Jump to content
SubSpace Forum Network

Request: Gravity Bombs?

CypherJF

By CypherJF
in General Discussion

 Share

What do YOU think?  

3 members have voted

  1. 1. What do YOU think?

    • Yes
      19
    • No
      2
    • Unsure/Don't care
      7

Recommended Posts

numpf Newbie

numpf

Posted
Posted

First of all, ek was replying to etrigan, not you. Normally i'd crispify people for a miss like that, but English isn't your first language, so i'll give you a break there. I'm not sure what your point is though.

First: I'm not talking about rewrite the whole protocol to be server authoritative. I'm talking about redoing parts of it which will always be a problem in its actual state. I can discuss it in detail if you want.
Please do, otherwise you have no credibility. Ekted doesn't think that the current game protocol is perfect. What he meant was rewriting the game to be _100%_ server-auth isn't practical. The technical aspects of the game problem will therefore always require trusting the client to an extent, even if you can make some things server-authoratative that aren't currently (example: goal-scoring protocol for powerball).
So John Carmack says that closed-source obscurity is the ONLY solution to "good enough" security in fast-action games... I admit it is the ONLY solution but I seriously doubt it is good enough. -*BAD WORD*- John Carmack is all I can say.

...

The client just can't be protected from its user. Period.

Huh? You said earlier that you agreed obscurity is the only way. I think you need to do some reading on risk management and reconsider your definition of "good enough." If the only option isn't good enough, then the project isn't worthwhile, i.e. no client-authoritative games are worthwhile. That's laughable. Also, you dont sound cool insulting/marginalizing experienced (let alone famous) professionals, just ignorant.

Also (and now I'm really mean), from a cracker to a cracker, I seriously doubt you cracked the whole game (a lot of more than encryptions and protocols) in 2 months and didn't feel the urge to rewrite parts of it that remains the same by now, Ekted.  

Ekted has had the urge to rewrite parts, and even the whole thing. ek and I have had extensive private discussions about many aspects of the protocol and what might be improved/changed. Whether and to what extent you actually do it involves 100 other factors. As it is ek has written a widely-used bot core and SSVCR.

 

-numpf

  • Replies 76
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

PoLiX Newbie

PoLiX

Posted
Posted
Is the bullet damage still done clientside?(ie. shrap, burst since they are under the same hood)

 

Yes, it's done Client-side.

 

-nintendo64

 

Basically, subgame is mainly only used for Staff Access, Client Limits, and Packet Transfering. So can easily assume everything is client-side beyond that.

 

Also, i was glad to see priit's defense on open source finally reached a valid statement, and has seemed to mostly kill it off. When so much is sadly handled client side, makes it impossible for it to be open source. Which is why ASSS can so easily be open source (which some people don't get why it is and Continuum is not). If continuum was open source, there would be no way to stop cheaters period unless the entire thing was put on the weight of the subgames.

 

Maybe im just repeating stuff said, but eh. Its 7am, and i haven't slept a wink, lol... movies, soda, and cookies, gotta love it =P

Coconut emulator Newbie

Coconut emulator

Posted
Posted

I feel as the real evil -*BAD WORD*- I am, Ekted :(

 

I don't have the right to supose what urge you feel or not. You are in a difficult position... giving the face to players and having to deal with Priit at same time, and doing I don't know how many things more. All what your work deserves is respect, Ekted. From a cracker to a cracker: I suck big time.

 

Basically, subgame is mainly only used for Staff Access, Client Limits, and Packet Transfering. So can easily assume everything is client-side beyond that.

 

Also, i was glad to see priit's defense on open source finally reached a valid statement, and has seemed to mostly kill it off. When so much is sadly handled client side, makes it impossible for it to be open source. Which is why ASSS can so easily be open source (which some people don't get why it is and Continuum is not). If continuum was open source, there would be no way to stop cheaters period unless the entire thing was put on the weight of the subgames.

 

I do agree with PoLiX. I think we haven't heard a voice defending an open-source client lately. The actual server can be open-source, just because most players won't run the zones they play from their computers and there's almost nothing to hack on server as you say. Having the source of the client makes easier to cheat, but it's still possible without it.

Mr Ekted Newbie

Mr Ekted

Posted
Posted

Yes, just conforming numpf's statement that I was not talking about CoCo.

 

I have basically no control or say over stuff in Continuum outside of the menu. So in that respect, I don't bother racking my brains. I do, however, look at how SS works and consider what *I* would do if I were to do it myself. It is easy to fall into the "if it can't be perfectly safe, it's not worth doing" mindset. You try to protect/predict/detect every single aspect of play, and if one of them can't be done....

 

In a twitch game like SS, there are just too many things the client must do locally, even if the server "checks" them afterwards: movement, recharge, damage and death, picking up greens, warping and portalling, etc. Any of these aspects of the game are targets for cheating.

