[[NBK] G.I. Jerk]

Quote:

Originally Posted by r3mix

means no skins/scopes/crosshairs

r3mix

Gee how about that? A level playing field.

No blood would really suck though....

I'm so pissed off that I'm almost ready to surrender all my mods just to have a decent game for once. I played probably 15 hours the past three days and it was a totally ruined experience. Land-sharking, being painted fluorescent orange when trying to blend in with a bush, inter alia, you name it.

All I can say is that if EA wont fix it (they wont) then we the end users must try to, or at least find a half decent trade off.

Last but not least, I truely wish more people would learn WTF the console is and learn to vote! If the majority of mohaa players weren't so dense, we could at least punt the goofs from the rarely admined servers.

That's my two bits.

[r3mix]

[quote="[NBK] G.I. Jerk":bfcd4]

Quote:

Originally Posted by r3mix

means no skins/scopes/crosshairs

r3mix

Gee how about that? A level playing field.

No blood would really suck though....

I'm so pissed off that I'm almost ready to surrender all my mods just to have a decent game for once. I played probably 15 hours the past three days and it was a totally ruined experience. Land-sharking, being painted fluorescent orange when trying to blend in with a bush, inter alia, you name it.

All I can say is that if EA wont fix it (they wont) then we the end users must try to, or at least find a half decent trade off.

Last but not least, I truely wish more people would learn WTF the console is and learn to vote! If the majority of mohaa players weren't so dense, we could at least punt the goofs from the rarely admined servers.

That's my two bits.[/quote:bfcd4]

only a dickhead would run a server that kicked every single player joining who had a custom scope or a custom map required for another server.

you would end up with 2 fucknuts playing each other on there sooooooo happy that they werent getting spanked by someone "who cheats because they have a custom scope". this can already be achived by arranging a private game on MSN or some such.

quite frankly even if the largest server hosts in my ping range started using it i wouldnt play them becuase who can be fucked quitting to remove the custom maps you just used on another server to join that one?

do you and i not play on a level playing field because i have desertbase installed ? if you think so then youre fucked..... and if you think not
then this client/server system is.

r3mix

[[NBK] G.I. Jerk]

You missed what I was getting at.

All I'd like is better admins... WHO DO SOMETHING to prevent this sort of crap. IE.... admin like they should

Also...

rr3mix..... I don't know how much scripting.... JS, perl, MSDOS batch, python, q3-based etc etc you do. Sorry if it appears that I try to insult your inteligence. (not trying to)

If a program CAN be done that DIFFERENTIATES contents of a pk3 the it COULD be done thusly:

(examples off the top of my head)

IF EXIST /textures/models/weapons/blah blah blah.TGA then IGNORE

(this would ignore skins etc etc)

BUT......

IF EXIST /blah/blah/blah/ whatever.TIK then RCON PASS CLIENT KICK #

THAT's what I'm getting at.

Maybe CK knows where I'm thinking at.... apparently you don't.

All I'm saying is something needs to be done and anyone who thinks otherwise must be afraid of cheats being stopped for whatever reason.

No offence pal.... seriously.... you obvious don't program or script. At least one of my scripts is listed as a security threat by norton anti-virus ;) any of yours?

EDITED::::

Look dude.... I been drinking tonight..... In after thought I feel I sounded a little condescending above (and arrogant) I wont HIDE/delete behind an edited post so I'll leave the rest there....

At any rate.... if the PATH can be determined..... so can the purpose. That is to say,.... IF a weapon has a new texture, no harm done.... If a WALL does....it could be a blank TGA file (wallhack).... PATH is everything in determination.

Again... sorry for being an ass..... but the cheating HAS to stop

[r3mix]

[quote="[NBK] G.I. Jerk":b57fb]
rr3mix..... I don't know how much scripting.... JS, perl, MSDOS batch, python, q3-based etc etc you do. Sorry if it appears that I try to insult your inteligence. (not trying to)

If a program CAN be done that DIFFERENTIATES contents of a pk3 the it COULD be done thusly:
(examples off the top of my head)
IF EXIST /textures/models/weapons/blah blah blah.TGA then IGNORE
(this would ignore skins etc etc)
BUT......
IF EXIST /blah/blah/blah/ whatever.TIK then RCON PASS CLIENT KICK #
THAT's what I'm getting at.

