motorola T720,
> and carriers can't stop you! Go for it!"
I believe that this statement is true:
"It's easy to develop for the Nokia 7650,
and carriers can't stop you! Go for it!"
I even think that it is very easy for all symbian devices. I have no idea
about the Motorola T720.
Mads
--
Mads Bondo Dydensborg. ma...@ch...
The Microsoft Dictionary:
interoperability: The ability of a Microsoft product to operate
with another Microsoft product.
|
|
From: Colin F. <cp...@ea...> - 2002-10-20 13:32:30
|
2002 October 20th Sunday I just bought a Motorola T720 with Verizon as the carrier. The phone features a color LCD, and it runs simple applications. Okay, I'm really sorry for posting this silly question to this list, but... Can I write applications and run them on this phone with this carrier? I tried to do my homework before composing this post. I did all kinds of Google searches. But I'm just confused and dazzled by all the marketing and news bytes, and my current impression is that you can't just code your own stuff for your own phone (with the T720 / Verizon combo). Is this a phenomena that cell phone developers face in general? Carriers suppress development for an otherwise standard device (phone)? Do other carriers have a more open approach to developing code for your own phone? I don't want to become a development partner with a carrier, and I don't have any ambition to sell my application to the masses, and I don't care if the only way I can get my code on to my phone is a data cable connected to my PC. Am I living in fantasy-land, with an out-moded mindset that happens to think that the latest wave of information-gathering applications and services is just insane (MSN/Passport, RealOne, MediaPlayer7.1, etc), and proprietary methods to access your own property requires licensing and partnerships with "The Man" (Microsoft, Verizon, Sony, Nintendo, Yahoo!, RealNetworks)? Anyhow, I'm practically barfing less than 24 hours after signing up with Verizon with a Motorola T720 mobile phone... I have to pay $6/month to a third-party company, upload my personal photo's to their servers, just to get pictures on to my own damned phone! (This fee does not include the "air time" or general Internet access fee, which are perfectly reasonable charges.) To my knowledge, there is no way to get ringer sounds that weren't produced by third-party partners of Verizon, mostly costing money. Really, the biggest thing is the apparent inability to download your own applications to your own phone. So, instead of at least having the option of developing games and exchanging them for free, what you are offered is what you get. If a giant corporation (EA, THQ, etc) doesn't write that handy game or app for your Verizon phone, you're screwed! Someone tell me I'm wrong about uploading your own apps. Someone tell me that it's easy to get the necessary SDK (for the T720) and use a data link cable to basically run whatever I want, making whatever sounds and graphics I want. I can return the phone within 14 days from today with very little cash loss. After that point I might as well try hard to forget that the T720 is an awesome piece of hardware...And maybe I'll even face regret when I see other people with even cooler phones (with digital cameras) that are totally open to development and really basic, basic operations -- like picture display. I can't help it. I know I should have studied the service a bit more, but I never expected something as insane as having third parties handle every little aspect of your phone recreation for money. I wrote an e-mail to Verizon saying that this was basically as insane as being charged to open files on your own hard disk on your own personal computer! Just image having to transmit all of your files on your hard drive to a third party, just so you could access them on your desktop computer, and there was a fee for this "service"?! Man, this is so messed up! Sigining up for an MSN "Passport" just to do other basic things with my phone also left me feeling compromised. I try to get used to "progress", trying to ignore the lengthly EULA's, profiles, cookies, daemons, applets, kiosk mode pop-up windows, fake e-mail, spam, fees, plans, endless voicemail menus, inability to opt-out of any marketing, and basically NO guarantee of any privacy about the CD's or URL's you consume, ever... But I can't. I wonder how corporations in America reached this unprecedented level of information- gathering with no regard to privacy, and resorting to extremes of licensing and protecting products with proprietary and secret interfaces, connectors, protocols, languages, etc. I'm sorry that my question degenerated in to a massive critique of the software industry and giant corporations. Maybe someone can cheer me up with a statement like: "It's easy to develop for the Motorola T720, and carriers can't stop you! Go for it!" --- Colin cp...@ea... |
