rocket 16567 Posted September 18, 2012 If you really prefer private hives ( small controllable environment with regluar players, hacking will be dealt with swiftly ) you should make it easier to set up a private hive server and think about how to link those up with the stats monitor later. If you watch the monitor over weeks it looks like the mod is dying.I would love to do these things. But these things require work.The mod was a proof of concept that people enjoyed, even the way it was constructed is fundamentally flawed. I could spend years trying to get it to work properly, or a few months to do it right in source now we know how the design should be and what we want to do.It is not simply a matter of throwing people at the problem, assembling some coders and artists and saying "sally forth chaps!" or "chocks away!" - the development is complex and there are few people who are able to put it all together.I would love nothing more than to have stable and proper support for private hives within the mod. That would be a dream for me. But I am already burning my weekends and nights as it is, I am skipping seriously important commitments without then having to divert more resources. I have already committed what remaining spare time I have to one community based project being announced soon that I thought was really awesome.In many situations, life isn't about what you "should" do, anyone can figure that out. Life is about figuring out what you actually "can" do in the time you have. 2 Share this post Link to post Share on other sites
tsandrey 379 Posted September 18, 2012 (edited) Scripts are injected into the game! BE can't just disallow them! Let me quote a BE developer:No' date=' they inject their scripts directly in memory.[/quote'] Edited September 18, 2012 by TSAndrey Share this post Link to post Share on other sites
rocket 16567 Posted September 18, 2012 Scripts are injected into the game! BE can't just disallow them! Let me quote a BE developer:I don't have the faintest clue what you are getting at. I have the slight suspicion, that you also have absolutely no idea.They inject the scripts into memory, replacing already loaded script addresses with addresses to their own.BE is not part of ArmA2, how is BE supposed to know this is happening? And for that matter, how the hell is ArmA2? Should it poll memory all the time? Should it keep a record of what it has in memory (RAM usage x2)? Maybe it should keep a record, of its record? Or a Record of the record of its record?My post above clearly states the four obvious processes needed to solve this issue, which I have discussed at length with studios and developers at PAX who are the world experts at this.Please remember good advice;A closed mouth gathers no feet.EDIT: Taken my own advice, I initially read your message as sarcasm - my apologies!To clarify the point made I got confused on, what TSAudrey correctly states, the scripts get loaded directly into memory referencing say "\dayz\coolscript.sqf" and replacing it with "\haxx\hahalolwut.sqf". BE doesn't know this occurs, neither does the game. 4 Share this post Link to post Share on other sites
venthos 605 Posted September 18, 2012 They inject the scripts into memory, replacing already loaded script addresses with addresses to their own.I'm sure you're already aware of this, but the latest round of hack methods doesn't rely upon using ARMA2's script interpreter at all. No SQF or what not required. They just locate the address of the ARMA2 function in memory (like addWeapon, createVehicle, etc.) and call that directly. They never have to load/replace/execute a script. This also means they don't even have to try and bypass BattlEye since a conventional script is never called and BattlEye never even sees the attempt.As you've already stated, the server must distrust the client entirely on everything it feasibly can. Anything that can be offloaded from the client (the server spawning/controlling all zombies and items, for example) would be all for the better.Again, I'm sure I'm preaching to the choir on this and you're well aware of it all and pursuing things accordingly. But, I felt like it couldn't hurt to mention it in passing. At worst, you say "Yep, we know" ;) Share this post Link to post Share on other sites
tsandrey 379 Posted September 18, 2012 (edited) I'm sure you're already aware of this, but the latest round of hack methods doesn't rely upon using ARMA2's script interpreter at all. No SQF or what not required. They just locate the address of the ARMA2 function in memory (like addWeapon, createVehicle, etc.) and call that directly. They never have to load/replace/execute a script. This also means they don't even have to try and bypass BattlEye since a conventional script is never called and BattlEye never even sees the attempt.That's true! Some hacks don't use scripts at all, cause it's safer, but it's harder for them to make good cheats without scripts! And BE can catch them even without the use of scriptsEDIT: Taken my own advice, I initially read your message as sarcasm - my apologies!LOL I don't know why you initially read it as sarcasm, but it doesn't matter. I just said a simple fact, that sadly, most people don't know Edited September 18, 2012 by TSAndrey Share this post Link to post Share on other sites