 

Lets say you wanted to "secure" movement. Send all keys to the server, and let the server tell you where you are? Even at 100ms ping, this is unacceptible. It might work on a LAN. Have the server implement physics on its own and compare where you are to where it thinks you should be? This puts a lot of burden on the server. And what is the threshold? Any allowed threshold could still be used effectively by cheaters. And what about false positives? I fly towards a corner tile so that I will miss it by a pixel. The last update my client sends, I have thrusted a bit so I actually hit the tile and bounce. This packet is not received by the server, so when the next packet arrives, I am 64 pixels from where the server thinks I should be, but I have not cheated. 64 pixel tolerance is way more than enough to cheat. So much for securing movement.

 

All other types of cheating/securing have similar arguments. The delays and inaccuracies are prohibitive to reasonable solutions. So if there's going to be ANY insecure stuff in the client, you might as well live with it and spend a serious amount of time obscuring the client a) in ways that minimize hacking risk, and :D in ways that are easy to mutate if ever a real hack emerges.

PoLiX Newbie

PoLiX

Posted
Posted
Having the source of the client makes easier to cheat, but it's still possible without it.

 

Well, yes, its still possible, but is it as easy?

 

Means less people have the chance, time, or want to do it.

PoLiX Newbie

PoLiX

Posted
Posted
Perhaps since the shark is basically a cloaking warbird, it could be modified to "Gravity Bombs" instead of "Gravity Drive"?

 

That actually depends on which zone you play there buddy...

Coconut emulator Newbie

Coconut emulator

Posted
Posted
besides, it's pointless if nobody is going to do anything about it! these ideas probably were suggested before! but nobody did anything (because they can't! XD)
I'm one the last persons coming to this forum, so I'm not the right one to give explanations, but I think our "mission" is present ideas to Mr Ekted so he can present the valuable ones to Priit Kasesalu. The rest is pure blah blah I think.

 

PoLiX: You are right. The Cont client is not so easy to crack as SS. Priit made a good job, the way I see it. I can't imagine more things that can be done to protect the client from its user. Closed-source is the only way, *but* it doesn't close all doors. I'm a sort of pain in the -*BAD WORD*- to this forum because I always have a "but" for almost everything related to security. Right now, only a few people (I guess) have the patience/time/knowledge to crack the game. But remember sage's times... a single guy messed up the whole game. He didn't need the SS source to write Twister, I supose. It could happen with Continuum too. Write a Twister for Continuum is harder than it was for SS, but still possible. Fortunately, persistent cheaters use to reveal themselves sooner or later... they are lame, heh.

 

I have basically no control or say over stuff in Continuum outside of the menu. So in that respect, I don't bother racking my brains. I do, however, look at how SS works and consider what *I* would do if I were to do it myself. It is easy to fall into the "if it can't be perfectly safe, it's not worth doing" mindset. You try to protect/predict/detect every single aspect of play, and if one of them can't be done....

 

Yes... it is harder to prove that the roof is not liking at any point... you have to check the whole roof to !@#$%^&*ure it. And we are talking about an extensive, not really well defined at first sight roof... Define that "roof" is a matter of tracing the whole behaviour of the whole application (server, client, billing) in all possible s¡tuations. Paranoia is the word to define the feeling of a programmer on that matter. What things the user can do to break my software? How can I prevent it? Am I missing something? This awful music never stops in your head.

 

In a twitch game like SS, there are just too many things the client must do locally, even if the server "checks" them afterwards: movement, recharge, damage and death, picking up greens, warping and portalling, etc. Any of these aspects of the game are targets for cheating.  

 

Lets say you wanted to "secure" movement. Send all keys to the server, and let the server tell you where you are? Even at 100ms ping, this is unacceptible. It might work on a LAN. Have the server implement physics on its own and compare where you are to where it thinks you should be? This puts a lot of burden on the server. And what is the threshold? Any allowed threshold could still be used effectively by cheaters. And what about false positives? I fly towards a corner tile so that I will miss it by a pixel. The last update my client sends, I have thrusted a bit so I actually hit the tile and bounce. This packet is not received by the server, so when the next packet arrives, I am 64 pixels from where the server thinks I should be, but I have not cheated. 64 pixel tolerance is way more than enough to cheat. So much for securing movement.  

 

All other types of cheating/securing have similar arguments. The delays and inaccuracies are prohibitive to reasonable solutions. So if there's going to be ANY insecure stuff in the client, you might as well live with it and spend a serious amount of time obscuring the client a) in ways that minimize hacking risk, and B) in ways that are easy to mutate if ever a real hack emerges.