|
From: Matt N. <mat...@ni...> - 2002-10-18 15:48:53
|
I've been looking into DirectMusic recently for sound support in our = game and have found little info about it on the web. Perhaps this is = because I'm used to the amount of info around about Direct3D and it's = just that sound in general is less widely discussed. I'm wondering if = it's not popular because it's so platform specific though - with many = games now being developed with multiple platforms in mind, tying your = game into DirectMusic file formats is probably undesirable for many = projects. So, how many people are actually using it for game sound, and = if you are using it are you just using it for music or are you using it = for all your sound effects as well? --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.394 / Virus Database: 224 - Release Date: 03/10/2002 =20 |
|
From: Marios M. <ma...@ne...> - 2002-10-09 19:41:44
|
Hello, I am trying to decide on the best and easiest way of implementing terrain. I have an editor which allows you to build an environment consisting of a race track and all the other stuff. I've reached the point where i need to decide on the terrain ( currently a flat texture). The terrain has to follow the road surface and any objects. I am going ahead with implementing a UI dialog where the user can add more points on a terrain and adjust their values. Running a triangulation through the points i get a terrain. The user can then add more points to get a smoother terrain. On the other hand i suppose the user can import an x file and use that as a terrain (already implemented), but will not follow the objects in the environment any comments or suggestions? thanks marios |
|
From: Tom F. <to...@mu...> - 2002-10-08 10:41:06
|
Europe is ELSPA: http://www.elspa.com/ ...and if your game is particularly violent (15 years old or over) you may also need a BBFC rating for Britain (http://www.bbfc.co.uk/). Ireland has an equivalent body, though I've forgotten what it's called. Tom Forsyth - Muckyfoot bloke and Microsoft MVP. This email is the product of your deranged imagination, and does not in any way imply existence of the author. > -----Original Message----- > From: Lionel Fumery [mailto:li...@mi...] > Sent: 08 October 2002 11:15 > To: gam...@li... > Subject: [GD-General] Parental control, game rating, ... ? > > > Hello, > > Could anybody give me the list of organizations through the > world that are > in charge of game rating, parental control, game suitable for > children, and > so on ? > > Where can I find a list of the elements needed to get the > "approval" for a > video games following the targeted audience ? > > Thanks in advance for any info, > > Lionel. > > > > ------------------------------------------------------- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf > _______________________________________________ > Gamedevlists-general mailing list > Gam...@li... > https://lists.sourceforge.net/lists/listinfo/gamedevlists-general > Archives: > http://sourceforge.net/mailarchive/forum.php?forum_id=557 > |
|
From: Lionel F. <li...@mi...> - 2002-10-08 10:15:19
|
Hello, Could anybody give me the list of organizations through the world that are in charge of game rating, parental control, game suitable for children, and so on ? Where can I find a list of the elements needed to get the "approval" for a video games following the targeted audience ? Thanks in advance for any info, Lionel. |
|
From: brian h. <bri...@py...> - 2002-10-06 09:32:15
|
Is anyone using (or has used) Curious Labs' Poser 4/5 for making lots of little animated people (a la the size you'd see for an RTS)? From the feature list it looks like it would be pretty handy when trying to churn out lots of repeating, small models, but their Web site and docs are so bad (especially with respect to 5) that it's hard to say. -Hook |
|
From: Steve R. <St...@no...> - 2002-09-26 17:54:31
|
Call for Proposals: AI Game Programming Wisdom 2 Following the incredible success of the first book, Charles River Media = and series editor Steve Rabin are looking for game developers to contribute= to a second volume. Anything that an AI game programmer would typically = deal with is fair game, including pathfinding, animation control, = scripting, learning, and various decision-making techniques. Selected = authors will have several months to write and will share in a portion of = the book's royalties (estimated to be between $500 and $1000 per article). = Proposals for 5-10 page articles are now being accepted at www.aiwisdom.com= . Thanks, Steve Rabin Editor |
|
From: Mads B. D. <ma...@ch...> - 2002-09-24 13:07:25
|
On Tue, 24 Sep 2002, Colin Fahey wrote:
> 2002 September 24th
> Tuesday
>
> Someone pointed out that letting a client timestamp
> events has allowed cheating in Quake.