Maybe CK knows where I'm thinking at.... apparently you don't.

All I'm saying is something needs to be done and anyone who thinks otherwise must be afraid of cheats being stopped for whatever reason.

No offence pal.... seriously.... you obvious don't program or script. At least one of my scripts is listed as a security threat by norton anti-virus any of yours?[/quote:b57fb]

of course youre insulting me.
if you werent you would have come to this discussion with a little bit of research on what has previously been discussed on these very same forums, including my posts on a variety of issues concerning the same.

you are correct in your assumption that i have never attempted to learn any programming language... hovever thats entirely beside the point. what you are not respecting is the fact that i am far more intelligent than you..... which negates any benefit that a knowledge of scriptz would have.

i get paid a fair bit of money to design and implement systems in every area of our firm..... and that includes telling the linux/perl/sql guru (who quite by coincidence is lightyears beyond you in terms of programming knowledge) to sort his shit out when i look at what he has implemented.

if you actually had any knowledge of computer security you would understand that the code involved is nothing more than a tool used against the system design..... whether that sytem involves people, processes or code is irrelevant.... the same flaws lead to the same vulnerabilities.

knowing how to write script is completely useless if you are not intelligent enough to design a system that can be both usable and not easily circumvented. id also like to make mention that having your script included in an antivirus program is not particlarly impressive given the state of variants and the nature of the industry which serves itself by adding more threats to its signature files.

however you wanted to discuss this anti cheat without reading what has already been written so lets go at it pal.....

firstly you say...
[quote:b57fb]"If a program CAN be done that DIFFERENTIATES contents of a pk3 the it COULD be done thusly:
(examples off the top of my head)
IF EXIST /textures/models/weapons/blah blah blah.TGA then IGNORE
(this would ignore skins etc etc)
BUT......
IF EXIST /blah/blah/blah/ whatever.TIK then RCON PASS CLIENT KICK #
THAT's what I'm getting at."[/quote:b57fb]

first of all i can say quite confidently that you have little to no knowledge of computer security or programming in this regard. verification of the integrity of files is a pretty basic area and one which has been successfully implemented using standard techniques for some time without and need for variation..... ie if you knew anything you would have learned this shit years ago.

to actually check for the existance of particular files within PK3s such as skins or TIK files, as you have suggested, is completely useless in both verification of stock and foreign files.

so lets run through both these scenarios in order of probably occurance.... firstly to verify the integrity of the stock PK3s from the retail installation. the problems with employing such a check for this purpose are that verification of path does not address any known problem and that such verification is useless in verification of integrity of the file you are checking

to put it bluntly... you dont have a brain.

there is no problem (and i presume never will be) in that i have deleted my skin out of a PK3 file for the "manon". so the implementation of such a check is completely useless in that it does not actually address any problem.

there is however a problem that i can alter the "manon" skin to be a brilliant pink to allow me to see the bitch in the dark and against any background. in any implementation this will require that i alter the TGA graphics file that is used by the system to add this colouration. so if your sharper than a brick youll probably realise that actually checking the file integrity is the only option for preventing this type of cheating.

i first raised the idea of implementing checksums against the stock PK3s in a thread here a couple of months ago, and someone has again mentioned it in the past few days. as i hinted to earlier, implemetations such as MD5 are not subject to attack nor any occurance or error that is worth consideration.

now onto the other possible scenario from your example which takes us to a much harder area to deal with - and please do let me know whether i have addressed this to your satisfaction

if you want to identify known cheats by way of applying any examination of the files contained in PK3 files.... whether stock or foreign.... you can, but with for no effective period worth implementing.

lets say you have a single cheat which consists of a spiked skin by way of an altered TGA file. if this circulates the net and is actually caught by your system, the kick you employed will be effective up until the name of the TGA file or its path are altered.... in which case your ststem will not find the cheat it is looking for.

