Jump to content

tbot

Members
  • Posts

    55
  • Joined

  • Last visited

Posts posted by tbot

  1. Right now the only way to see it is on the EPG server (and it's currently down for some reason :(). Of course there are tons of other maps on there so someone would need to buy it (it's named Random Infernus). Even then you won't see it generate the map, you'll only see the end result.

  2. Nice. Unrelated suggestion for someone - a random race map generator.

    Lets you pick a difficulty (how sharp corners are etc?) and maybe has some themes (i.e. object types to use) and it then places objects along a randomly generated spline.

    Bonus points for joining up with the GTA world :)

    First person to make that gets a cookie (and a post on the Facebook page, i.e. fame!)

    There has already been a random map generator (i.e. mine) running on the EPG race server since august last year. Of course I don't really care about fame and all so as of yet it has not been publicly released.

  3. i voted NO, because i'd like a stable VC client first.

    The intention is that Blue will be released before SA comes to the PC.

    And tell me, how do you know Blue is stable? Because the MTA team told us? Please remember that they also told that 0.4 would be more stable and yet it showed little improvement.

    Therefore I would not judge about it before it is released.

  4. personal opinion: I don't think Aeron would do such a thing.

    You may have your personal opinion, of course I respect that, but I also have my opinion, and I suggest you respect that too.

    Why would he? Aeron created this mod gor mta btw. , so whats wrong with it if he banned nivko , he has the right.

    As I said, I know nivko, and I know that he is irritating, I have him banned on my own server too. The point is that _I_ set the standard at my own server for what I think is worthy of banning or not.

    As I've also said before, this blacklist is distributed as being a list of known and confirmed 'cheaters'. I place true doubts with nivko's ability to cheat, and with it I place doubts with Aerons objectivity.

    If this list wasn't called a blacklist of cheaters, but just 'Aerons personal banlist', I would have no problem with it (and many people wouldn't have used it because of the name).

    Its just not fair towards nivko , but maybe you are nivko just with another nickname or something.......................................................................................!!!! Didn't saw that one comming , did ya?

    If you want to bring my arguments down, please do so with counter arguments, and not with unlikely speculations. I'm not defending nivko. It's just that by seeing that nivko is banned I highly doubt that this is still a list of just cheaters.

  5. I don't think thats the reason.

    Exactly, you don't _think_ that's the reason. But how would you know for sure?

    Asking Aeron won't help, he surely won't answer you that he abused his power somewhat (hypothetically speaking). Asking the banned person won't help either, because they generally won't confirm that they were cheating.

    Why should Aeron be some sort of an authority on this field? IMHO the only one who could and should decide about banning are the administrators of the server where the ban should be placed.

    It's too easy to ban someone for other reasons than cheating that the users of this blacklist might very well not agree with. Sure, this guy can be irritating, but that's a reason to ban him on your own server, not on all servers running this blacklist, simply because the users expect that the banned people are banned for cheating and not for other reasons.

  6. Please remove my form the blacklist and unblock my on msn my msn is [email protected]

    Please Aeron

    If you are on the list , you are on it for a reason...

    I highly doubt it's for cheating though. I know this fellow, though he's irritating and always asking for 'things' (scripts, etc.) I don't see him capable of cheating/modding (I could be wrong though, you can never know a person well enough).

    But _if_ this guy is banned for an other reason than cheating than I can explain it in only one way, and that is that Aeron misuses his power he gained by this blacklist to 'solve' personal issues with this guy.

  7. I should also add that MS's little sp2 doesnt fix this either, since its javascript, adn has little or nothing to do with MS :)

    It has everything to do with MS since it's MS' implementation of the javascript standard. It has/had (can't tell since I don't use SP2) many holes, but a SP can change it all...

  8. from the looks of it, 56k people will be able to play it without even straining their modems.

    There are simple physical laws that tell us modem users have larger round-trip-times. This in turn causes behaviour (especially in client side games like MTA) which we would recognize as lag.

    You can have genial algorithms, but you can't change the physics of the connection, and thus 56k users will always experience lag.

  9. but we don't really have the time

    May I point you to the fact that there are quite a few good and fast ready-to-use scripting engines. Embedding those wouldn't take more (possibly even less) time than implementing dll support. The engines are well enough to give the scripter enough power to effectively create addons.

    Besides that dll's aren't portable, so it's up to the mod maker to also compile it against linux, and not everybody may be able to do so (making the whole less portable).

  10. First of all, if this is going to be a dll/so system, source code doesn't necessairily have to be released, so how would you want to check those?

    Native code implies massive security risks, so if I were developing this I wouldn't let the responsibility at the end-user, who are, generally taken, not very aware of these risks.

    And in this case it's not the lack of alternatives that should be the deciding edge. Not too long ago I did some research into scripting engines (and am currently working on my own), and as a very good alternative to native code there is the SeerC scripting engine, offering almost ANSI C scripting with possibilities very near (if not the same) as native code, yet in a somewhat protected environment.

  11. Hum, i don't get what your saying... For example, if you hash "test" with md5 (php...) it will generate the same thing on and on... this is what most of scripts uses to encrypt password...

    Let me put it a little more clear.

    When a client wants to connect it sends a signal to the server. When the server recieves that signal it sends a random number back (and remembers it).

    The hash code that will be generated is not merely the hash code of the file, but augmented with the random number. So let's say the correct hash is the MD5 of the string "test", if you do nothing with it, it's static, and thus easy to crack.

    Now we take the random number (e.g. 5325), and append it to the string that needs to be hashed, making "test5325", and hash that. You will find that the hash is totally different. The client sends the hash, and the server will know it's correct because it remembered the random number (and can create the correct itself the same way).

