Those "uber 1337 haxxors" finally get the chop - Printable Version +- The Lurker Lounge Forums (https://www.lurkerlounge.com/forums) +-- Forum: Lurker Games (https://www.lurkerlounge.com/forums/forum-6.html) +--- Forum: Diablo II (https://www.lurkerlounge.com/forums/forum-8.html) +--- Thread: Those "uber 1337 haxxors" finally get the chop (/thread-11693.html) |
Those "uber 1337 haxxors" finally get the chop - ldw - 04-08-2003 Quote:-> Blizzard is forbidden to scan your computer for 3rd party hacks. Unfotunatelly locally detecting hacks would be ultimatelly futile. Someone out there would just invent a anti-detect hack circumventing the detection. Hack simply skips the said detection code and returns a 'this client is legit' response to the server. I'm speaking from years of experience with client server software programming and its not possible to locally enforce server rules against a hacker who has administritive access to the client (and therefore has the ability to change the client code at will and still remain "compliant" aslong as enough knowledge has been gained of the client and the client/server protocol through reverse engineering etc.) ... or in other words the server should not entrust to the client crucial functions and accept on face value what the client states. The sending of the map for entire area (in D2) down to the client is one of the most visible examples this... we have MH as the result. The alternative would have been to have increased client/server lag as the map is revealed to the client in small chunks. Blizzard compromised there (its hard to fault them for it though ... they took a realistic option) and the result was quite forseeable. BTW, the ultimate MH prevention server-coding would require the whole screen to be sent to the client as either graphic bitmap or drawing instructions for the area layout on each frame update (there could be some minor optimisation here with action-prediction by the client). Special handling of map-fog-of-war for position of hostile (PvP) players would have to be considered, not letting client know they were nearby until they closed in. This would make the client very 'dumb' (it would just draw what the server said happened) and the interaction extremely laggy unless everyone had immense network bandwidth at their disposal for the purpose of online play ...well, maybe one day. Those "uber 1337 haxxors" finally get the chop - CaLViN - 04-08-2003 Isolde, thanks for being so honest and open with us. I really appreciate that. Despite of some very positive things you said, there is one thing that is bugging me: You said that some thing like ith weapons haven't been taken care of, because a decision was made to wait for the big patch. Still, you folks seem to have time enough to create and run a cheat-detection program. I just don't get it. Granted, preventing the newly creation of these items would possibly require client side patch, and you probably decided against that. But scanning through the server-side database to look for duped/hacked items would not require a client side patch, and few people would bother creating new ones when they can expect those to vanish with the next sweep. So how is that different from the hacking detection effort? Scanning for and deleting dupes, hacked and bugged items should be a serverside action which is probably easier to implement than the recent hack-detection thing. I feel that should be done and could be done with relatively small effort. Please note that though I don't want to start bashing blizzard, my personal opinion is that these things should have happened a long time ago. So if you could give a reason why it wasn't other than "we decided to wait for the patch", or specify this "wait" reason so I could agree, that would be very helpful... Then take the pindle-botters. When you register at this forum (or at most other free web-based services), there is an image with letters, number or something like this, and you have to type in the content somewhere. This is to avoid registration from automated scripts. It should not be complicated to implement something like this in the game creation screen. in addtion to game name and password, just type in here how many Baals you see on the picture above. This would basicaly lock out all botters, since a human being would have to be there for every game to start. And when you are sitting there, you can do it yourself anyway. This would jsut cost a very little development, and a little download, but would free up so many server resources that it probably pays off real soon. Is that a political "lets wait for the patch" decision as well? Thanks, CaLViN Those "uber 1337 haxxors" finally get the chop - Quark - 04-08-2003 Quote:I find it extremely difficult to believe the stories coming out of Blizzard. So show us why Blizzard is lying. Show us why Isolde is misinforming us. Show us how while you're at it. And, by the way: Diablo 2 was released 6/29/2000. If you had no respect for Blizzard over the past three years, I doubt you would have gotten passed level 10 in D2. That's