on the other hand if the system used the actually reliable checksum system employed for the verification of the stock files it would fall down in a similarly short period for similar reasons. simply changing the colour of my 255 red spiked skin to 254 red will alter its checksum to one which is not blacklisted in your system.

since i am beginning to bore of this i will summarise it for you.
you dont have a brain.
you dont have any knowledge of system security so please dont invoke your "achievements" as anything of merit.
your system does not address any known cheat so it is useless.

please bless me with your comments script-boy.

r3mix

ps. in addition to altering the actual TGA files to create "spiked" skins there may also be some use in altering the shader file. i do not know enough about skinning to know exactly what uses can be abused through the shader file, however it is a reasonable assumption that the usefullness of a cheat is far greater if the skin itself is altered to a bright colour rather that whatever effects the shader file employs. however in the same respect any system that is intended to verify the integrity of the stock files will include the textures, scripts and shaders with equal importance.[/code]

[r3mix]

[quote:70aff]Look dude.... I been drinking tonight..... In after thought I feel I sounded a little condescending above (and arrogant) I wont HIDE/delete behind an edited post so I'll leave the rest there.... [/quote:70aff]

you already shook my cage pal.
so now we gonna do this till its done.
lets hear your reply to my post.

r3mix

[[NBK] G.I. Jerk]

"of course youre insulting me."

To which I recified myself and apologized. A bigger man would accept an apology and not stoop to my currently drunk (but sobering) obnoxious level. Perhaps we're BOTH pigheaded and that precludes that? *shrugs*

"you are correct in your assumption that i have never attempted to learn any programming language... hovever thats entirely beside the point. what you are not respecting is the fact that i am far more intelligent than you..... which negates any benefit that a knowledge of scriptz would have."

And I should take said assertion at face value? That's like saying a lawyer has the "brains" to rebuild his car's engine. We all have our talents which are not applicable to every situtation, intelligent persona or otherwise.

"i get paid a fair bit of money to design and implement systems in every area of our firm..... and that includes telling the linux/perl/sql guru (who quite by coincidence is lightyears beyond you in terms of programming knowledge) to sort his shit out when i look at what he has implemented."

Telling a guy that his application isn't to your liking hardly makes you and expert at it when you need to rely on him does it? *chuckles*

"if you actually had any knowledge of computer security you would understand that the code involved is nothing more than a tool used against the system design..... whether that sytem involves people, processes or code is irrelevant.... the same flaws lead to the same vulnerabilities."

That's hardly compedious. In fact it's quite a rambling screed. I fail to see what you mean. Care to be more succinct??

"knowing how to write script is completely useless if you are not intelligent enough to design a system that can be both usable and not easily circumvented."

As I've said earlier in this thread, the anticheat software seems inherently flawed. To this we agree it seems. Why bring it up?

(snip)(/snip)

"verification of the integrity of files is a pretty basic area and one which has been successfully implemented using standard techniques for some time without and need for variation..... ie if you knew anything you would have learned this shit years ago."

Uh gee.... I mentioned exactly said premise already. Perhaps you missed it? As you say a CRC check is pretty old hat man. BTDT eons ago ;)

"to actually check for the existance of particular files within PK3s such as skins or TIK files, as you have suggested, is completely useless in both verification of stock and foreign files."

Not so I do believe. Unix DIFF or DOS FC commands can verify contents changed VERY easily EVEN IF (assuming text as in the TIK example) the byte count remains the same. Sorry Sir, you stand corrected. Ask your linux/perl/sql "guru" ;)

"so lets run through both these scenarios in order of probably occurance.... firstly to verify the integrity of the stock PK3s from the retail installation. the problems with employing such a check for this purpose are that verification of path does not address any known problem and that such verification is useless in verification of integrity of the file you are checking"

How so? You've already admitted you haven't the foggiest inkling how to do it via code. Care to take a stab at it? Send me the source code?

"to put it bluntly... you dont have a brain."

Hmmm.... At least I know where to start, but as you said,... you don't.

