[MUD-Dev] distributed objects

Koster Koster
Tue Feb 15 09:16:13 CET 2000 

> -----Original Message-----
> From: J C Lawrence [mailto:claw at kanga.nu]
> Sent: Tuesday, February 15, 2000 1:17 AM
> To: mud-dev at kanga.nu
> Subject: Re: [MUD-Dev] distributed objects 
> 
> 
> On Mon, 14 Feb 2000 21:36:32 -0800 (PST) 
> Brandon J Rickman <dr.k at pc4.zennet.com> wrote:
> 
> > I've always been bothered by the "never trust the client" law.  It
> > is misleading: it says you can't trust an _individual_ client, but
> > people interpret this as "you can't trust clients in general".
> > Shouldn't one be able to devise a robust distributed network
> > across several clients, such that errors (or cheats) on one client
> > will be detected when compared against other client results?

> UO demonstrated numerous cases of both breaches, in not trapping or
> reacting against violations of the extant protocol definition (the
> rule of "Rigorously adhere to standards in what you produce and be
> generous in waht you accept" doesn't apply in this case), and in
> blindly accepting and trusting variously wrong values from the
> client.

And keep in mind that we went into it being extremely paranoid in the first
place! We weren't being naive and assuming that everything would be
hunky-dory. I'd classify the sorts of stuff we saw in chronological order
as:

- data hacks. Alter the client-side art files and the like in order to make
targeting easier. A good example would be replacing all the walls with
outlines. This doesn't even touch the server.
- memory mods. This would be changing stuff in memory. We had virtually
nothing of any consequence here.
- sniffers. Try to get more info out of the data stream than what the client
ordinarily displays (this is what ShowEQ does)
- wedges. Creatively alter the data stream by filtering packets or
manufacturing packets. A good example in UO was another display hack--they
simply threw away the light level change packets arriving and replaced them
with full bright. Presto, no darkness in dungeons.

Also, we speak of a "utility phase" 8-9 months after launch. This is what
happened with UO, with M59, and with EQ: nice GUI hack and cheat programs
exactly 8-9 months after launch in all three cases. In M59's case it was
PKK; UO had UOE and many others.

-Raph 



_______________________________________________
MUD-Dev maillist  -  MUD-Dev at kanga.nu
http://www.kanga.nu/lists/listinfo/mud-dev

More information about the mud-dev-archive mailing list