Jump to content

  • Log In with Google      Sign In   
  • Create Account

Banner advertising on our site currently available from just $5!


1. Learn about the promo. 2. Sign up for GDNet+. 3. Set up your advert!


Dave Weinstein

Member Since 08 Mar 2006
Offline Last Active Yesterday, 10:37 PM

#5211111 how to know most hack possiblities and find best way to handle them

Posted by Dave Weinstein on 16 February 2015 - 10:06 PM

Encryption of network traffic has really only one purpose -- to prevent a third party from seeing the contents of the message traffic. 

 

That's it.

 

It doesn't even prevent a third party from tampering with the data (that would be message authentication), it just is supposed to prevent them from reading it.

 

Someone cheating is not a third party, they are a hostile endpoint, and that's another problem completely.




#5210602 I this going to be ok as a Network message class

Posted by Dave Weinstein on 13 February 2015 - 11:39 PM

If you were going to make a custom packet in binary. you need to add a packet header in case data is corrupted, or hacked.

Usually the header includes

1. Message ID

2. Message type or class

3. Checksum

4. Actual data size

 

The checksum is likely wasted data. It isn't necessary assuming that your transport layer is TCP or UDP, since those are already doing those checks. And a checksum is useless against an actual attacker.




#5206340 Game college: Cheaper school or better school?

Posted by Dave Weinstein on 23 January 2015 - 11:29 PM

Avoid debt if you can possibly help it.

 

College debt cannot be discharged in bankruptcy -- if you were disabled they would garnish your social security to pay back your college loans.

 

Debt denies opportunities. You have payments that must be made, and that limits your ability to pursue lower paying options with long term payout, or to get access to credit that you might need for future purposes.




#5197992 best way to send an receive multivarible data by socket

Posted by Dave Weinstein on 13 December 2014 - 09:45 AM

Is there a reason you want to use text for transmission?




#5195314 IOCP critical section design problem

Posted by Dave Weinstein on 28 November 2014 - 11:03 PM

Threading is one of the hardest things to do well in programming. Period.

 

Locks are both prone to hard but complex failures (deadlocks) on the one hand, and extreme performance hits on the other (limited number of locks to prevent deadlocks).

 

I'm personally fond of option 3 (above) in the case of network code, for a couple of reasons. First, you are spending as little time in the lock as possible, so you might be able to get away with a single "I am about to create a message" lock. Second, you have a single inter-thread communications system. The first one makes it less likely you will have programmer error, and the second gives you a single high-risk component to test the everliving-hell out of.




#5165165 I've got problems with interviews

Posted by Dave Weinstein on 06 July 2014 - 07:45 PM

I cannot imagine ever hiring for a programmer position without having the candidate white board one or more programming problems.

 

I say this, because I've been the "technical interview" for people being hired in as programmers who really were not at all qualified. The resume looked great, they absolutely nailed the "let's talk about process, and how we work together" process interviews, as well as the "let's talk about programming without actually doing any" interviews. And then I asked them to whiteboard, and they absolutely cratered.

 

One of the questions I used to use when looking at candidates who listed on their resume a proficiency with C/C++ was a simple opener. 

 

Please implement this function:

/* Implement a simplified version of integer to ascii, supporting only base 10, and assuming a 32 bit value on a 2s-Complement architecture */
char * itoa(Int32 value)
{
}

This is not a hard question per se (as with most of my interview questions, I stole it from questions I was asked in an interview). There are a couple of ways to approach it, and while there is a corner case, I don't hold missing it against the candidate. Getting it on the other hand is a bonus. Mostly, I want to see you approach the problem.

 

And yet, one candidate confidently wrote this:

char *itoa(Int32 value)
{
   return (char *) value;
}
 

Not only did he confidently write it, it took a fair bit to convince him he was wrong. Even with a lot of prompting, what was supposed to be the first 15 minutes of the interview took the whole hour, and he never did get the problem solved.

 

And that is why I'll always want anyone being hired for a development role to actually write code as part of the interview. Because I've *seen* people with the right resume say all the right things, and flunk the ability to actually write anything. I no longer assume "basic coding competence".

 

[As a side note, having been on both sides of whiteboarding questions, it is *always* easier to spot the bug while you are sitting there watching them write. That's why the interviewer always seems to have a laser focus on the bug when you haven't seen it. As a candidate, as soon as you finish writing it down (and you should talk about what you are doing and why as you go), say something to the effect of "Now to step through this and look for bugs", and out loud start debugging what you wrote with example cases.] 




#5089058 Data compression/optimization strategies

Posted by Dave Weinstein on 25 August 2013 - 09:40 PM

The most compact data is the data that you do not send.

Work very hard on not sending data.

 

This, this, a thousand times this.

 

The art of multiplayer game development is knowing what not to send, and how often to not send it. That is where the craftsmanship comes in.

 

Connecting machines together with well defined APIs is not a difficult task. Basic housekeeping tasks like matching up network ports and game identity are not hard things to master.

 

There are two arts to master. One is how to hide or design around latency (since if you have a work-around for the speed of light, you have bigger fish to fry). The other is how to maximize the efficient use of bandwidth. The former is fundamentally a design issue (although technological mistakes can make it worse). The latter is fundamentally an engineering issue (although design mistakes can make it worse).

 

If you aren't making sure your networking and game architecture makes it easy for the network developers to easily route traffic such that nothing unnecessary hits the wire, all of your bit packing efforts are fundamentally just optimizing a bubble sort.




#5083411 Game server DoS / DDoS mitigation strategies?

Posted by Dave Weinstein on 05 August 2013 - 08:28 PM

 


 I've dug deep into cryptography to design a protocol which I feel fairly confident in. Mostly because it's basically an implementation combining two well known protocols. Still, I know it's a risk.

