PDA

View Full Version : 4.09 Dedicated Server Security & Distribution


Gryphon_
01-02-2008, 03:20 AM
Hi,

I am a server admin / map-maker for an online server. As this is my first post here I would first like to thank Oleg and his team (workers and volunteers) for the exceptional sim we have enjoyed for many years. I have played the game for hundreds of hours and enjoy it very much. As we have nearly a year to go (?) before SoW it is important to keep the online game alive. Like many others I was hoping that 4.09 would close the door on the hackers at least for the online game. I have a few suggestions:

I have been watching the debate over the hacks for some weeks now. The division in the IL2 community seems to be between those who want to play 'hack-free' online, and the rest: those who want to play online or offline with hacks or mods. Both parties would be content if there was a dedicated server available that could exclude those with modified files from playing online.

If 1C does not have the resources to produce a new dedicated server application that gives greater security, I suggest that you ask trusted third parties to volunteer their time to repackage the current version and add some additional security functionality. You may also wish to make the dedicated server only available with a new EULA that clearly makes it a breach of your copyright to alter the code or delete the new security functionality. As a server admin and map maker, I would rather wait and get a dedicated server that keeps out hackers, than play 4.09 online next week with a dedicated server that doesn't keep them out.

In the long term, 1C needs to look at how products can be sold, updated, and kept free from hacks. In the future I expect most games will be downloaded and then continuously patched in a manner similar to the Valve/Steam server/client network. Valve/Steam networks aren't perfect, but it makes it much harder for the hackers if the executables and data files are continuously being altered by the developer. The Ubisoft system used for the Pe2 upgrade - 'Boontybox' - was poor - but if it had been developed more, it might have allowed you to make multiple small changes to your code and perhaps prevented the mess we are now into.

Hope this helps.

Petrosky
01-02-2008, 04:36 AM
It is a mess!

JG27_brook
01-02-2008, 08:31 AM
Passing on intel on players using hacks will help

LEXX
01-02-2008, 12:02 PM
Petrosky:: It is a mess!
Sadly true. We get what we paid for, happy to stay dependent on Oleg's Offline play customers paying for our "free" cheat-free anonymous public server gameplay -- a very messy situation we made four ourselves over the last four years. http://i35.photobucket.com/albums/d178/Lexx_Luthor/Smileys/Sad.gif

ElAurens
01-02-2008, 11:47 PM
You know Lexx, every time you mention that onliners don't pay for their sim, which is every freaking time you post, I am left wondering WTF you are talking about.

You have been going on like this for years now, and frankly it makes no sense. None.

I, like every other online player has paid, and paid, and paid again for every version since the beginning.

So drop this schtick will ya?

You are clueless about online, as by your own admission you don't fly online, and you have not played the sim at all since 4.04.

Your observations are odd to say the least.

LEXX
01-03-2008, 12:23 AM
I observe honest Online players, for example the Online player at simhq that poasted about 2 years ago...

If not for the Offline base, we'd all be paying 12$ a month to fly.

Brain32
01-03-2008, 01:12 AM
Well if the game was pay to play, it would be online only and there would be no offline AT ALL so it is US(onliners) who payed what you get for free.

Do you see how easily can it work in reverse?

LEXX
01-03-2008, 02:14 AM
It could work in reverse if this sim were Pay-To-Play, but the sales and revenue have been primarily provided by the Offline play customers.

Now, if the sim were Pay-To-Play, then we would be paying a Monthly Fee to the publisher, and we would not be dependent on Offline play customers.

ElAurens
01-03-2008, 04:29 AM
Just who is the "we" you speak of?

If it was pay to play and online only, you wouldn't even be here Lexx.

And come to think of it neither would I. I don't have $120+ a year to chase pixels across a monitor screen. For that kind of money the software would have to be a free download, and there would have to be additional free aircraft and other content on a very regular basis, the netcode would have to be a lot better than it is now, and there would have to be a massive developer run server capable of putting thousands of aircraft up at once on a map the size of oh, the world.

Can't see that happening in a niche market like WW2 flight simulation.

LEXX
01-03-2008, 05:04 AM
hmmm....I would be interested in an immersive dynamic Online War hosted through the publisher, but...

ElAurens:: ...the netcode would have to be a lot better than it is now, and there would have to be a massive developer run server capable of putting thousands of aircraft up at once on a map the size of oh, the world..
...which describes exactly what Oleg would do -- perhaps for BoB And Beyond. Although a Channel map would be sufficient for the first releace, and for later theaters, later maps, all sized less than, "oh, the world."

Can't see that happening in a niche market like WW2 flight simulation.
It already has, to some degree, and profitibly so, although not done by Oleg Maddox, which would be key to generate my interest in something like this.

The only issue I may have is that Oleg has said he thinks dynamic campaigns are arcade by being non-historical, while a true Online War is a dynamic campaign. UBI or 1C could pay me a Monthly Fee and I still would not join a static Online War with a never changing fixed outcome that cannot be affected to at least some degree by the playing sides.

msalama
01-03-2008, 10:41 AM
join a static Online War with a never changing fixed outcome that cannot be affected to at least some degree by the playing sides.

