Forums | Chat | News | Contact Us | Register | PSU Social |
PSU: Dog for sale: eats anything and is fond of children.
Forums | Chat | News | Contact Us | Register | PSU Social |
2012-06-16, 11:33 AM | [Ignore Me] #31 | |||
Captain
|
And in all fairness you look at all of SOEs MMO's and you wont find hacks. Other than planetside which we have to admit is ancient.
__________________
|
|||
|
2012-06-16, 11:34 AM | [Ignore Me] #32 | ||
Master Sergeant
|
You don't have to invite them, they'll come all by themselves.
The question is: Will the mods swing a Ten-Ton Ban Hammer fast and often enough to put a dent in their numbers. What I wish for is a suit of ban options to be leveled on cheaters all at once: Account Ban IP Ban MAC Ban OS S/N Ban Video S/N Ban CPU S/N Ban ISP Router Ban (when applicable) By locking out multiple identifiers at once - the mods have a better chance at frustrating hackers and forcing them to jump though many hoops if they want to attack our game again. I hope the Mods have the courage to ruthlessly ban on sight, without warning, and without appeal and lose what SOE will (mistakenly) consider a revenue source. |
||
|
2012-06-16, 11:36 AM | [Ignore Me] #33 | ||
Captain
|
To be honest people that tend to hack wont pay for anything. Thats was even stated in APB quote in this thread someplace.
So banning will come thick and fast im sure. As there not loosing money.
__________________
|
||
|
2012-06-16, 11:38 AM | [Ignore Me] #34 | ||
Captain
|
thats not actually true i dont want to bring up non planetside things but look at the leader of anonymous. anyways i think it would be a good idea to hire hackers for temp job showing the anti hacking team what exploits are available. We also dont know a whole lot about the actually team itself for all we know they could be ex hackers hired to do it
|
||
|
2012-06-16, 12:11 PM | [Ignore Me] #36 | |||
Staff Sergeant
|
That's really insulting. Network security guys do have ethical codes about things, report any breaches, never mess with the clients data, etc. Like I said, we aren't talking about people who just hack for fun and lulz, we're talking about professionals. |
|||
|
2012-06-16, 12:25 PM | [Ignore Me] #37 | ||
First Sergeant
|
A few people seem to be making some very broad generalizations and assuming that everyone that could be classified as a "hacker" is a "black hat hacker" and is somehow going to be trying to make money by hacking PS2 (Doesn't seem likely, I mean, they'd have to hack the website and upload a trojaned version of the game or something as a new patch, and it would probably get spotted by AV software unless they used something they wrote from scratch, or a rootkit against an AV software that can't detect it trying to install, and one hopes that the folks running the website hosting the patches, game installers, etc, are paying attention to keeping it secure nowadays), and that no "hackers" would ever pay for anything (ludicrous).
Are you assuming that there are no "white hat hackers?" Although they may be looking for exploits, their purpose in doing so is not to use them for any kind of advantage but to report them in a sufficiently detailed report such that they can be corrected, to improve the game. Personally, if I find an exploit in the beta, I would report it. I want the game to be as exploit-free as possible (and I mean exploits, not balance issues), because I want to play a fair game, which means it's obviously in my best interests and the best interests of anyone else thinking the same thoughts to report all exploits that I or they find. Of course, getting enough detail to make a really good report may require a fair amount of testing, e.g. to determine what is actually going on and make sure you're not going to submit an incorrect report blaming the wrong thing for the issue, how to reliably reproduce it, etc, whether we're talking about normal bugs or something exploitable. Also, the kind of hacks that you hear about on the news are different from exploits in games, which tend to be along the lines of flaws in game logic allowing you to do something you aren't supposed to be able to do, such as (random example) bypassing ability cooldowns by doing something which happens to reset the cooldowns to 0 which really shouldn't be doing so, or glitching through walls using vehicles, or any number of other things. On the more complicated and effort-requiring end, investigating the messages between the client and server (a lot of effort without source, so probably not worth it if the devs have their own team) to see if it would be possible to exploit anything there, such as making guns say they hit all the time if the hit detection is client-side, or attempting to tell the server that you've pulled off an impossible maneuver / acceleration / deceleration to see if it validates the client's input properly (rejecting invalid input, or constraining input to valid values). It isn't impossible for someone without source access to test things that would require modifying the client or understanding and possibly modifying the datastream between client and server, it's just more difficult and requires a ton of effort (usually). |
||
|
2012-06-16, 01:06 PM | [Ignore Me] #38 | ||
This is not likely the case. Professional whitebox and blackbox testers are frequently too expensive to retain permanently due to general demand. This is doubly so in the games industry, where salaries are already depressed due to supply. AppSec tends to get brought in for contract SDLC work, as a gate for promotion of code bases to production status, as a contractual requirement with a third party, or not at all.
|
|||
|
2012-06-16, 01:29 PM | [Ignore Me] #39 | ||
Master Sergeant
|
I would have thought the product would have gone through extensive and vigorous penetration testing before released into beta. This must be true after last years fun and us losing our personal details. A repeat incident would be lethal to SOE's reputation and Sony's stock.
|
||
|
2012-06-16, 01:31 PM | [Ignore Me] #40 | |||
Staff Sergeant
|
Please don't pretend to know what you're talking about. |
|||
|
2012-06-16, 01:40 PM | [Ignore Me] #41 | |||
|
||||
|
2012-06-16, 01:57 PM | [Ignore Me] #43 | |||
Master Sergeant
|
Free to play or not your still dealing with personal information, which is a commodity, so due diligence at least is expected. |
|||
|
2012-06-16, 02:13 PM | [Ignore Me] #45 | ||
Private
|
Actually, it was the exact opposite that was said. G1 and the APB devs were a bit dumbstruck that a good number of hackers spent money on the cash shop, since hackers get banned in waves instead of the moment they get detected, and there's some considerable amount of time between waves.
|
||
|
|
Bookmarks |
|
|