Yep. Trusting the client (at all) did this.
>
> Now I'm trying to figure out just how far people
> take the principle of "never trust the client".
>
Very far, I would assume.
> I'd like to know if anyone has experienced any
> of the following scenarios, or even more bizarre
> scenarios.
>
> [1] Someone does a "tcpdump" (or similar) and
> reverse-engineers the packets and writes a
> stand-alone application that sends packets
> that fools the game server in some way
> for the purpose of cheating.
Now, that is what _everybody_ does. The usually do a proxy though.
> ----------------------------------------------
> ASSUMPTIONS:
> The only resource available to the hacker
> is the binary dump of TCP and/or UDP traffic.
> (i.e., no source code or details of packet format)
> SOLUTION:
> Encrypt packets.
Encryption packets here have the basic problem that you deal with UDP
traffic and you usually have a fixed format for the payload. Even if you
pad with random strings it will still be possible, and see next point:
>
>
>
> [2] Someone reverse-engineers the assembly
> language of the client and works out the
> packet format and encryption algorithm.
How about; someone traces the application, figures out the point where
packets are decrypted (which is a lot easier than figuring out the
algorithm) and does some fancy debugging scripts (trivial with gdb, don't
know about others) that dumps encrypted and unencrypted packages to files
for later analysis?
Yep, seen that done (almost, purpose not related to games). In a perl
script, btw, that used gdb breakpoint on a wellknown binary.
>
> [3] Someone gets source code sufficient to rebuild
> the client -- with any desired logic modification.
> ----------------------------------------------
> NO SOLUTION:
> Well, this allows the hacker to create "bot"-like
> shooting accuracy and scripted movement patterns
> (like running directly to all ammo spawn points,
> or pursuing enemies with the most efficient,
> minimal paths).
> Even if we totally distrust the client beyond
> receiving the most basic events possible, it
> doesn't seem possible to detect players that
> are "too perfect"!
I agree with the no solution stuff. The whole issue of cheating in online
games have been debated heavily in the OSS communities, espec. following
the release of the Quake 1 source code. You might want to look some of
these discussion up.
> I heard of simple stuff, like turning EVERYTHING semi-
> transparent, so you can see people through the walls.
Yep, everything is a tradeof.
Mads
--
Mads Bondo Dydensborg. ma...@ch...
FAITH, n. Belief without evidence in what is told by one who speaks without
knowledge, of things without parallel.
- Ambrose Bierce (The Devil's Dictionary)
|
|
From: Colin F. <cp...@ea...> - 2002-09-24 10:42:18
|
2002 September 24th Tuesday Someone pointed out that letting a client timestamp events has allowed cheating in Quake. Now I'm trying to figure out just how far people take the principle of "never trust the client". I'd like to know if anyone has experienced any of the following scenarios, or even more bizarre scenarios. [1] Someone does a "tcpdump" (or similar) and reverse-engineers the packets and writes a stand-alone application that sends packets that fools the game server in some way for the purpose of cheating. ---------------------------------------------- ASSUMPTIONS: The only resource available to the hacker is the binary dump of TCP and/or UDP traffic. (i.e., no source code or details of packet format) SOLUTION: Encrypt packets. [2] Someone reverse-engineers the assembly language of the client and works out the packet format and encryption algorithm. Or, the hacker just finds out the packet format and encryption algorithm from social engineering or a leak from the company. The hacker either alters the code to transmit different information, or writes another application to supplement or act independently of the regular game client. ---------------------------------------------- SOLUTION: Uh, I guess you have to limit the client to sending the most basic events imaginable, scarcely more than keystrokes (essentially), and the server assumes nothing about the actual time the client events occurred -- instead the server pretends that the event occurs when it is received! Players with lag get punished proportional to their lag, but that's life! Is this the only practical solution? [3] Someone gets source code sufficient to rebuild the client -- with any desired logic modification. ---------------------------------------------- NO SOLUTION: Well, this allows the hacker to create "bot"-like shooting accuracy and scripted movement patterns (like running directly to all ammo