Wutangrza

I'm just shy of -500,000 and wondering what the most heinous of you bastards are down to.

What kind of terrible servers aren't verifying checksums on pbo files? Don't play on those servers?

Why the fuck don't people alt+f4 when this sort of stuff happens? If someone teleports to me with a vehicle or something I'm outty 5000.

Methinks you don't understand why people use the L85. I guess my ideal loadout would be AS50, L85, MK 48 mod 0, and m9SD. If I can't get a hold of the suppressed m9 then I guess change out the MK48 for a CCO SD.

First person only is a big turnoff for me mostly because I actually find it to be less realistic than third person. You get a ridiculously constricted FoV that isn't anything like real life and going prone is nothing like real life. In real life, if you wanted to you could lean up on your elbows a bit and get a view up over the few blades of grass in front of you. 3rd person enabled and nameplates off (as well as that scroll mouse wheel=free range finder BS off) are the only settings I really care about. The others I could take 'em or leave 'em.

Revolver and 1911 aren't one shot zombie kills anymore.

lol, "Sniper" is given to every person in a ghillie, so there goes that theory. Have you tried pushing backspace to exit out of that menu you have open? Not sure if that'll bring your debug monitor back. Also, the "Debug Plains" aren't in some other world, they're just on the far western corner of the map iirc, just start running east (same direction as the clouds move if you don't have a compass) and you'll get out of there (if you head SE you'll hit the beach on the far western corner of the map by Komarovo).

The thing you are quoting was related to the incorrect bans given to legit players. This current script kicking is unrelated. (and no one is banned, just everyone is being auto-kicked).

Glad I play on servers that kick/ban people with that weapon. "NO FAIR I STOLE IT FROM A HACKER!" Maybe you did, but there's no way to prove that. Server admins have to protect their servers. If admins didn't ban for that weapon then the only server you could possibly get banned on is the one where you spawned it in. Go to server A, spawn in cheater weapon, move to server B and tell the admins "I KILLED A HACKER WITH IT IT'S LEGIT!" It's so cheap, just ditch it.

It's a 2 shot kill. And with crosshairs and increased gamma, the NVG advantage is meaningless.

Bummer. The one bit of solace is that this is reserved solely to server admins. I guess stick only to servers you trust.

Just wanted to say, if you were both a hacker and a server admin (a real hacker, not some script kiddie), you could feasibly do all kinds of bad things with BE. I've not seen any evidence for that happening, but it certainly sounds plausible. A server owner could definitely hack the BE process on their server to make it so they could cheat on their own server without being banned, though they would have to have full control over the server, not just one of those deals where you pay for hosting and can restart the arma server. (We're talking full RDP access and everything).

A GUID is 32 hex digits long or 512 bits. If they post the first 4 characters, then there are still 28 hex characters or 448 bits. So, 2^448 = 7.26 x 10^134 possible keys left once they share their first 4 characters. To put that in perspective, there are only 10^80 atoms in the universe. What's the big deal if people post the first 4 digits of their GUID from their ban?

Quit spreading this bullshit. That's now how it works at all. Your GUID is generated by the server, not by the client (otherwise GUID banning would be completely useless because people could just edit their GUIDs with someone else's as you're saying [the only thing stored on the client side is your CD-key which you pass to an auth server]). Do you even understand what a GUID is or why it's used? It's a hash, and it's one way based off your CD-key. See here for an explanation on why you can't just edit your GUID. (Though it might be possible for a server admin to mask his own GUID on a server he is running with a stolen GUID, but there's no way for a client to do it without stealing someone else's CD-key): http://dayzmod.com/forum/index.php?/topic/40664-server-admins-stealing-guids-for-spoofing/page__st__40#entry627785