"there is no problem (and i presume never will be) in that i have deleted my skin out of a PK3 file for the "manon". so the implementation of such a check is completely useless in that it does not actually address any problem."

It is extreemly easy to (via code) overlook the missing. To use simple syntax for your benefit. --- IF NOT EXIST *.whatever (texture) GOTO NEXT. That is to say, what isn't THERE can harldy be construed to be possesing a cheat can it?

"there is however a problem that i can alter the "manon" skin to be a brilliant pink to allow me to see the bitch in the dark and against any background. in any implementation this will require that i alter the TGA graphics file that is used by the system to add this colouration. so if your sharper than a brick youll probably realise that actually checking the file integrity is the only option for preventing this type of cheating."

Well obviously this brick is sharper than your comprehension of my earlier posts on THIS thread as it is EXACTLY what I had proposed. No offence intended.

"i first raised the idea of implementing checksums against the stock PK3s in a thread here a couple of months ago, and someone has again mentioned it in the past few days. as i hinted to earlier, implemetations such as MD5 are not subject to attack nor any occurance or error that is worth consideration."

Gee.... great minds think alike as I'd been on the same wavelength as per my earlier posts on this thread. Do you seriously expect a guy to check out ALL umpteen thousand posts to see if said issue had been raised before? Hell half the time it takes 30 seconds to load one silly page this server is so slow

"now onto the other possible scenario from your example which takes us to a much harder area to deal with - and please do let me know whether i have addressed this to your satisfaction :)

if you want to identify known cheats by way of applying any examination of the files contained in PK3 files.... whether stock or foreign.... you can, but with for no effective period worth implementing.

lets say you have a single cheat which consists of a spiked skin by way of an altered TGA file. if this circulates the net and is actually caught by your system, the kick you employed will be effective up until the name of the TGA file or its path are altered.... in which case your ststem will not find the cheat it is looking for. "

Not using checksums as BOTH of us have been thinking. No this is NOT to my satisfaction. PLEASE make Manon "brilliant pink" as you suggest. Then place it for me on the net...ftp...http....gopher...CVS or whatnot. (send URL) I will then write a script (using various executablesof my choosing) that will differentiate in a heartbeat betwixt the two. Then to PROVE the script is doing the work and not my human eye, I will video capture the execution thereof for you to see. I'm putting my money(and reputation) where my mouth is. Will you?

"on the other hand if the system used the actually reliable checksum system employed for the verification of the stock files it would fall down in a similarly short period for similar reasons. simply changing the colour of my 255 red spiked skin to 254 red will alter its checksum to one which is not blacklisted in your system."

Well, enough arguing. Put your money where your mouth is. (only those who never take on challenges, never lose... I'm prepared to.) If I turn out to be wrong then SO BE IT! We would then know that this is a failed method and lets move on to the next. I assume you as much as I wish to find the answers to this dilemma? Right?

"since i am beginning to bore of this i will summarise it for you.
you dont have a brain.
you dont have any knowledge of system security so please dont invoke your "achievements" as anything of merit.
your system does not address any known cheat so it is useless.

please bless me with your comments script-boy.

r3mix"

System? I haven't even begun to start on such project. In fact I never said I had the time to take on such an undertaking. As far as SECURITY goes, NOBODY knows it all. In fact it seems every week Micro$haft has a new security update out for their various OS's and they WROTE the frikiin things.
I will say this however, I've been a *nix sysop for four years now and have yet to find anyone in my bawx.

"ps. in addition to altering the actual TGA files to create "spiked" skins there may also be some use in altering the shader file. i do not know enough about skinning to know exactly what uses can be abused through the shader file, however it is a reasonable assumption that the usefullness of a cheat is far greater if the skin itself is altered to a bright colour rather that whatever effects the shader file employs."

It's a very reasonable assumption. Changes are easily discernable via unix DIFF and DOS FC commands. Hexidecimal can aslo be used for other files types

r3mix,.... I'm going to try to apologize (never said "sorry" the 1st time but i figured you got my drift) AGAIN. I've been boozing it up, and i get a little pugnacious at such times. It would seem that we BOTH have been thinking much along the same lines and that somehow it wasn't acknowledged. Needless to say argiung between us WONT fix the problem. Putting our heads together (with others) might. Care to move on?


