FLSAC: Freelancer - Stucuk's Anti-Cheat System

[Stucuk]

but i think the official forum is the wrong place to post it. - you should get into direct contact with igiss and majkp. - thats no matter the public should be concerned with.

I sent a PM to igiss on 7th and havn't had a reply yet, but this thread isn't a vote thread on if Discovery servers should have it. Its a thread on what people think of the idea of the protection system, if they think it will work, if they have objections to using it(As the system requires files on there pc), if they can come up with situations i may not have though up etc. Which is why i posted it in the "Freelancer" forum rather than a discovery one. Iv already improved the system based on posts above which gave me some ideas, so posting here has helped already.

provided your system is superior to the other one

The system is ment to fit in with any current anti-cheat system rather than replace it.

Now if you are going to do periodic hashing and running process on the background it can impact performance for players around

It doesn't check alot of files, only the main ones which can be used to exploit and only ini files, so its quick and there is no noticable lag caused by running it.

---

[worldstrider]

Why would I trust you or the community in matters of what should be installed my systems in the first place? More importantly why should I prove myself innocent to server each and every time? Plus, I'm afraid your system in such concept will have a one big vulnerability effectively rendering whole protection mechanism useless due to how and when Freelancer initializes data. So why?

Why are you playing internet games on a mission critical computer!?

---

[Treewyrm]

It should however check plenty of files as there are plenty of ways around to put things. At very least all universe files, all ship data (save for textures) and so on.

As a player I want to be sure this little software will not cause problems with my playtime, that it will not hang up my PC at play in the middle of fight, memory leaks and such. Especially something like that must go through thorough testing first on machines before it ever gets into production environment and proven it's necessity over time.

As a developer I want to be sure it's actually effective at what it does and that it's perfectly stable especially if it's going to be background process.

So yes, I'm playing extreme skeptic here, no doubt here.

@Tinkerbell: where has I said that I'm playing on a mission critical computer? No, I haven't said that, I did imply that I'd rather keep such software off from my PC if that is possible.

[Exile]

It's quite simple realy.

Should you want software like this, get it.
Should you not want it, don't get it. Don't try to talk anyone into getting it. His/her opinion, not anyone else's.

---

[Stucuk]

As a player I want to be sure this little software will not cause problems with my playtime, that it will not hang up my PC at play in the middle of fight, memory leaks and such.

It wouldn't hang a PC. Even if its own thread crashed, it wouldn't effect anything except its self as threads run independently of each other. It shouldn't have any memory leaks, but even if it did its not using alot of memory, so it wouldn't waste alot of ram.

Especially something like that must go through thorough testing first on machines before it ever gets into production environment and proven it's necessity over time.

I agree, the system has only been tested by Blodo and myself, so it definatly needs more testing before being rolled out on a large server.

---

[Treewyrm]

Now if you're going with periodic checks then let's assume that it has crashed, it's own thread crashed silently. It doesn't send "heart pulse" signal to server, so server after a period of defined timeout kicks the player out and bans. Ouch? That's why I said that stability is paramount and so I wouldn't put my trust as quickly. But without periodic checks it becomes all to vulnerable.

Thing is that I think it will likely not stop people who know how and what, but will put unnecessary load on players that have nothing to do with it. Ironically seems to be quite common to those intrusive protection mechanisms relying on client-side proxies.

[w0dk4]

The point is, in Freelancer, you can not do a lot of anticheat only serverside, since the server relies on the client on many occasions, such as hitting an enemy or flying around.

So you either accept fighting with people on a game where clientside cheating is ridiculously easy, or you accept a clientside anticheat solution that may cause some problems from time to time.

[Treewyrm]

I know that, there is nothing new to it. For example well-known Warden system from WoW, which performs both client-side and server-side processing. However this solution doesn't seem to be trustworthy yet, at least in my personal opinion. I would not rush all too fast about it or put high hopes.

And here is another concern. Given the existing rules here on this server a lot of things can go wrong between you (client) and server. There are many weak chains along the way to that server that can easily break up, as a result you can be sanctioned for F1. I would be extremely cautious before adding additional chain to it. A solution that can cause "some problems from time to time" which may end up in rather quite unpleasant consequences does not look like a good solution to me.

[Turkish]

While I really do appreciate your dedication and motivation I would personally never use this application and would contemplate quitting Discovery if it were implemented.

I am completely against any form of "phone home" or local system or client monitoring applications, even for good purposes. I am also not looking to be drawn into any sort of holy war either so I would appreciate if my opinion was simply acknowledged and noted.

If you should ask my reasons you will have them however.

---

I have a fetish for all things Norse.

[Coin]

my opinion:

I like it.

reasons:

client side is open to a lot of <cough> tweaks. The morg 'EVE' (which imho disco could very well out-evolve) has reduced space combat to click....click....click....as there are no eye-hand co-ordination skills involved, only deployment of equipt. The gamers' experience (and as i've said elsewhere, im no good at coding) when playing such games is akin to bashing 'crazy swamp frogs' in morgs such as everquest, shaiya, etc.

when discussing with an eve-mad friend about its lack of real-time, in-your-face combat, he opined that the client-side of such games is open to abuse, namely that the targeting *could* be done by computer, not a human, making a player have nigh on invincible skills. I tried to point out that the drift fighting makes it really hard for the current AI to hit a human, but his knowledge about such matters was that it wasn't impossible to create a targeting mod for FL, only difficult, as targeting mods exist for other games, e.g. Shaiya. I dont think that this has happened in disco yet, but it could only be a matter of time.

Aside from reducing the irritation that the haxors cause, stucuk could be onto a winner here: by comparing the files that can be hacked, such as shield strength, sheild regen, power rating, hull strength, weapon refire rate, etc, when a player connects a character to the server, it would act as a simple 'you pass muster, you can connect', in the same way that the server verifies that a player is using the correct mod.
Furthermore, this invention could be copyrighted, meaning that it can be sold to other servers, and other games too. Also, copyrighting it gives a measure of legal protection, and anyone who rehashed the anti-cheat file would be in breach of copyright, meaning that their IP address could be passed to their ISP for a more thorough castigation than a 45 second ban.

I really dont see it as Guilty until proven innnocent. When i phone my bank, they ask me a whole bunch of questions, to prove who I am. They consider me to be a fraud, until i prove otherwise, then all is good, and they tell me how broke i am.

anything that makes it harder for hackers is good. The server becomes REALLY unstable whenever a weapon/speedmodder is on. This is just an observation, and it could be only co-incidence, but doesn't it affect the server when a weapon/ship is firing/moving faster than the server expects?

nevertheless, these haxors have a use: they try to break into the 'safe', so the safes are designed better, which presents a fresh challenge, and so the cycle repeats itself.

However, those hackers who do manage to break into the pentagon/homeland security net/HSBC are given a lengthy prison sentence, which is reduced on their active participation in closing the particular loophole that they discovered and exploited. How can we recruit the hackers (who are, in all fairness, just kids trying to show off at how clever they are) in a similar manner? Could we offer them a choice: Perma-ban their IP, or show us how you broke the anti-cheat?? how bout running a competition: load up a vanilla server, install the anticheat, and say to the haxors 'give it yr best shot'?

---

A Day in the Life of an NPC | Coin | The Journal of Caius Oakley | Build Your Dream Boat