Wha...

I'm so sorry, but what the HELL are you on about? In an online war (such as the AFW, see http://www.war.by-airforce.com ) the outcome certainly isn't fixed, since the side who gathers more tactical and strategic victories (and thus either gains sufficient territory or destroys the enemy's supplies and production) will win the map - and they can only do it when their combined arms work together!

So what "never changing fixed outcome" is it that you're talking about - say, the Reds, always winning regardless of how the Blues wage their war, or what?

LEXX
01-03-2008, 11:16 AM
http://i35.photobucket.com/albums/d178/Lexx_Luthor/Smileys/thumbs.gif Spot on! Dynamic campaign outcome is needed, but Oleg has said he prefers historical campaign outcome...ie...fixed outcome static campaigns.

In case you missed our discussion last page...

LEXX (last page):: The only issue I may have is that Oleg has said he thinks dynamic campaigns are arcade by being non-historical, while a true Online War is a dynamic campaign. UBI or 1C could pay me a Monthly Fee and I still would not join a static Online War with a never changing fixed outcome that cannot be affected to at least some degree by the playing sides.

msalama
01-03-2008, 12:00 PM
Yeah, but as I pointed out none of the current OL wars to my knowledge _are_ static - whereas you OTOH stated that:

I still would not join a static Online War with a never changing fixed outcome that cannot be affected to at least some degree by the playing sides.

And hey, fair enough, neither would I for that matter... but as I said there is NO NEED FOR THAT because all of them _are_ nowadays dynamic!

Capiche?

msalama
01-03-2008, 12:03 PM
...and thus you're more than welcome in joining us playing AFW at will, because as I stated the individual episode / map outcomes most certainly are dynamic - and thus should suit your stringent offliner criteria 100%, now shouldn't they ;)

msalama
01-03-2008, 12:07 PM
...or, yet in other words, you wouldn't NEED to join a static OL war w/ a fixed outcome because they're NOT static BUT dynamic! U catch my drift, eh?

msalama
01-03-2008, 12:10 PM
...which, again, brings me back to the original reason for my bewilderment, namely: WTF are you talking about static OL wars because they're not static but DYNAMIC???

LEXX
01-03-2008, 12:27 PM
I refer to Oleg's personal preference for static and scripted "historical" campaigns -- to the extreme of calling dynamic campaigns "arcade" -- because if he fails to see the fundamental value of dynamic campaigns to his customers, it *might* negatively affect the development of an immersive dynamic Online War available through the publisher for Oleg's next sim: BoB And Beyond.

If we fly in airplanes, we all hope the airplanes' designers like airplanes. :grin:

4H_V-man
01-03-2008, 12:57 PM
Hey, guys, if you want to debate on-line wars and campaigns, start another thread. This has NOTHING to do with Gryphon's original post.

And yes, I would hope we could get something done in this area to secure the integrity of servers. I had hoped the hackers would leave 4.09 alone, but they seem determined to "improve" Il-2 to death.

Rama
01-03-2008, 02:07 PM
Actually, this HAS something to do with Gryphon's original post.
... since an important part of the online crowd do play online wars and campaigns.

And the original proposal of a "hack-free" server could solve the problem only for the dogfights servers, leaving all online coop style (including wars and campaign) online games subject to cheating.

So, to solve the problem for every style of online play, the solution can't be reduced to a "hack-free" server, but should be a file check (either by a new CRT, or whatever other method) working also for player hosting (either dogs or coops).
Something insuring that the host and the clients are using the same code and the same files.

Avimimus
01-03-2008, 04:43 PM
1. Il-2 will not be fixed (due to difficulties with code and financial calculations)
2. Bob will everything (especially online security)
3. Oleg has suggested that it is likely Bob could well have several modes for online play:
- without security and allowing mods
- with security and only allowing official releases
- finally a 'pay for use' massive multiplayer dedicated historical campaign

Now go back to sleep...

Rama
01-03-2008, 05:11 PM
1. Il-2 will not be fixed (due to difficulties with code and financial calculations)

It's your saying.
OM never stated that. last time he told about this problem (On October 26) he stated M:1C was looking for a solution to secure online game, and that he wasn't sure it was possible with the limited amount of ressource he could dedicate on this.
Here the exact words: "I can't promise now... but my guys in research what is possible by minimal human/month busy schedule... ", written on 10/26 in Oleg Maddox's Room thread of this forum (answer #211)

Thats something he allready told for other problems... that finally found a solution.

So nothing is sure, neither that there will be a fix, or that there wont be.
I can still hope.

msalama
01-03-2008, 08:51 PM
Lexx, V-man,

Rgt, not the thread for that. That said I now see what U mean Lexx - a bit of a misunderstanding here, didn't actually get your meaning until now! Still, let's hope that Oleg now gets the drift as regards dynamic OL campaigns and their implementation - w/out 3rd party help such as the OL wars we're playing nowadays, that is ;)

S! guys. Let's anyway hope for the best as regards continual OL security of the game... be that implemented one way or another.