]NBK[ CAGE RATTLER ;)

[r3mix]

Quote:

Originally Posted by "[NBK

G.I. Jerk":5f528]
"verification of the integrity of files is a pretty basic area and one which has been successfully implemented using standard techniques for some time without and need for variation..... ie if you knew anything you would have learned this shit years ago."

Uh gee.... I mentioned exactly said premise already. Perhaps you missed it? As you say a CRC check is pretty old hat man. BTDT eons ago [/quote:5f528]

then why suggest a far less usefull verification.... ie that a file of that name exists?

[quote:5f528]"to actually check for the existance of particular files within PK3s such as skins or TIK files, as you have suggested, is completely useless in both verification of stock and foreign files."

Not so I do believe. Unix DIFF or DOS FC commands can verify contents changed VERY easily EVEN IF (assuming text as in the TIK example) the byte count remains the same. Sorry Sir, you stand corrected. Ask your linux/perl/sql "guru" [/quote:5f528]

i dont stand corrected at all. you suggested checking if a file of a particular name exists as a method to identify cheats.... this is still completely useless and trivial to circumvent regarless of the operation of any programming language you wish to mention.

[quote:5f528]"so lets run through both these scenarios in order of probably occurance.... firstly to verify the integrity of the stock PK3s from the retail installation. the problems with employing such a check for this purpose are that verification of path does not address any known problem and that such verification is useless in verification of integrity of the file you are checking"

How so? You've already admitted you haven't the foggiest inkling how to do it via code. Care to take a stab at it? Send me the source code?[/quote:5f528]

you really dont get it do you? there is no code that can be created to explain this by me... you .... or anyone else.

as i pointed out there are no problems with people removing files such as TGA, TIK or SHADER..... it simply does not happen.... therefore checking that they are present is of no value. these files are present just the same on a default installation as they are on the most heavily modified system.

to use my example.... i can turn my manon skin into bright red without touching any part of my default PAK files. likewise i can modify my weapon TIK files without removing or replacing those files from the original PK3s therefore it is pointless to check that they still reside in the PK3s.

exactly how could you better understand this by seeing source code?
if you agree that there is a large section on this website called "maps, mods and skins" that hosts a variety of PK3 files that do work to modify your game without altering the original PK3 files then you must concur.

[quote:5f528]"there is no problem (and i presume never will be) in that i have deleted my skin out of a PK3 file for the "manon". so the implementation of such a check is completely useless in that it does not actually address any problem."

It is extreemly easy to (via code) overlook the missing. To use simple syntax for your benefit. --- IF NOT EXIST *.whatever (texture) GOTO NEXT. That is to say, what isn't THERE can harldy be construed to be possesing a cheat can it?[/quote:5f528]

granted it may be quite easy to find what is and isnt missing.... however if missing files are not a problem at all now of in the future of what benefit is it?

[quote:5f528]"there is however a problem that i can alter the "manon" skin to be a brilliant pink to allow me to see the bitch in the dark and against any background. in any implementation this will require that i alter the TGA graphics file that is used by the system to add this colouration. so if your sharper than a brick youll probably realise that actually checking the file integrity is the only option for preventing this type of cheating."

Well obviously this brick is sharper than your comprehension of my earlier posts on THIS thread as it is EXACTLY what I had proposed. No offence intended. [/quote:5f528]

so after saying im too dumb to comprehend the useless method you wrote you are telling me what i just outlined is what you initially meant when you said ? i got that right did i ?

