This is one of my concerns with HTML 5
-
What makes this concern specific to HTML5, in particular?
--Greg
-
Keith Barrow wrote:
Might as well say a door lock is useless because you keep the key under a flowerpot next to your do
I would never do anything like that I put it on top of the door frame where no-one would think to look. Obviously with Angry Birds, someone went stupid and decided everything should happen on the client.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
-
-
Keith Barrow wrote:
Might as well say a door lock is useless because you keep the key under a flowerpot next to your do
I would never do anything like that I put it on top of the door frame where no-one would think to look. Obviously with Angry Birds, someone went stupid and decided everything should happen on the client.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
It's a game; it's not like there are profound consequences if security is violated.
Software Zen:
delete this; -
Or they thought it wasn't a big deal. Because, you know, it isn't. People can unlock all levels .. The End Is Nigh!
If you are designing a game, you design the best game you can. If you design a game that can be cracked easily and quickly, you fail, big time.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
-
It's a game; it's not like there are profound consequences if security is violated.
Software Zen:
delete this;Are you suggesting that it's okay to do second rate work unless there are profound consequences for violations? My guess is that the guy who built the app demonstrates a profound misunderstanding of how any app that is supposed to maintain data that cannot be changed by the user should work. If he can't do it with "Angry Birds," I sure as heck don't want him building anything that where there are profound consequences.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
-
If you are designing a game, you design the best game you can. If you design a game that can be cracked easily and quickly, you fail, big time.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
Cost vs value - making it a thin-client game would have made it hard to hack, but then they'd need more time to make it, they'd need to run servers etc, and for what? Just so people can't do a hack that would have had the global consequences comparable to those of a squashed bug?
-
Are you suggesting that it's okay to do second rate work unless there are profound consequences for violations? My guess is that the guy who built the app demonstrates a profound misunderstanding of how any app that is supposed to maintain data that cannot be changed by the user should work. If he can't do it with "Angry Birds," I sure as heck don't want him building anything that where there are profound consequences.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
Oakman wrote:
Are you suggesting that it's okay to do second rate work unless there are profound consequences for violations?
Not at all. I'm pointing out that the costs associated with the issue (maintaining server-side storage of the information) might outweigh the benefits (keeping players from accessing levels in a game). If you're charging users for other levels, and the 'cheat' interferes with your revenue stream, then there would a genuine benefit here to securing level access. If the game is simply a come-on for other things, and not important in and of itself, then it's sort of a 'meh'.
Software Zen:
delete this; -
Cost vs value - making it a thin-client game would have made it hard to hack, but then they'd need more time to make it, they'd need to run servers etc, and for what? Just so people can't do a hack that would have had the global consequences comparable to those of a squashed bug?
David1987 wrote:
making it a thin-client game would have made it hard to hack
If you can't do it right, don't do it Second-rate is second-rate.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
-
Oakman wrote:
Are you suggesting that it's okay to do second rate work unless there are profound consequences for violations?
Not at all. I'm pointing out that the costs associated with the issue (maintaining server-side storage of the information) might outweigh the benefits (keeping players from accessing levels in a game). If you're charging users for other levels, and the 'cheat' interferes with your revenue stream, then there would a genuine benefit here to securing level access. If the game is simply a come-on for other things, and not important in and of itself, then it's sort of a 'meh'.
Software Zen:
delete this;Apparently, the only answer anyone can come up with to protecting the information is to store it on a server. Wow.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
-
David1987 wrote:
making it a thin-client game would have made it hard to hack
If you can't do it right, don't do it Second-rate is second-rate.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
No I really disagree - have you never had to work with a budget? There is nothing inherently "right" about making a non-ranked single player unhackable, it's just a waste of time and therefore money to do it. It would be like storing the settings & preferences of MS Word in the Cloud because they shouldn't be "hacked".
-
Apparently, the only answer anyone can come up with to protecting the information is to store it on a server. Wow.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
It is the only answer, although you can't even send it there (it would get wiresharked), you have to generate it right on the server. If it is stored on the client, it can not be encrypted. You can pretend you encrypt it, but you would really be obfuscating it since the client has the program that can decrypt it (it had better, or otherwise you just made a block of useless garbled data).
-
No I really disagree - have you never had to work with a budget? There is nothing inherently "right" about making a non-ranked single player unhackable, it's just a waste of time and therefore money to do it. It would be like storing the settings & preferences of MS Word in the Cloud because they shouldn't be "hacked".
This isn't about budget, it is about brains. The number of methods that could have been used to keep the player from hacking his score are almost without number. Anyone who couldn't think of one, shouldn't be allowed near a game design.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
-
It is the only answer, although you can't even send it there (it would get wiresharked), you have to generate it right on the server. If it is stored on the client, it can not be encrypted. You can pretend you encrypt it, but you would really be obfuscating it since the client has the program that can decrypt it (it had better, or otherwise you just made a block of useless garbled data).
