Different banning method.

Make suggestions for improving one of the best games on the net!
User avatar
joevano
General
General
Posts: 1863
Joined: Sat Jun 18, 2005 1:08 pm
Location: South Bend, Indiana, USA

Re: Random

Post by joevano »

ShadowSpectre wrote:The server will know it's the same client from a log left by the previous login, just like the IP log does when a person changes their signin name. It's not the fact that the filename is random; It's how the file does its job. It does it a slightly different way each time, much like variants of a virus evading detection. I wonder if you'd even have to change the API's since the filename changes. Remember that you don't have to score a direct hit every time. Even if it worked half of the time guaranteeing a positive ID it would work, if you wanted to play conservatively. This would be like dodging bullets; The miscreants could only do it for but so long, and their previous defence would not be valid for their next login.
I have to agree with blast...

So WHAT is it exactly that is tracked on the client that can't be changed by the client? The problem is the IP can and does change, what is to prevent the client from changing whatever is being tracked, they will know what it is and it can be faked. We keep coming back to the same thing, I just don't see it, you are relying on something on the client not changing, but they can control everything that the client sends. I must just be hopeless.
There is nothing worse than aggressive stupidity. -- Johann Wolfgang von Goethe
"How many legs does a dog have if you call his tail a leg? Four. Calling a tail a leg doesn't make it a leg." -- Abraham Lincoln
User avatar
blast
General
General
Posts: 4794
Joined: Fri Mar 21, 2003 3:49 pm
Location: playing.cxx
Contact:

Post by blast »

So a file on the same computer as the client? Why can't I just delete or alter that file?
"In addition to knowing the secrets of the Universe, I can assure you that I am also quite potty trained." -Koenma (Yu Yu Hakusho)

Image
ShadowSpectre
Private First Class
Private First Class
Posts: 19
Joined: Sat Aug 12, 2006 5:58 pm

Blast

Post by ShadowSpectre »

I'm sorry if you're losing interest; I can't help that. Yes, the concept may be a little hard to follow but I can diagram it. Innovation starts with great ideas and thinking different. Faking the file would be tough; It would be like faking a texture or an image while playing the game. After all, if an image doesn't load on a server the game halts. Yes, the CLIENT has to load the file, just like a texture or image or any other module in the game (flags, etc) I wonder if you could make the file in question a hidden flag file to ease integration and evade detection. Even if they knew the concept and implementation, the randomness is the greatest strength. This is why the antivirus companies detect viruses only AFTER the infection. The writers stay one step ahead. That is the strength of this particular ID method. Yes, it potentially could be faked, but why would that matter? The next time they log in they'd have to manually fake it again, and the way they circumvented the last login would no longer be valid. Every time they log in it changes, and they will never know exactly how. I think this is undefeatable.
ShadowSpectre
Private First Class
Private First Class
Posts: 19
Joined: Sat Aug 12, 2006 5:58 pm

ID triggers

Post by ShadowSpectre »

What you are targeting for identification could be little things; Processor type, disk volume ID, MAC address, Video bios, memory size, any number of unique system ID's. Anything that a system scanning program like belarc system advisor verifies. There are so many. What you check each time and the method of verification would differ from the previous time, depending on the individual downloaded file. Any one item on the system can identify a particular system. Someone would have to change every system ID every time, plus with the file being a random name and API the miscreant would not be able to anticipate exactly what was being checked at any particular time.
User avatar
blast
General
General
Posts: 4794
Joined: Fri Mar 21, 2003 3:49 pm
Location: playing.cxx
Contact:

Re: ID triggers

Post by blast »

ShadowSpectre wrote:What you are targeting for identification could be little things; Processor type, disk volume ID, MAC address, Video bios, memory size, any number of unique system ID's. Anything that a system scanning program like belarc system advisor verifies. There are so many. What you check each time and the method of verification would differ from the previous time, depending on the individual downloaded file. Any one item on the system can identify a particular system. Someone would have to change every system ID every time, plus with the file being a random name and API the miscreant would not be able to anticipate exactly what was being checked at any particular time.
Yes they would be able to anticipate EXACTLY what was being checked. Do you know why? Because the client is doing the checking. The client is also generating the file, thus it knows the file name.
"In addition to knowing the secrets of the Universe, I can assure you that I am also quite potty trained." -Koenma (Yu Yu Hakusho)

