WebApp Sec mailing list archives
Re: securing web based game
From: Adrian Wiesmann <awiesmann () swordlord org>
Date: Sun, 22 Dec 2002 23:41:16 +0100
IMHO if the algorithm is included in a client-side code, then this solution is equal to INSECURE, because it's a matter of [rather short] time for reversers to break it, unless you use some sophisticated methods and anti-* tricks, but it's just the waste of time.
I would say quite the same. Anything the user can see or test is insecure. Do not even think about producing some snake oil. The time you spend on some strange algo will never pay out...
any other ideas?let the server (instead of client) decide about the points
Much better, but still not good enough. The server will need some informations to calculate the gamepoints from and here we are again. Live with the certrainty that a gamer with to much time to spare will crack any system and concentrate on the gameplay instead. Regards, Adrian
Current thread:
- securing web based game Tomas (Dec 22)
- Re: securing web based game Adam [ckkl] (Dec 22)
- Re: securing web based game Adrian Wiesmann (Dec 22)
- Re: securing web based game Adam [ckkl] (Dec 22)
- Re: securing web based game Tomas (Dec 23)
- Re: securing web based game Tim Aranki (Dec 23)
- Re: securing web based game Adrian Wiesmann (Dec 22)
- Re: securing web based game Adam [ckkl] (Dec 22)