The point is, hackers are generally pretty smart people. Thinking that game companies don't keep them out of the game out of laziness or some other weird reasoning is simply wrong. Any person that has the motivation and is decently competent can do it... and get away with it. They can ban and suspend accounts used by hackers, and they do, but it doesn't even slow them down. The only real defense against hackers is users being smarter...
Griefers are a different story. Game companies can do a good bit about them. However, the user end is also super important there. I can't tell you how many times I've played online games and been present for griefing, only to have other people tell me they're too busy to report the griefers. League of Legends is a perfect example. Reporting someone for trolling/ afking/feeding couldn't possibly be easier, and so often people won't take the LITERALLY 5 seconds to do it. They sure do like to complain about all the jerks in the game though.
Drives me crazy.
Goblin Squad Member
|
| 1 person marked this as a favorite. |
What causes large institutions to utterly fail? The inability to adapt.
Rather than wasting time and money trying to stop something that can't be stopped, think outside the box and find a way to make sure that their willingness to cheat doesn't give them a competitive advantage.
If they can and will cheat to get real time notification of any trespassers, then give us the ability to build fairly simple structures that grant us the same ability.
|
Goblin Squad Member
|
Well that sucks,
the only way to lock a machine could be if GW included a few system Identifiers and some code to lock out PFO from logging on to PFO servers.Edit: Fixed some wording
Wait, your proposal is to have code run on the client which identifies the computer, and is undetectable to the user?
For one, every specific implementation of that strategy will be defeated, because the hacker has access to the code running on his machine, and (more importantly) to the network traffic.
...
If GW uses something like EXEshield to wrap and encrypt the EXE it'll be harder for them to reverse engineer and run modified code.
Most DRM and protected software use some form of Machine Identification or Key.
If they (hacker) become a bad egg, they get a removed Key, of GW could do what some game companies did for anti-piracy, and have them run through some alternate code that gives them a bad experience.
Goblinworks Executive Founder
|
Well that sucks,
the only way to lock a machine could be if GW included a few system Identifiers and some code to lock out PFO from logging on to PFO servers.Edit: Fixed some wording
Wait, your proposal is to have code run on the client which identifies the computer, and is undetectable to the user?
For one, every specific implementation of that strategy will be defeated, because the hacker has access to the code running on his machine, and (more importantly) to the network traffic.
...
If GW uses something like EXEshield to wrap and encrypt the EXE it'll be harder for them to reverse engineer and run modified code.
Most DRM and protected software use some form of Machine Identification or Key.
If they (hacker) become a bad egg, they get a removed Key, of GW could do what some game companies did for anti-piracy, and have them run through some alternate code that gives them a bad experience.
How does a computer run encrypted code? It decrypts it and runs it in memory. The decryption key and algorithm have to be present to decrypt the code.
The hacker simply decrypts the code, modifies it, and then optionally encrypts it again. You've added a finite amount of work that each hacker has to do, but you've added an infinite amount of technical support hours dealing with regular users who have trouble with the encryption.
The standard-case hacker already isn't running the executable you distribute, so no feature of that program can be used. Their program doesn't transmit their CPU S/N, it transmits A number which follows the format of a CPU S/N. (or they simply get a new user key when they make a new account, just like every other new user)
Here's a good metaphor: You're playing chess by mail, and you want to make sure that the person you're playing chess with isn't getting help from his friends. How do you do that?
|
Goblin Squad Member
|
True a hacker will make his own EXE, but it'll be based off of the original EXE.
But using something like exeshield to wrap the EXE, will make it a pain to make a new one, and if the EXE does get cracked the program could be set to run an alternate route of code.
With ExeShield it's easy to turn your applications into "try before you buy" software with very little effort, and maximum protection against piracy, backdating, reverse-engineering or any kind of tampering.
Yes, one is potentially a crime, and the other is bad sportsmanship.Griefers a company will tolerate because they did not compromise the integrity of the product, just the game play experience for some.For a company selling an entertainment service like an MMO, compromising the game play experience IS compromising the integrity of the product, it's just a difference of scale.
Both can affect the company's bottom line.
|
Goblin Squad Member
|
| 1 person marked this as a favorite. |
True the IP addresses do change, but the MAC addresses don't change.
Make a List of the MAC addresses and they will be forced onto a new computer.
