venthos

I'm not sure how the origins of you learning to drink/smoke/speak relate to the fact that you've stated you are drinking to make reading my posts tolerable. To me, that sounds like I've driven you to drink because of my posts. That's just awesome. And hey, look, you've restated your irrational "rocket should say bad things are bad" post to something that makes a bit of sense! :D Sure, I could go for Rocket posting a "it's impossible for BattlEye to global ban you because of something a hacker did to you in game." sticky post. Hopefully that'd cull the drove of careless peoples' threads who are claiming it's not their fault for being banned. But asking him to post "doing bad things results in consequences" is just drivel. But because you mention it, I'm totally taking you up on the 5-day seminar offer. I don't know how you could draw this out into 5-days, but I'm game. Is it free? Can I pay in Jack Daniels? I think I'll pay in Jack Daniels. When is it?

The fix to this is to make sure you logout/login when you obtain a different pack type. It must be a logout/login. This will prevent re-skinning from overwriting your backpack with an older pack that you had. This includes bandit/normal/hero reskinning as well as putting on ghillie/camo.

This is true for all software license keys from your Windows OS to literally every game in existence with a key. This isn't a rampant problem because the amount of possible keys to actual valid keys is actually quite high. Guessing isn't that effective in most cases. Without a way to rapidly test if a key is valid, the time required to cycle all possible keys is too time prohibitive. It's just like how people can technically guess your credit card number, but that's never a problem because it's difficult to guess a valid one. Both with license keys and credit cards, it's leaps and bounds more effective and less time consuming to just ask people to volunteer their keys to you in the form of posting a trojan online and making it look like whatever your target would be googling for.

I've driven you to drink? Wow. That's honestly pretty awesome. Really? Someone needs to state doing bad things are bad? Should Rocket also say being shot in the face with a bullet tends to be bad? Fire is hot? Don't lick wall sockets?

Ah, yet another success. I love when people run out of things to say in the face of logic and reason.

Oh I've known DayZ was going to consoles for a while now. That wasn't what our debate was about. Perhaps you're thinking of another person you were debating with? You had claimed that consoles have superior hardware to any and all computers. That was our debate. I'm sure a lot of people's brains are threatening to pop an aneurism after reading that statement and realizing how flawed it is. But yeah, go ahead and update that thread if you want to continue the debate on that. I'm game. Keep this thread on track though. I can handle shooting down your irrational posts in two separate threads at once.

Uh... that's kind of what a phishing website is. Some random website. That's kind of how they operate. They compromise random hosting accounts of random people around the world and host the fraudulent stuff on their account. By definition that is random. Are you really going to try and play a semantics card here? He already admitted to downloading installer files from a random YouTube video. Links that were to... you guessed it, a random website. No, he wasn't trying to cheat. Yes, he still deserves to be banned. As I said already earlier in this thread, careless people who aren't trying to cheat deserve to be banned just as much as people who are actually cheating. The careless people are fueling the cheaters with cheap CD keys so they can continue to hack again on the cheap in spite of global bans. I'm not sure why you're making me re-state my stance on this every reply like you've forgotten what it is.

Oh christ. I opened this thread thinking "oh god, another cry queen" and had my palm cocked and ready to rest my face into. Looked, and it's void_false. I do not have enough palms to press into my face. Amazing. Best sentence I've read all morning. Kudos to bailing on a game you've so clearly demonstrated your ire for this past week. Goodbye, sir. This has already been done by BattlEye. http://battleye.com It's right on the front page and has been spammed every 30 minutes into all ARMA 2 servers (DayZ included) by BattlEye's in-game message system for for over a week. Happy? Nah, of course you aren't.

