REVOLUTIONARY IDEA
The suggestions of "your own type of data storage device.", private filesystems, etc. will not work. They''ll be cracked. The private filesystem in particular is a shockingly naive way of doing it. If you are planning on going ahead with this idea, find someone else who is experienced with security and encryption.
I think you should back up a little bit, and answer some very important questions before going into all of this floppy-disk rubbish.
The first thing you''re going to have to do is make a game that is going to get people excited enough to play in the first place. that''s a lot easier said then done.
The first thing you''re going to have to do is make a game that is going to get people excited enough to play in the first place. that''s a lot easier said then done.
Ok this is freaky, I was just talking to my gf about such a thing a week or so ago...I come to gamedev.net and look at what I see....whoa!...(looks around for a mole)....Well anyways I like the idea since I kinda thought of something like it too =P. What I think should be done is that the e-cards should be sold via internet in bundles of 10 or so. A player will get 10 random cards. Buying a pack wouldnt be too expensive and the lure of getting those good cards will keep people buying. Every single card will be assigned a serial number. Then people can log into a game server that you create and all their cards are checked against the database for duplicates. Players can then engage in games of internet "magic" type of games. Someone else will probably get to do this before I ever even learn how to so good luck to whoever does =)
Edited by - hapaboy on November 28, 2001 7:28:58 AM
Edited by - hapaboy on November 28, 2001 7:28:58 AM
I''ve heard rumours that a new Warhammer computer game being developed will let users purchase armies, much like they purchase units for their board game version.
I think there is a real danger though in mixing real money with virtual objects like that. Where in Warhammer you''ll probably only have to buy a unit once to use it indefinitely, the proposed system by Lestat3D has spells and artifacts that would only have a one time use.
If players are annoyed by certain aspects of the games they play now, imagine their disgust when the spells/artifacts they just purchased are gone all of a sudden before use. Or if the spells don''t work when they do use them. Or when they find that the players they use the spells on are protected from those spells by cheats or bugs etc.
I think some of the posters already mentioned why the appeal of MTG is so high: you never know what you''re going to get.
I''d like to add to that that the cheapest, simplest card can sometimes beat the most expensive, rarest card.
I can''t wait till WOTC releases that online version of MTG. I''d like to see if they can pull off a good version of ''sealed deck'' tournaments, which have always been my favorite (since the game itself has turned into too much of a rock/paper/scissors game where powerful cards unbalance the game, I prefer the gameplay of sealed decks, which means you play with what you get...)
I think there is a real danger though in mixing real money with virtual objects like that. Where in Warhammer you''ll probably only have to buy a unit once to use it indefinitely, the proposed system by Lestat3D has spells and artifacts that would only have a one time use.
If players are annoyed by certain aspects of the games they play now, imagine their disgust when the spells/artifacts they just purchased are gone all of a sudden before use. Or if the spells don''t work when they do use them. Or when they find that the players they use the spells on are protected from those spells by cheats or bugs etc.
I think some of the posters already mentioned why the appeal of MTG is so high: you never know what you''re going to get.
I''d like to add to that that the cheapest, simplest card can sometimes beat the most expensive, rarest card.
I can''t wait till WOTC releases that online version of MTG. I''d like to see if they can pull off a good version of ''sealed deck'' tournaments, which have always been my favorite (since the game itself has turned into too much of a rock/paper/scissors game where powerful cards unbalance the game, I prefer the gameplay of sealed decks, which means you play with what you get...)
no matter what you do, hackers and crackers will always find a way. Its some kind of unwritten law.
Even Microsoft, with all of their security and piracy notices. Their software is perhaps the worlds most pirated.