the exact attitude I'm talking about. "Blizzard sucks, Blizzard lies, this is horrible. Lemme play some more!" Quote:I know too many people who cheated like crazy and still have accounts, and too many others who cheated NOT AT ALL, and have no account left. Again, burden of proof. Quote:I do not trust that this happened the way Blizzard is explaining it did.I think this was handled pretty well up above ... Oh yeah, once again, burden of proof. And yes, I believe you are being quite rude. Every post of yours has been "Blizzard's Wrong, Blizzard's Wrong!" and I have yet to see you read/respond to an argument against that. Not only that, you're calling Isolde being here nothing more than a publicity stunt. Last time I check, dii.net would be a better place for that <_< Those "uber 1337 haxxors" finally get the chop - --Pete - 04-08-2003 Hi, BTW, the ultimate MH prevention server-coding would require the whole screen to be sent to the client as either graphic bitmap or drawing instructions for the area layout on each frame update There is no need to send any bitmaps over the connection, the client can do all its own graphics. And, since the knowledge of an area is static (once known, it stays known), there isn't any need to resend what has already been sent. The locations of mobs and other players not in line of sight simply is not upgraded. Thus, for things out of sight what is known by the client is simply the old information. I have not looked at Buzzard's code, so I can only surmise from the effects. But from my experience in writing secure client-server applications I think that Buzzard entrusted entirely too much to the client. In so doing, they generated the worse of all possible worlds: the lack of security of a peer-to-peer system with the lag and performance issues of a client-server. A typical case of half right being all wrong. --Pete Those "uber 1337 haxxors" finally get the chop - CelticHound - 04-08-2003 Okay - even though it's unlikely to help, I'll try -ddraw tonight. (I'll also take a peek at the registry to see what mode I'm running now - for some reason I'm thinking that running D2VidTst.exe (even skippng the test) always selects the radio button for the highest available mode - 'cause I think I'm already using DirectDraw. ) If there's anything I can do to help track this down, let me know. I'm used to doing beta test, though lately it's only been for some command line tools, so I'd be willing to run a build that had more debug instrumentation. I've even toyed with the idea of running D2 under BoundsChecker. -- CH Those "uber 1337 haxxors" finally get the chop - Jarulf - 04-08-2003 A few comments on various topics (I hope it ends up well even for thread viewers :) ). I also have to remember to try to get it all correct since we have a D2 programmer here but if he nit to much or point out errors, I just search extra for some embarasing bug in the new patch ;) Regarding the sending of the map and map hack. The map itself is not sent to the client. What is sent is a seed (a 32 bit value) from which the map is generated. The map is made up of smaller areas ("rooms" created one by one from the original map seed (well there is probably some intermediate seed or mid size map area too or something but that is not important). You can see the boundaries of such rooms when you lose connection with the server but remain in the game, you simply run into the black wall, that is where a "room" ends. Typically a few rooms arround your character is active at a time, and those too far away are in an inactive state and not updated. When you get close to a new such room where you have not been yet, it will be generated "on the fly" so to speak. Now to prevent a cheat such as map hack (and I am ONLY talking about the revealing of the map feature here, that program has many other features in it), the "trick" would be to not base the seed for each individual room on the one map seed sent for the act when the game starts as it is now, but an independant seed sent for each room as you get close to it and it needs generating for the fist time. SInce it is just one 32 bit value, it will not really add much to the over all bandwidth compared to all the data normally flowing in a game. Do note that this is easier said than done, several core functionalities of the map generation process and how the game handle it would probably need messing with. What the map hack cheat do is simply to run a loop calling the function in the game that generate the map for all rooms of the act (normally it will happen one at a time as your character get close only). As for the client being told too much sure, with the way the maps are generated now, the client is aware of the full map from the start. In addition, the server will send full update about monsters and other things going on in active rooms. To get an idea of the area we talk about here, one can always fire up map hack and check it should have some feature that show monsters for example which it can only do for active areas (please do it on single player though. not on bnet if