No one has brought up the registry entry, because of course you have the CD key if you have access to the registry. Converting something from ASCII to HEX is not "encrypting/decrypting". It's like going from base-10 to base-16 with math. That's not "encryption". I'm not sure why you even brought up the registry entry. Everyone knows/agrees that if someone gets ahold of it they have your key. The only way for that to happen is if you're stupid and download a trojan. No one is in disagreement there. The poster claimed that server admins could get your CD key just by you logging in and them seeing your GUID. That is what is in contention here. Please re-read my post, as I've fully address this already. I'm not sure why you regurgitated it. I guess I can regurgitate my prior post again for you. If "figuring out the algorithm" was so easy, all hash algorithms would collapse within days/weeks by your claims. This would pretty much bring down the entirety of the internet within weeks if it was as easy and quick to do as you claim. The majority of the internet's functionality relies upon hashes being prohibitively time consuming to attempt to reverse the origin string... especially when salted. When I mean "prohibitively time consuming" I don't mean days/weeks, I mean centuries/thousands of years of 24/7 distributed computing time... or longer, depending on the algorithm used. I love how people who hate BattlEye seem to understand astoundingly little about computers. I guess that's the type of folks who get phished/download trojans.

I like how you just make a sentence up and claim it to be true. Do you even know what a hash is? http://en.wikipedia.org/wiki/Hash_chain It's intentionally one-way. You can't "reverse" a hash. Before you even bring up rainbow tables, it's laughable to suggest someone has spent the time and effort to reverse engineer the GUID algorithm and generate mass rainbow tables for them. Let alone, I wouldn't be surprised if the GUIDs utilize a salt to render anything like that useless. It's much more lucrative for these abusers to setup fake downloads and let the players just hand them fist fulls of CD keys for very little effort.

Excellent! You found the definition. So I take it this is you agreeing with me now, as you now understand what phishing is and phishing relies upon people being careless/irresponsible?

Bam, you nailed the reason they deserve the ban right there. Hackers don't "find a way" to get your key. They setup the equivalent of a box tilted up with a stick and string and wait for someone to go for the "COOL HACK/LINGOR/WHATEVER INSTALLER. 100% LEGIT. DON'T MIND THAT IT'S AN EXE AND YOU DON'T KNOW WHO I AM" and wham, free cd key for almost no effort. Sure? Yes. Absolutely. Without question. 100% deserved for being careless. You should do your research before downloading from some random website.

No. That's the whole purpose of BattlEye GUIDs. They're one-way hashes that involve your CD Key so that they're unique to each CD Key, but not the actual CD Key. There's no way for anyone to know what your CD Key is unless they have access to your computer itself (via trojan/virus/etc.) and access your windows registry.

Does it matter? Whether you're a hacker or someone careless enough to get your CD Key hijacked by a hacker, both are equally ban worthy. By quickly banning compromised CD keys, it brings down the population of active hackers.

BattlEye does not ban anyone for scripts. So even if this is possible, it's impossible to garner a global ban from it. If this is possible (unlikely) then the worst that could ever happen is a local ban from the server admin. Someone already tried this scare tactic on reddit and Rocket himself personally shot down the poster saying he didn't even know how to respond to the guy if he fundamentally misunderstands how BattlEye works to that degree. http://www.reddit.com/r/dayz/comments/zeloz/hackers_are_able_to_global_ban_entire_servers/ That effectively is confirmation from a Bohemia Interactive employee that global bans from scripts themselves is impossible and does not happen. BattlEye does not and will not ban for scripts. It bans for the bypasses people are using to try and get around BattlEye to run their scripts. So, this thread is over. What has been claimed is 100% impossible. Stop spreading lies.