spawn points, or pursuing enemies with the most efficient, minimal paths). Even if we totally distrust the client beyond receiving the most basic events possible, it doesn't seem possible to detect players that are "too perfect"! [4] Someone writes a separate application that controls a legitimate version of the client. ------------------------------------------------------- NO SOLUTION: What can be done? The user (hacker) is communicating with the application in a way that is indistinguihable from a human hitting keys on the keyboard and moving the mouse. It could be as simple as recording keystroke macro's in your physical keyboard -- so you can do complex operations in StarCraft just by hitting a single key. Or you could write an application that sent keyboard and mouse messages to your game client so that you could execute complex actions at high speed. Anyhow, I guess I'm really just interested in a way to make the client event timestamping work. Also, I guess that EVERYTHING depends on how much you think hackers will diminish the value of your game by each mode of hacking and cheating. So, if I am fairly confident that hackers won't go to the trouble of reverse-engineering the encryption scheme, and if I'm confident that the packet format and encryption scheme won't be leaked, then maybe I can accept the risk of allowing the client to timestamp its own events. I guess the scenarios mentioned above apply to servers, too -- but if a server is hacked, then all of game reality can be violated. Question Authority! "Yes" means "No", and "Left" means "Right"! "1 + 1 = 3"! **** You could do the nutty thing of CLIENTS not trusting SERVERS! **** So, if you have a legitimate client, and the (hacked) server starts cheating like crazy, you could at least detect this condition and notify the user that the server is run by a no-good hacker. Anyhow, I'm fascinated by stories of how far hackers will go to cheat. I like funny pranks that can be recognized as pranks and have obvious parameters and limits, but I have no respect for hackers who think it's fun to create an artificial advantage for themselves in games and destroy the experience for other players. I heard of simple stuff, like turning EVERYTHING semi- transparent, so you can see people through the walls. I could see how that might be fun for about 30 seconds, especially if I had money riding on that game! Okay, enough random gripes. ;-) --- Colin cp...@ea... www.colinfahey.com |
|
From: Colin F. <cp...@ea...> - 2002-09-24 07:31:17
|
2002 September 23rd Monday >>> This sounds more complicated than necessary. Why do you need sync >>> times that tightly? I don't know! Crazy, huh? I guess I thought I might be to tell the precise sequence of all of the client events (across all players) and support a tiny bit of "revisionist history" -- re-simulate a few past time steps if new "evidence" (client events that should have changed history but weren't previously considered due to brief lag) was later received. But, frankly, I can't remember what ever made me think that synchronization (or determining precise time differences between each client and the server) would be worthwhile. I guess one of my other ideas was that the server would leave most deterministic things unspecified -- and so if a client was precisely synchronized, then both client and server would essentially have the same impression of the deterministic aspects of the environment. So, if you jump on to a rising elevator platform, the server doesn't need to send authoritative feedback, since both client and server know exactly how your jump will turn out. If the client simulation of deterministic processes was out of synch with the server simulation, then we're forced to send more update information. The client always sends player actions, but we just don't need to send so many authoritative updates about the outcome of those actions. (NOTE: This example doesn't include the effects of non-deterministic factors: constantly changing movements of other players, and other player-initiated events, like firing weapons. But we just have to determine how these events "screw up" the deterministic aspects of the game, and notify/update affected clients.) Well, I think I have enough feedback to get me started with an initial design. I'll restrain myself from asking more silly questions until I attain the next level of insanity. Thanks to all for the very enlightening comments. --- Colin cp...@ea... www.colinfahey.com |
|
From: Mads B. D. <ma...@ch...> - 2002-09-24 07:24:37
|
On Mon, 23 Sep 2002, brian hook wrote:
> > Thus, I can place any client event in to a single
> > server timeline, regardless of network glitches.
