Re: [Nolug] Any way to have a program verify that it's running alegitimate version?

From: Katrina Niolet <>
Date: Sat, 26 May 2007 23:43:21 +0000
Message-ID: <>

A number of open source projects have tried to figure this out, especially games where hacking can give someone an unfair advantage.

I suggest taking a look at bzflag, I think they have been working on it for a while for that game.
--sent from my BlackBerry 8100--
Katrina Niolet


-----Original Message-----
From: Elliott Seyler <>
Date: Fri, 25 May 2007 17:38:17
Subject: Re: [Nolug] Any way to have a program verify that it's running a
 legitimate version?

Therein lies the problem: users can't trust a closed-source program, and
I can't trust users not to hash it.

Friedrich Gurtler wrote:
> Is this project going to be open source?
> You could calculate a hash of the program and have that be a component
> of whatever handshaking protocol you end up using.
> However, if its open source they could just hardcode the expected hash
> into the handshake, and do whatever they want.
> -- Fritz
> On 5/25/07, *Elliott Seyler* <
> <>> wrote:
> I'm planning a rather crazy project to make a distributed server, and
> one of the problems I've come across in my initial planning is
> preventing people from connecting modified versions of the server. I
> want to prevent anything but a legitimate version from being part
> of the
> server network, to prevent collusion with the intent to reveal secure
> information or communication sent or stored within the network.
> The trouble is that I can't think of any reliable way to do
> this. Any
> suggestions you may have would be welcome.
> -Elliott
> ___________________
> Nolug mailing list
> <>

Nolug mailing list
Received on 05/25/07

This archive was generated by hypermail 2.2.0 : 12/19/08 EST