you really want to bother at all checking this) One can say this is too much info to far away from the character of course. For lag issues, the client obviously need to know info of stuff SOME distance outside your screen. As the game works (in its core functionality), I would say it can only be done on a room to room basis, not in smaller steps. So it would not easilly be possible to say "lets send updated info only on stuff slightly closer to the character". As for the "no-cd" hack. I personally don't think that would be something possible to detect on the servers. Unless Blizzard have added some self checking code to what is on your computer that communicate back to the server, it would be something not changing anything from the bnet point of view. Don't take my word for it though. I have never bothered mesing or looking at the communication between server and client and similar subjects. Obviously there is some way to detect some things on the servers that people thought was not possible. As a bold guess, I would say it is probably some form of analyzing the messages that is recieved from the client and "comparing" to what would normally be possible by the client if you played normally (normally meaning with no cheats and such). Even if all messages sent by a bot for example are valid in in themselves correct, the pattern and ways they are sent together could be ways that the game would never do it. A silly made up example (I really have not much knowledge of it :) ), would be sending two types of messages after each other, both of which can and are normally sent by the game itself, but for example never one after eac other. Oh well, lets move to something else... :) Those "uber 1337 haxxors" finally get the chop - Grumpy - 04-08-2003 Quark,Apr 8 2003, 06:59 PM Wrote:What is your issue here Quark?Quote:I find it extremely difficult to believe the stories coming out of Blizzard. I do not believe Blizzard. I do not have the ability to prove anything, I have no access to Blizzard's databases, marketing plans or anything else. If I believed Blizzard, I would have no ability to prove that either. It's my instinct, I'm sorry if you find offense with that. Can you prove that Blizzard employees are all honest? Of course not, and I would never ask you to if you told me you believe every one of them. Many stories were circulated earlier about programmers at Blizzard profiting off e-bay. If any of those are true I can't say. I did note however when that subject was addressed recently in a thread, perhaps here or Battle.net, the official response was "I can gurantee their are CURRENTLY no programmers benefitting from the sale of items..." or something very similar. This of course leaves open the window that perhps something was being dome prior? I don't know, I can't say. It frustrates me that 1.10 never came out. It frustrates me that cheats and hacks over ran the game without any noticeable responses from Blizzard. IMHO, they had alreay made most their profit off game sales for D2, supporting it was not going to increase revenue, hence it was neglected. I find that annoying.....and understandable, as they are running a business. Also, have you thought about how huge e-bay sales on D2 items effect their business? Do you think they would for or against such sales taking place on e-bay? I have not played other games, luyckily I only became addicted to this game, but I have been told that both DOAC and Evercrack are relatively secure and free of cheats. (someone correct me if I am wrong) So why can't D2 be? I don't believe it is because sophisticated hackers are working on D2 while amatuers are hacking those two games...leaveing me to believe as a non-programmer dude that there are design flaws in D2. I did not say Isolde was lying. I said I found it hard to believe he was posting so much information without Blizzard's consent and or knowledge. Nor did I say it was a "Publicity Stunt". Public relations is a necessary part of business, especially in the field I am in. I do not think mentioning PR as a possibility is insulting or rude, and I am sorry you view it that way. Seems to me its just a matter of being realistic. I also said he was nice and informative...oh well. Anyway, the only reason I have played for so long is because of PvP and the people I have met dueling. Frankly, I never could understand people that found 3 years of joy in PvM against a silly AI. It just bores me....I don't find the game so brilliant in terms of the story line/graphics etc...I'm just a competitive guy, I play bridge, chess, backgammon, soccer, basketball, poker etc...dueling fits that mold....to compete. Anyway, I'm sorry I frustrated you so much. No harm intended. Those "uber 1337 haxxors" finally get the chop - FenrisWulf - 04-08-2003 Quote:Originally posted by GrumpyWell, it's a tossup. eBay sales draw in more casual gamers who don't care to spend much time on the game, but want to have all the uber-items off the bat. So, less server time wasted, which is good for Blizzard. You also have many people leaving Diablo II based on the hacking, which is driven almost solely by eBay and other auction sites. This does not directly impact the business side of Blizzard, though more money must be spent on hack elimination. Remember, though, the programmers at Blizzard are pretty hardcore gamers themselves, and thus you can't turn solely to business reasons to explain their motivations. eBay simply makes BNet a less enjoyable place to play, for both the above reasons. I think that most Blizzard employees would generally be against it. Quote:Originally posted by GrumpyI believe that both Dark Ages of Camelot and EverQuest are pay-for-play, requiring a monthly fee for use of their servers. This means that both companies have more capital with which to pursue hackers and eliminate them from circulation, and also, yes, more incentive to do it quickly and decisively. Now, it doesn't mean that Blizzard isn't obligated to fix hacks as they spring up, but it does explain to some degree that Blizzard isn't able to devote the same resources to the issue as these other two games. Quote:Originally posted by GrumpyI'm in it for the character design. The "silly AI" is just something to test my ideas against. :) Those "uber 1337 haxxors" finally get the chop - Roland - 04-08-2003 Jarulf,Apr 8 2003, 04:03 PM Wrote:A few comments on various topics (I hope it ends up well even for thread viewers :) ).As I said, it came from the word of a Blizzard employee. Or, at the very least, an MVP. But, I doubt it was an MVP, as I'm pretty sure I'd remember that much. I THINK it was TCadwell, of Warcraft III fame, but it may have even been GFrazier. Not 100% certain. He did not go into details, in any form, as to how the hack is detected, or whatnot. Just the question was raised "why was I banned when I don't use hacks", account information was passed, and a Blizzard employee posted about it. I, of course, have other sources (namely an MVP) who have confirmed as much, having heard from a Blizzard employee(s) (a trusted source, at that; a good friend). As for detecting it, I can't imagine it being that hard. The crack alters the main .exe file, as I recall (I don't know the specifics, as I am not a programmer and do not use the crack; I am just inferring what I have heard about it). As such, it should be quite simple to detect the hack. Or, rather, that SOMETHING is different, and thus constitutes (at least potentially) a hack. Surely it would be no different than the checksum done on the .exe's and .mpqs when you connect to Battle.Net, when it does the version checking. No? Am I wrong? As I said, I don't think it's so much a SPECIFIC check for any particular hack, just a check that says "something's fishy", and from previously gathered information (or maybe just flat out stating, without knowing, that "it's a hack"), they know what that "something fishy" is. Namely, the No-CD crack. *shrugs* But, who knows? I'm just relaying what I've heard and what I know. Which is, to say the least, somewhat limited. ;) Just my comments on the issue. :) Those "uber 1337 haxxors" finally get the chop - ShadowHM - 04-08-2003 Grumpy,Apr 8 2003, 03:12 PM Wrote:Anyway, the only reason I have played for so long is because of PvP and the people I have met dueling. Frankly, I never could understand people that found 3 years of joy in PvM against a silly AI. It just bores me....So......if I have this correctly, you have been addicted for two years and played all of one character class with basically the same gear for all that time. But you are not bored......because you are competitive. :blink: And the rest of us who have tried many character classes/styles/equipment choices are just not challenging ourselves because ...... the monster AI is 'silly'. Uh huh :rolleyes: Further: Quote:I have used MH before. So I'm a hella bad cheater I guess. My accounts were not deleted. I don't think you should assume that everyone who posts here is a saint regarding cheating etc...my guess is a few of them are just quiet.... I think I have the right to assume that those who post here respect the rules, or they get out. Bolty has been extremely explicit about this. I think that you have a classic case of the 'gee.....I used it and I am a legit kinda guy, so the rest of them MUST be doing the same' rationalization game. When you get into the study materials you requested in your post at the Lounge, tack on a read through R.D. Laing's 'Knots'. It is a short read and it illuminates that sort of thinking rather well. Those "uber 1337 haxxors" finally get the chop - Grumpy - 04-09-2003 I have tried many charachter classes. I only play one now. I do not enjoy PvM. I find it boring. I do not use MH anymore, I did for a short time. If my history is unacceptable to the forum mods and owners, than they can let me know and ban my account. Thanks for trying to put as many words in mouth as possible, and translating every word I said in the most negative light.... Thanks for your concern. Those "uber 1337 haxxors" finally get the chop - ShadowHM - 04-09-2003 Grumpy,Apr 9 2003, 08:19 AM Wrote:Thanks for trying to put as many words in mouth as possible, and translating every word I said in the most negative light....The problem with posting at a forum is that if you are unclear in what you write, it can be misinterpreted all too easily. If you write in a judgmental way, you are even more vulnerable. And, please remember..... sarcasm does not come off well in the printed word either. Those "uber 1337 haxxors" finally get the chop - Grumpy - 04-09-2003 Point taken. I apologize for my sarcasm....as for how judgemental I am, I expect it to be a life long struggle. Those "uber 1337 haxxors" finally get the chop - Grumpy - 04-09-2003 Also, regarding the "gee ..." sentence you posted above....I do not think you know enough about me to make this presumption. Nor do I use this reasoning to demonstrate why my "legit" friends may or may not have lost their accounts. Don't forget, I have ALL my accounts, I have little to rationalize. As I think about it I realize I have very few "friends" on b-net at this point, most of the people that lost accounts that I know I care very little about. My disagreement with Blizzard's methodology on ther handling of this matter stems from zero personal grudge. "I think I have the right to assume that those who post here respect the rules, or they get out. Bolty has been extremely explicit about this." You can assume this if you like, but I know 100% that it is not accurate, without a doubt. I could name posters, though I won't. I will however take a look at 'Knots', and I appreciate the recommendation. Regards. Those "uber 1337 haxxors" finally get the chop - Occhidiangela - 04-09-2003 I had recently made two accounts, one each on east and west, put a normal character through its paces to kill Diablo in Normal difficulty, and I refresh every few weeks so that when 1.10 comes around, I can make 7 New Hardcore Characters on each account, at which time all of the old ones shall retire. As I don't cheat, hey hey, nothing happened to me, so I simply don't care about the cheaters who got nailed. Had I lost one due to error, no probs from my end, I was pretty much at the end of the string, now that FoS has killed Baal in Hell, and I have enough characters to play that one or two missing, would be no biggee. Now, if OcchiD'Merc disappeared, along with Occhidiangela, the Assassin Rogue, I would be disappointed, but they are retired anyway. RIP. I was concerned, however, that one or two of my 'live' characters might have been tainted by some items that. I can only recall 4 that I cannot trace from 'drop seen' to my inventory, or drop seen by a FoS or RBD player I trust to my inventory. One is a Rockstopper on West HC that an ALE friend, who I trust, gave me after his 10th Meph run of a night landed him a third Rockstopper. I did not see it drop. One is a Bartuc's that a sorceress gave me in a pubbie right after she ran Meph Hell and popped into town asking "who wants one of these?" One is a Hellslayer that this same sorc offered up about 4 minutes later after the Hell Baal run she completed in that pubbie. One is a Sigon's Glove that I traded for 8 chips. The rest of the stuff I have seen drop, or came from Celtic Hound, Zed, or Hawkmoon, or an RBDer, who I know are purely legit. So, it seems that my possibly tainted goods were clean too, if that had any bearing on the criterion for banning. As I have never been tempted to use cheats, I did not worry. I once tried Foxbat's Accelerator on my old PC, but I don't use the PC for D2 anymnore since the graphics card went batty. The new PC is better anyway. It is nice to see that Isolde advises us that Accelerator is not considered 'evil and pernicious.' :) As far as MapHack: a tool for pinata busters of the 'instant gratification generation.' Let them stew in their own juices. As I understood the assault by Blizzard, botting seemed to be a more common theme than client side scripts, but I base this on a bunch of anecdotal snippets from bnet chat and some dii.net. Insofar as Amazon Basiners and their loud protestations go: those who protest the loudest have, IMO, the most to hide. Most of the Basiners I have interacted with are nice folks, who as fans are as sincere as Lurkers. And for those who think that Lurkers are closet cheaters, or that some Lurkers are closet cheaters, I will ask any closet cheaters to simply remember where they are, and either stop cheating or leave. 1. Bolty has asked that as a condition of membership here. 2. This game is plenty of fun without cheating. 