There is no reason teleport and other hacks persist in this game. There are straight forward ways AV can implement detection and automatic monitoring.

Teleport could be monitored server side with a low frequency check on player location - flag for runestone use, house or bind recall. If play is moving outside these bounds flag account.
Add in a 'z' check for height to detect below or above ground.

Radar and other hacks can be detected. AV needs someone on staff who frequents hacker sites to collect hacks for analysis. Periodic system checks for memory loaded hacks is all it takes. Other games do it well and AV should consider this too.

There is no reason teleport and other hacks persist in this game. There are straight forward ways AV can implement detection and automatic monitoring.

Teleport could be monitored server side with a low frequency check on player location - flag for runestone use, house or bind recall. If play is moving outside these bounds flag account.
Add in a 'z' check for height to detect below or above ground.

Radar and other hacks can be detected. AV needs someone on staff who frequents hacker sites to collect hacks for analysis. Periodic system checks for memory loaded hacks is all it takes. Other games do it well and AV should consider this too.

The problem with radar is that you can just sniff the packets you are receiving or memory locations used by the client for the information on people/mobs that server transmits to the client (based on proximity) There is no way to detect for that, hell even if you had the client check your comp for other running programs and matched them against a list of known hacks (which wouldn’t be infallible ), you could just use another machine to route your traffic though and nab all the info you needed from that machine instead. The client has no way of checking every machine that handles the packets on their way from the server to the client.

You could try encrypting the data but for one it would be slow and introduce more lag (transferring more data and spending longer handling that data) and besides the client would have to contain all the info you need for decrypting it anyway and even if you decided not to directly intercept and decrypt the packets you could just snoop the memory address the client is using to store the data after it has received it.

The only real way of combating radar is to do a ‘Line of Sight’ check on the server before sending the data to the client, even this is not fool proof as it may still be useful to have a radar hack point out people you may have just not noticed just using the official client alone. That and doing these LoS checks comes with its own set of problems, slowing down the server thus introducing lag and people popping on screen as they may be half-way into your field of view by the time your client receives any info on their position and did not get the chance to pre-load them in while they were outside of your view.

tren there are many ways to detect when someone tries to read your memory space.



there are many exploits which are just stupidly easy to catch, like the bank bug, such an easy way around that one - is the flipping person next to a bank? no? then dont accept the item then lol! its not hard!


another, such as teleport hacks....as suggested random polling and tracking of random/tagged players to see if they suddenly are at a location beyond their means and didnt use bind/rune etc. really not that hard especially as there should be some inherent player tagging system for gms.


anyways, doing a basic memory scan ala blizzards warden isnt hard. you just have to buy the hacks and work out their memory print. once you know the print for that version you're good until a new one arrives. knowing where the hacks sit in memory is a very easy way to flag accounts for monitoring

hell, knowing the program title and scanning for that with the winapi isnt exactly many lines of code, seeing as how they (AV) are all over the winapi it wont add to load times or degrade performance any.



If all else fails, just license the warden off blizzard. rofl im sure itl be nice and cheap

Signatures change with every update, damn cheaters actually generates a new version of the hack for each customer so the hacks do not look the same, the memory space of a hack is not the same each time. You would have to scan all memory, many hacks actually load up the program inside the hack so the program is blind to the fact it is being "held hostage" .... radar hacks can be ran on a different computer that is sniffing packets this is impossible to detect.

DunnyKan

You make it sounds so easy, you are speaking to someone who has written the comms for and tried to implement an Anti-Hacking system for a no-budget Indy MMO before and it's a pain the arse. And most of the things you can do to combat it just slow things down considerably and can still be circumvented one way or another (Now if you do this professionally then I will bow to your knowledge on the matter)

But I do agree AV seems to have just totally given up and don't even appear to be trying when there is a huge amount they could be doing. And things like the bank bag bug just make me want to cry.

