Re: [GD-General] opensource for online play
Brought to you by:
vexxed72
From: Mads B. D. <ma...@ch...> - 2003-02-10 16:18:24
|
On Mon, 10 Feb 2003, Mike Wuetherick wrote: > We've been slowly setting up the inner workings of the network play for > our engine. One thing that has come up is the fact that our engine also > happens to be Open Source, so how do we deal with security issues for > hacking online games when we are giving the hackers all of our source code. This have been discussed extensively on the LInux game related mailing lists. The consensus seems to be that there is no way you can protect your game, wheter closed or open, if you place any trust on the client. Open source in general makes it easier. > > We've decided that the network side of things will be a .lib that we > distribute, along with the source, for people that need to recompile the > engine....most users don't, so this is no big deal... If you have the stuff in a single file, you actually make it easier for the cracker. > > This still leaves us with the problem of having someone create a stub > exe using our network lib to create hacker tools mind you... Yes, not to mention intercepting system calls, using a scripted debugger, etc etc. > Perhaps some sort of time/date stamp authentication, along with a check > of the exe's size (to make sure it's not hacked), etc...but overall, > none of these systems seem to respect our 'open source roots'... And are easily fooled both for open and closed source. > screens of the multiplayer maps in action - > http://www.uber-geek.ca/games/turing/ctf/ this gives a 404. > > anyways...i'm curious how (if) people have managed this before, and what > techniques they've used to provide security for your client applications... I am sure some will have more constructive answers than mine, but I believe it boils down to minimize the trust in the client. Mads -- Mads Bondo Dydensborg. ma...@ch... The low quality of [MP3] files should prevent this format from threatening control of our intellectual property. Why would anyone listen to a sub-CD quality song when they can easily buy the CD at the local Tower Records? - RIAA head, Hillary Rosen, March 1997 |