[quote:5f528]"now onto the other possible scenario from your example which takes us to a much harder area to deal with - and please do let me know whether i have addressed this to your satisfaction

if you want to identify known cheats by way of applying any examination of the files contained in PK3 files.... whether stock or foreign.... you can, but with for no effective period worth implementing.

lets say you have a single cheat which consists of a spiked skin by way of an altered TGA file. if this circulates the net and is actually caught by your system, the kick you employed will be effective up until the name of the TGA file or its path are altered.... in which case your ststem will not find the cheat it is looking for. "

Not using checksums as BOTH of us have been thinking. No this is NOT to my satisfaction. PLEASE make Manon "brilliant pink" as you suggest. Then place it for me on the net...ftp...http....gopher...CVS or whatnot. (send URL) I will then write a script (using various executablesof my choosing) that will differentiate in a heartbeat betwixt the two. Then to PROVE the script is doing the work and not my human eye, I will video capture the execution thereof for you to see. I'm putting my money(and reputation) where my mouth is. Will you?[/quote:5f528]

uh.... my suggestion was that this method was easily circumvented so why would i want to attest to its effectiveness?

the greater problem in examining foreign PK3 contents for spiked PK3 files is that there is no code that can be written that can determine "artistic merit" of which i have prreviously written.

for example the shoot-bot that was originally discussed here used spiked blue skins for its allied soldiers.... which in turn make the players highly visible even without the auto-shoot functions of the rest of that hack. you can certainly tell that this skin is loaded rather than the default whatever skin that it replaces, however you cannot write anything that distinguishes it from the god-awfull sailors outfit in the skins section of aa.com. i doubt that it is a small thing to analyse a graphics file to determine its count of a particular colour, and even if it could you simply cannot remotely differentiate between a skin designed for high visibility and a skin that just plain sucks arse.

however we seem to have got to the point where you are willing to write code just to make a point..... why not just start writing the fucking thing instead of waiting for people like Crow King to do it?

i will most certainly put my reputation on the line where i think the test has merit.... however sending you a PK3 for you to locally point a program at does not. so create and release this tool and i (without any programming knowledge) will circumvent it. sound good? this process would actually aid in the development of the tool as opposed to you writing something to detect a single skin.

as i said dont think there is any weight to be attributed to me sending you a PK3 file which you are able to examine on a local system before creating something to detect it as servers to not have this priveledge.

[quote:5f528]"on the other hand if the system used the actually reliable checksum system employed for the verification of the stock files it would fall down in a similarly short period for similar reasons. simply changing the colour of my 255 red spiked skin to 254 red will alter its checksum to one which is not blacklisted in your system."

Well, enough arguing. Put your money where your mouth is. (only those who never take on challenges, never lose... I'm prepared to.) If I turn out to be wrong then SO BE IT! We would then know that this is a failed method and lets move on to the next. I assume you as much as I wish to find the answers to this dilemma? Right?[/quote:5f528]

well a pissing contest would interest me much less than the development of an actual working admin tool. once again if the tool is to have any use it needs to account for these variations beforehand...... so making it to find a file that i send you is of no merit, for it could be nothing more than a timestamp check to achieve the results you seek. you need to make it so that it has the ability to find foreign modifations outside of your reach.

(also if you disagree with me here and persist with this challenge as though it would have any merit..... then i will be happy to send you a batch of 200 skins, all but one of which being from respected skinners from our mods section and you can write something that doesnt tell us they are developing cheats yet detects the one that is - get my point?)

however if you wanted a challenge to prove that something of this nature would actually work a more usefull test would be to download ...say... 50 custom scopes from aa.com and write a tool that could identify which was loaded in the client and produce file info of that scope. if you think about how any tool of this nature is to be deployed you will understand the value of such a test over checking one particular PK3 file. the common nature and the file structure of scopes and in particular the fact theat the overwrite each other is also of benefit, along with the rest of the HUD.

[quote:5f528]System? I haven't even begun to start on such project. In fact I never said I had the time to take on such an undertaking. .[/quote:5f528]

then why not do so? i cant fathom how any of these people develop things on their own when the beta testers run into the thousands..... so get yourself and the rest of these people who already have MoH programming interests together and start development. get an email list between yourselves and just do a bit when you can.

r3mix

[DogMeat]

I'm going to try to keep this brief, both because I don't want to rehash old material and also since I simply came here to take a short break from coding DMz Dogtag and want to get back to it.