But what I was pointing out is that you can’t realistically expect them to be able to put a stop to 100% of all hacks anyway especially with things like the radar hack, the best they could hope to achieve is a system like WoW’s warden (which is incredibly invasive) and even that can’t stop them all.

My Prediction - Av will lock this forum because they believe in the theory, if you dont talk about it, the problem will magicaly go away.

Out of sight, out of mind, dont exist ? :bang:

remove the mini map.

remove the mini map.

This... We already have a world map, do we need more?

remove the mini map.

Interesting...

This... We already have a world map, do we need more?

Eeeh, from the screenshots and promo videos I have seen, the radar is not tied to your minimap. You can put it where you like.

The problem is that the player information is sent to you when they are within a certain distance. They can then sniff that and present it as they like.

Removing the minimap would actually hurt those playing fair more.

DunnyKan

You make it sounds so easy, you are speaking to someone who has written the comms for and tried to implement an Anti-Hacking system for a no-budget Indy MMO before and it's a pain the arse. And most of the things you can do to combat it just slow things down considerably and can still be circumvented one way or another (Now if you do this professionally then I will bow to your knowledge on the matter)

But I do agree AV seems to have just totally given up and don't even appear to be trying when there is a huge amount they could be doing. And things like the bank bag bug just make me want to cry.

But what I was pointing out is that you can’t realistically expect them to be able to put a stop to 100% of all hacks anyway especially with things like the radar hack, the best they could hope to achieve is a system like WoW’s warden (which is incredibly invasive) and even that can’t stop them all.

Its easy, you simply do not send the information to the client telling him where other people are on a minimap. If you are in a party, then this is when it should be triggered, and the information then gets send to your computer telling you where the other party members are on your map.

Its so easy, you just do not give the client the information.

The client should only be sent information, as to where clan/party members are and that is it. Would fix everything, as long as they make it the clients cannot access the server to find out locations of other players.

Easy...

Easyy...

Eassssyyyyy!

Implement it!

Radar Hack:

Valid points why it is hard to implement a Radar Hack detection, the only way seems to be, not to send the information of Playerobjects not in LOS to the client at all.

Teleport:

It is possible to implement it.
Check Speed vs Location and if anomalies occur flag the client.
Obviously implement a "Z" check for height and runestone / Teleport.

I sincerely hope that AV is working on this already, I don´t think that they gave up on it. I hope they also file lawsuits against the providers of the hax.

Its easy, you simply do not send the information to the client telling him where other people are on a minimap. If you are in a party, then this is when it should be triggered, and the information then gets send to your computer telling you where the other party members are on your map.

Its so easy, you just do not give the client the information.

The client should only be sent information, as to where clan/party members are and that is it. Would fix everything, as long as they make it the clients cannot access the server to find out locations of other players.

Easy...

Easyy...

Eassssyyyyy!

Implement it!

The server will most likely reference some kind of spatial-tree structure find all objects (players, mobs, chaos chests, etc) within a specified range from the player it is updating, it will then check this against what it last sent to that client, and send only the changes in equipment worn, animations playing, direction facing, a location delta, etc. On receiving this the client will then update its internal cache of these objects applying the changes to keep it synchronised with the server. (There is a lot more involved here but I am keeping it simple)

So the client is sent and will maintain a full list of objects in the vicinity of the player that it may be called upon to render if the player looks in that direction and there are no buildings or terrain to obscure it.

It’s from this internal list of game world objects that the 2D locations are taken for display on the mini-map and are intercepted for used in things like the radar hack.


The only real way of combating radar is to do a ‘Line of Sight’ check on the server before sending the data to the client, even this is not fool proof as it may still be useful to have a radar hack point out people you may have just not noticed just using the official client alone. That and doing these LoS checks comes with its own set of problems, slowing down the server thus introducing lag and people popping on screen as they may be half-way into your field of view by the time your client receives any info on their position and did not get the chance to pre-load them in while they were outside of your view.

The client should only be sent information, as to where clan/party members are and that is it. Would fix everything, as long as they make it the clients cannot access the server to find out locations of other players.

