(1.11) No restriction on modded modules for online activity


#1

I seem to be able to do Encounter at Andromeda, or to fight challenges, with modded modules; the ludicrous Encounter at Andromeda score I just posted demonstrates the possibilities. Surely these parts of the game should only be scored online if you are using unmodified modules only?


#2

I agree. What’s the point of a highscore table if one can use mods to get an arbitrarily high score?


#3

This could be enforced but it basically means checking every single piece of data on the client side against copies on the server side every time you post a challenge.
And then…
You could pause the game at the end of the battle just before you submit the score, open up some fiddly binary editor, and do clever hacks to change the values in RAM so they looked legit.
If you really wanted to get on the high score table that badly. It’s pretty impossible to prevent 100%. You can prevent it 99.9%, but you only need one user who is determined to spoil the highs cores to wreck the whole thing.
I’d prefer to not have to dedicate a lot of time, and bandwidth and everyone’s CPU and hard drive into preventing this. I can delete any high score entry we know to be fake. I’d rather just do that. What does everyone else think?


#4

It sounds fair, after all, it would be an needless amount of work on your end, and it would never be foolproof. But some casual mod-checking might still be a good idea, if only to prevent accidental illegal scores due to someone forgetting they had a mod installed.


#5

I’d say, take a multi-tiered approach to the problem. Make some basic client-side checks to filter out 90% of the obvious stuff. For the other 10%, either rely on people reporting scores for you to delete (which, if the game is successful, will take up a lot of your time), make a moderation group who has that responsibility, or use some more robust server-side tests, like uploading the battle info (not the results) and running the battle server-side.


#6

Delete highscores every day/week automatically.


#7

I think such solution might work, although I haven’t had much experience in this particular field, mostly know some raw theory - namely to create a “packed archive” with all the data stored both on client & server. When a challenge is chosen it could load data only from this file after it’s been first verified, using checksum (although as far as I remember it’s not very reliable when it comes to intentional) for instance or, better, hashing, client-side, then server-side after victory or when uploading score. Of course it’d have its downsides and would require updating the key… still, it might become too cumbersome when people start uploading “cheat fleets”. Also, I can’t really remember how expensive using checksum/hashing was. So, yeah. :wink:

On the other hand for instance Audiosurf uses user-controlled scoreboards with the ability to view the track’s map/length etc. letting others report suspicious scores. Not sure how that’d work in GSB though, unless you could view replays or view module stats of the uploaded fleet.


#8

I don’t know how much effort it would be to implement, but it does seem like basic client-side security would be a good idea. It would likely filter out a vast majority of casual cheaters and people simply forgetting to disable a mod before playing.

If there is a determined .1 percent out there who want to wreck things, well, at least it’ll leave you with fewer bogus scores to deal with/accounts to ban.


#9

I think an anti-cheat system could be a lot simpler than that. Why not upload the fleet setup along with the score? If there were questions about authenticity Cliffski could check out that fleet.

Better yet, since most people wouldn’t try to cheat their way to the bottom of the list, only upload the fleet if the score would be in the top 20 or something. A server-side simulation could even be done to see if the score is reasonable (within a few %?) before posting it.


#10

Yeah, this would work as well. It’s just that building in some basic security might drastically cut down on the number of suspicious scores that would have to be double-checked.

Personally, I’d like to see fleets uploaded for another reason - I want to see what other people are doing that works well! It’d be cool if we could all view the best uploaded fleets in-game. I guess it sort of undermines the whole competitive aspect of it, though, so maybe we won’t be seeing that. :-/


#11

If the game’s successful, the tide of bogus scores could become unmanageable. Particularly, people are always going to be uploading scores from modded versions inadvertently.

I would suggest a twofold approach. First, make sure it’s easy to play unmodded, with a facility to install a separate modules directory for each mode and a mod switching facility. If you’re doing an online-scored activity, check checksums for editable data files, warn the user if the base data has been edited that a score will not be uploaded.

Second, upload with a high score the fleet description and RNG seed (not much data). Check the very highest scores, and responses to challenges with disproportionately low losses, automagically; I’m guessing without graphics, the computation involved in resimulating them is not much [1].

[1] Better yet, distributed checking. Give me a tickybox that says “If GSB is idle, download scores in need of checking from the Internet”. I tick it; the central servers feed me the data to be checked. They send each thing to multiple randomly-selected users, so I can’t compromise my copy to reject all checks out of malice.

In this situation there’s a small increase in bandwidth, and a modest use of CPU for people who have permitted their CPU to be used.

I know this means work but I think the alternative is to have the high score table become meaningless. Of course my submitted score is obviously wrong, but if I were malicious - and someone will be - it would be easy to arrange strong-looking scores.

ETA: I think it is absolutely vital that this whole process happen without per-score human intervention. Otherwise it will become quite unmanageable.