Diablo is an example of a game that has been hacked and cracked more times than you can believe with all kinds of "item" editors and what not. even if Blizzard keeps patching up their "battle.net", they will always have people who will disassemble their software, legally or illegally.
if there is a will, their is a way.
your "encrypted" data, is never really encrypted.
my 2 cents...
one way around it, is if you could detect if its a duplicate item, you can e-mail the player and let them know they are using stolen gear, and if if they are cought with stolen goods for a second time, they will be banned from the game.
i don''t know... just a random thought. seems pretty hopeless. I sure as hell wouldn''t want to pull out my visa to buy an "item" for a game, no matter how good the game was.
Even Microsoft, with all of their security and piracy notices. Their software is perhaps the worlds most pirated.
Diablo is an example of a game that has been hacked and cracked more times than you can believe with all kinds of "item" editors and what not. even if Blizzard keeps patching up their "battle.net", they will always have people who will disassemble their software, legally or illegally.
if there is a will, their is a way.
your "encrypted" data, is never really encrypted.
my 2 cents...
one way around it, is if you could detect if its a duplicate item, you can e-mail the player and let them know they are using stolen gear, and if if they are cought with stolen goods for a second time, they will be banned from the game.
i don''t know... just a random thought. seems pretty hopeless. I sure as hell wouldn''t want to pull out my visa to buy an "item" for a game, no matter how good the game was.
well technically speaking. encryption works wonders, and really does work. just not fro protecting games (trust me if i encrypted a doc and placed it on the net without giving you the keys you could never decrypt it unless you knew many mnay mnay mnay ppl kinda like the distributed.net cracking).
the problem with using encryption on the game, is that the client needs to decrypt the data to use it, which means things can be intercepted and logged (keys,actual data,etc). the only really good way is to use a very mathmatically strong (careful with export restrictions) encryption followed by sending ALL the data to the server to be decrytped (client NEVER gets the key nor data). bandwidth though is the major issue, as well as file tampering (but you should be able to catch that with enough crc/digital sig). just realize the weakest link is the part that gets cracked and leads to more devious hacks.
good example is how much file checking hl does during auth with a server. all the files are checked (that need to be checked) but nothing in memory is every checked compared to the disk based file, thus allowing ppl to modify stuff in memory. pb attempted to stop this by chekcing processes in memory at specified offsets for particular strings (massivly naive and stupid). this did not help too much at all since all that was needed was to change the cvars and strings in the file. they added screen cap features, but this relied on dx which can be overridden.
in fact anything that relies on the system that the software is run on to be secure, wont be secure. dont even mention linux not able to fall prey to these types of attacks, since it is even EASIER in linux since you have the source code. no need to override and hook libraries, just modify them and recompile. (this though is not to diss open source movement since the security that it was designed for it does well) realize this assumes that the person runing the game has access to root (and if they dont they probally cant run the game anyway)
the problem with using encryption on the game, is that the client needs to decrypt the data to use it, which means things can be intercepted and logged (keys,actual data,etc). the only really good way is to use a very mathmatically strong (careful with export restrictions) encryption followed by sending ALL the data to the server to be decrytped (client NEVER gets the key nor data). bandwidth though is the major issue, as well as file tampering (but you should be able to catch that with enough crc/digital sig). just realize the weakest link is the part that gets cracked and leads to more devious hacks.
good example is how much file checking hl does during auth with a server. all the files are checked (that need to be checked) but nothing in memory is every checked compared to the disk based file, thus allowing ppl to modify stuff in memory. pb attempted to stop this by chekcing processes in memory at specified offsets for particular strings (massivly naive and stupid). this did not help too much at all since all that was needed was to change the cvars and strings in the file. they added screen cap features, but this relied on dx which can be overridden.
in fact anything that relies on the system that the software is run on to be secure, wont be secure. dont even mention linux not able to fall prey to these types of attacks, since it is even EASIER in linux since you have the source code. no need to override and hook libraries, just modify them and recompile. (this though is not to diss open source movement since the security that it was designed for it does well) realize this assumes that the person runing the game has access to root (and if they dont they probally cant run the game anyway)
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement
