Pages: 1 2 [3] :: one page |
|
Author |
Thread Statistics | Show CCP posts - 0 post(s) |
Aeronwen Carys
|
Posted - 2011.03.27 20:35:00 -
[61]
Originally by: Miilla
Originally by: Jenna Malone Edited by: Jenna Malone on 27/03/2011 20:28:08 Because there aren't any kernel debugger interfaces, which an user space process would be none the wiser of, if it was running or not, are there?
How do you think crackers break copy protections? They use the same means as people who debug kernel and driver code.
Yes and most likely in the new security drive they will block eve from running if a debugger is running, also will **** off Eve API devs in the process.
Assumption, as they say is the mother of all mess ups, again something you seem to excel at. CCP stated during the fanfest that they will only be "watching" the EVE.exe process and will NOT be watching any other process on your machine, most likely because to do so without permission would be the companies death knoll, and no-one is going to give a company permission to spy on their system 23/7.
In short, at the moment there is no fool proof way to detect when someone is spying on either the network traffic coming in to the client or in the actual client itself. With any luck CCP will be able to work something out to kill of these bot users, but I highly doubt they will be coming to you for advice.
|
Jenna Malone
Caldari W-hat LLC
|
Posted - 2011.03.27 20:39:00 -
[62]
Originally by: Aeronwen Carys Assumption, as they say is the mother of all mess ups, again something you seem to excel at. CCP stated during the fanfest that they will only be "watching" the EVE.exe process and will NOT be watching any other process on your machine, most likely because to do so without permission would be the companies death knoll, and no-one is going to give a company permission to spy on their system 23/7.
The respective hack would just need to run at elevated priviledges while EVE continues to run as normal user as it does right now, to be hidden from the process list that EVE can retrieve. You don't get insight in the system wide process list as normal user. Same reason why task manager asks for admin rights, if you want to see everything.
|
Aeronwen Carys
|
Posted - 2011.03.27 20:42:00 -
[63]
Originally by: Jenna Malone
Originally by: Aeronwen Carys Assumption, as they say is the mother of all mess ups, again something you seem to excel at. CCP stated during the fanfest that they will only be "watching" the EVE.exe process and will NOT be watching any other process on your machine, most likely because to do so without permission would be the companies death knoll, and no-one is going to give a company permission to spy on their system 23/7.
The respective hack would just need to run at elevated privileges while EVE continues to run as normal user as it does right now, to be hidden from the process list that EVE can retrieve. You don't get insight in the system wide process list as normal user. Same reason why task manager asks for admin rights, if you want to see everything.
Thank you for putting that in to slightly more technical terms for me
|
me me2
|
Posted - 2011.03.27 20:44:00 -
[64]
Originally by: Aeronwen Carys
Originally by: Jenna Malone
Originally by: Aeronwen Carys Assumption, as they say is the mother of all mess ups, again something you seem to excel at. CCP stated during the fanfest that they will only be "watching" the EVE.exe process and will NOT be watching any other process on your machine, most likely because to do so without permission would be the companies death knoll, and no-one is going to give a company permission to spy on their system 23/7.
The respective hack would just need to run at elevated privileges while EVE continues to run as normal user as it does right now, to be hidden from the process list that EVE can retrieve. You don't get insight in the system wide process list as normal user. Same reason why task manager asks for admin rights, if you want to see everything.
Thank you for putting that in to slightly more technical terms for me
They are using GameGuard nProtect to do this.
It runs as a rootkit.
|
Aeronwen Carys
|
Posted - 2011.03.27 20:45:00 -
[65]
Originally by: me me2
Originally by: Aeronwen Carys
Originally by: Jenna Malone
Originally by: Aeronwen Carys Assumption, as they say is the mother of all mess ups, again something you seem to excel at. CCP stated during the fanfest that they will only be "watching" the EVE.exe process and will NOT be watching any other process on your machine, most likely because to do so without permission would be the companies death knoll, and no-one is going to give a company permission to spy on their system 23/7.
The respective hack would just need to run at elevated privileges while EVE continues to run as normal user as it does right now, to be hidden from the process list that EVE can retrieve. You don't get insight in the system wide process list as normal user. Same reason why task manager asks for admin rights, if you want to see everything.
Thank you for putting that in to slightly more technical terms for me
They are using GameGuard nProtect to do this.
It runs as a rootkit.
I wondered how long it would take for you to bring your alt in as support miilla. You are still a fail troll.
|
me me2
|
Posted - 2011.03.27 20:47:00 -
[66]
Sorry to burst your bubble but I just read it in the forum here. Hope it's not true.
|
Aeronwen Carys
|
Posted - 2011.03.27 20:48:00 -
[67]
Originally by: me me2 Sorry to burst your bubble but I just read it in the forum here. Hope it's not true.
Yes of course.
|
Barakkus
|
Posted - 2011.03.27 20:48:00 -
[68]
Originally by: Jenna Malone
Originally by: Aeronwen Carys Assumption, as they say is the mother of all mess ups, again something you seem to excel at. CCP stated during the fanfest that they will only be "watching" the EVE.exe process and will NOT be watching any other process on your machine, most likely because to do so without permission would be the companies death knoll, and no-one is going to give a company permission to spy on their system 23/7.
The respective hack would just need to run at elevated priviledges while EVE continues to run as normal user as it does right now, to be hidden from the process list that EVE can retrieve. You don't get insight in the system wide process list as normal user. Same reason why task manager asks for admin rights, if you want to see everything.
Um, no. You can get pretty much any process info you want without regard to privilege. If you want to hook a process you will need elevated privileges, but to simply enumerate them, you don't need elevated privileges. The reason the task manager requires admin is because you can do more with it than simply enumerating processes.
I have designed into some software at work to grab every running process that has a window handle, visible or not in order to get system info when something goes wrong with one of our applications. You'd be surprised at what is actually running on your machine that even the task manager doesn't tell you, and it with simple user privileges. - - [SERVICE] Corp Standings For POS anchoring
|
Terminal Insanity
Minmatar Brutor Tribe
|
Posted - 2011.03.27 20:51:00 -
[69]
Unfortunately, there is really no way to stop this type of cheating. There are so many numerous ways to figure out when a hostile has entered the system. Some dont even require encryption or modifying any sort of data. They just take a screenshot, and if theres a little red box, close the window. Poof. You could encrypt every piece of data with 10 types of encryption, and this method would still be unaffected.
Solutions would include activly monitoring people's disconnects, and looking for players who frequently disconnect within a second of a hostile entering the system on a consistant basis. This type of monitoring could work, and is why i've never understood CCP's and other MMO companies reasoning for allowing their players to mirror their clicks across clients. Mirrored clicking would have been an awesome way to detect macrominers. Simply watch for several clients on the same IP who send the exact same command at the exact same time.
Another solution would be to extend the ammount of time your ship is left in space after you disconnect. Perhaps extend the 15 minute timer to when you've engaged NPC's as well. This would certainly stop this!
|
Miilla
Minmatar Hulkageddon Orphanage
|
Posted - 2011.03.27 20:53:00 -
[70]
Originally by: Terminal Insanity Unfortunately, there is really no way to stop this type of cheating. There are so many numerous ways to figure out when a hostile has entered the system. Some dont even require encryption or modifying any sort of data. They just take a screenshot, and if theres a little red box, close the window. Poof. You could encrypt every piece of data with 10 types of encryption, and this method would still be unaffected.
Solutions would include activly monitoring people's disconnects, and looking for players who frequently disconnect within a second of a hostile entering the system on a consistant basis. This type of monitoring could work, and is why i've never understood CCP's and other MMO companies reasoning for allowing their players to mirror their clicks across clients. Mirrored clicking would have been an awesome way to detect macrominers. Simply watch for several clients on the same IP who send the exact same command at the exact same time.
Another solution would be to extend the ammount of time your ship is left in space after you disconnect. Perhaps extend the 15 minute timer to when you've engaged NPC's as well. This would certainly stop this!
. Perhaps extend the 15 minute timer to when you've engaged NPC's as well. This would certainly stop this!
NO NO NO, i have been in a mission in a 2b ship and i DC'd on entering, came back with 30% hull!!! do not EXTEND this timer! Hell no! Dont even go there lol.
|
|
yumike
|
Posted - 2011.03.27 20:57:00 -
[71]
Saying your gonna watch the process is fine, but there's nothing too hard about getting around that either.
to be completely honest it doesn't matter what kind of security measures the client side has - as the person who gets to tailor the software specific to your medium will always have the upper hand since your showing all your cards.
- sniff network traffic - read memory - force a page file and read that instead - so long as client passes crc/patching (might require some packet mangling depending how rigorous the check is) you could effectively op out of all the security running in the client
hell you could even setup a proxy that would be able to do it. have client connect to proxy. report bad checksum, proxy cleans the packet ships it off to server and sends the client back an 'ok go ahead and connect as normal' I actually threw something like this together for a certain workaround about ten years ago took all of two days.
The only solution to the issue is a real gameplay change.. no amount of software level cleverness will really matter.
|
Terminal Insanity
Minmatar Brutor Tribe
|
Posted - 2011.03.27 21:00:00 -
[72]
Originally by: Miilla
NO NO NO, i have been in a mission in a 2b ship and i DC'd on entering, came back with 30% hull!!! do not EXTEND this timer! Hell no! Dont even go there lol.
