This is one of my concerns with HTML 5
-
Yes but the way Microsoft is promoting HTML 5 is making clients make a shift from Silverlight to HTML5 even for LOB applications. Its not that Silverlight can't be hacked but its not this easy.
I don't think Microsoft is asking people to abandon Silverlight and move to HTML5. They're spending millions, maybe billions of dollars on Silverlight. I see HTML5 more like a new tool on the development box. Anyway, sensitive data/code should be always on the server side, not on the client side. This will apply to HTML5 too.
Take a look at Html5 Snooker Club here in The Code Project.
-
Except of course it was the fault of whoever decided to store the game level in
LocalStoragenot the fault of the technology. Might as well say a door lock is useless because you keep the key under a flowerpot next to your door. That reminds me, I just need to get something from the garden....Sort of a cross between Lawrence of Arabia and Dilbert.[^]
-Or-
A Dead ringer for Kate Winslett[^] -
Except of course it was the fault of whoever decided to store the game level in
LocalStoragenot the fault of the technology. Might as well say a door lock is useless because you keep the key under a flowerpot next to your door. That reminds me, I just need to get something from the garden....Sort of a cross between Lawrence of Arabia and Dilbert.[^]
-Or-
A Dead ringer for Kate Winslett[^]Keith Barrow wrote:
Might as well say a door lock is useless because you keep the key under a flowerpot next to your do
I would never do anything like that I put it on top of the door frame where no-one would think to look. Obviously with Angry Birds, someone went stupid and decided everything should happen on the client.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
-
What makes this concern specific to HTML5, in particular?
--Greg
-
Keith Barrow wrote:
Might as well say a door lock is useless because you keep the key under a flowerpot next to your do
I would never do anything like that I put it on top of the door frame where no-one would think to look. Obviously with Angry Birds, someone went stupid and decided everything should happen on the client.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
-
-
Keith Barrow wrote:
Might as well say a door lock is useless because you keep the key under a flowerpot next to your do
I would never do anything like that I put it on top of the door frame where no-one would think to look. Obviously with Angry Birds, someone went stupid and decided everything should happen on the client.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
It's a game; it's not like there are profound consequences if security is violated.
Software Zen:
delete this; -
Or they thought it wasn't a big deal. Because, you know, it isn't. People can unlock all levels .. The End Is Nigh!
If you are designing a game, you design the best game you can. If you design a game that can be cracked easily and quickly, you fail, big time.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
-
It's a game; it's not like there are profound consequences if security is violated.
Software Zen:
delete this;Are you suggesting that it's okay to do second rate work unless there are profound consequences for violations? My guess is that the guy who built the app demonstrates a profound misunderstanding of how any app that is supposed to maintain data that cannot be changed by the user should work. If he can't do it with "Angry Birds," I sure as heck don't want him building anything that where there are profound consequences.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
-
If you are designing a game, you design the best game you can. If you design a game that can be cracked easily and quickly, you fail, big time.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
Cost vs value - making it a thin-client game would have made it hard to hack, but then they'd need more time to make it, they'd need to run servers etc, and for what? Just so people can't do a hack that would have had the global consequences comparable to those of a squashed bug?
-
Are you suggesting that it's okay to do second rate work unless there are profound consequences for violations? My guess is that the guy who built the app demonstrates a profound misunderstanding of how any app that is supposed to maintain data that cannot be changed by the user should work. If he can't do it with "Angry Birds," I sure as heck don't want him building anything that where there are profound consequences.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
Oakman wrote:
Are you suggesting that it's okay to do second rate work unless there are profound consequences for violations?
Not at all. I'm pointing out that the costs associated with the issue (maintaining server-side storage of the information) might outweigh the benefits (keeping players from accessing levels in a game). If you're charging users for other levels, and the 'cheat' interferes with your revenue stream, then there would a genuine benefit here to securing level access. If the game is simply a come-on for other things, and not important in and of itself, then it's sort of a 'meh'.