There's a thing with mac addresses, they aren't routed. IE if your ISP were to scan you for a mac address, they'd get your routers mac address (
which is in most cases 100% programmable, as early on ISPs put up a fight against home users using routers and would only allow access to the mac address of the one PC, routers almost immidiately were given programmable mac's so that they could imitate the PC), if I were to scan your IP for a mac address, I believe I'd get whatever the first hop in the long path of routers that network traffic goes through.The only way a game can know someone's mac address, is if the client asks the OS, then the client tells GW. The OS and the Client will both be moderately easy targets to fool, and just ignoring that, a basic network card is roughly $3-$15 which would change your mac for real.
Onto the topic of griefers, Griefing is usually done because it is easy. In the event of dealing with the need to ban the sorts of griefing GW intends to ban is simple. For the most part, it is done by short attention spanned, annoying types. If you set the minimally viable griefer bar up to a decent height, (IE it takes 2 weeks of paid training before a griefer has any shot of really being a problem for anyone), and ban the behavior fairly quickly. Griefers would get bored pretty fast... $5 and 2 weeks of time spent, for a few hours of "fun".... totally not worth it.
Hackers... that's a different ballgame, and I personally like GW's methodology on it. Namely treat the client as compromized. Make any information sent to the client, available to the user. If that is done, then no amount of hacking etc... will uncover information that the user shouldn't know.
Same goes for speed etc... The most secure method of running the game, is for the client to be a dumb terminal. The client should have no say in how fast the character is moving, or anything that happens. the user tells the client the move action, client tells the server the user wants to move, the server tells the client where he is.
Then all that's really left to deal with is botting, which while the most complicated part, is also the most visible, and easiest to spot and punish, both as a player, and for the Dev's to swing their banhammer.
|
Goblin Squad Member
|
What causes large institutions to utterly fail? The inability to adapt.
Rather than wasting time and money trying to stop something that can't be stopped, think outside the box and find a way to make sure that their willingness to cheat doesn't give them a competitive advantage.
If they can and will cheat to get real time notification of any trespassers, then give us the ability to build fairly simple structures that grant us the same ability.
That is exactly the answer, Nihimon. It is also GW's espoused policy in so many other areas that they feel there is too much effort needed to try and prevent the unstoppable.
|
CEO, Goblinworks
|
Blizzard has a program that runs on your computer and watches what you do when you play World of Warcraft. It's called Warden .
How is it legal? You agree to allow Blizzard to install it and run it as a part of the Terms of Service. It's never spelled out directly, but you give permission for Blizzard to do what Warden does, and they do it.
Cuts down on a lot of stuff, still doesn't fix the problem of the worst, most clever offenders. Only vigilant human monitoring post facto has any effect.
|
Goblin Squad Member
|
Onto the topic of griefers, Griefing is usually done because it is easy. In the event of dealing with the need to ban the sorts of griefing GW intends to ban is simple. For the most part, it is done by short attention spanned, annoying types. If you set the minimally viable griefer bar up to a decent height, (IE it takes 2 weeks of paid training before a griefer has any shot of really being a problem for anyone), and ban the behavior fairly quickly. Griefers would get bored pretty fast... $5 and 2 weeks of time spent, for a few hours of "fun".... totally not worth it.
QFT
While I have no desire to see new characters completely emasculated, if it takes more than the equivalent of a training frigate and a few weeks' training to actually make a viable toon to zerg with, the boredom threshold might just be too high for the standard griefer. It does nothing for the hacking side of things, but as Nihimon has pointed out, if systems are going to be put in place anyway through hacking, you might as well code legitimate ways of doing it too, to deny the hackers an advantage.
|
Goblin Squad Member
|
QFTWhile I have no desire to see new characters completely emasculated, if it takes more than the equivalent of a training frigate and a few weeks' training to actually make a viable toon to zerg with, the boredom threshold might just be too high for the standard griefer. It does nothing for the hacking side of things, but as Nihimon has pointed out, if systems are going to be put in place anyway through hacking, you might as well code legitimate ways of doing it too, to deny the hackers an advantage.
Indeed, in eve's case I wouldn't even say the problem is too low of an entry bar, it is a 100% hands off approach. In the case of eve, the entry cost could be 3 months. The fact is, eve's official policy is if it is mechanically possible without hacking, it isn't possible to get banned for it.
|
Goblin Squad Member
|
Indeed, in eve's case I wouldn't even say the problem is too low of an entry bar, it is a 100% hands off approach. In the case of eve, the entry cost could be 3 months. The fact is, eve's official policy is if it is mechanically possible without hacking, it isn't possible to get banned for it.
The one exception is camping a noob school killing new players unfitted new ships as they leave the school which is apparently reportable.
You can however trick the new players into a duel, camp on the exit gate for the school, war declare new players corps and grief in other ways such as bumping them to prevent warping and generally harass them by chat - all without being reported.