Your ship could warp away still. and remain at that 1au safespot for 15 minutes (allowing players time to probe and kill you)
I think this would be the best solution. People already risk much more then 2b to this game mechanic during pvp. Extending it to pve isnt a bad idea if it cuts down on macro ***s.
|
Miilla
Minmatar Hulkageddon Orphanage
|
Posted - 2011.03.27 21:03:00 -
[73]
Edited by: Miilla on 27/03/2011 21:03:29
Originally by: Terminal Insanity
Originally by: Miilla
NO NO NO, i have been in a mission in a 2b ship and i DC'd on entering, came back with 30% hull!!! do not EXTEND this timer! Hell no! Dont even go there lol.
Your ship could warp away still. and remain at that 1au safespot for 15 minutes (allowing players time to probe and kill you)
I think this would be the best solution. People already risk much more then 2b to this game mechanic during pvp. Extending it to pve isnt a bad idea if it cuts down on macro ***s.
You think I wasnt clicking WARP?
I tried but it was lagged due to the DC, not responding. Once you are locked, you cannot warp on disconnect for 15 minutes jesus do not extend that lol.
|
Aeronwen Carys
|
Posted - 2011.03.27 21:07:00 -
[74]
Originally by: Miilla Edited by: Miilla on 27/03/2011 21:03:29
Originally by: Terminal Insanity
Originally by: Miilla
NO NO NO, i have been in a mission in a 2b ship and i DC'd on entering, came back with 30% hull!!! do not EXTEND this timer! Hell no! Dont even go there lol.
Your ship could warp away still. and remain at that 1au safespot for 15 minutes (allowing players time to probe and kill you)
I think this would be the best solution. People already risk much more then 2b to this game mechanic during pvp. Extending it to pve isnt a bad idea if it cuts down on macro ***s.
You think I wasnt clicking WARP?
I tried but it was lagged due to the DC, not responding. Once you are locked, you cannot warp on disconnect for 15 minutes jesus do not extend that lol.
Given up on the fail troll and switching subjects already miilla? I am disappoint. Though not surprised.
|
yumike
|
Posted - 2011.03.27 21:09:00 -
[75]
Originally by: Miilla
You think I wasnt clicking WARP?
I tried but it was lagged due to the DC, not responding. Once you are locked, you cannot warp on disconnect for 15 minutes jesus do not extend that lol.
It doesn't matter if your client is locked up, as soon as the server sees the client isnt there, if it can you enter emergency warp. That is from my understanding Does this player have GCC? - if so they stay in space for 15 minutes. Is this player warp scrambled - y/n with obvious effect.
He's not saying you wouldnt ewarp on a DC for example. Just that your ship would be in space for 15 minutes as if you had just ganked someone on a gate.
|
Miilla
Minmatar Hulkageddon Orphanage
|
Posted - 2011.03.27 21:13:00 -
[76]
Originally by: yumike
Originally by: Miilla
You think I wasnt clicking WARP?
I tried but it was lagged due to the DC, not responding. Once you are locked, you cannot warp on disconnect for 15 minutes jesus do not extend that lol.
It doesn't matter if your client is locked up, as soon as the server sees the client isnt there, if it can you enter emergency warp. That is from my understanding Does this player have GCC? - if so they stay in space for 15 minutes. Is this player warp scrambled - y/n with obvious effect.
He's not saying you wouldnt ewarp on a DC for example. Just that your ship would be in space for 15 minutes as if you had just ganked someone on a gate.
You cannot warp on logoff if you are agressed, that takes 15 minutes.
No GCC no scrambled. Just agressed. That is enough to cause the 15 warp delay timer.
This was a change they did a few patches ago.
|
yumike
|
Posted - 2011.03.27 21:17:00 -
[77]
Originally by: Miilla You cannot warp on logoff if you are agressed, that takes 15 minutes.
No GCC no scrambled. Just agressed. That is enough to cause the 15 warp delay timer.
This was a change they did a few patches ago.
I haven't played a ton since tyrannis, so any new lowsec mechanics are beyond me. But if that's really the case, if a workaround was implemented as a feature it might be a step in the right direction.
Though the in-game work around will just be effected by another in-game work around (cloak).
|
Erichk Knaar
Caldari Noir. Noir. Mercenary Group
|
Posted - 2011.03.27 21:23:00 -
[78]
ITT: People who don't pvp much.
The 15 minute aggression timer goes into effect if you are engaged or engage another player. This is different to GCC, which will stack on top of the aggression timer, this gets applied for criminal acts. The GCC means gate/station guns and Concord (if in hisec) will engage you.
Under the effects of the aggression timer, you still ewarp if you quit (or DC) if it is possible to do so (not tackled).
I fully support adding this for pve, the bot problem would end p. quickly, as they would be decimated and it would likely become very un-profitable. I don't see it happening though, because the whining would be epic.
|
Barakkus
|
Posted - 2011.03.27 21:34:00 -
[79]
Originally by: me me2
They are using GameGuard nProtect to do this.