ryahn 112 Posted September 18, 2012 I recently switched to a private hive and I personally love it. I would come back to public if said things in the OP are fixed. Share this post Link to post Share on other sites
rocket 16567 Posted September 18, 2012 That's true! Some hacks don't use scripts at all, cause it's safer, but it's harder for them to make good cheats without scripts! And BE can catch them even without the use of scriptsLOL I don't know why you initially read it as sarcasm, but it doesn't matter. I just said a simple fact, that sadly, most people don't knowI'd just like to reitterate I'm really sorry I made that mistake TSAndrey, I should have looked at your username because you've made some great contributions (and challenging questions :) ) here on the forums.Again, sorry! I guess I am in the "assume the worst" mood.Regarding the alternative from injecting scripts, this is something possibly detected through VAC and in changes for how the server<>client relationship works. Where this fails, we could catch nearly all of this (albeit after the event), in auditing the game data on servers. This isn't ideal, but at least they are caught eventually. Share this post Link to post Share on other sites
tsandrey 379 Posted September 18, 2012 I'd just like to reitterate I'm really sorry I made that mistake TSAndrey, I should have looked at your username because you've made some great contributions (and challenging questions :) ) here on the forums.Again, sorry! I guess I am in the "assume the worst" mood.Regarding the alternative from injecting scripts, this is something possibly detected through VAC and in changes for how the server<>client relationship works. Where this fails, we could catch nearly all of this (albeit after the event), in auditing the game data on servers. This isn't ideal, but at least they are caught eventually.Is BE going to be in standalone? Considering how BE knows the Arma Engine the best, I think BE would be the best solution (it's a great AC anyway) 1 Share this post Link to post Share on other sites
crockett (DayZ) 41 Posted September 18, 2012 (edited) Rocket have you guys looked into other non conventional ways of combating these cheaters? Granted what I'm going to suggest wont physically stop hacking of the game but perhaps slow it's ability to spread.There are simple things that can be done such as making complaints to paypal on individuals whom are trying to sell things like CD keys & loot spawns.There are other angles to work as well, BE could DMCA the various hacker message boards/websites for allowing these CD keys to be sold on their sites by their communities. You can DMCA the server host, the domain registrar & even search engines to have these sites removed from google listings (the other SE's as well)Google for one is now finally agreed to start de-listing sites that are violating copyright rules if complaints come from the content owners. I'd assume trying to "sell" CD keys and in games items would be violation of the ARMA II EULA.Granted it's not going to stop the hacking but at very least might make it harder for the script kiddies to find them. Hitting the paypal accounts would also stop the profiting of CD key thefts. Edited September 18, 2012 by crockett Share this post Link to post Share on other sites
TheMachine 803 Posted September 18, 2012 I think what people mainly want to know is, will the standalone stop scripters?Yes/No? Share this post Link to post Share on other sites
crockett (DayZ) 41 Posted September 18, 2012 (edited) I think what people mainly want to know is, will the standalone stop scripters?Yes/No?Anyone that has played online games for awhile could likely tell you there is no way to say yes or no. Hackers will always be around online games, it's just how much will they affect the game-play of the average player. Likely a better question, is how much different is the 2.5 engine going to be vs what we are playing on today in regard to not being so "trusting".Personally, I find it hard to believe how many hackers are in this game. It's next to impossible to play on any server where hacking of some form hasn't affected your game time. Be it the guys insta killing the entire server or normal players using a duped AS50 or some other weapon/item that was created on purpose by the inventory system bugs or spawned in.The fact that Arma II is such a client trusting engine is why we have what we have today.. I just wonder what is being done to change this for the standalone. Edited September 18, 2012 by crockett Share this post Link to post Share on other sites
Fraggle (DayZ) 15720 Posted September 18, 2012 (edited) I love your new avatar Machine. Much better. If you haven't got the answers you want now then I guess you're going to remain frustrated. I guess you'll have to start another thread on the subject. (please don't) :) Edited September 19, 2012 by Fraggle Share this post Link to post Share on other sites
ryahn 112 Posted September 19, 2012 Is BE going to be in standalone? Considering how BE knows the Arma Engine the best, I think BE would be the best solution (it's a great AC anyway)I personally dont like BEI think what people mainly want to know is, will the standalone stop scripters?Yes/No?Doubt it, every game has it own weakness for someone to hack/cheat Share this post Link to post Share on other sites