>
> Hmmm, never really thought about that.
Quake sort of did this, which is one of the reasons it was so easy to
cheat. Trusting the client to timestamp events is not necesseraly
something you want to do.
Mads
--
Mads Bondo Dydensborg. ma...@ch...
On the other hand, we can agree with Microsoft that the GPL is bad for
their current business. We can then proceed to use Microsoft's favorite word
as we reply: Innovation won't stop just because you're not ready for it. The
printing press was a good thing, after all, even though it forced
professional scribes to change their business model. Adapt or die
- Chip Salzenberg
|
|
From: brian h. <bri...@py...> - 2002-09-24 04:22:16
|
> Then I would guess the probability of a person > running MY application and simultaneously running > whatever other applications might use that port > number by default. > > Is that pretty much the state of the art of > port-choosing technology? Yes. And you allow the server operator to override in case there is a conflict. > [2] I know this depends greatly on the genre of > game, and how real-time the action is, but what > is an example of the packet rate (packets/sec) > sent from server to client? What is the size > of data in each packet? Quake simulated at 10 fps. I think Q2 and Q3 were 20 fps. The amount of data varies GREATLY depending on application and how well you compress. The best thing to do is to sort out what your packets will look like and then how much delta compression you can manage. I don't think you can really say there's a ball park estimate that's reasonable since it depends so much on your genre, core tech, and how aggressive you are about quantization, compression, and update rate. > Thus, I can place any client event in to a single > server timeline, regardless of network glitches. Hmmm, never really thought about that. I'll let someone else answer, but my guess if that's actually what you want to do, then you can investigate a protocol like NTP. > My computer says it's 12:34:56 AM, and your computer > says it's 12:34:58 AM at that same instant; perhaps > we're both way off the "real" time, but I just want > to know that your machine will report times that > should be adjusted by -2.0 seconds before using > in my time line. This time delta has nothing to do > with any network variability or lag.] This sounds more complicated than necessary. Why do you need sync times that tightly? -Hook |
|
From: Colin F. <cp...@ea...> - 2002-09-24 03:41:02
|
2002 September 23rd
Monday
QUESTIONS:
[1] Okay, let's say I want to come up with some
default port number for my game server. My instinct
would be to pick some random number (1024<-->65535)
and then do a WWW search to see if there were any
hits for "port 12345" (or whatever).
Then I would guess the probability of a person
running MY application and simultaneously running
whatever other applications might use that port
number by default.
Is that pretty much the state of the art of
port-choosing technology?
[2] I know this depends greatly on the genre of
game, and how real-time the action is, but what
is an example of the packet rate (packets/sec)
sent from server to client? What is the size
of data in each packet?
I just want to get a sense of the order of
magnitude of the traffic that typical,
small scale first-person shooters use
successfully -- for LAN and Internet cases.
I've heard of packet rates as low as 10 packets per
second (average) for Internet games with 64 players.
I don't know what the data size was for these packets.
Anyhow, I know that this question is almost too
general to answer, but I'd like to hear about
working concrete numbers, in any game play genre,
for LAN or Internet games.
[3] Let's say you want a server to establish the time that
someone pressed a key on a client computer. Let's say
that the server wants to express the client key press time in
terms of its local time.
Basically, each client has its own local time, and
the server has its local time. I'd like to compute
the delta's between the server's time value and each
client time value, and vice versa.
Thus, I can place any client event in to a single
server timeline, regardless of network glitches.
So, I'm thinking that when the "connection" is
first initiated (player joins the game), the server
makes a bunch of pings to the client, asking for
the client local time values. Then, through some
round-trip time math, etc, we can pin down the time
difference.
Okay, here's are the questions: Is this common
practice? Do games try to improve the measurement
of the time delta throughout game play? What are
some techniques for arriving at this value?