It runs as a rootkit.
And you can hide any hack you want pretty easily, Gameguard won't do **** for custom written stuff. If someone wants to write their own bot or hack there's nothing Gameguard will do to detect it since it relies on signatures.
Here's a good example of something someone could use to hook EVE's process or hide a hack in a legitimate system process: http://help.madshi.net/madCodeHook.htm
- - [SERVICE] Corp Standings For POS anchoring
|
Miilla
Minmatar Hulkageddon Orphanage
|
Posted - 2011.03.27 21:36:00 -
[80]
Edited by: Miilla on 27/03/2011 21:37:06
Originally by: Erichk Knaar ITT: People who don't pvp much.
The 15 minute aggression timer goes into effect if you are engaged or engage another player. This is different to GCC, which will stack on top of the aggression timer, this gets applied for criminal acts. The GCC means gate/station guns and Concord (if in hisec) will engage you.
Under the effects of the aggression timer, you still ewarp if you quit (or DC) if it is possible to do so (not tackled).
I fully support adding this for pve, the bot problem would end p. quickly, as they would be decimated and it would likely become very un-profitable. I don't see it happening though, because the whining would be epic.
So why wasnt i ewarping? I wasnt scrammed, perhaps it thought I was still online but no modules active but I was effectively disconnected, well the client was running but not responding due to no internet traffic.
Perhaps the best thing to do there is to actually kill eve? I suspect that wont fix that problem either on ISP disconnect, I use mobile connections sometimes. Perhaps the ewarp only works if the server Kills the socket.
|
|
Erichk Knaar
Caldari Noir. Noir. Mercenary Group
|
Posted - 2011.03.27 21:37:00 -
[81]
Edited by: Erichk Knaar on 27/03/2011 21:38:51 Train better navigation skills.
Actually, yes, the server has to realize you are DCed before you ewarp. This generally doesn't take very long.
|
Miilla
Minmatar Hulkageddon Orphanage
|
Posted - 2011.03.27 21:39:00 -
[82]
Originally by: Erichk Knaar Train better navigation skills.
I was aligned and my skills are high already.
|
Erichk Knaar
Caldari Noir. Noir. Mercenary Group
|
Posted - 2011.03.27 21:43:00 -
[83]
Doesn't change the mechanics. Maybe CCP was trolling you by having the rats bump you.
|
Terminal Insanity
Minmatar Brutor Tribe
|
Posted - 2011.03.27 21:45:00 -
[84]
Originally by: Miilla bleh
obviously you do not understand how the timers work. When you are disconnected, your ship will automatically warp 1au away to a random safespot and remain there untill its timer is over.
Unless, of course, you are warp disrupted/scrammed, in which case your ship will remain in its original location until the timer causes the ship to disappear, or you are blown up, or the scram is disrupted somehow.
Considering these are just obvious troll posts i dont think its any use arguing about this anymore, since i've put a nail in your argument and now you're resorting to arguing with complete ignorance of the subject. Enjoy your ban or gag whenever ccp looks away from re-touching the turret models =P
btw, i cant wait for the new backdrops! ****ing about time!
|
Hieronimus Rex
Minmatar Infinitus Sapientia New Eden Research.
|
Posted - 2011.03.27 21:45:00 -
[85]
EASY SOLUTION: put a hostile cloaker alt in every bot system.
|
Miilla
Minmatar Hulkageddon Orphanage
|
Posted - 2011.03.27 21:54:00 -
[86]
Originally by: Hieronimus Rex EASY SOLUTION: put a hostile cloaker alt in every bot system.
I like this idea! AFK Cloaker in every nullsec system!
|
Dr BattleSmith
PAX Interstellar Services
|
Posted - 2011.03.27 22:23:00 -
[87]
Edited by: Dr BattleSmith on 27/03/2011 22:26:15
Originally by: Miilla
You discovered a universal exploit to hack all SSL connections? You should post your whitepaper immediately, the entire banking industry is in chaos and e-commerce is dying.
Sounds like he's talking about ARP DNS cache poisoning. It's possible to insert yourself in the middle of a route and become the new certificate authority.
Done poorly the user is warned that the cert is incorrect. Done in combination with a remote exploit and it's undetectable.
Never leave your internet banking session logged in, always hit the logout button the moment you have finished.
Never use Wifi for internet banking.
Originally by: Miilla
SO, your entire argument is "wasting CPU cycles".
Individual users wouldn't notice the waste. CCP would have to put a wall of high end encyption machines into the infrustucure to deal with the massive amounts of CPU needed to decrypt that volume of traffic.
"lots"
|
|
|
|
Pages: 1 2 [3] :: one page |
First page | Previous page | Next page | Last page |