Easy...

Easyy...

Eassssyyyyy!

Implement it!

You clearly have a very limited understanding of the technical aspect of this.

Lets take it in steps:
1) The client needs information about all the players it needs to show to you. Not just your clan/party members. I assume we can agree on that.

2) Now which players should you see?
Thats where the problem arises. If the server has to judge which players you can actually _see_ due to terrain and what not - and not just who you could potentially see based on distance - then the server has to continually calculate your line of sight to all players within distance - on every ping. For all players. Say hello to your little friend latency - or lag as you would call it.
So instead they send you information about all the players you could _potentially_ see were it not for terrain - and then let your processors do that work. Which enables the radar programs to sniff out that information and display it to you.

I don't think there are any games like this out there, that does not work that way. Which would not be the case if it was "Eassssyyyyy!".

What they can do is make it harder to translate the send information into actual positions - but they are up against some pretty smart guys and it would be quite hard, if not impossible, to make it bulletproof.

Why dont the admins just use the hacks that the players are using?

An admin could be flying along with the teleport hack or speedhack and spot another hacker. He could then use sticky to back and press G - then click on Ban.


If they dont have the option of pressing G on a player and then clicking on Ban. IMPLEMENT IT

The biggest problem with z-checks would be the fact that there are (still, since there have been no notes of worldbuilding updates involving the areas I know) a few gaps in the ocean floor where you can fall onto (or below) the seabed. Also, there's at least one hamlet I know of (Qiqatak) where recalling in sometimes puts you beneath the world.

Flags to make sure a player is recalling or using /stuck would make sense though.

As for radar hacks, there's no good way to detect them. The only solution I can see is to only send data based on player LoS.

-
There definitely ways to minimise hacking. Though I don't know if running the checks are as simple as you make them out to be. But they are definitely doable

-
Admittedly I don't think that security can be 100% fool proof. But the tighter security the less people who will be able/willing to go through the hassle of hacking

So as not to end on a negative note...The combination of a wow style warden with full memory scanner and an encrypted data stream would certainly be very effective at making hacking a lot more difficult (still not impossible) but would require a large amount of work to implement and the encryption would slow the comms down (a lot potentially).

My main point was that this is not as easy to solve as some people were suggesting. But I also agree they could atleast try doing some basic things rather than seemingly just give up.

PlaneShift (http://www.planeshift.it/) uses LoS technology.
saw an interview with a dev, who explained that even if u use a spell that makes u invisible, the data about your avatar will no longer be sent to any client.
well, PlaneShift is open source, without this system it would probably be too easy for many ppl to (mis)use the data server sends to them.. :)

ofc, there's no such thing as a free lunch - the subsystem that constantly calculates LoS for all important objects (not only for avatars) eats up considerable processor resource.

but, the developer guy said, the server itself is not the most costly thing, it's the internet connection that eats up most of the money. as the LoS system minimizes the data output sent to each client, it even helps to save up money.

True, it is actually an approach I have experimented with...

You can either use hack detectors, memory scanners, encryption, etc in an effort to try and maintain the integrity of the client or you can accept that the client is going to be compromised and not trust anything you receive from it while only sending updates to the client on a need to know bases.

I went with the old style fully authoritative server... ‘send the raw player input data each tick’ and let the server calculate the player’s actions and location while the client would just run client side prediction and try to interpolate any corrections when the data came back from the server.

Neither approach is simple nor without its pitfalls and performance issues, but since they have already written the game and a lot of logic is client side I don’t think they have much choice but to try and secure the client at this stage.

Edit: Of course the LoS invisibility thing wouldn’t' work if you wanted a slight shimmering effect like in Predator or something.

darkfall engine does not save z axis . thats my estimation since you can log out ,inside a house and log in ,at the roof .

darkfall engine does not save z axis . thats my estimation since you can log out ,inside a house and log in ,at the roof .

