[MUD-Dev] distributed objects
J C Lawrence
claw at kanga.nu
Mon Feb 14 19:18:06 New Zealand Daylight Time 2000
On Mon, 14 Feb 2000 20:45:55 -0600
Balthazaar <balthmurp at mediaone.net> wrote:
> At 03:52 AM 2/14/00 -0500, Vijay Prabhakar wrote:
>> However, you could make it sufficiently difficult that people
>> won't bother.
> I would disagree with this statement. If it is possible, someone
> at sometime *will* do it. Once done, word will get around fast
> and a lot of people will be doing it.
There's a more simple problem which UO demonstrated: Script Kiddies.
All you need is one person to crack your system and then publish the
recipe. Add that canned solution to the mixmaster of the great
unwashed public and you have an nedless recipe for
SysAdm^H^H^H^H^H^Hprogramming fun. Not that I know anything about
this mind you.
I'd also note that EverQuest demonstrated the same problem in a
different manner via ShowEQ. They (reputedly) reverse engineered
the EQ protocols and data structures via packet sniffing and thereby
wrote their only rather omniscient client (taking advantages of
glaring weaknesses in the EQ protocol design).
To quote (without checking) a certain document:
The client is in the hands of the enemy. Never ever forget that.
Obviously we need to expands the definition of "client" to not only
enclude the actual program itself, but all traffic that the system
sees (which in both OU's and EQ's case was a significant oversight
It is a hostile world out there. As far as protocol design goes,
its really tough to be accused of being _TOO_ paranoid.
While I haven't done an examination of the area, it is probably
worthwhile doing a survey of the proliferation of Quake "cheats" now
that the Quake base has been GPL'ed. I know of at least a
half-dozen distinct cheats in fairly regular usage. I don't know
about their distribution, publicity, acquisition methods, etc.
J C Lawrence Home: claw at kanga.nu
----------(*) Other: coder at kanga.nu
--=| A man is as sane as he is dangerous to his environment |=--
MUD-Dev maillist - MUD-Dev at kanga.nu
More information about the MUD-Dev