HOW ? To Make It Better

Working Solutions

 * That are NOT compelled by hard-coding the .exe


 * By-way of MODS.


 * By-way of Source Code Changes.

Rufus States the Dilemma

 * I told some people in my war3 clan about it, and they got the game and tried it on gamespy. I let some of them use my Gspy login so they wouldn't have to sign up, and they hated it because everyone plays infinite resource maps.


 * Which my question is, does anyone actually play real maps on GS, or is it all money maps?


 * Because, altho i really like WZ, money maps take away the fun of resource management and some strategy, aswell as the fun of fighting over resources, and if that's all people play, id rather play war3.


 * If anyone does play real maps or knows people that do, it would be nice to tell me a good time to find people that play those maps.


 * WZ is a great game, but it's going to be very difficult for me to convince any long term RTS players from other games to play it if it's all infinite resource maps; infinite resources just takes too much strategy out of the game for many people to be intrested in it if they aren't already playing.

Rman's Take on the MP Dilemma

 * What follows requires NO Mod or change to the Source Code.


 * It is purely a people solution based on gumption, moxie & organizational effort & skills.
 * That's been an issue for years... which is why I've played WZ MP just on LAN since 2000.


 * At least on MPlayer (a lobby plus more peeps) you could get together with like-minded folk.


 * The only remedy I can see is


 * A Ranking Ladder that rates those maps you describe as very low opportunities on an RTS skill scale.


 * Such that if you Won on Troman's "Fortress" it would be worth at least 4X as many points as winning on any "Team Wars" type map built solely for a rush-fragging, rote click-fest.


 * While it cannot (& shouldnot) be compelled, IMHO, anything that encourages MP on finite resource or low-oil maps with complex topography would be a boon to the game, to the genre, really.


 * Bragging rights based on an unthinking, rote, click-fest, IMHO, negates the essence of RTS.


 * If you just want to frag, that's kwel, but if that's all your after play an FPS.... that's what I do.


 * Another variant option.... if you have just 3 buddies you can schedule get-togethers amongst yourselves...

2 Types of Oil to Harvest

 * I mentioned impacting gameplay, esp. MP, with a new approach to OIL harvesting in WZ suggested by Professor Gold's theory of the non-fossil origins of hydrocarbons.


 * It's simple, perhaps elegant, but with radical consequences to gameplay.


 * Here is what I posit:


 * 2 Types of Oil Resources


 * The one that exits now (call it "Regular Oil") but with a slight modification:


 * It taps-out after 30 minutes of being capped.


 * Two:


 * Deep Oil which runs through end-game...


 * HOW is "Deep Oil" different.... ?


 * It only comes on-line after Regular Caped Oil Wells are Taped-out.


 * "Deep-Oil" is rarer & more costly so this is reflected in that only 1 in 4 wells is "Deep".


 * What do you suppose the consequences of this would be ?


 * Rman.

Cheating: A Low - Tech Approach

 * One "Anti-Cheat" that hasn't been discussed is the olde-time "Scarlet Letter" brand of 'C'.


 * A psyche schema, in a sense - quite low-tech.


 * What I mean is that only newbies can be hoodwinked. For most cheaters that's not terribly satisfying. They'd rather bamboozle good players.


 * Decent players can spot cheats in-game.


 * Suspected cheaters can be reported & have their Nicks & IPs posted Publically.


 * Tracking the # of complaints for all to see.


 * Enough complaints - you become pariah.... no one will wanna play with you.


 * Nothing exotic or convoluted - just straightfoward IP logging visible to all & that "wall of shame".


 * There is no satisfaction in public exposure as such - shame is a mighty deterent.


 * Just a thought....


 * 'Course the possibility of abuse exists in the form of spurious "vendettas"...


 * But even that would be exposed as such eventually in a full-disclosure environment.


 * Could surely make for a lively & spirited arena... both within & outside of gameplay.


 * Rman

Gumpy MacDrunken on Anti-Cheat

 * the basic foundations of a "secure" online game:


 * secure online servers - the servers and databases cannot be directly manipulted by the players.


 * a proper client-server model - the server needs to contain the entire game-state and perform all calculations and actions. the client needs to remain only as an interface to send requests and show results.


 * this still leaves at least one method for cheating, direct packet manipulation.


 * the server needs to decide if each request (packet) from the client is valid.


 * chojun mentioned diablo 2 in the other thread. d2 is a good example of this model but falls short on the server-side. i got into hacking d2 for a while (i was bored and curious) and using direct packet manipulation i was able to send "impossible" requests resulting in horrible exploits. the d2 servers were clearly not prepared to handle this properly. as more "hacks" became popular they merely implemented lazy "fixes" in the server code. the most common "fix" just kicks you out a game if you send certain "impossible" packets, rather than fixing the actual flaws in the server code.


 * besides packet manipulation, there's botting and map hacking. these are probably the hardest form of cheating to avoid. botting is generally automated response to specific packets with proper, "legal" packets. map hacks are client-side hacks that alter the client to show the user data that isn't supposed to be seen, such as the entire map.


 * i haven't had a chance to study the warzone source in detail, but i feel this will be one of the most important issues if the game were ever to become more popular.

Hast's Take

 * I'm not knowledgeable about the specifics of these D2 packet hacks you are talking about (any online resurces available?). But I bet that a resilient system would need to take this into consideration at the design stage.