Yep, things are always impossible, until someone does them. I prefer to work with the folks who think of ways of doing it right rather than reasons to do it wrong.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
-
Yep, things are always impossible, until someone does them. I prefer to work with the folks who think of ways of doing it right rather than reasons to do it wrong.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
-
This isn't about budget, it is about brains. The number of methods that could have been used to keep the player from hacking his score are almost without number. Anyone who couldn't think of one, shouldn't be allowed near a game design.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
Everything is always about budget. And you can't do this without taking something out of the budget. Whatever these "almost without number ways" are, none of them can involve storing (obfuscated) data locally because it is impossible (not through lack of imagination, but provably impossible) to make that unhackable.
-
So what is "right" in your opinion in this case? And why does something so trivially unimportant bother you so much?
David1987 wrote:
So what is "right" in your opinion in this case?
In preliminary design mode: insuring that the game is easier to play through to a win, than to hack. Beyond that., I'd need to spend more time than I have available determine what would be the best way to accomplish the goal. Perhaps, as a learning experience, you might wish to see if you could come up with a way of fulfilling that parameter.
David1987 wrote:
And why does something so trivially unimportant bother you so much?
I made a simple, relatively offhand statement which for some unknown reason you not only took exception to, but have been yammering on and on about. I have no idea why you defend mediocrity so passionately but am will to respond out of politeness as long as you feel the need to bother me about it.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
-
Everything is always about budget. And you can't do this without taking something out of the budget. Whatever these "almost without number ways" are, none of them can involve storing (obfuscated) data locally because it is impossible (not through lack of imagination, but provably impossible) to make that unhackable.
As I said, it's always impossible until someone does it. I suggest to you that we should simply disagree and let this go. Obviously I have higher standards for what constitutes good game design than you do and there's the end of it.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
-
David1987 wrote:
So what is "right" in your opinion in this case?
In preliminary design mode: insuring that the game is easier to play through to a win, than to hack. Beyond that., I'd need to spend more time than I have available determine what would be the best way to accomplish the goal. Perhaps, as a learning experience, you might wish to see if you could come up with a way of fulfilling that parameter.
David1987 wrote:
And why does something so trivially unimportant bother you so much?
I made a simple, relatively offhand statement which for some unknown reason you not only took exception to, but have been yammering on and on about. I have no idea why you defend mediocrity so passionately but am will to respond out of politeness as long as you feel the need to bother me about it.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.
If your only goal is to make it "harder" to hack.. that's easy. Well the problem is, I am a game developer. So I take issue with such a blanket statement that doesn't appear to be have much following the industry. The toughest obfuscation I've encountered so far was "xor with 0xEF on every byte of the file" - in that case the original file was ASCII text, as "commands", not structured data. In that particular game though, deleting the games files of a level would make the game skip the level and go on with the next, so I'm not sure why anyone bothered to obfuscate anything. Usually it's just a binary dump of (part of) the game state with no trouble being taken to make it harder to edit. The general consensus, as far as I know, is that that is hard enough to meaningfully edit anyway, and besides we don't really care what players do. Of course all of that is only true for offline single player games such as Age of Empires, Minesweeper and, well, Angry Birds.
-
If your only goal is to make it "harder" to hack.. that's easy. Well the problem is, I am a game developer. So I take issue with such a blanket statement that doesn't appear to be have much following the industry. The toughest obfuscation I've encountered so far was "xor with 0xEF on every byte of the file" - in that case the original file was ASCII text, as "commands", not structured data. In that particular game though, deleting the games files of a level would make the game skip the level and go on with the next, so I'm not sure why anyone bothered to obfuscate anything. Usually it's just a binary dump of (part of) the game state with no trouble being taken to make it harder to edit. The general consensus, as far as I know, is that that is hard enough to meaningfully edit anyway, and besides we don't really care what players do. Of course all of that is only true for offline single player games such as Age of Empires, Minesweeper and, well, Angry Birds.
David1987 wrote:
If your only goal is to make it "harder" to hack.. that's easy.
When and why did you assume otherwise?
David1987 wrote:
Well the problem is, I am a game developer.
And I am a GAMA award-winning game designer who ran my own company for ten years. But neither statement makes either of us right, per se. Ultimately there is only one reason for doing the best job you can possibly do - so you can look at yourself when you shave in the morning. One either believes that, or one embraces mediocrity, and will do well as a mid-level manager.
The 3-legged stool of understanding is held up by history, languages, and mathematics. Equipped with these three you can learn anything you want to learn. But if you lack any one of them you are just another ignorant peasant with dung on your boots. R. A. H.