 

No.

 

Don't do this.

 

Seriously, this is a bad idea.

 

Either use a well known cryptographic solution, which has been subject to peer review, or, if you are a cryptographer, and you see a need for a new approach, publish a paper on it, and if the paper holds up after a few years, then use it.

 

But rolling your own cryptography almost inevitably leads to a much much worse outcome than using something that has actually been subject to peer review.




#5075159 More of a security type question.

Posted by Dave Weinstein on 03 July 2013 - 07:34 PM

That's a really really bad idea.

 

If you want to download executables off the network for updating, you're going to need to strongly sign them, and then have the installer (and auto-updater) verify the signature of the executable on download.

 

Copying it off of a random network share is just unwise.




#5074060 Unity Network.Destoy problem.

Posted by Dave Weinstein on 29 June 2013 - 10:16 PM

So I guess Unitys built in networking is completely useless for any serious project? Guess I'll have to switch to Lidgren.

 

Every networking scheme has exactly the same vulnerability.

 

If the Client isn't supposed to be able to destroy an object, you need to block that functionality at the Server.




#5073388 Client/server movement when to update?

Posted by Dave Weinstein on 27 June 2013 - 04:54 PM

Send MoveStart and MoveStop the frame they happen. Limit MoveUpdate to a 10hz frequency. Combine all movement updates sent in a given frame into one packet.

 

That should give you decent baseline performance, and you can tune from there.




#5068261 Scalability issues (UDP)

Posted by Dave Weinstein on 08 June 2013 - 11:43 AM

The art of the network engineer is knowing what not to send, and how often to not send it.

 

So, first, look for everything that can be inferred by another piece of information. If a specific gun firing always generates the same sound, and you know what gun the actor has, then you don't send both a FireGun message and a PlaySound message, the one is inferred from the other.

 

Next, measure. What packets are you sending the most often. Optimize these down to as compact a form as you can.

 

Next, throttle. If you send a change of direction packet for the player every time their vector changes slightly then human mouse interactions are going to generate a lot of unneeded traffic. So for an FPS, you want to send an updated movement packet (here is my facing, position, speed) at a throttled rate, with exceptions for things like starting and stopping which will be really obvious if held.

 

Then, affinity filtering. Send information based on what they need to know. In the original Rainbow Six, every actor in the game had its position updated in the game over a reliable channel to all players on a 1 hz strobe. However, if another actor was in the same room, in an adjacent room, or there was a line of sight relationship (these were cached by the engine anyway), you would get unreliable updates (throttled as above) for them as movement changed.




#5067720 Handling Messages

Posted by Dave Weinstein on 05 June 2013 - 04:30 PM

The approach isn't wrong, but it is inherently more dangerous than a switch statement precisely because of the risk of an out of bounds index to a function pointer table.

 

If you get a switch statement wrong, it will do the wrong thing. If you get a function pointer wrong, it will do an arbitrary thing, and in this case, arbitrary is exactly what an attacker is looking for.




#5057645 Beginner Packet Encryption

Posted by Dave Weinstein on 28 April 2013 - 10:54 PM

So, XOR is meaningless. Really, seriously, honestly, you might as well ROT-13 it, meaningless.

 

Here are some basics on cryptography for data-at-rest.


One, don't write your own. Just don't go there. Get a tested library, use that.

 

Two, in an ideal world, you want to be able to swap out your crypto algorithm if a problem arises in it. So your code shouldn't be deeply tied to the cryptographic routine you are using. This is generally termed "crypto-agility".

 

Three, salts and hashes. So, a cryptographic hash is a one way conversion. You take a value (say, a password), and you generate a hash of it. In order to get the original from the hash, you would have to just generate values until you got one that matched the same hash (more on this later). You then store the hash in your database (so you never keep the actual plaintext of the password in your database). A salt is a value that you derive deterministically from the account (whether it is intrinsic to the account or simply a random value stored with the account) that you add to the password before hashing it. What this does is mean that if Bob has password "123456" and Alice also has password "123456", they still have different hashes in your database. Otherwise, if I hash "123456", I can immediately get every account that used that password. On the other hand, if I get your database, and I want to get Bob's password only, it doesn't make a difference.

 

Which brings us to four, hashes continued. Counter-intuitively, you want to use *slow* algorithms for hashing when you are picking your algorithm. The reason for this is that you can afford the extra time to hash a password on login, but you make it much harder for someone to brute force things. Remember how we said you'd have to algorithmically generate strings until we got our hash again? That's why you want a slow algorithm (ex. bcrypt).

 

Now most of what I just said only applies to the password.


Storing other information is also important, and can have real legal repercussions depending on where the servers are located (for example, if you were suddenly running on a server in the EU, you fall into EU privacy laws), and if you start dealing with Credit Cards you have all sorts of contractual headaches about data storage. The easiest way to secure data is not to have it, so always consider whether or not you need a piece of information at all.

 

If you are storing it, consider what parts of your server actually need it, and when, and keep the data encrypted at rest. You may want to have the service that actually needs that information on a separate server (one that doesn't handle the untrusted input that is user interactions on a regular basis), such that even if someone were able to get control of the game server, they wouldn't be able to pivot to get the user information.

 

And finally, I am not a cryptographer. It is entirely possible that I made an error, especially since I'm just jotting this post off, and I'm certainly not a lawyer.




#5051404 Starting the multiplayer part of game

Posted by Dave Weinstein on 08 April 2013 - 10:52 PM

"You can't put multiplayer in at the end. You can try, but you'll end up discovering you put it in in the middle."

 

(If I could accurately remember the sourcing on that statement, I would cite it)






PARTNERS