4H_V-man
01-04-2008, 01:17 AM
On that we can agree.

Gryphon_
01-04-2008, 01:30 AM
Further thoughts:

IL2 is just one game produced by 1C. 1C produces lots of games, and sells them via huge-volume distributors such as Ubisoft. If distribution costs can be reduced, the producers and distributors can make more profit, which is very important to them.

Producers and distributors can make more profit if they can sell these products via download. In order to do that they have to be able to prevent the customer copying the downloaded product, either as originally downloaded, or after the customer has hacked it.

For offline games, this is a big problem.

For online games, it should be easier to solve; with an active internet connection required for online play, the client files could be programmed to 'phone home' (to the developer site) either periodically, or on demand. In other words, put a sort of trojan in the client executable! This opens up various ways of ensuring client file integrity.

If the industry could get this right, downloading could become the norm, they would make a lot more money, and the hackers would be confined to playing offline. :-)

robtek
01-04-2008, 05:55 AM
Why are here so many people that have too much money?
Sure, it is easy to delegate the problem and let it be resolved by pay2play.
But while that might help it is for quite a few people too expensive.
The way it is right now is much more social and i think it is better to find a solution on this base.

Baco
01-04-2008, 07:19 PM
Further thoughts:

For online games, it should be easier to solve; with an active internet connection required for online play, the client files could be programmed to 'phone home' (to the developer site) either periodically, or on demand. In other words, put a sort of trojan in the client executable! This opens up various ways of ensuring client file integrity.

If the industry could get this right, downloading could become the norm, they would make a lot more money, and the hackers would be confined to playing offline. :-)

Er.. that would make a worst scandal than the infamous Boottysomething. A file accesing the net informing of the content of your HD to a third party.. That would kill BOB and 1:C faster than any cheat or hack. It would make Starforce look like a harmless virus.

Don´t get me wrong, I have nothing to hide in My PC, not even credit records. But most people would not come close to such a game.

I think That is the EASY "illegal" way Oleg refered to when adressing the issiu of CRC checks...

The hard way and costlly is the program checking various values in important files such as FM and DM dlls witch is the thing they can´t do right now becouse it means rewriting the code.

Gryphon_
01-04-2008, 09:11 PM
So how does Valve/Steam work? Whenever you are playing, your computer is talking to the Steam app and quite frequently your files are updated as a result.

I' m thinking that:

1) Your computer sending info on your game files to game developer server with your knowledge = okay
2) Your computer sending anything else to an unknown party without your knowledge = not okay

I guess as long as everyone understands the difference, (1) is the way ahead

crazyivan1970
01-04-2008, 10:51 PM
I actually like Steam alot, very convinient and based on what i read, harmless. Wouldnt be a bad choice, comparing to everything else. Especially after what UBI was trying to feed us.. Starforce, Bootybox, etc. All crap, dangerous one too.

jasonbirder
01-04-2008, 11:05 PM
I'm quite happy with downloaded software...but I would Never consider buying anything that ever recquired my computer to be in touch with the publishers system so i could use software i'd already purchased...no matter how briefly or infrequently.
I wouldn't even think about it!

BSS_Sniper
01-04-2008, 11:20 PM
I'm quite happy with downloaded software...but I would Never consider buying anything that ever recquired my computer to be in touch with the publishers system so i could use software i'd already purchased...no matter how briefly or infrequently.
I wouldn't even think about it!


That's good to know. Now we will have one less to worry about cheating. :P

LEXX
01-05-2008, 12:58 AM
http://i35.photobucket.com/albums/d178/Lexx_Luthor/Smileys/PinkSunny.gif

BSS_Sniper (to jasonbirder):: That's good to know. Now we will have one less to worry about cheating. :-P

Pray I do not purchase 1946 ~> http://bbs.thirdwire.com/phpBB/viewtopic.php?t=3970

http://i35.photobucket.com/albums/d178/Lexx_Luthor/Smileys/Wink.gif

Gryphon_
01-12-2008, 05:33 PM
I'm quite happy with downloaded software...but I would Never consider buying anything that ever recquired my computer to be in touch with the publishers system so i could use software i'd already purchased...no matter how briefly or infrequently.
I wouldn't even think about it!

Well, in the coming years I dont think you are going to be buying very much software. (By the way, how are you getting on with Windows 3.1?) :rolleyes:

I don't mean to be rude; all I'm saying is that communication between purchased software applications, and of course operating systems, is becoming the norm.

In XP, go to START / Control Panel / Add or Remove Programs and check the Show Updates box. You will see a lot of updates over and above what you installed off disk (if your computer is like mine).

Naturally, the interaction between your computer and the developer server must be subject to your permission, but we must accept that if permission is withheld, then the software will not be updated. In the case of a game such as IL2FB, which has an online multiplayer element, refusal to allow your computer to interact with the developer server would deny you not only the latest version of the game, but the ability to play that online.

That is reasonable, as you could still play the original version offline.