Think of the common direct paths from popular locations to other popular locations. Such as from the coastal cities to the popular towns/airfields, and every which other connection of popular towns/locations. Wherever you don't draw a line through is going to be your best bet. Find a dip in the landscape with thick conifer trees and hope for the best. Nothing is safe. North/West edge camp people are hilarious because all it takes is one drive along each edge and you hit droves of camps. You're right to think about putting stuff within the map. That said, Vybor is one of the worst locations to look at. It's surrounded by fields and is the first town south of NWAF. Any surrounding forest areas to Vybor are going to be vulnerable to people coming up from Stary Sobor or those who spawned at Kamenka going straight north to NWAF. West of the NWAF is a common camp site location as well, so you're basically hit on all angles of traffic. North angle = NWAF itself South angle = Traffic from Kamenka spawn to NWAF East angle = Traffic from Stary Sobor military tents to NWAF West angle = People creating/hiding bases next to NWAF You really should pick a better location. Ironically, locations in the South/South East of the map tend to be lower risk since no one bothers to really check stuff out there. But, like I said, your best bet is to think of how people will be running through the forest on foot and NOT put tents wherever that may be. Still, ESP/Map Tool hackers are just going to take your shit in 48 hours or less anyway. Such is DayZ :) It's all in good fun, though.

The answer is very simple and has been tried and true in the past. We've repeated history, basically. EverQuest - ShowEQ was born, and worked exactly like ARMA2 ESP does because the servers sent the entire zone's objects to you at all times World of Warcraft - ESP style stuff is and will always still be possible, but WoW devs were smart enough to only send object data for what they dubbed your "sphere of influence" (a radius distance from your character). That's why things fade in/out when you get close and far away. The server is starting/stopping sending data for that object. The same should be done for DayZ standalone when engine modifications are made. Only objects in your radius (1600meters makes sense, since that's the hardcoded view distance) should be sent. Close quarters ESP will still be possible, but you need to send object data even if you're not in Line-of-sight to prevent warping issues and overtaxing the server. Minecraft's obfuscation stuff is some of the worst written and most resource intensive stuff ever. Something like that would never work for ARMA2/DayZ. TLDR: The ESP hacks will always be possible until standalone, which is the only opportunity there will be for engine modifications to fix it.

I just noticed in the logs that someone spawned in an IED from the BAF expansion on my server. Or, rather, detonated one. I've created an issue for it on the community ban/filter list so the player can be banned and the filters adjusted. But, I figured I'd post here as well so people who want to be proactive before the community filter is updated can do so. Filed Issue: http://code.google.c...s/detail?id=915 The item I ran across was "BAF_IED_v1", or otherwise v1 of an IED from the BAF expansion. I can't find any other mentions of BAF_* in the createvehicle log, leading me to believe nothing that is in createvehicle with BAF_* is good. Therefore, I added this to createvehicle.txt 5 "BAF_"

The hackers who got hit with the two waves of global bans that went out (9/3 and 9/5) might disagree with you. BattlEye's team might also disagree with you on account of their 24 hour discover/block time for both hacks mentioned in the thread the OP cited. Negativity bias is a terrible thing. Please don't propagate such biased opinions.

The hack/bypass mentioned below is now reported to be detected and dishing out global bans. See Post #14 for details. Yay :D Back on 09/02 a hack was released that made it very easy for people to insta-kill entire servers, summon all vehicles to their location, etc. It abuses the publicvariable situation that permits the scripts to evade current scripts.txt/createvehicle.txt/remoteexec.txt rulesets. Just recently with a new Beta server .exe were we granted the new publicvariable.txt ruleset, so understandably that's still being worked on and doesn't yet have any kick restrictions in place. The release day of this hack was also the day that hack activity went up quite a bit on the forums (no doubt from this particular hack). Within 24 hours, BattlEye had it detected and was globally banning the offenders left and right. 09/02 was also the only day my server experienced a server-wide kill from a hacker, although that's just anecdotal evidence. Today, a re-release of the same hack was published that is presently undetected. For this reason, I am holding back my own server to 1.7.2.5 to prevent hackers from screwing with my vehicles and getting them saved on some remote island/destroying them and saving them. That's been the one nice thing about saves not working, hackers can't screw you out of vehicles for 7 days. This may all be for naught, as no server is immune to hackers of course even once this particular hack gets detected. But, I am hoping that BattlEye experiences similar turnaround here and can detect it again within 24-48 hours, and therefore holding back on updating my server to where tents/vehicles are fixed to hopefully minimize the effects of hackers. I'm simply putting this out there so server admins can make their own decision on this. I know some are desperate for the artifact/tent/vehicle fixes. But, at least you have this knowledge in hand when you make your decision on whether or not to update. Just to clarify, 1.7.2.5 doesn't make you "safe" from this hack, it just means if they screw with your vehicles a server restart will always fix it whereas in 1.7.2.6 they'll be able to save them in their blown up/portaled to an island state and you'll have to wait 7 days for new ones. If you guys are seeing a spike in hack activity today/tonight/tomorrow, this hack is likely why.