Its prob not that at all, the problem is with the collision detection.. Ie when you typical spawn a player in a 3D world you never really can spawn the player at the exact location, you normal have to spawn the player a little above the group and use basic collision detection to stop the player when he hits a object or the terrain. Ie this calculation is easy where there are not many objects around, but around houses and cities that is not the case.

Just think of how many games when they first start up, you fall a few feet to land.. IE i played a ton of MMOs as well as worked with many game engines and this is a common issues with any game.

most of the hacks people are using can or could be detected because they are invasive. You can either see it happening in game or detection software could be put into place that would pick it up.

onto the passive hacks. radar hacks are used in a passive manner. meaning you can use a totally separate computer and just sniff the line and extract what data you want. You could use something like wireshark or make a man in the middle type attack on yourself.. to intercept and extract the data. A hack used to extract in game locations would not be detectable in almost all cases. the only way to detect it would be if it was being used on the machine running darkfall and there was some hack detect software that darkfall used and the hack detect software could sucessfully detect said hack with either signatures or by hueristics. If the user used a separate machine you would never be able to detect his radar hack.

This brings us to how to fix this... for starters the darkfall team could implement encryption on player locations. This would cause some increased processor usage, but it would be across the board i.e. everyone would suffer the same. Todays cpu's are also generally several orders of magnitude more powerful than the end user actually needs.

So what encryption type to use? Well you would want to use one that was reasonable strong and very fast. i.e. the time it takes to get the packet and decrypt it is minimal. One algorithm that is both fast and secure is blowfish. blowfish is a symmetric open source (free) encryption that has military grade strength and is very fast. there are other, possibly faster ones. Blowfish however is both fast and strong and did i mention free??

You could also minimize the impact by only encrypting player location data. this solution, I believe would cause minimal impact on player performance, and make it immensely more difficult to use radar hacks. Which In my opinion are the worst types of hacks being used in DF to date because you cant really prove that someone is using it unless you have gms set up traps for them which is time and resource consuming. And it takes away from the funest parts of the game, escape and evade and sneak and attack scenarios. I just can not fathom why people pay to play a game and then hack. There at least in my mind is no satisfaction in that.

most of the hacks people are using can or could be detected because they are invasive. You can either see it happening in game or detection software could be put into place that would pick it up.

onto the passive hacks. radar hacks are used in a passive manner. meaning you can use a totally separate computer and just sniff the line and extract what data you want. You could use something like wireshark or make a man in the middle type attack on yourself.. to intercept and extract the data. A hack used to extract in game locations would not be detectable in almost all cases. the only way to detect it would be if it was being used on the machine running darkfall and there was some hack detect software that darkfall used and the hack detect software could sucessfully detect said hack with either signatures or by hueristics. If the user used a separate machine you would never be able to detect his radar hack.

This brings us to how to fix this... for starters the darkfall team could implement encryption on player locations. This would cause some increased processor usage, but it would be across the board i.e. everyone would suffer the same. Todays cpu's are also generally several orders of magnitude more powerful than the end user actually needs.

So what encryption type to use? Well you would want to use one that was reasonable strong and very fast. i.e. the time it takes to get the packet and decrypt it is minimal. One algorithm that is both fast and secure is blowfish. blowfish is a symmetric open source (free) encryption that has military grade strength and is very fast. there are other, possibly faster ones. Blowfish however is both fast and strong and did i mention free??

You could also minimize the impact by only encrypting player location data. this solution, I believe would cause minimal impact on player performance, and make it immensely more difficult to use radar hacks. Which In my opinion are the worst types of hacks being used in DF to date because you cant really prove that someone is using it unless you have gms set up traps for them which is time and resource consuming. And it takes away from the funest parts of the game, escape and evade and sneak and attack scenarios. I just can not fathom why people pay to play a game and then hack. There at least in my mind is no satisfaction in that.