I agree. It is crazy to pretend things like secure movement... you are firing and hiting a ship on your screen but then, the server says you wasn't where you was suposed to be on map and your weapons wasn't hiting him on server because of lag... or the opposite... you wasn't hiting him on your screen and then the server comes to say you killed him... :p It is no fun playing a game like this. As we all know, if you hit a guy (in the actual state of the game) you can kill him or not depending on lag between you and him, but everyone understand that you have to hit him on your screen or there is no way to kill anybody.

Right now, without "secure" positioning, everyone considers his local client time as the absolute time of the game, and it is right. That's why laggers use to say that everybody is lagging but they are not.

 

So, I agree with you: all the things that affect the behaviour of your own ship on screen must remain to be client driven.

 

But I still think that other things like greens could be server driven. There will be lag at the moment of picking the prize because the server must assign it to you instead of your own client. But it has some advantages... like everybody having same greens on their maps (Have you ever wondered why people sometimes does strange movements with their ships trying to reach an empty zone on your map? It could be that he is trying desperately to get a prize placed there ONLY on his screen...). Right now, it is possible for two or more players to pick the same green at almost same time, but it is a minor issue, not related to security but to the logic of the game.

Also, and it is the most important thing of it, by controlling the greens the server can control the items of players. It is closing a big door opened to most common cheats (please take away the *prize for smods too!! :p).

 

When I talk about greens I talk about any thing placed on map as a tile. The map should be the same for all players, including all kind of temp "tiles" like bricks, greens, flags, doors, soccerballs, etc. There is no problem at the moment with expiration time for bricks, flags and balls, synchronism for doors, etc. But greens are a big hole in the game right now, the way I see it.

 

Coco, Calm down man, anybody can lose track of a conversation. No harm was done. Ekted doesn't mind he's a good guy.  

 

I'm already calmed, thx bro :)

Coconut emulator Newbie

Coconut emulator

Posted
Posted

Hehe, Ekted. I did that comparision a long time ago... when I found the random generator was being called for positioning greens on map. It astounded me... hehe it was a cool ICE breakpoint on that routine. Then I went to a zone for a fast check, started 2 clients (which can be done with SS v1.35 as you know) and started shivering when seeing different greens on each map :(

 

The greens are positioned by the client using a pseudo-random number generator which can be initialized with a seed sent by server. That generator is used to get random coordinates for greens and some more things, *sigh*, so the server can't keep all random generators of clients in synch.

The greens placed at "death-points" are sent by server to all clients, and also we all know that they have a different expiration time, we can say, in terms of programming, that they are a different kind of items than the other greens.

 

I don't know all the undies of Continuum, but I don't think it is so hard to make the server to take care of ALL greens like he is actually doing with doors, flags, balls, etc. Not unless the source code is very sloppy and messed, and I don't think Priit is that bad at programming... I think he is pretty good at it. When he will have the time to just even consider it...? who knows...

Mr Ekted Newbie

Mr Ekted

Posted
Posted

I think he's very good too. His biggest problem is that he is a black box. He adds features without discussing them with ANYONE--maybe his ideas don't match what's needed. He adds features and tells no one--so no one knows stuff's been added and we keep bugging him, and he keeps ignoring us. He doesn't do-*BAD WORD*-ent what he adds--so even when we know stuff's in there, we don't know how to use it. He takes very little input from anyone.

 

A perfect example of all the above is extractable LVZ objects. Originally, LVZ were fully extracted on the client side. This caused a lot of grief because people want to override gfx/sound as they always have been able to do. So with 0.38, he reads objects right out of the LVZ and lets files in the zone folder override that. Perfect. Except there are a very few things that the menu code needs access to--for example, shipinfo.dat. I asked him if he could provide a hook so I can get objects from LVZ's myself rather than having to write my own code, right? He says he'll add the option to force extraction instead. Ok fine. He adds it into 0.38. Then 0.38 comes out and ppl start complaining about shipinfo.dat. I tell them there's a solution but I don't know what it is. I email PriitK. He replies with some ambiguous explanation of how it works. This is very typical of him. I post his answer. There are about 4 possible meanings. People try all of them, and none seem to work. I email PriitK about it again. He laughs at me for not understanding and says basically the same thing again. I press him and I finally get "Well the feature is in there but it isn't implemented"...whatever that means.

 

Of course all of the above took about 4 week. So he wasted everyone's time by not telling people up front what was going on.

Coconut emulator Newbie

Coconut emulator

Posted
Posted

Change the green policy can't be VERY hard. I think it can be done without releasing a new Cont verison. Of course a new version of the server is required.

 

This is my first analysis:

The client is using a zone setting coming from server to set the max number of greens allowed in the arena. OK. Lets modify the server so it will send a fake setting for that matter (PrizeMaxExist=0) to the client. Having 0 as the PrizeMax setting the client will stop managing randomly positioned greens (this is the thesis I have to prove).