    The next time someone connects the random number will be different, and so will the hash, creating a handshake which seems random.

  12. Oh, and the digital signature of mtaclient.exe (md5) is 51 B9 31 2D AD 4A B5 9A 21 FD F1 B1 89 27 D0 55.... not a very long string to send :roll:

    In your first post you were talking about the 'server' hashing the client, which requires the server to have the executable (thus the client should sent itself over).

    What you mention now is the client hashing itself and sending just the hash. This is about what the client does right now (it might not actually hash itself, it does hash the files which are modified when using mods). The problem with this method is that the code which generates the hash can be replaced with code which just returns the correct hash, no matter whether the file was modified.

    In a worst-case scenario for the crackers they could always create a proxy which replaces the wrong hash with the correct one.

    With the idea I posted however, there is no 'correct' hash, since it depends on the value the server sends. Therefore it's much harder to decode the hashing mechanism. Even when it fails it can be made more complex by, for example, making a handshake protocol with multiple hashes and multiple random values. Eventually the crackers won't be able to crack it (though it actually is possible, will always remains so, but there is a limit on things a human can achieve).

  13. I've chearched the forum and found nothing about this:

    Why couldn't the server md5 the client.... simple?.... or not :roll: ?

    I wonder how you would do that...

    I think sending the entire executable to the server just for creating a hash of it is going to create a incredibly lot of useless network traffic (apart from the fact the the 'sending' part could be cracked to send the original exe).

    However, this post did make me think and the current protection can be made so much better just by letting the server send a random value which is padded to whatever needs to be CRC'ed. The value which is sent back will then also appear to be random, thus masquerading the way the hash was created.

  14. My lightbulb ingame administration program is already able to recognize bots by a fairly reliable method and take appropriate countermessures.

    Too bad for the general public the MTA team hasn't got their opinions clear on giving permission for it (I got permission from IJs a while ago, but recent events turned out that not the entire team stands behind that decision).

    I did what I could to counter this bot, blame the MTA team for not letting me distribute it...

  15. Maybe the peak of bot usage has been passed, fact is that since I adapted lightbulb to kick bots last night it has kicked about 40 people now. Let's say half of that is wrong due to inaccuracies of the detection. Let's also say that of the remaining half half was an already kicked bot reconnecting.

    This leaves 10 bots for today, which I personally think is too much.

    And even if the bot isn't really good at killing, the being killed part really annoys ppl (incorrect stats and such).

    Just take a simple look at the nr. 1 killed person at my server:

    No. Name Kills Deaths Ratio

    1 Brat 1 3847 0

    I don't know about you, but I really think that even only one bot can do quite some harm, and therefore must be stopped...

  16. The fact that he was able to create a bot that could do all of this means that he is a competent coder.

    Competent coder? Please define competence for me then...

    If packet sniffing traffic and simply mimiccing the behaviour now is the factor required to produce good software then we'd be loaded with great software right now, which just isn't the case.

    I read through the ideas the creator left in his gui and they don't make much sense (As I said before, I did the 'bot'-thing and took my conclusions with regards to the protocol. I won't say I'm right, but he is definitely wrong on some cases, which proofs he's mimiccing, not intelligently implementing the protocol).

    Secondly. If he intended to produce a 'fair' playing bot I guess he didn't thought through the consequences it might have had (and is having right now). I personally think some knowledge in predicting what might happen in the future (in software terms, actually 'predicting' the future is quite impossible ;)) is necessairy in creating good software.

    All I can say in favour of the creator is that he codes VB and knows how to handle packet sniffing, nothing more, nothing less...

  17. its a new age of cheaters now programers are in about it so mta mus be getting big

    I wouldn't call these persons 'programmers', Script Kiddies is a much better term.

    A while ago I already developed such a bot. My main aims were decoding the player protocol for developing features like Admin+ offers us now. In the progress a killing feature was also implemented, for some sort of semi-automatic cheat detecting. While developing it I realised that if such a feature would get into the wrong hands it would be pure evil, and that time is now. I stopped developing it just because I thought of the consequences it could've had for MTA.

    As for actions that can be taken against this thing, the first step has already been made: scripts detecting the PM commands. It doesn't take a genious to see that this just isn't enough, with hex editing this can easily be evaded. The real newbies won't be able to use the program anymore, but it's not the newbies that I fear...

    A more sophisticated detection could be done by detecting teleporting or 'following' behaviour. However, this also isn't going to last (I won't tell why, the creator of this program might not have figured that out).

    The real solution for this problem should be built into a new 'fool-proof' version of the server and the client. Then it depends on the skills and motivation of the creator of the program whether he will figure that out again...

    I quite certainly will be working on detection methods, but this will take time, let's just hope this doesn't escalates any further...

  18. eAi moved my original topic because he thought there was no permission for it. Now with the release of MTA 0.4 moving it back will become quite useless, as the program doesn't work with it.

    Of course we will try to make it compatible with 0.4, but this might take some time.

    For people who are still interested in seeing what it was, and how it worked with MTA 0.3:

    Check http://holyfluid.student.utwente.nl/lightbulb/. You can download the binaries and view the (INCOMPLETE!) documentation there. Note that we don't give any support nor warranties.

  19. That's good. Looking through their back catalogue, they don't seem to have developed many titles with multiplayer, and from what I remember of GTA2's multiplayer, there's probably a reason for that. I'm presuming that MTA will do a version for SA.

    I don't know what exactly you remember about GTA2 multiplayer but I honestly think it's quite good. Although it's limited to 6 players it offers good multiplayer gameplay. I still play it now and then and it always ends up with lots of fun :).

×
×
  • Create New...