Maybe. That's pretty interesting though. Lots of people in those threads have no clue though, specifically the people saying it's a keygen. There's no chance in hell that a keygen is going to produce a retail key. The number of actual retail keys is a grain of sand in the ocean of keys that the installer will accept just for install. Basically there's just a math function that runs on your CD-Key when you go to install it that determines whether or not the "syntax" of your key is correct (there are a huge number of "keys" where the syntax is correct), but if you go to play online with that key it won't let you because it's not an actual key (the auth servers have a list of actual legit retail keys, a tiny tiny fraction of syntactically acceptable keys). It's probably more likely though that a lot of people just have malware on their computers and got their actual CD-keys stolen from the registry. My idea for a server admin GUID stealing spoofer was nothing more than that, an idea. It's at least an educated idea, but I don't know enough about the inner working of BE to know how plausible it really is. Could also be likely that these people buying retail copies from a store are buying resealed copies and the workers there are selling the keys on the side on the black market.

I'm not a leetsauce hacker, but I do write software for a living. I can't see how you could spoof a GUID (unless you owned a server, then you probably could). Presumably the GUID isn't generated on the client, if it were, the system would be terrible. The GUID has to be a one way hash based off some client-side verification (your CD-Key). So you provide some credentials (your CD-key) to some kind of auth server which gives you a response (probably also a one way hash) which you then send to the server you want to play on, then the server uses it and does some fancy math to hash it to your GUID. The only way another client could spoof your GUID would be if they stole your CD-Key, which isn't something anyone has access to, not even server admins. Thinking about it though, a truly malicious server admin could probably get people banned if they grepped out GUIDs of players on their server, then hacked the Battleye process on their server to always report the GUID for their player name as the stolen GUID. This would be a very non-trivial thing to do, would require being a server admin, and would also require having a host where you have full control over the host machine (not just a way to manage the DayZ application). So, to clarify, GUID spoofing ought to be feasible, but not by script kiddies. You'd have to be a legitimate hacker, and you'd have to be a server admin on a fully manageable server. Also, I'm guessing the guys who write code for Battleye aren't idiots. There are probably ways to mitigate this napkin hack that I've handwaved through that I just haven't thought of. TL;DR: I think GUID spoofing isn't quite impossible, but its certainly not a widespread problem the way that scripting is.

Throw your PC in the bath tub, you aren't ready to use it. Replace the [at] with a @ obviously.

They can't "spoof" your CD-key unless you give it to them. You'd have a better chance of winning the powerball every week for a year than you would of successfully guessing someone else's CD key.

We can break the alt+f4 problem down into two sub-categories, players who disconnect to avoid dying and players who disconnect after dying as a punitive measure against their killers. I have a suggestion that would at least fix the latter. Remove the option to hide someone's body. I know a lot of people think this is a terrible suggestion, but hear me out. Right now players alt+f4 even if they know they are already dead because they don't want to give any loot to their killer and because they assume the killer will loot their stuff and then hide their body, removing any chance they had of retrieving any of their gear. If the option to hide body were removed, players wouldn't alt+f4 once they were dead because they would have an incentive to return to their body and at least reclaim some of their loot. I know personally if I am kitted out I never alt+f4 because there's a good chance that if I just head back to my body I'll be able to at least reclaim some of my gear. If this turned into a guarantee then the incentive to disconnect once dead for all players would be removed. The downside to this is that it removes the only appreciable loot sink left in the game, but that's a design issue that probably doesn't have a super quick fix and honestly the amount of gear removed through hide body is negligible when contrasted with the annoyance of people alt+f4'ing or the lack of significant loot sinks to begin with.

I've never had an alt+f4 save me when I was actually dead. Hacker came in, killed everyone on the server, I immediately alt+f4 but I'm still dead. I know you can use alt+f4 to get out of a firefight if you're low health, but the one time I used it to try and duck a death I still died. You're saying you can alt+f4 a hacker kill or a .50 cal round (something that you are definitely dead and not just low health)? I thought once you saw a negative health that was it, game over.

I will now abscond with your beans before anyone else derides us for our witty palaver.