Then, the server must take care of all green settings so he can send the random-greens to clients as he was already doing with killing-greens, each green must be sent to all clients with his specific expiration time (when you enter the arena you will receive the list of all existing greens. Each green has a diff expiration time, depending on the moment each one was created and also on the kind of green (random or killing)).

 

I'm going to do a test to check if continuum.exe will resist a PrizeMaxExist=0 without messing it all. It think it is easy to patch that data on the run, just tweaking the zone settings when received from server (running a zone at home). I will try to write a brief explaining how it all can be done, if possible. I know that brief is going nowhere, it is just intended to demonstrate that it can be done without releasing a new version of the client.

 

If you are interested in tracking new "hidden" features you can ask it to me, I would love to help in any way. I can spend some time searching for specific features. We don't have the source code BUT we have the exe code loaded in memory as a readable open book.

 

Coconut emulator

Yupa Newbie

Yupa

Posted
Posted
I think he's very good too. His biggest problem is that he is a black box. He adds features without discussing them with ANYONE--maybe his ideas don't match what's needed. He adds features and tells no one--so no one knows stuff's been added and we keep bugging him, and he keeps ignoring us. He doesn't do-*BAD WORD*-ent what he adds--so even when we know stuff's in there, we don't know how to use it. He takes very little input from anyone.

 

A perfect example of all the above is extractable LVZ objects. Originally, LVZ were fully extracted on the client side. This caused a lot of grief because people want to override gfx/sound as they always have been able to do. So with 0.38, he reads objects right out of the LVZ and lets files in the zone folder override that. Perfect. Except there are a very few things that the menu code needs access to--for example, shipinfo.dat. I asked him if he could provide a hook so I can get objects from LVZ's myself rather than having to write my own code, right? He says he'll add the option to force extraction instead. Ok fine. He adds it into 0.38. Then 0.38 comes out and ppl start complaining about shipinfo.dat. I tell them there's a solution but I don't know what it is. I email PriitK. He replies with some ambiguous explanation of how it works. This is very typical of him. I post his answer. There are about 4 possible meanings. People try all of them, and none seem to work. I email PriitK about it again. He laughs at me for not understanding and says basically the same thing again. I press him and I finally get "Well the feature is in there but it isn't implemented"...whatever that means.

 

Of course all of the above took about 4 week. So he wasted everyone's time by not telling people up front what was going on.

 

:(

 

there are a lot of problems with .lvz's that don't extract...maybe later today I'll test everything out and compile a big list - if he can't fix it all then I'd prefer just going back to the old code (extracting .lvz's)

etrigan Newbie

etrigan

Posted
Posted

you know i think my biggest problem with just one person coding is that, we are at the whim of that coder. god forbid if priitk gets sick of it all and just leaves us. or some how he crashes his machine and didnt have backups(or thats the story at least...). starting from scratch might be a scary concept.

 

ive seen it happen before on other things:

 

http://www.xircon.com/ --- popular irc client, the coder left the scene, never made his code public when he did, even though he promised to do so.

 

http://www.buzzxp.com/ ----very very popular music creation program, coder lost all his work in a crash, no backups. or at least thats the story.

 

Lets hope Priitk isnt the type to get pissed off and runaway with the code. blum.gif

Yupa Newbie

Yupa

Posted
Posted
he has every right to just leave without giving anyone the source !@#$%^&*UMING he did not use the original SubSpace code AT ALL - not even for reference - when he created Continuum
Coconut emulator Newbie

Coconut emulator

Posted
Posted
he has every right to just leave without giving anyone the source !@#$%^&*UMING he did not use the original SubSpace code AT ALL - not even for reference - when he created Continuum

 

He don't owe us anything. But we can't say he did not use the SS code at all. He ripped SS code. There is no difference between source and exe, talking about rights.

Yupa Newbie

Yupa

Posted
Posted
he has every right to just leave without giving anyone the source !@#$%^&*UMING he did not use the original SubSpace code AT ALL - not even for reference - when he created Continuum

 

He don't owe us anything. But we can't say he did not use the SS code at all. He ripped SS code. There is no difference between source and exe, talking about rights.

 

if you can prove that, good for you

 

I have no idea

nintendo64 Newbie

»nintendo64

Posted
Posted

Actually, i can't prove PriitK has the SubSpace Source, but

 

 

http://www.shanky.com/server/bot.html

Priitk's Bot -none- Priitk is the first one to make a bot for SubSpace that does good. It is a standalone bot (it is a subspace.exe in itself). If has lots of powers and things it can do. If you ever need help from it, /!help. No one but priitk is allowed to run it, or have it, so don't bother asking to get it.

 

btw Eris also did that when he was trying to make his bot (WhineBot).

 

 

P.S.: I am talking about He dissambled SS.

 

-nintendo64

Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...