3. Hound, my dear and noble friend, the Rogue Lightning hose is a FUN bug to screw with! I am sorry, my Paladin Tristan's dear and loving Isolde (Yes Isolde, I picked that rogue just to have 'Tristan and Isolde' for a pair) is just too cool when she lets loose with the Lightning hose every now and again, once I dress her in Silks of the Victor (ordered specially from Blizzard's Secret Leather Catalogue . . .) :P As a Rogue Advocate, I like to see Rogues Rock The Casbah now and again. However, since I have not messed around with that little rogue/paladin combo for months and months, I will make sure that I never have her show up in any game you grace. :) So, Bolty, I need a ruling on this: is the Rogue Lightning Hose cheating? Shadow? Blade? Roland? Zara? Have I let my love of the rogue cloud my judgement? :) (Or is 'the code the final arbiter, per Sirian's tongue in cheek little rant a while back?) Those "uber 1337 haxxors" finally get the chop - Isolde - 04-09-2003 Quote:You said that some thing like ith weapons haven't been taken care of, because a decision was made to wait for the big patch. Still, you folks seem to have time enough to create and run a cheat-detection program.Both the hack detection and item deletion were done a while back, but the actual roll-out for each is different. The item detection is integrated with the game code, and it was written as part of the patch. It would be extra work at this point to rip it out of 1.10 and put it into 1.09 then test the new 1.09, etc. Quote:Then take the pindle-botters. When you register at this forum (or at most other free web-based services), there is an image with letters, number or something like this, and you have to type in the content somewhere.That's a great idea. We can't implement it for 1.10, but it's something to keep in mind! Those "uber 1337 haxxors" finally get the chop - Bolty - 04-09-2003 Quote:It is nice to see that Isolde advises us that Accelerator is not considered 'evil and pernicious.' :) I was glad to see that too, because I'm tired of the old argument: Bolty: "Maphack is cheating!" Poster: "So, third party programs are cheating?" Bolty: "Yep." Poster: "Ah ha! What about the Accelerator, which you've plugged on your website?" Bolty: "Anyone with half a brain can see that using the Accelerator isn't cheating." Poster: "Neener neener, can't hear you, defeated your whole stance with that infallable logic, etc etc" Whatever. <_< Quote:Insofar as Amazon Basiners and their loud protestations go: those who protest the loudest have, IMO, the most to hide. Wait; by that logic, aren't I one of the worst cheaters in the world? D'oh! Quote:And for those who think that Lurkers are closet cheaters, or that some Lurkers are closet cheaters, I will ask any closet cheaters to simply remember where they are, and either stop cheating or leave. Yeah, there's not much to do about this. Obviously in any moderately sized posting population there are closet cheaters. Trying to pretend that we don't have any here simply because nobody spoke up about their account being banned is arrogant and naive. So I wish they'd just leave. Quote:So, Bolty, I need a ruling on this: is the Rogue Lightning Hose cheating? Shadow? Blade? Roland? Zara? Nah. Cheesy, maybe, but I've never had a good opportunity to see how deadly it really is in a Hell diff game situation. I've heard everything from "uber" to "negligible." If it is truly deadly powerful, letting that little Rogue mow down monsters much faster than a comparative merc, then I'd probably avoid playing with any chars that use it (just a personal thing). There's lots of things that are cheesy but perfectly legit, like rushing, but being banned for using a Lightning Hose Rogue? Come on! -Bolty Those "uber 1337 haxxors" finally get the chop - Isolde - 04-09-2003 Quote:Many stories were circulated earlier about programmers at Blizzard profiting off e-bay. If any of those are true I can't say. I did note however when that subject was addressed recently in a thread, perhaps here or Battle.net, the official response was "I can gurantee their are CURRENTLY no programmers benefitting from the sale of items..." or something very similar. You probably won't believe me, but perhaps others will: I know of no one at Blizzard who has ever profited from selling d2 items (or anything else unethical with regards to d2). I can count the people at Blizzard with access to the servers on one hand, and of those, even fewer would know how to create items (not that the rest couldn't learn to do so if they wished, but I can't really see them even bothering). And anyway all of those people seem very upright and trustworthy to me. And as far as my posting here: I *am* doing it on my own, and I don't think anyone would care too much one way or the other, except maybe Geoff who thinks I should post on AS instead of at other places, but I'm too lazy to get myself a blizzard b.net account and I generally prefer the slower pace and lack of l33tsp33k of non-blizzard forums... And nothing I've ever posted has ever been filtered by any entity other than my own often drugged and sleep deprived brain either, though I can't say if that lends credibility or not to whatever it is I say ;) Those "uber 1337 haxxors" finally get the chop - HunkyDory - 04-09-2003 Isolde,Apr 9 2003, 09:59 PM Wrote:And nothing I've ever posted has ever been filtered by any entity other than my own often drugged and sleep deprived brain either, though I can't say if that lends credibility or not to whatever it is I say ;)Aha, so it is true after all about the MCM! :P regards, Hunky Those "uber 1337 haxxors" finally get the chop - Isolde - 04-09-2003 What's the first M stand for? |