 * The "easiest" way would seem to be to drop all corrupt packages and possibly kick any user that seemed to behave strangely. (Be it from hacking attempt or sloppy coding by some modder.)


 * Other than that I would like to see a system which allowed the user to regain a lot of control over the game while still not allowing them to cheat. As such the user should never be allowed to control funds, the direct movement or attacks/damage calculations of a unit.


 * The user should be able to send commands like "Send unit 80 to coordinates X,Y". Wether to leave the AI on client or server side is another matter. (As long as the AI only has access to the same data as the user it shouldn't matter). Of course "league games" or anything like that may want to put more controls on the server to ensure that the game is the same for everyone.


 * I think it can be summarized as the client should never be allowed to change the game state, only make requests to changess. The server should never allow unchecked request through, even if it is getting swamped by requests. It is then better that it kick offending players or simply wait it out.


 * The way I see it the "only" thing an added service like the often mentioned DGO can add is encrypted channels, secure logon and/or checksum on game data.

Cowboy Speaks To Anti-cheat

 * Hello,


 * Well, I guess it time I do some explaining.


 * First, the problem. Cheating is becoming a big problem in multiplayer games. Little or no action has been taken by gaming communities, such as Gamespy, to stop it. Proliferating cheats run games and their online communities. Warzone 2100 is a prime example.


 * The goal of DirectGames is to provide a multiplayer community for gamers. In addition, DirectGames will provide a multilateral anti-cheat system to prevent players from cheating in the community.


 * Hast, you are correct, there is no silver bullet to stop cheating. Likewise, there is no silver bullet to stop computer viruses. Yet, you may run anti-virus software on your computer. Knowing that anti-virus software cannot indefinitely stop viruses; I ask, why do you continue to run anti-virus software? The answer is simple, anti-virus software provides a level of protection from common or known viruses. DirectGames takes the same approach and applies it to multiplayer gaming.


 * The keyword is multilateral. When designing an anti-cheat system it is important to have not just one form of detection but many with checks and balances. There are some general algorithms that can be applied to help distinguish from a player who is cheating and one who is not.


 * As a consequence of a multilateral system, the level of obscurity increases; and thus, an increase in the level of sophistication and difficulty in deterring an anti-cheat system. As a result, "newbie" and "script kitties" won't be able to download a speedhack and apply it.


 * Only but a few will know how DirectGames works and have a shot at bypassing its anti-cheat system. If a DirectGames cheat starts to proliferate, eventually, it will fall into the right hands.


 * Which brings us to an interesting point. How do we attempt to get at these select few? One way, like rman suggested, is to have DirectGames network be a fully-disclosed system where anyone with authoritative power on DirectGames can inspect your machine if someone reports a cheater. I agree that this full-disclosure model may deter many away from DirectGames. This is still under consideration.


 * Hast, you are correct again, software self-verification is difficult. It is still a research problem. There are some principals and practices that can be applied, again, this is apart of the multilateral approach for DirectGames. With a digital hardware background, I�m thinking of a few ways to strengthen the self-verification process.


 * One way might be to attach a physical USB device where encryption is performed off chip then sent back to an application where it communicates with a DirectGames server to help the self-verification process. This might be one possible funding model for DirectGames for those who are serious about gaming.


 * DirectGames is closed-source. It would be great to have Warzone 2100 participate in this anti-cheat community. I am sure there are ways to realize this without beaching GPL rules. To be honest, I have not educated myself nor have I talked others who are GPL savvy about GPL to make a decision on how to implement a piece of software that will allow Warzone on DirectGames. We can make something work.

--cowboy

Rman Follows-Up On the "Scarlet Letter" Schema

 * "You can fool some of the peeps all of the time, all of the peeps some of the time but not all of the peeps all of the time."


 * To clarify my earlier thought: "You cannot fool all of the peeps all of the time..."


 * The Majority of WZ MP players are honest - the cheaters are in the minority.


 * Let's take those 2 as defining our universal set.


 * If you have any MP experience in WZ you can tell when someone is cheating in-game.


 * The issue becomes how do you deal with the cheaters "Psychosis" first (the hacks are secondary at this point).


 * Cheaters want to be taken for honest players - that's where the warped psyche comes in.


 * What I suggested was a 2-Phase processess.


 * One: Peeps suspected of cheating merely have their Nicks & IP Addy reported & publically posted as under suspicion of cheating.


 * The honest MPers can choose to play with them or not.


 * Two: If those "Under Suspicion" wanna clear themselves they should have recourse.


 * Here is were the "Full Disclosure" comes in.


 * NOT as "Spyware" but rather the model would be Open Online HW Diagnostics we've all seen available over the years & which are currently being used as marketing tools to lure new customers to the superior benefits of one IP service over another.


 * It would be gameing in such an openly monitored environment (as well as legally agreed upon beforehand) to clear-up your rep as a suspected cheater.


 * Cowboy: You have been tackling this challenge on your own for many years. You've applied much hard work toward a tangible solution.


 * From what I can see - your still on your own as far as anything practical being done.


 * Most of the posting since last year on this topic has been akin to "Schoolasticism".


 * An effort to frame the reality without any actionable intent to deal with it.


 * Except maybe to see whose Piss-Whiz went the farthest - metaphorically speaking of course.


 * Rockon ! Rman.