[NOTE: The time delta should be an exact number (per client)
that is essentially a constant throughout a typical
game duration -- assuming the high resolution timers
or performance counters don't drift in any significant
way on the client machines or the server. If you had
instant communication between two machines you would
get this time delta exactly.
My computer says it's 12:34:56 AM, and your computer
says it's 12:34:58 AM at that same instant; perhaps
we're both way off the "real" time, but I just want
to know that your machine will report times that
should be adjusted by -2.0 seconds before using
in my time line. This time delta has nothing to do
with any network variability or lag.]
To make this even clearer, one simple-minded way
of getting this time delta is the following:
[1] I send a "ping" from machine "A" at local time TA1
[2] Machine "B" receives "ping" at its local time TB1,
and sends TA1 and TB1 back to machine "A".
[3] Machine "A" receives packet at its local time TA2,
and the packet contains values TA1 and TB1.
The round-trip time was (TA2 - TA1). Assuming the
lag was symmetric (an assumption that could be
very wrong, as with cable modems where upload speed
is way slower than download, etc), you might decide
that the time delta was:
TDeltaConvertBToA = (TA1 - TB1) + ((TA2 - TA1)/2);
In other words, just compute the delta as if the
reported machine time values were at the same instant,
and then correct for the lag by using half of the
known round-trip time.
Another method might be just sending lots of pings
from server to client, and returning the minimum of
all computed (TA1 - TB1).
Anyhow, there's probably a technique that converges
on the exact time, maybe in just a couple of exchanges
between server and client.
This is like those annoying middle school problems:
"A train going east at 50 MPH leaves station X at 3:00 PM,
and another train leaves station Y, 400 miles away,
at 4:00 PM at 60 MPH... When the trains collide they
produce two new identical trains, with one standing still
and the other moving at 0.99c heading for Alpha Centauri.
Will humanity be ready when the second train returns from
Alpha Centauri loaded with Schrodinger Cats and magnetic
monopoles?"
--- Colin
cp...@ea...
www.colinfahey.com
|
|
From: Tom H. <to...@3d...> - 2002-09-24 02:57:36
|
At 02:23 PM 9/23/2002, Colin Fahey wrote: > [A] For *Internet* games I assume service WWW sites like GameSpot, >etc, advertise the IP's and ports of game servers -- or you >can indicate the IP and port number of your server through >any other means (phone call, e-mail, chat, etc). > > QA1: Is this the dominant way to discover *Internet* games? No. The dominant way is to use a lobby server. GameSpy provides a generic interface for different games to use, and it's supported by just about every game out there these days. It used to be that every game made their own lobby server protocol in addition to GameSpy, but I wouldn't be surprised if they've all shifted to GameSpy only at this point. This is probably more true for FPS games than other genres. > [B] For Internet games the port(s) can be fairly arbitrary >(anything above 1024 and below 65536, right?), but for >convenient "discovery" of servers on a LAN it might be nice >to have a few preferred port candidates to try -- instead >of broadcasting to all 64000 ports in a brute-force search. > > QB1: How might one select "default" port ranges for the >convenience of LAN clients searching for servers? In practice, each game sets up a default range of ports (or only a single port in many cases). These ports should be different from game to game, but even if they're not you're still OK. Remember, getting the port is only part of the process ... if the traffic sent back and forth doesn't match, then you're not running on a valid server. The ports can typically be changed by the end-users in one way or another if they have to resolve "bad" conflicts (another application crashes or behaves badly when it gets a packet it doesn't recognize ... this should be very rare). > QB2: Might a server on a LAN advertise itself periodically, >like once per second?...Perhaps only during the "join" phase of >a game (if players can't just jump in at any time)? >This sounds pointless when clients can essentially do >the queries as needed, but maybe when the server is on >a totally random port (but advertises itself on a known >port), it might make it easier for clients to discover >the server (just by listening on a known port for the >unsolicited broadcasts of the server). It is much better for the clients to broadcast a packet that says, "If you're a server, send a response back please" than it is for the servers to periodically pulse out a heartbeat. You also need the ability to enter an IP address by hand for networks that have disabled broadcast. > [C] Some applications have one "well-known" port for >initiating