General notes on security: All security, be it game cheat protection or securing your biz's puters from in/external threats, is a Cold War scenario. If you put a certain amount of time, money and effort into it you can achieve a level of relative safety, with ever decreasing returns for increasing expenditures. However there will always be more threats, no matter how "high" your security level, since there are many smart folks out there looking for more bugs, exploits, etc; be they white hat or black hat.

Gaming security is very much in it's infancy compared to the general state of computer security.

Difference checks, CRC, MD5, etc: Basically all do the same thing, the give us a way to verify files against a known good. MoHAA was very crippled by not having basic sv_pure functionality, which does, to quote John Carmack himself, "disallow native DLL loading if sv_pure, requires clients to only get data from pk3 files the server is using". Idealy it should work something like this: the client generates a checksum (CRC32, MD5, etc) for each and every exe, dll and pak file, which it blindly sends to the server. The server then forces the client to skip using any pak file that doesn't match, and if the exe or dlls have been changed then it won't even play on that server. There is alot of room for details and such but that's the basic blocks.

Back to the Cold War, already in progress: There is always a way to up the stakes, for example we could write a program that sends the known good checksum for the default exe, dll and pak files no matter if they have been changed or not. So why bother with the checks at all? Mostly because it will stop at least SOME players from cheating, and because on the scale of things it's worth the time, money and effort. The cycle definately results in better software for everyone eventually, but as I said games have a long way to go security wise.

This is why I'm spending time working on various MoHAA fixes that I know:
* can be circumvented
* already have a cheat freely available
* there are much worse cheats out that need to be fixed (but I can't fix em, ex: wallhack)
* stop at least some players from cheating that otherwise would be

Lately the guys from EA have posted over on the PlanetMoH forums asking for bugs and cheats in MoHAA so they can fix them before releasing Spearhead. I've sent them my entire list, including notes on sv_pure and security measures needed. They've already fixed the MG-42/Ladder, Grenade Switch Team bugs and a bunch more. [url=http://www.forumplanet.com/PlanetMedalOfHonor/user.asp?gid=19000986&mid=868436:97078]HessTruck[/url:97078] is the EA guy who is requesting all bugs and cheats, send them in a private message and lets see em get fixed folks. Don't be afraid to send in the common bugs that you hate, however do be clear, concise and legible; this guy is getting alot of mail so make sure he reads yours. Here's the [url=http://www.forumplanet.com/PlanetMedalOfHonor/topic.asp?fid=5221&tid=791275:97078]earlier thread[/url:97078] on this from Chris Shelton of EA.

I could go on, but I want to get back to coding so I can get the beta out ASAP. As Raph Koster, head designer for Star Wars Galaxies and former head for Ultima Online, says in the Laws of Online World Design; "Never trust the client. Never put anything on the client. The client is in the hands of the enemy. Never ever ever forget this."

[[NBK] G.I. Jerk]

Quote:

Originally Posted by r3mix

(snip)

then why suggest a far less usefull verification.... ie that a file of that name exists?


(snip)

r3mix

You're mistaken on a couple points Sir. But I'm not going to bother with any more quotes from you. Neither of us apparently is willing to budge.

As for verification.....

You do it in steps.... verify if exists or not. THEN look at either checksum or contents therein. In fact I mentioned three methods..... md5/crc , diff/fc and hex.
All I suggest is use ALL the available methods when and where applicable and practicable.

Why wait for CK to write it? Well in all honesty my problem lies in the fact that I don't know how to serialize UDP packets to and from the server. If it were TCP I'd give it a go no problem at all since its now a challenge. My other problem lies in the fact that I haven't yet learned (or bother to) how to query the server for it's pk3's etc etc. I may be into scripting but q3 is still 1/2 greek to me.

That's the same reason why I can't (tried already for two weeks straight--gave up) make a real-time TK monitor. I've already worked out how to parse the logfile (using both mohaa's and autokick's combined) to determine teams and kills. But it only works on my machine since I can read the file from harddisk but can't get live rcon status. I need to be able to do it from a live rcon for it to be a useful program that can be run by anyone.

[ponto40]

Guys, there is a new version of the anti-cheat

ponto40.cjb.net