WebApp Sec mailing list archives
Re: securing web based game
From: "Tomas" <tomasg () extra lt>
Date: Mon, 23 Dec 2002 10:31:47 +0200
As far as I understood from your post, whenever game runs on a client-side and server just receives final data from client, there always will be a possibility to cheat. However, I want to _reduce_ that possibility to minimum. The game is something like an online shooter, so using direct connection or everytime verifying if target was hit isn't a good idea, because lag can occur. Nobody likes it :) So session ID + algorithm is the best idea so far. Isn't it? Tomas ----- Original Message ----- From: "Adam [ckkl]" <ckkl () poczta wp pl> Sent: Monday, December 23, 2002 2:12 AM Subject: Re: securing web based game
let the server (instead of client) decide about the pointsMuch better, but still not good enough. The server will need some informations to calculate the gamepoints from and here we are again. Live with the certrainty that a gamer with to much time to spare will crack any system and concentrate on the gameplay instead.I would say that as far as server does everything and there's no "Joshua" hardcoded - it may be a quite safe solution what I meant above is that the server does the business logic and client is just a layer for presentation [a common solution nowadays] I agree of course, that there's always a way to cheat it just depends strictly on what kind of game it is for interactive games - it's virtually possible to write a bot to analyze server's sequence of data and to answer with a perfect match [f.ex. sequence of keystrokes to find a way out of a maze], for gambling ones /BJ, roulette, etc./ things are random and if done on the server, you are unable to do anything, because all you see is just the results hmm what a fascinating topic... going to find some online casino there must be some flaws :-PPPP Just my 5 bolivars... Best regards Adam
Current thread:
- securing web based game Tomas (Dec 22)
- Re: securing web based game Adam [ckkl] (Dec 22)
- Re: securing web based game Adrian Wiesmann (Dec 22)
- Re: securing web based game Adam [ckkl] (Dec 22)
- Re: securing web based game Tomas (Dec 23)
- Re: securing web based game Tim Aranki (Dec 23)
- Re: securing web based game Adrian Wiesmann (Dec 22)
- Re: securing web based game Adam [ckkl] (Dec 22)