Quote:
Originally Posted by FrostyCoolSlug
the problem would be that all these can be faked.. So long as they know what the server expects, it can in some way be faked.
Also, how will banning be implemented? Because it wont be possible to ban by anything but nickname / IP, which in most cases can be easily changed, and there would be no way to ban cheaters from all servers etc..
Maybe we should concide this as well 
|
Authentication can be done with a separate system, similar to WON or STEAM. The identification system may not have to be closed source because the connected server would do the authentication through a trusted authentication server. The trusted servers would be published by the official "owners" of the game system.
Verification of the client software is likely to be a complex topic, but I know there are ways to prevent cheats even when the client is open source. One simple method (for example) is to allow only pre-compiled "official" versions of the client to be authenticated by connected servers. The source may be open, but if you compile the code yourself, it will exclude "something" critical that only the official precompiled version contains (which is kept secret), without the correct version at hand, connections could be refused by remote servers. If need be, the server binaries can also be precompiled as official releases. Hopefully someone with cryptography and authentication expereince will join the project and lend a hand to sort this one out.