sessions and create ports for handling those >sessions. > > QC1: Sorry for my ignorance, but do you think it's okay >to have all clients send UDP to the same server port >for processing? (So each UDP packet has a "Client ID" >to demultiplex the packets.) Yes. This is the preferred way to do it for the relatively small number of users in these types of games. Larger games (MMP) may do better to spread the traffic over multiple ports, but that's going to be heavily dependant on the OS and such. Fortunately, you're not asking how to build a MMP networking system ;) > QC2: Even if all UDP traffic can go to a single server >port, do you think there might be some benefit to having >a seperate port that is strictly for joining the game? >(The "real" game might be some RANDOM port, but the >service for joining the game might be on the "well-known >port range".) I don't see what the benefit would be, and it would only seem to make things more difficult for . It's useful to have the lobby server traffic on a different port than the game server port, but unless you're doing something painful in the authentication, there shouldn't be any reason to break it off. > QC3: To your knowledge, do many first-person shooter >deathmatch games just feature a single UDP port for >all game-related traffic? I can't speak for all FPS games, but the one I've worked on did ;) I'm under the impression that all the others do it that way as well. >I basically want to learn from the experience of others >regarding the basic mechanics of "discovering" >servers (Internet and LAN), choosing port(s), and >choosing a total number of used ports for a single server. 1. Use GameSpy for a lobby server for internet play. 2. Use a broadcast packet from the client on a known port to discover servers for LAN play. 3. Use a single (different) UDP port for all authentication / gameplay traffic. There is one option to consider ... include authentication of CD keys as part of the lobby server functionality (I think this is how Q3A works, but it's been a while). Tom |
|
From: Brian H. <bri...@py...> - 2002-09-23 23:32:31
|
> [A] For *Internet* games I assume service WWW sites like > GameSpot, etc, advertise the IP's and ports of game servers > -- or you can indicate the IP and port number of your server > through any other means (phone call, e-mail, chat, etc). > > QA1: Is this the dominant way to discover *Internet* games? I think so, but I'm not sure. That would seem to make the most sense though. Alternatively, if you have a dedicated lobby service then there would be som existing protocol to negotiate that information. > of broadcasting to all 64000 ports in a brute-force search. Why not just pick an unused port and go with it? Then also allow the ability to override at the command line, e.g. the server can specify the port. > QB2: Might a server on a LAN advertise itself > periodically, like once per second? Sure, no reason not to, but then your clients will have to be listening on a port as well as broadcasting. > QC1: Sorry for my ignorance, but do you think it's okay > to have all clients send UDP to the same server port > for processing? (So each UDP packet has a "Client ID" > to demultiplex the packets.) Yes. You can demultiplex on source IP if you're an internet server, but having a separate client ID that is some function of the low 16-bits of their (local) IP address helps to disambiguate between two clients if the source port gets remapped from underneath you. I know Quake had to do this because some older routers would just reassign the ports somewhat randomly (I'm not sure if UDP specifies a lifetime for a source port mapping). > QC2: Even if all UDP traffic can go to a single server > port, do you think there might be some benefit to having > a seperate port that is strictly for joining the game? Not that I can think of. > (The "real" game might be some RANDOM port, but the > service for joining the game might be on the "well-known > port range".) Okay...so why the random port instead of just choosing one? > QC3: To your knowledge, do many first-person shooter > deathmatch games just feature a single UDP port for all > game-related traffic? Don't know, but I think it's easy enough to find out -- in fact, many NAT box/routers include specific instructions for each game. I personally think everything should be done with as few ports as possible because this simplifies things for those people that rely on port forward (forwarding one port is often easier than forwarding a range). For my stuff, I have two server ports, a game port and a control port. The control port is strictly used for server management, stat queries, etc. by remote admins. The game port is for all game play. I have a hardcoded port # that can be altered if necessary, which seems to be the norm. Brian |
12 messages has been excluded from this view by a project administrator.
