Thread: Engine
View Single Post
Re: Engine
Old
  (#65)
botmeister
Ex-Council Member
 
botmeister's Avatar
 
Status: Offline
Posts: 1,090
Join Date: Nov 2003
Location: Canada
Default Re: Engine - 08-04-2004

Quote:
Originally Posted by FrostyCoolSlug
the problem would be that all these can be faked.. So long as they know what the server expects, it can in some way be faked.

Also, how will banning be implemented? Because it wont be possible to ban by anything but nickname / IP, which in most cases can be easily changed, and there would be no way to ban cheaters from all servers etc..

Maybe we should concide this as well
Authentication can be done with a separate system, similar to WON or STEAM. The identification system may not have to be closed source because the connected server would do the authentication through a trusted authentication server. The trusted servers would be published by the official "owners" of the game system.

Verification of the client software is likely to be a complex topic, but I know there are ways to prevent cheats even when the client is open source. One simple method (for example) is to allow only pre-compiled "official" versions of the client to be authenticated by connected servers. The source may be open, but if you compile the code yourself, it will exclude "something" critical that only the official precompiled version contains (which is kept secret), without the correct version at hand, connections could be refused by remote servers. If need be, the server binaries can also be precompiled as official releases. Hopefully someone with cryptography and authentication expereince will join the project and lend a hand to sort this one out.


Maker of the (mEAn) Bot.Admin Manager

"In theory, there is no difference between theory and practice. But, in practice, there is." - Jan L.A. van de Snepscheut
  
Reply With Quote