The first issue with encryption is net traffic volumes.
Locations are going to be a very common item of data to be transferred many per second during normal play, they are probably already bit-packed delta’s to reduce the amount of data needed to be sent across the network but for example suppose we send 3, 32bit floats for a full location each time as a single 96bit block of data, after encryption using blowfish as per your example we will end up sending a data block that is double the original length.

FFFFFFFFFFFFFFFFFFFFFFFF
Encrypted using a Key of “ABCDEFGHIJKLMNOPQ” becomes...
BAE3B5491AB0AB86BAE3B5491AB0AB86BAE3B549 1AB0AB86

The second issue is that if you don’t take a lot of extra care, someone reverse engineering your client and/or memory snooping can easily gain all the information they need to decrypt the data stream themselves anyway. Encrypted transfer is normally only used to stop any intercepted data from being read by a third-party on the network. Having full access the machine on the receiving end means you also have access to the code that is doing the decryption along with the key (or how to find it) imbeded in that code.

Why dont the admins just use the hacks that the players are using?

An admin could be flying along with the teleport hack or speedhack and spot another hacker. He could then use sticky to back and press G - then click on Ban.


If they dont have the option of pressing G on a player and then clicking on Ban. IMPLEMENT IT

lol.

There's an easy solution to the Radar hack issue. Implement an in game skill called tracking to level the playing field, ala Shadowbane's tracking skill. It doesn't need to make players show up on the minimap. The way it worked in SB was you activated the skill and a small window popped up showing all players in range. You could select one to begin tracking and a small arrow would appear pointing you in their direction.

The best way to combat cheating, is to make cheating pointless.

T
You could try encrypting the data but for one it would be slow and introduce more lag (transferring more data and spending longer handling that data) and besides the client would have to contain all the info you need for decrypting it anyway and even if you decided not to directly intercept and decrypt the packets you could just snoop the memory address the client is using to store the data after it has received it.

Data has always been encrypted with Darkfall, from the earliest beta on, and this has worked well enough, I'm fairly certain nobody has yet come up with a hack that intercepts all packets and decrypts them, because it is pretty damn unnecesary. All the big hacks rely upon information taken from and inserted into Darkfall's memory directly.

This is preventable and detectable with much less effort than you are presenting. They don't even try to keep people from running DF in a debugger.

Blizzard does it, it is possible. They have done a great job in minimizing hacks.

Why dont the admins just use the hacks that the players are using?

An admin could be flying along with the teleport hack or speedhack and spot another hacker. He could then use sticky to back and press G - then click on Ban.


If they dont have the option of pressing G on a player and then clicking on Ban. IMPLEMENT IT

ur a fcking genius mate :D

i think the solution is some change to EULA where we accept that together with darkfall.exe a programm is launched that is allowed check runing prozesses on your computer and report known hacktool processes to AV

the second step is to allways get the newest and fresh hacktools from the hacker comiunity and update their dedection tool

so u dont make the game unhackable because something like that is impossible

but u make it very had to use the hacks

to be able use hacks would the require updates of ur hacks very often (and im sure u dont get the updats for free it would be a shitload work change the hack code every few days) and u allways have a chance to u update to late and get dedectect for perma ban

sooner or later u would get all hack users this way

Blizzard does it, it is possible. They have done a great job in minimizing hacks.

Blizzard tried but they don't really have a that effective hack detection tool, one thing that helped them a lot was that they updated their hack detection often and sometimes they caught tons of users by surprise before the hack developers got a chance to update the client, thus scaring many people of the thoughts of using hacks.

There's one thing AV could have done though and I believe they will, if they suddenly implement some detection in their client, even if it's nothing advanced at all, there will be a decent amount of people getting banned simply because they log on before the hack tools have been updated and that will definately scare off some potential hackers and get rid off a few existing ones.


i think the solution is some change to EULA where we accept that together with darkfall.exe a programm is launched that is allowed check runing prozesses on your computer and report known hacktool processes to AV
Scanning the processes wouldn't do any good at all.
Warden does this and it's easy to hide the process from Warden.