I agree. One could just hack the game source and put a fake high score in. Or they could use photoshop.Robin wrote:The image analysis tool would likely be harder to write than something breaking that same tool.T-Bone wrote:Inny, your note about screenshots gave me an idea: The client could take a screenshot and send it to the server, which could then use image analysis tools to determine if it seems legit or not.
Server and security
Re: Server and security
My Tox ID: 0F1FB9170B94694A90FBCF6C4DDBDB9F58A9E4CDD0B4267E50BF9CDD62A0F947E376C5482610
Re: Server and security
Not all problems with software should be solved with software.
-
bobbyjones
- Party member
- Posts: 730
- Joined: Sat Apr 26, 2014 7:46 pm
Re: Server and security
There has to be a decent way to verify high scores.
Re: Server and security
There can't be, thats why every single Google play games highacore table shows the same global record (maximum number representable by int) and tools exist that allow you to unlock steam achievments at a button-press without any issues or banning.bobbyjones wrote:There has to be a decent way to verify high scores.
Re: Server and security
Online only mode is decent. Of course, you shift the problem into looking for a decent way to deal with latency and ping times.bobbyjones wrote:There has to be a decent way to verify high scores.
-
Robin
- The Omniscient
- Posts: 6506
- Joined: Fri Feb 20, 2009 4:29 pm
- Location: The Netherlands
- Contact:
Re: Server and security
And you still have aim-bot like stuff messing up the scores.
Help us help you: attach a .love.
-
bobbyjones
- Party member
- Posts: 730
- Joined: Sat Apr 26, 2014 7:46 pm
Re: Server and security
Well I think setting up an a score verification system is better than doing nothing like most games. Like Flappy bird and Call of Duty
Re: Server and security
Explain how you would do it. There isn't a way because you do not have full control over all clients. It is impossible to know if a connection is pretending to be real or not. The only way to "verify" the score is to send a replay of sorts to the server and have the server check that. But what is to stop this replay from being forged too? It might be time consuming but there are people who take great joy in doing that kind of thing...bobbyjones wrote:Well I think setting up an a score verification system is better than doing nothing like most games. Like Flappy bird and Call of Duty
My Tox ID: 0F1FB9170B94694A90FBCF6C4DDBDB9F58A9E4CDD0B4267E50BF9CDD62A0F947E376C5482610
-
bobbyjones
- Party member
- Posts: 730
- Joined: Sat Apr 26, 2014 7:46 pm
Re: Server and security
I meant some sort of verification. Doing nothing is useless
Re: Server and security
Ummmm have you read the previous posts? There isn't any verification that one can do verify certain that the data is not forged. The rogue player always can perfectly mimic a well behaving client. It doesn't matter if you think that it is useless, there isn't a way. The only thing that can be done is make it harder for a player to submit false scores.bobbyjones wrote:I meant some sort of verification. Doing nothing is useless
My Tox ID: 0F1FB9170B94694A90FBCF6C4DDBDB9F58A9E4CDD0B4267E50BF9CDD62A0F947E376C5482610
Who is online
Users browsing this forum: No registered users and 85 guests