Encryption in MMORPG communication are also encrypted on order to prevent any home-made server (that fail in most of case).

We encrypt all game traffic as it crosses the wire. It takes place transparently within the networking libraries, not within game code.

Encryption in the networking libraries is only turned on in final builds, as it is a PITA to debug issues that require monitoring the wire on a hub. It is also increasingly difficult to find a non-switched hub these days. :-)

We do it for legal reasons and publisher requirements, not because we are trying to stop cheaters.

Quote:Original post by Imgelling

Quote:Original post by WhiteCrane

Not just hacking the mechanics, but definitely encrypt the messaging system too,

If you plan on keeping the game in the US, that will work. Otherwise, it is against federal law to send encrypted "plain" text to destinations outside of the US. Which was a problem in the first XNA Game Studio as it would encrypt text. Now there is a flag to mark it as text so it won't encrypt it.

This is only partially true. I speak from the experience of personally developing and selling in foreign countries a piece of software that employs encryption. Sending encrypted text isn't illegal at all--that wouldn't defeat the whole the point of having the technology. What's illegal is exporting software that employs encryption (can't let those commies get a hold of our glorious technology), and it's only illegal if you don't file certain paperwork and get the government's permission first. The paperwork can be a big pain though, let me tell you (and to be fair it's not entirely ensured that you'll get that permission, but it's quite likely if it's just some simple run-of-the-mill encryption).

Quote:Original post by hplus0603
Note that certain jurisdictions (France? I forget) actually *forbid* encryption of "cleartext" communications.

I think that pretty much no country[1] forbids encrypted communications since when France dropped this in 1999. Which, admittedly, was a totally moronic restriction in the first place, since business transactions (most of which go over the internet these days) are practically impossible without encrypted communication. Unless you own the dedicated wire that the communication goes through, and even then it's not great.
If you're for example a car parts manufacturer, it is already annoying enough if U.R. Gay orders 20,000 injection pumps to be delivered to 123 Fake Road every other week, but if someone is actually able to order parts under a legitimate client's name with a legitimate client's credentials, simply because communications are not safe, you're in some really serious trouble.

Though of course, in many countries, you can probably still get in trouble, whether there's a law or not. Without any doubt, any encrypted abroad communication is automatically logged, deciphered and scanned for keywords (that's what you pay tax for, after all).
And, law or not, I assume you might very well end up in one of those torture camps that don't exist in eastern Europe if you're having regular encrypted communications from the USA to Iran, or Cuba, or Pakistan.


[1]Other than maybe China? Obviously, I wouldn't know, but I could imagine since they're kind of well-known for censoring everything that goes in and out with this "Big Chinese Firewall" or what it's called, they wouldn't like seeing you encrypt your traffic. But even then, I'm not sure about that. This would effectively make business impossible. Or maybe they have some kind of key escrow.

Quote:Original post by samoth
might very well end up in one of those torture camps that don't exist in eastern Europe

Do explain...