Software Zen:
delete this; -
Cost vs value - making it a thin-client game would have made it hard to hack, but then they'd need more time to make it, they'd need to run servers etc, and for what? Just so people can't do a hack that would have had the global consequences comparable to those of a squashed bug?
David1987 wrote:
making it a thin-client game would have made it hard to hack
If you can't do it right, don't do it Second-rate is second-rate.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
-
Oakman wrote:
Are you suggesting that it's okay to do second rate work unless there are profound consequences for violations?
Not at all. I'm pointing out that the costs associated with the issue (maintaining server-side storage of the information) might outweigh the benefits (keeping players from accessing levels in a game). If you're charging users for other levels, and the 'cheat' interferes with your revenue stream, then there would a genuine benefit here to securing level access. If the game is simply a come-on for other things, and not important in and of itself, then it's sort of a 'meh'.
Software Zen:
delete this;Apparently, the only answer anyone can come up with to protecting the information is to store it on a server. Wow.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
-
David1987 wrote:
making it a thin-client game would have made it hard to hack
If you can't do it right, don't do it Second-rate is second-rate.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
No I really disagree - have you never had to work with a budget? There is nothing inherently "right" about making a non-ranked single player unhackable, it's just a waste of time and therefore money to do it. It would be like storing the settings & preferences of MS Word in the Cloud because they shouldn't be "hacked".
-
Apparently, the only answer anyone can come up with to protecting the information is to store it on a server. Wow.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
It is the only answer, although you can't even send it there (it would get wiresharked), you have to generate it right on the server. If it is stored on the client, it can not be encrypted. You can pretend you encrypt it, but you would really be obfuscating it since the client has the program that can decrypt it (it had better, or otherwise you just made a block of useless garbled data).
-
No I really disagree - have you never had to work with a budget? There is nothing inherently "right" about making a non-ranked single player unhackable, it's just a waste of time and therefore money to do it. It would be like storing the settings & preferences of MS Word in the Cloud because they shouldn't be "hacked".
This isn't about budget, it is about brains. The number of methods that could have been used to keep the player from hacking his score are almost without number. Anyone who couldn't think of one, shouldn't be allowed near a game design.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
-
It is the only answer, although you can't even send it there (it would get wiresharked), you have to generate it right on the server. If it is stored on the client, it can not be encrypted. You can pretend you encrypt it, but you would really be obfuscating it since the client has the program that can decrypt it (it had better, or otherwise you just made a block of useless garbled data).
Yep, things are always impossible, until someone does them. I prefer to work with the folks who think of ways of doing it right rather than reasons to do it wrong.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
-
Yep, things are always impossible, until someone does them. I prefer to work with the folks who think of ways of doing it right rather than reasons to do it wrong.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
-
This isn't about budget, it is about brains. The number of methods that could have been used to keep the player from hacking his score are almost without number. Anyone who couldn't think of one, shouldn't be allowed near a game design.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
Everything is always about budget. And you can't do this without taking something out of the budget. Whatever these "almost without number ways" are, none of them can involve storing (obfuscated) data locally because it is impossible (not through lack of imagination, but provably impossible) to make that unhackable.
-
So what is "right" in your opinion in this case? And why does something so trivially unimportant bother you so much?
David1987 wrote:
So what is "right" in your opinion in this case?
In preliminary design mode: insuring that the game is easier to play through to a win, than to hack. Beyond that., I'd need to spend more time than I have available determine what would be the best way to accomplish the goal. Perhaps, as a learning experience, you might wish to see if you could come up with a way of fulfilling that parameter.
David1987 wrote:
And why does something so trivially unimportant bother you so much?
I made a simple, relatively offhand statement which for some unknown reason you not only took exception to, but have been yammering on and on about. I have no idea why you defend mediocrity so passionately but am will to respond out of politeness as long as you feel the need to bother me about it.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.