LÖVE

So then just set it up so that your client accepts a string sent by the server that will return the size of the client's code in bytes to the server and if it differs from standard or if there is an error anywhere along the pipeline close the connection. Make sense?

It becomes kind of a waste of time to secure games past a certain point. I remember some time ago a Valve employee explained how a large portion of their resources go into anti-cheat stuff. I would assume if they have a hard time with it we wouldn't stand much of a chance.

Even with remote code it would be fairly easy to edit the main.lua to capture the string, then make any changes you wanted and make it pretend to launch the remote code. Of coarse you could update it regularly to make that hard, but it becomes a security arms race where you're hoping the other party gives up. That being said, a really basic security measure would be worth the effort and stop 99% of casual cheaters.

Don't forget executing remote code is nice and safe by itself.. or wasn't it.. hmm..

And if you want to check the size of main.lua (or even take its hash), don't forget that the client is in control of what it sends back.

Cabel Sasser once said the best way to fight piracy is to not even bother because people are going to find a way around it no matter how much work you put into a prevention system.
http://www.cabel.name/2008/04/coda-confidential.html

Still, I'd want to make it difficult, even if not impossible.

bartbes wrote:Don't forget executing remote code is nice and safe by itself.. or wasn't it.. hmm..

Well if the server doesn't accept remote code then a potential hacker would only be able to mess up his own client. Unless you have someone intercepting all your data and sending it out to clients w/ some kind of crashy-bug because I don't believe it's possible to create any kind of permanently damaging virus w/ lua is it?

Well, permanent, maybe even that, but it can do a lot of damage.

Dresden wrote:Well if the server doesn't accept remote code then a potential hacker would only be able to mess up his own client.

Someone, let's call him Mallory, could fake a server, sending the same code as the original server but with an extra little something in it.

Dresden wrote:I don't believe it's possible to create any kind of permanently damaging virus w/ lua is it?

Why is that? Even if that was the case, I am not entirely sure that there are absolutely no buffer overflows in Lua or LÖVE or any other component that Mallory could use to execute arbitrary code on the client.
You could make this harder by encrypting the whole thing (RSA), but that results in a HUGE overhead that the client will certainly notice. And you've only made it harder to attack, not impossible...

The problem with hashes and encryption, either symmetric or asymmetric, is that the client has to have the hash to compare or the decryption key to decrypt the content so a motivated hacker only has to look for the hash or key to be able to crack the system.

There are statistical tools that can point possible hashes or keys inside a file because they look random, and even if you save them inside a larger buffer of randomness at some point your code will have to setup a pointer into that buffer to the start of the hash/key so there's really no way to create a 100% secure client. Even sending a signed code can be flawed if the hacker has access to the validating code.

Suppose you create an assembly routine by hand that validates the code, one that is very hard to follow because it does strange things and jumps back and forth a lot. At some point though the code will have an "if (code is valid)" and that instruction alone can be changed to "if (true)", making all your hard work useless. Yes, I've done it once...

But I agree that you can take measures to stop the "casual" hacker, the one who will open the .love file and look at the Lua sources. I think it would be cool if the engine could be compiled with a public key to validate signed code or at least with a symmetric key to decrypt the contents of the .love file on-the-fly.

Cheers,

Andre

I'm much more comfortable with the testicles license.

If you force me a lot, I will tell you that you might try attaching the .love file to the love executable; it will be an order of magnitude more difficult to "decrypt"; in other words, it will take more installing winzip and double-click-open the file. Sweet. We can rule moms and pops out.

Then we have the majority of the internet; the male teens. They might not have a lot of hacking skillz but ... they do know how to search for cracked games on a warez site!

That is the magic thing. All it takes is one really smart and really bored student. For these guys, the more sophisticated the encryption is, the more fun it gets. He'll figure out the encoding in 1 week and ... voilà! It is available for all the others. It has happened before, regularly even, with AAA games. Top-notch games with a lot of resources invested on DRM get cracked in 3 weeks.

So I don't really see the point.