[MUD-Dev] DGN/TECH: exploiting/hacking in MMOGs - sources of info?
ceo
ceo at grexengine.com
Thu Sep 16 00:07:48 CEST 2004
HRose wrote:
> John MacQueen wrote:
>> That said in my experience the main "hacks" I've seen in the last
>> couple of years have been... "speed hacks" where the operating
> This is probably the most common hack. Just in the last weeks I've
> heard reports of working speedhacks in World of Warcraft, Final
> Fantasy XI and Dark Age of Camelot.
> I also wonder why they are so common. It should be easy enough to
> control this server side. You don't need to mantain the checks
Blizzard (Warcraft) have a history of closing the gate after the
horse has bolted (especially Diablo games and Starcraft; + to a
lesser extent the warcraft games). In the last few years, they have
turned this from a repeated embarassment into a mean and cunning
(and highly respected) strategy, borrowing from honeypots (I have no
idea whether they intended this all along - perhaps they were
lulling cheaters into a false sense of security? Perhaps they were
fine-tuning their systems? Given how miserably Diablo 1 died under
hacks, I'm not convinced).
Anyway, the situation now is that Blizzard regularly waits for hacks
to appear, lets them run for 6 months (or more, or less), gathering
the names and account details of all cheaters (hence the honeypot
reference- look it up in traditional network security sources, it's
quite a common tool). Then they spring the trap: undo all benefits
given to cheaters, sometimes taking it further and punishing them by
simply bankrupting the characters. The "hardcore" cheaters each time
get their accounts wiped + cancelled (i.e. their CD key etc no
longer allow them to play the game, IIRC). I believe they also
gather and retain long-term things like IP addresses, so that they
can the predictively guess which people are likely to cheat, giving
them a heads up on the next crack.
Short term, this isn't clever. Long-term, it is IMHO a solid process
that accepts you will never make a game 100% secure without vast
cost, and yet turns the 0.1% of weakness into as much of an
advantage as possible. Of course, you require considerable resources
to acheive this! There is considerable work involved (blizzard has
on at least one occasion tampered with accounts of more than 100k
players IIRC...just think how many support calls that could
trigger...).
Adam M
_______________________________________________
MUD-Dev mailing list
MUD-Dev at kanga.nu
https://www.kanga.nu/lists/listinfo/mud-dev
More information about the mud-dev-archive
mailing list