Re: [VANILLA-LIST:2760] Quake1 client cheating

To: vanilla-list@us.netrek.org
Subject: Re: [VANILLA-LIST:2760] Quake1 client cheating
From: sheldon <sheldon@visi.com>
Date: Mon, 27 Dec 1999 09:23:50 -0600
In-Reply-To: <199912270318.EAA04044@tarki.dtek.chalmers.se>; from Mats Olsson on Mon, Dec 27, 1999 at 04:18:13AM +0100
References: <19991226160152.A26443@wizard.real-time.com> <199912270318.EAA04044@tarki.dtek.chalmers.se>

On Mon, Dec 27, 1999 at 04:18:13AM +0100, Mats Olsson wrote:
> > Pretty neat article at
> > 
> > http://www.bluesnews.com/cgi-bin/finger.pl?id=1&time=19991226003141
> > 
> > About cheats in the open source version of Quake1. Funny, didn't the vanilla
> > community fix client-hacking a long time ago?
> 
>     Not really. The bar was raised high enough to make it non-trivial. This,
> together with a smaller playerbase which is more interrested in playing the
> game rather than winning at all costs, means that the RSA authentification
> works for us.

 From reading the articles, it's much worse than that.

 The worst that can happen with Netrek is if you break the authentication
scheme, you can build a borg which does some things automatically for
you(shields, autoaim, infoborg stuff).

 Quake on the other hand relies a lot on the client to process information. 
It appears that the client actually determines whether a weapon hits or
misses.

 On top of that, a lot of information is sent to the client.  For instance
if a person is right around the corner, the client knows it, but just
doesn't display it.  This would be like the netrek client knowing the exact
position of a cloaker.

 Quake doesn't follow a pure client/server paradigm like netrek does, and
thus I think it's going to be impossible to solve this problem.

> > Maybe we should let them in on our "secret" relatively open solution.
> 
>     "There is some prior art in various unix games that would probably be 
>     helpfull" 
> 
>     Maybe our "secret" isn't so.
> 
>     "The server operator would determine which versions of the game are to
>      be allowed to connect to their server if they wish to enforce proxy
>     protection"
> 
>     ... sounds pretty much like the netrek servers.

 In another article on slashdot, Netrek was mentioned numerous times.  (Well
I mentioned it a couple of times, so did Carlos and some others)

 Carmack followed up with some of the specific issues, and mentioned "maybe
I will look at this nettreck that people have mentioned".  So I don't think
he'd seen it before. :0

> > I hate to see a closed source solution to a problem that can be solved with
> > relatively open solutions.
> 
>     What Carmack proposes is just as closed as RSA - having a closed/trusted
> part in an otherwise open source system in order to handle validation. 
> That it uses separate programs[1] is a detail which is pretty much
> necessary in order to let people compile their own binaries.

 I'm sure they'll figure something out.

Follow-Ups:
- Re: [VANILLA-LIST:2760] Quake1 client cheating
  - From: Mats Olsson <matso@dtek.chalmers.se>

References:
- Quake1 client cheating
  - From: Bob Tanner <tanner@real-time.com>
- Re: [VANILLA-LIST:2760] Quake1 client cheating
  - From: Mats Olsson <matso@dtek.chalmers.se>

Prev by Date: Re: [VANILLA-LIST:2760] Quake1 client cheating
Next by Date: Re: [VANILLA-LIST:2760] Quake1 client cheating
Prev by thread: Re: [VANILLA-LIST:2760] Quake1 client cheating
Next by thread: Re: [VANILLA-LIST:2760] Quake1 client cheating
Index(es):
- Date
- Thread