[MUD-Dev] Trusting the client, encrypting data

Alain Hamel ahamel at real.com
Thu Dec 18 11:26:10 CET 2003 

Jessica Mulligan <jessica at mm3d.com> writes:

> If you do come up with a method that works reliably and stays
> unbroken, you'll be a very rich and sought-after man and American
> women will want to have your babies.

Coming up with an unbreakable obfuscation system that defeats both
dynamic and static analysis in perpetuity is very hard. Ok,
impossible.

However that's not the requirement for a MUD. All that is needed is
a system that hardens the client enough that it won't be broken
before the next revision. And even if it is, who cares! They will be
able to hack for a very limited amount of time. That's a much easier
problem. Oh, and you have to design your hardening system such that
the knowledge gained from hacking part of it on week N is not that
useful on week N+1. That second part may be more difficult and may
necessitate an on going engineering effort.

I think the problem is that it costs money. Probably a good one to
two man years of engineering effort to make a nice robust
obfuscation system and you probably need to commit one engineer for
the life of the project to updating the obfuscation algorithms just
in case. That's a lot of cash to spend on a problem that, really,
isn't that big. I think most companies go through the following
discussion:

  Project Manager: Ok, Charlie, you are our lead engineer. How long
  to make something that those damn hackers can't break?

  Charlie the Programmer: Well that's impossible, but I can make
  something that is pretty darn good in about 1 year of effort.

  Project Manager: 1 year? Yokies. That's pretty expensive!

  Charlie the Programmer: Yupper. And I'll have to keep at it just
  in case those damn hackers break it.

  Project Manager: Ok then, screw it. We'll say that we are against
  hackers, we'll do some low bar type of metric gathering to get
  some of the worst ones and we'll publicly ban them hopefully
  scarring off the rest.

  Charlie the Programmer: Makes sense to me boss. And it would have
  been hard work too. I haven't written a parser, compiler, linker
  or loader since grad school!

I constantly hear people say "well you can't trust the client, so
anything you can try is doomed." But that's not really true. Within
some constraints you can trust the client. And I just wanted to add
my 2 cents.

PS: That one to two years of engineering effort is for a non-gaming
company.  You guys in the gaming industry seem to be quite
motivated. It's really not that hard of a problem. I'm sure you guys
could do it in less than 6 months.  Heck maybe much less.

And finally Ola's original idea which really didn't have to do with
trusting the client sounds like a good one although as he mentions
getting the key packet to the client in a timely fashion maybe
difficult.
_______________________________________________
MUD-Dev mailing list
MUD-Dev at kanga.nu
https://www.kanga.nu/lists/listinfo/mud-dev

More information about the mud-dev-archive mailing list