So I was reading this post

blackdragonsdg · #1 08-06-2009, 08:53 PM

Secrets, no one is pretending like any of this is a secret. The whole idea was to invoke discussion to find a solution to the problem. If you know the cause of the problem then it should be fairly easy to fix.

If Macroquest is the source of the problem as you clearly said then why hasn't it's function been coded not to work with the emulator? And yes i know that previous statment is easier said than done. The fact that the emulator is open source should just make the solution easier to implement. The biggest problem with people submitting fixes to an exploit is that not everyone in the eqemu community is capable of writting code in a manner that would be useful.

It would be easy to sit here knowing what the problem is and do nothing to try and fix it. Alot of people try the passive method and none succeed. I can talk about this till I turn purple but if no one is willing to help then the whole conversation is pointless.

KingMort · #2 08-06-2009, 09:08 PM

Well if we could some how force the clients to have a Security program loaded up before eqgame.exe and if that program is not present then some type of signal is sent to crash the client or disconnect them...

This program would detect and stop Macroquest users dead in their tracks the tricky part is finding a way to ensure that it stayed up during their play time..

Secrets · #3 08-06-2009, 09:26 PM

Quote:

Originally Posted by blackdragonsdg

Secrets, no one is pretending like any of this is a secret. The whole idea was to invoke discussion to find a solution to the problem. If you know the cause of the problem then it should be fairly easy to fix.

If Macroquest is the source of the problem as you clearly said then why hasn't it's function been coded not to work with the emulator? And yes i know that previous statment is easier said than done. The fact that the emulator is open source should just make the solution easier to implement. The biggest problem with people submitting fixes to an exploit is that not everyone in the eqemu community is capable of writting code in a manner that would be useful.

It would be easy to sit here knowing what the problem is and do nothing to try and fix it. Alot of people try the passive method and none succeed. I can talk about this till I turn purple but if no one is willing to help then the whole conversation is pointless.

Know why no one is willing to help?

Because stuff like warping, maps, etc. CANNOT be disabled serversided. You can detect it, but you cannot fix CLIENT issues SERVERSIDED. If you make a CLIENTSIDED detection that is open-source, people would know exactly how to bypass it on the CLIENT. Please, tell me a way you can disable sending every NPC in the zone to the client without sending every NPC to the zone in the client. I'd love to know a way. Please, also tell me how you can disable warping without detecting normal people moving. Including short-range warping. Again, i'd LOVE to know.

There is no simple solution to it, that will just pop out at you. Sorry you think it's easy as

Code:

if(MacroQuestDetected == 1)
StopMacroQuest;

because it's not. I am sure someone could make an anti-hack for EQ (as shown in baneoflife) if they wanted to. I am telling you a serversided anti-hack is possible, but a clientsided anti-hack is not feasable in an open-source community.

Secrets · #4 08-06-2009, 09:31 PM

Sorry if I am coming off as rude, I am holding off as best I can to restrain myself, but... I cannot explain it better than that.

There is no way to fix MQ2 easily.

blackdragonsdg · #5 08-06-2009, 11:04 PM

Secrets, I am not arguing with you and I am sorry if it came across that way.

Delete this thread as it has already taken a wrong turn.

Kobaz · #6 08-07-2009, 04:12 PM

One approach that I've considered (in another context mind you) would be as follows:

1) collect stats on kills per minute, aggros per minute, bosses aggroed / junk mobs etc on all accounts and characters on a server where there is no known hacking

2) deliberately run a hacker account and collect the same stats

3) decide on a statistically valid test that has sufficient power to get acceptable type I and type II error rates

4) introduce a reporting mechanism to allow players to report probable hackers

5) when tests flag hacking then change the server-side XP and loot code to remove the rewards for hacking

The downsides include:

1) reporting hacking as a form of griefing
2) massive increase in DB load
3) could easily punish creative players
4) a hell of a lot of work
5) would become an arms race, as hackers can see what the tests are in server code and just be sure to stay outside the critical stat range
6) false positives (type I errors) will be high if too aggressive at picking "hackers". Any attempt to reduce this will result in more hackers not being detected.

I do think that the best approach would be to somehow remove the reward for hacking though. This way legitimate uses of the tool in question could remain (I am not promoting MQ in any way). That program is useful for those with physical disabilities for example.

I suspect that all this is basically a flaw in the game by the way. As long as the mid-levels are just a time-sink on the way to "the real game" at level 70 this problem will not go away. Perhaps more creative and dynamic quests/tasks for all levels/races/classes would make people less interested in cheating.

pfyon · #7 08-07-2009, 06:07 PM

Quote:

Originally Posted by Kobaz

One approach that I've considered (in another context mind you) would be as follows:

1) collect stats on kills per minute, aggros per minute, bosses aggroed / junk mobs etc on all accounts and characters on a server where there is no known hacking

2) deliberately run a hacker account and collect the same stats

3) decide on a statistically valid test that has sufficient power to get acceptable type I and type II error rates

4) introduce a reporting mechanism to allow players to report probable hackers

5) when tests flag hacking then change the server-side XP and loot code to remove the rewards for hacking

The downsides include:

1) reporting hacking as a form of griefing
2) massive increase in DB load
3) could easily punish creative players
4) a hell of a lot of work
5) would become an arms race, as hackers can see what the tests are in server code and just be sure to stay outside the critical stat range
6) false positives (type I errors) will be high if too aggressive at picking "hackers". Any attempt to reduce this will result in more hackers not being detected.

I do think that the best approach would be to somehow remove the reward for hacking though. This way legitimate uses of the tool in question could remain (I am not promoting MQ in any way). That program is useful for those with physical disabilities for example.

I suspect that all this is basically a flaw in the game by the way. As long as the mid-levels are just a time-sink on the way to "the real game" at level 70 this problem will not go away. Perhaps more creative and dynamic quests/tasks for all levels/races/classes would make people less interested in cheating.

I think that's probably pretty similar to what professional MMOs do to prevent hacking. It's not likely to ever go away (especially considering we can't change the client), so you just do your best to reduce it.

An option (in addition to being able to report hackers) would be to keep temporary logs of players, say, half an hour of game time (and special events that are suspicious), then save the logs of a player when they're reported. This way a GM could look over the logs when investigating a report and ban the offending account if necessary. It isn't automatic, but it could cut down on hackers.

Now, if we had our own client too, that would be a different story...

Dibalamin · #8 08-07-2009, 08:36 PM

Anyone ever thought about developing a 3rd party program & requiring the source to have that prog? No client interaction. This would be between the emu server and this program to stamp out mq so it can be developed in a closed source environment.