Re: [Nolug] Any way to have a program verify that it's running alegitimate version?

From: Friedrich Gurtler <fgurtler_at_gmail.com>
Date: Fri, 25 May 2007 19:28:05 -0500
Message-ID: <e9c2c3740705251728w4ff3cc52h84ae160e2c4c80f0@mail.gmail.com>

Yeah, generally all you can do is sanity checks on the server side to catch
things that should be impossible. Not sure how that would work on the
proposed project, from the given the vague-ish description.

>From the bzflag faq:

*Are there any cheat codes?*
No.

*Why not?*
Cheat codes don't really make sense in a multiplayer game. If one player
cheats, it ruins it for everybody. Soon everyone would be cheating, which
just makes gameplay bad.

*But I see cheaters all the time?!?*
Yeah, unfortunately. Because of the open nature of BZFlag, its not too
difficult for someone with programming experience to create a cheat client.
At the moment the best solution is to find the server admin or just change
servers when a cheater shows up.

On 5/26/07, Katrina Niolet <kniolet@ildiinc.com> wrote:
>
> A number of open source projects have tried to figure this out, especially
> games where hacking can give someone an unfair advantage.
>
> I suggest taking a look at bzflag, I think they have been working on it
> for a while for that game.
> --sent from my BlackBerry 8100--
> Katrina Niolet
> kniolet@ildiinc.com
>
>
>
> -----Original Message-----
> From: Elliott Seyler <rainrunner87@mailshack.com>
> Date: Fri, 25 May 2007 17:38:17
> To:nolug@nolug.org
> Subject: Re: [Nolug] Any way to have a program verify that it's running a
> legitimate version?
>
> Therein lies the problem: users can't trust a closed-source program, and
> I can't trust users not to hash it.
>
> Friedrich Gurtler wrote:
> > Is this project going to be open source?
> >
> > You could calculate a hash of the program and have that be a component
> > of whatever handshaking protocol you end up using.
> >
> > However, if its open source they could just hardcode the expected hash
> > into the handshake, and do whatever they want.
> >
> > -- Fritz
> >
> > On 5/25/07, *Elliott Seyler* <rainrunner87@mailshack.com
> > <mailto:rainrunner87@mailshack.com>> wrote:
> >
> > I'm planning a rather crazy project to make a distributed server,
> and
> > one of the problems I've come across in my initial planning is
> > preventing people from connecting modified versions of the
> server. I
> > want to prevent anything but a legitimate version from being part
> > of the
> > server network, to prevent collusion with the intent to reveal
> secure
> > information or communication sent or stored within the network.
> >
> > The trouble is that I can't think of any reliable way to do
> > this. Any
> > suggestions you may have would be welcome.
> >
> > -Elliott
> >
> > ___________________
> > Nolug mailing list
> > nolug@nolug.org <mailto:nolug@nolug.org>
> >
> >
>
> ___________________
> Nolug mailing list
> nolug@nolug.org
>

___________________
Nolug mailing list
nolug@nolug.org
Received on 05/25/07

This archive was generated by hypermail 2.2.0 : 12/19/08 EST