Tech Ohm Eaven wrote:On a console its limited but on a PC theres always hacks.
So bravo for CCP for going PC.
Unlimited health, unlimited ammo, invisibility, unlimited sp, unlimited resources, etc.
Fun mods.
But, but, but, CCP security.
Multiple VPN instances along with ip spoofers means tools available and that means hacks.
See you there.....lol!
A few words about online *security* lol.
If we talk about security issues of multi-player online gaming, they can be classified as follows:
Client-side local manipulations that give advantage to the attacker without touching the server software or other players' game client software. For example, various wall hacks that make walls transparent for the attacker to allow the attacker to see enemy players, or to see the location of a secret item that is present in the game'a network traffic but not shown on screen. Trainer/helper applications that improve aiming, show maps and so on also go here.
Server-side active attacks that tamper with the data sent by the attacker's game client to the server to exploit vulnerabilities in the server. For example, if the server moves the players based on their commands but does not check them against time, the attacker can send more "this player makes a step forward" commands per second than a normal game client does, and so he will move faster. All remote attacks exploiting binary vulnerabilities in the server software also fall under this category.
Attacks on other players by tampering the data sent by the attacker's game client. This is a combination of #1 achieved thorough #2. For example, the attacker sets his avatar to wear a test-only transparent skin unavailable to normal players and found by reverse engineering the game resources (attack #2), and that makes him technically invisible to the other players (attack #1). Or such attacks may be even used for exploiting the software on the client machines and directly executing malicious code, which is a major threat, as nowadays the game client software is downloading a lot of executable content and possibly contains lots of bugs (games are really huge in functionality and developed under more pressure than other software, free or commercial, thus we can safely assume that an average MMO game has lots of bugs).
#1 attacks cannot be defeated completely unless changing the game architecture, because what is known by the game client software will be known by the human attacker. These kind of vulnerabilities will appear anyway because we cannot render all game on the server and send only the final picture to the player, we need the player's machine to do a lot of work, so there will be caching, prefetching and other optimizations that will allow the attacker to see one step forward.
#2 attacks can be defeated by improving the quality of the server code, strengthening the validation on user-supplied data, deploying application-level firewalls specifically inspecting the game traffic on the application level, etc. All browser-based multiplayer games, for example, have dealt with attacks on their servers, because web application exploitation techniques are well-known and can be applied to gaming relatively easily.
#3 attacks are about the security of the game client software. Preventing them can also be achieved by improving the code quality and strengthening the sainty checks of the incoming data processed by the game client.
Encryption, authentication of the server and clients, obfuscation of the code and protocols and other mitigation techniques can only slow down the attacker. If the actual code on the server and client is exploitable, it will be exploited at some point.
CCP logic GÇô This isn't an actual product. This is only a project. We might not do it at all.