As anticipated, 26 hours later the hack thread has been closed down marked as "Detected!" with hackers reporting receiving global bans for its use. So, this particular bypass/hack has been detected and kicked in the face by BattlEye's crew once again in rapid fashion. You never hear this stuff, do you? Just the people crying about BattlEye "not doing anything". This doesn't mean everyone is safe from hacks, just this particular hack in question. Note that another good thing you can do to fight hacks is make sure you ALWAYS run the latest and greatest ARMA2:OA Beta. While the beta updates themselves may not protect against hacks, each new Beta client means that anyone reading/writing to memory are forced to locate and update their memory offsets for the latest Beta. Since the vast majority of "hackers" know almost nothing about how to create the hacks, this usually means you at least get a period of time when your server isn't vulnerable to some hacks (mostly this is going to be ESP type hacks that this prevents_ until its author updates them. Keeping up-to-date on the beta only matters, though, if you also keep your server's config to REQUIRE that your players use the latest beta client as well (the "requiredBuild" value in your config file). If you don't require they use the latest beta, they can just run an older client they have the offsets for. Anyway, that's the update on the situation.

This is about the furthest from the truth as possible, although I think it's a misunderstanding on your part or the people you're talking to's part. The very first alpha build of DayZ standalone will be released by the end of the year. That's the only thing Rocket has essentially confirmed. Standalone will be *far* from "done" (out of alpha/beta). It is just the timeline given for the very first public alpha build being pushed out, of which will require a small fee to participate in the closed alpha. The development cycle will be very familiar to Minecraft in that you pay a reduced fee to participate in the alpha and continually receive alpha/beta updates all through its official release. So, hopefully that clears this up. It will not be "done" by the end of this year. When it's called DayZ standalone, it means exactly that -- it stands alone by itself. You won't need any other games other than DayZ standalone itself. The cost has yet to be officially announced, but rumors have it around $15. Take that with a grain of salt, though. It could be less or more.

Exactly what erocker said. It sounds like a fake email at worst or an unsupported unofficial custom modification to the DayZ codebase at best. Download the DayZ 1.7.2.6 files from this website (Dayzmod.com) and download the Hive 0.7.4 files from the link provided to you in the mass email that went out yesterday to all DayZ server admins. If you lease a shared game server (control panel access only) instead of an unmanaged server, then you'll just have to talk to your host for the updates.

Then you're all set. You will sporadically get those messages when the BE Master experiences connectivity/uptime issues. As long as you're up-to-date, then you're fine. It's simply saying the "update failed" in the sense it couldn't even connect to check if you were updated in the first place. So, when you see that, just make sure you're up-to-date. If you are, then you can ignore those messages. Once the BE Master is back online, they'll go away.

I've never made such a claim. Let's see what I said: You need to up your reading comprehension, you're 0 for 2 now. Keep on coming back though, it's hilarious being able to prove right to your face with quotes how you fail at reading comprehension. And no, the OP didn't say he wants to just reset the helicopter. As the OP has stated, he wants to 'reset' the server to its state pre-hacker abuse. That requires a new instance ID, just like I originally stated. Go ahead and make more erroneous claims, phlogan, you make this so easy. I sure am a jerk. I help people who make reasonable requests, and make people who act like idiots feel like idiots. But, really, you've done all the work for me in this thread making yourself look dumb. Carry on. Also, hey Netro. Still waiting on someone to help you in that thread? ;)