Image
ShadowSpectre
Private First Class
Private First Class
Posts: 19
Joined: Sat Aug 12, 2006 5:58 pm

Maybe not

Post by ShadowSpectre »

This downloaded file can be a servlet and do its own audit. I have a snippet of code I can send to you for analysis, as long as you promise not to use it for malicious purposes. So what if the client knows the name of the file? It changes every time. This servlet must report back to the server and verify the token, like a quick return loop. There would be not enough time to spoof the info. By the time they figured it out they would already be booted. This is in no way dependant on the client for data verification. My point is that if an entire SMTP server can be hidden in a virus, this too can be, but it would not be a virus. We would not be working with existing methods; This is something new. Think outside the box.
User avatar
L4m3r
Hater of Everything
Hater of Everything
Posts: 724
Joined: Tue Feb 08, 2005 5:15 am
Location: Los Angeles

Post by L4m3r »

Hm... Once someone figures out the interaction of the key system with the server, they'd probably hack a function into the client to fetch and fake bogus keys, and then use them to join servers. Then they'd release it as a patch and the troublemakers would be back in business.

Getting such a system to work cross-platform would be a nightmare, and IMO the time is still much better spent fixing the issues that allow most of these cheats in the first place.

When you minimize the ability of trolls to cause problems, they lose interest. ;)
Optimism is just a milder alternative to denial.
ShadowSpectre
Private First Class
Private First Class
Posts: 19
Joined: Sat Aug 12, 2006 5:58 pm

Random

Post by ShadowSpectre »

How can you figure out the random behavior of a random file, except that it is random? You can't. That's why the rootkits can't stop the detection programs. That is also why whenever a virus pops up it gets 50 different variants. This is a case of legitimate code emulating the behavior of malicious code and that behavior even if known in process. Remember OS2? Microsoft kept shutting them down by changing the APIs of the base OS. This concept is similar, and the advantage is to the server, not the client. Cross platform is not an issue either; It will have its own servlet. I'm really surprised you would even mention the cross platform issue, considering how many platforms BzFlag already runs on. Remember, you're not locking them out, all you're doing is IDing them, blowing their shield of anonymity. This is not a system of keys or authentication per se; this is a system of identification. As soon as you finger the person, their token is rejected, server side, and *poof* they're gone. What good is it if they can only log in to BzFlag for three seconds? I've already run this past two c++ programmers and they think it has potential and again, I have code I am willing to submit for analysis. The actual code involved is very small, so small it may surprise you. Keep an open mind. If this concept is understood and proven to work this could have an impact beyond BzFlag; This could stretch accross any web access portal.
User avatar
blast
General
General
Posts: 4794
Joined: Fri Mar 21, 2003 3:49 pm
Location: playing.cxx
Contact:

Post by blast »

You idea cannot work in an open-source environment. Plain and simple. Even in a closed-source situation, this concept is iffy.

What happens if someone changes their IP, deletes that randomly named file, and reconnect to the server? How would your system identify that as the same client?
"In addition to knowing the secrets of the Universe, I can assure you that I am also quite potty trained." -Koenma (Yu Yu Hakusho)

Image
User avatar
AAA
Private First Class
Private First Class
Posts: 79
Joined: Sat Aug 07, 2004 3:36 pm
Contact:

Post by AAA »

All the people here (except me) will never implement it (or at least author it themselves). I would be happy to take a better look into what you propose, but continuing to post in the bzbb is just going to anger lots of people and it won't get done.
Please send me a PM or something.
Please consider this thread closed.
Admin and Senior Vice Executive Administrator of Network and System Architecture @ BZFX -- Core Admin @ CAN -- SF.net user diamondmagic -- irc.freenode.net nickname AAA_awright (#bzfx if not #bzflag)
ShadowSpectre
Private First Class
Private First Class
Posts: 19
Joined: Sat Aug 12, 2006 5:58 pm

Blast

Post by ShadowSpectre »

