Francis Hwang on Tue, 26 Mar 2002 01:35:18 +0100 (CET)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: <nettime> Re: video games, hacks, and simulations

Jesse Hirsh wrote:

>Which kind of gave me an idea. First I installed csGuard[5], which scans
>the hard drives of any client connecting to the server (they are windoze
>after all, and it does explain this to them in a clear warning before they
>connect). This ensures that any player connecting does not use any cheats
>that are in the csguard database. If someone does connect, and they have
>cheats on their hard drive, a warning will appear in the corner of each
>person's screen, and the client with contraband code is automatically
>kicked and banned. Many players in the counterStrike world use filters in
>their clients to only find servers running csGuard and other anti-cheat

As a side note, this isn't a perfect solution: The perfect technical 
solution doesn't exist. Why not? Because for your server to find out 
what files are on the client, it has to ask the client for that info 
-- and it's theoretically possible for someone to hack that part of 
the interaction, and have the client lie.

In security circles, this is called "the trusted client problem": If 
someone else has full ownership of a client machine, and you give 
them data, they can do whatever they want with that data, regardless 
of whether you want them to or not. If you give the client info about 
their surroundings, someone will write a cheat to make the walls 
transparent. If you ask the client what direction they just shot 
their bazooka, someone will write a cheat to auto-aim the bazooka at 
the nearest enemy.

What's curious about this is that this problem is the exact same 
problem that the intellectual property folks are having, too. The 
musicbiz guys talk about writing secure music that you can play on 
your computer, but to listen to music you have to decode it to a 
signal, and that signal can be rerouted, copied, and Gnutella'd. The 
DVD consortium thought their decryption would stop DVD copying, but 
they included the machine-specific codes with each DVD player, and 
hackers reverse-engineered the boxes to figured out how it worked.


#  distributed via <nettime>: no commercial use without permission
#  <nettime> is a moderated mailing list for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: and "info nettime-l" in the msg body
#  archive: contact: