Cross-platform game development: ease of development vs security [closed]
I'm a member and contributor of the Argentum Online (AO) community, the first MMORPG from Argentina, which is Free Software; which, although it's not 3D, it's really addictive and has some dozens of thousands of users.
Really unluckily AO was developed in Visual Basic (yes, you can laugh) but the former community, so imagine, the code not only sucks, it has zero portability.
I'm planning, with some friends to rewrite the client, and as a GNU/Linux frantic, want to do it cross-platform. Some other people is doing the same with the server in Java.
So my biggest problem is that we would like to use a rapid development language (like Java, Ruby or Python) but the client would be pretty insecure. Ruby/Python version would have all it's code available, and the Java one would be easily decompilable (yes, we have some crackers in the community)
We have consider the option to implement the security module in C/C++ as a dynamic library, but it can be replaced with a custom one, so it's not really secure.
We are also considering the option of doing the core application in C++ and the GUI in Ruby/Python. But haven't analysed all it's implications yet.
But we really don't want to code the entire game in C/C++ as it doesn't need that much performance (the game is played at 18fps on average) and we want to develop it as fast as possible.
So what would you choose in my case?
Thank you!
There's an old adage: 'security by obscurity is no security'.
Don't worry about the code being available, that will make no difference at all. Instead, design the network protocol so it is hard to crack, which means really strong authentication for transactions that matter.
Actually, what I'd do, is try to port the game to Mono, starting from the VB source you have now, and gradually write new code in either C# or IronPython.
The client being "secure" or not should, ideally, not be an issue. If it is an issue, there's a problem with the game's architecture.
The client being able to do "whatever it wants" is irrelevant. In a well-architected multiplayer game, the client only has the data that it absolutely needs, and all actions are authorized by the server.
Let's say someone hacks a client to say that their opponent is dead. Fine. They can hack it on their client all day long, and maybe even trick the renderer into rendering the opponent falling over. However, they should not have any authority to say whether or not the opponent is dead - that's up to the server. So the server gets a message saying "Opponent X is dead." The server should be smart enough to go "ummmm, no" and the opponent happily keeps being alive and doing whatever he wants.
This is an ideal, of course, and often some compromises need to be made for fluidity of gameplay and/or server load. However, for the important things, everything should be verified by the server. Especially in an MMO.
Treat your game as if your client was open source.
I would suggest an upgrade path from VB6 -> VB.NET. Visual Studio would take care of most of the conversion process for you. After you get it properly ported, you could convert it to C# if you want. Then you'll have to create workarounds for non-portable(Windows only) features and those not supported by Mono.
I don't get it. You want to rewrite a free software program and make it closed source? I guess you can do it if you rewrite everything, but since now it is open, the protocol is open too.
So, even if security through obscurity was fine (and it is not), you would not have it anyway since there is no obscurity.
- in no occasion the client should be authoritative about anything more than what he wants to do (and even in that case, it's the server who decides if he can do it, and what is the outcome)
- in no occasion the client should know things he is not supposed to show
fail those, and everything else won't matter any more.
If the overall design is flawed, either fix it or stop worrying: it is pointless to brush your teeth if a tiger is eating you.
I can't comment the last answer..
The thing is that this game in particular, has some thinks that changing them will make the game totally different..
For example, the client knows at each moment where are the other users. (its a tile engine based game) so, when a character is invisible, it is posible to see it accessing to the code (or editing memory or handling the packets).. Okey, let's say the client doesn't know anything about the invisible characters.. When a character casts an spell, he has an "Overhead" message, like "VAX IN TAR" or things like that.. So, you can see the position of the character that casted that spell.. People often send an empty chat (it is fair in the game) so, whoever is able to read the chats and look for an empty chat (full of spaces), he knows where an invisible char is..
And all things like that. It is possible to do all those things to put the ALL the stuff in the server, but it would be a whole different game.
This game is a very dinamic game, every player make a lot of things, and having all this things in the server will make it totally unplayable.
Sorry for my bad english. (Im a friend of alcuadrado, who can't comment in the other post, sorry if this is not an answer)
加载中,请稍侯......
精彩评论