[MUD-Dev] Quake II has gone GPL

Vincent Archer archer at frmug.org
Wed Jan 23 11:04:28 CET 2002 

According to Travis Nixon:

> They took shortcuts without considering the consequences of those
> shortcuts.
 
> And thank you for the two fine examples of why "security through
> obscurity" doesn't work.  :)

It is funny that these type of examples are also used by opponents
of open-sourcing client code as why having everything exposed was
bad. i.e.  anybody would be able very easily to do that and cheat.

Conveniently discarding the fact that, even with closed source,
these weak spots *are* discovered.

One of the biggest advantages of working in an open source framework
is that it's highly unforgiving for your design. You *cannot* take
shortcuts because that's easier: any shortcut will be not only
visible, it will be (if you're correctly doing open source)
*documented*. For the user.

I picked the two examples because they're representative of
different problems.


The first was a simple and honest mistake. Placing the test
server-side or client-side made no difference in gameplay, other
than allowing somebody to put a no-drop object in a trade window so
that people would be able to see its stats.

And it was promptly fixed by adding a second, separate test on the
server that prevents you from trading these items.

Well, I *think* there's such a test. I'm not sure, because, you see,
last week, I was able to receive by accident an item which is now in
my inventory, is flagged NODROP, and which I can't give away. So I'm
sure there are other errors.

Unfortunately, not having the source code, I can't do zilch to help
Verant on that problem :)


The second is deeper.

As explained in the second example, you simply cannot move the
character movement code to the server. The results are totally
weird, and felt as an unresponsiveness of your character to your
commands.

The result is that you need to think a lot more about your design
than the Verant, Turbine, and many 3D world designers have.

At Nevrax, we had to think that way, because the source code of the
game was GPLed from day 1 (not fully available at start, of
course. As long as you don't distribute a binary of the game, you're
under no obligation of providing a source that was totally
incomplete and unusable).

The server is the only one that can be trusted, yet, for interactive
response, the client is the only one that can decide and execute the
movements.

The result was what we called a police model. Since you can't
enshrine your movement as a law of nature (locked and enforced by
the impregnable server), it's a "common law". And you catch the
cheater by exactly the same means: you have a police force that does
patrol and spot checks for violations of the rules.

The resulting set of checked rules is highly complex, and can take
many pages, because it checks for many things, and knows that the
network can eat most of your packets away, but be assured that speed
violators are caught, photographied, and fined. And recidivists
punished :)

--
	Vincent Archer			Email:	archer at frmug.org

All men are mortal.  Socrates was mortal.  Therefore, all men are Socrates.
							(Woody Allen)
_______________________________________________
MUD-Dev mailing list
MUD-Dev at kanga.nu
https://www.kanga.nu/lists/listinfo/mud-dev

More information about the mud-dev-archive mailing list