It can work in open source; It's not the source that matters. I can diagram and flowchart the entire process if necessary. Apparently you're not getting the concept. If they change their IP, so what? You know who it is, and they are booted again. If they delete the file before it does its job, they get no token, so they're out. If they delete the file after it did its job, so what? If it identified a wrongdoer, they're already booted from the server or if they are legit they already have their token and they can stay. It's a fast track ID system running in loop with the current global login system as a plugin. You are used to working with fixed code. This is dynamic code, continuously changing. The fact that it changes subtly is the key to its success. I am not some random crackpot. Two of my brothers are software engineers with degrees, one who works as a programming analyst at Dow Jones as a the highest level one can be at and not be in management, because as a manager, he can no longer be a programmer. My talents are in diagnostics and analysis. I will consult with my friend who is a C++ programmer who works in network surveillance who is also a Linux guru to parse through my concept and try to better explain implementation. Just be patient; It may seem frustrating but this is how innovation starts. This could be a really good thing.
User avatar
L4m3r
Hater of Everything
Hater of Everything
Posts: 724
Joined: Tue Feb 08, 2005 5:15 am
Location: Los Angeles

Post by L4m3r »

If this file is so random, how does the client deal with it? This whole system is flawed. Design a flowchart if you like, but the fact is that authentication has to be tied into the client. there's no way around it, and it's always going to be subject to manipulation.
Optimism is just a milder alternative to denial.
User avatar
too much loving
Private First Class
Private First Class
Posts: 94
Joined: Sun May 23, 2004 7:47 pm
Location: Denmark
Contact:

Post by too much loving »

BTW: Would it be helpful to allow wellknown registered players to play even if their IP-adress is part of a banned range?

Perhaps player could be regarded as wellknown if he/she has been registered for a year.

( ...... and if the player has written over 30 forum messages :P )

EDIT: Hmm.... on the other hand my idea might encourage repectable registered players to join as unregisted players and spread havoc because they knew that their registered account would not be punished.
User avatar
blast
General
General
Posts: 4794
Joined: Fri Mar 21, 2003 3:49 pm
Location: playing.cxx
Contact:

Post by blast »

This would take a LOT of effort to implement, and it would be trivial to bypass. They'd have a crack for it out the next day.

All of the source code is available. Anyone can go in, and see how it works. They can change how it works. The client can NEVER be trusted. ANYTHING that it sends can be faked. There is absolutely no way you can guarantee that the client is not lying to the server or any 3rd party service.

Your idea doesn't even make logical sense anymore. Please take the time to completely explain it.
Last edited by blast on Tue Sep 11, 2007 4:58 pm, edited 1 time in total.
"In addition to knowing the secrets of the Universe, I can assure you that I am also quite potty trained." -Koenma (Yu Yu Hakusho)

Image
ShadowSpectre
Private First Class
Private First Class
Posts: 19
Joined: Sat Aug 12, 2006 5:58 pm

I digress

Post by ShadowSpectre »

You are correct; I have not considered all points. I digress. I was not aware of the constraints to the client/server relationship. I apologize and will go no further unless I have a more tangible, credible solution.

Thank-you for listening, though.

Shadow
Karl Lagerfeld
Private
Private
Posts: 2
Joined: Wed Jun 14, 2006 9:56 pm

Post by Karl Lagerfeld »

I don't really understand your system, don't think it works or is any good, but I'd just like to point out that having the client download and execute a random file would be a really good way of enabling server-owners to distribute viruses. Keep up the good work :P
jack
ShadowSpectre
Private First Class
Private First Class
Posts: 19
Joined: Sat Aug 12, 2006 5:58 pm

Correct

Post by ShadowSpectre »

You may be correct, but the concept is sound and proven on other platforms. Yes, it assumes that the server owner is one of the good guys. There are other points to the theory of machine ID I have not detailed. If I get time I may post a flowchart. The Method is partially dependant on in use file permissions and locking handles coupled with short timeouts to prevent cracking or spoofing. It may not have practical application for BZ but it might prove useful in other areas. Karl, I suppose you have a better idea, right?
Karl Lagerfeld
Private
Private
Posts: 2
Joined: Wed Jun 14, 2006 9:56 pm

Post by Karl Lagerfeld »

In a client-server environment that kind of assumption is bad. I wouldn't play a game that would try to execute code that I have no control over.

Do I have a better solution? Yes: Don't trust the client. Ever.
Bzflag needs to worry less about better banning and worry more about not allowing cheating.

As for your method - as I said, the thread was confusing since you kept spitting out bits and peaces, so a complete description of what you're trying to do would indeed be appreciated. In the meantime however I remain convinced that you're trying to implement security by obscurity, and that won't work. As others have pointed out, the client can tell the server whatever the server wants to hear.
Post Reply