CS378: Game Technology

1
CS-378 Game Technology

• Lecture 21 Sound/Cheating
• Prof. Okan Arikan
• University of Texas, Austin
• Thanks to James OBrien, Steve Chenney, Zoran
  Popovic, Jessica Hodgins
  
• V2005-08-1.1

2
Today

• Announcements
• Final stage
• Code/assets
• Web page
• Poster
• Demo
• Best 3 projects will win games
• Networking / sound / cheating

3
Building for Networking

• It is generally agreed that networking must be a
  consideration from the start of development
  
• There are many good practices see game
  programming web sites for tips (and descriptions
  of past mistakes)
  
• One good practice Access all data through a
  consistent interface, which both the networking
  and local code uses
  
• Avoids different side effects from different
  access points
  
• Can check for validity of data in one place,
  which makes checking for network errors easier
  
• Can decrypt/encrypt in one place
• Can automatically propagate data onto network

4
Sound standards

• Sound Blaster
• DS3D / OpenAL (3D interfaces)
• A3D
• Reads 3D description of the scene
• Renders sound
• Includes atmospheric effects, volumetric sound,
  mp3 playback etc.
  
• dead
• EAX
• Defines parametric effects (such as reverb)

5
A bit of Trivia
6
A bit of Trivia
Ralph Baer
7
Cheating

• Its an arms race
• http//www.gamasutra.com/features/20000724/pritcha
  rd_01.htm
  

8
Why Care About Cheats?

• Online gaming is big business
• Cheats can achieve financial advantage
• Competitive games with prizes are the obvious
  example (casinos)
  
• Also consider EverQuest People play the game,
  build good characters, and then auction them on
  ebay. If they can cheat to obtain good
  characters, they are achieving unfair financial
  advantage
• Cheats can ruin the game for everyone
• Players tend to have a strong sense of fairness
• If they believe they are being cheated, they will
  not play, and you will not make any money
  
• Single player cheaters typically only affect
  themselves, so you dont care

9
Sources of Cheats

• Reflex augmentation Use a cheat to improve some
  aspect of physical performance, such as the
  firing rate or aiming
  
• Authoritative clients Clients issue commands
  that are inconsistent with the game-play, or
  mimic the server
  
• Information Exposure Clients obtain information
  that should be hidden
  
• Compromised servers A hacked server biases
  game-play toward the group that knows of the
  hacks
  
• Bugs and Design Loopholes Bugs are found and
  exploited, or parts of the program intended for
  one purpose are used for another
  
• Environmental Weakness Differences or problems
  with the OS or network environment are exploited

10
Observations About Cheating

• The only way to make a system 100 secure is to
  completely isolate it (Eric Brewer, 1996)
  
• Pritchards Rules (Gamasutra article)
• If you build it, they will come - to hack and
  cheat
  
• Hacking attempts increase as a game becomes more
  successful
  
• Cheaters actively try to control knowledge of
  their cheats
  
• Your game, along with everything on the cheaters
  computer, in not secure - not memory, not files,
  not devices and networks
  
• Obscurity is not security
• Any communication over an open line is subject to
  interception, analysis and modification
  
• There is no such thing as a harmless cheat
• Trust in the server is everything in
  client-server games
  
• Honest player would like the game to tip them off
  to cheater, hackers hate it

11
Reflex Augmentation

• Aiming proxies intercept communications, build a
  map of where people are, and automatically shoot
  them
  
• Rapid-fire proxies take each shoot packet and
  replicate it
  
• Fix 1 The server validates player actions - if
  they are too good the player is considered a
  cheat and kicked out
  
• Whats hard about this?
• Fix 2 Make it difficult to insert non-valid
  packets
  
• Encrypt the packets, but your encryption must be
  cheap, and cheap encryption can be broken
  
• Make the encryption depend on the game state or
  other time-dependent random value. Hard to do
  with UDP. Why?
  
• If using guaranteed delivery (TCP) serialize
  packets with a unique sequence of numbers -
  cannot then replicate or insert extra packets

12
A Word on Encryption

• Typically A key known only to intended users
  is used to convert regular data into something
  that looks random
  
• Cannot go from random data back to key, or to the
  real data
  
• Many ways to come up with the key
• Agree on it ahead of time
• Transmit it key exchange algorithms
• Derive it from somewhere else in such a way that
  all parties derive the same key (e.g. from game
  state)
  
• Most encryption algorithms work on blocks of a
  fixed size
  
• Split large amounts of data into smaller blocks
• Pad blocks that are too small

13
Authoritative Clients

• Occurs when one players game informs everyone
  else that a definitive event has occurred e.g. I
  just got a power-up
  
• Hacked clients can be created in many ways
  change the executable, change game data in other
  files, hack packets
  
• Fix is to insert command request steps
• Player request an action, its validity is
  checked, it is sent out on the network, and added
  to the players pending event queue
  
• Incoming actions also go on the pending queue
• Actions come off the pending queue, are validated
  again, and then are implemented
  
• Sometimes validation is hard to get right, so try
  synchronization
  
• Occasionally send complete game state around, and
  compare it
  
• Actually, send something derived from complete
  game state

14
Information Exposure

• Some classics Modify the renderer to make walls
  transparent, modify maps to remove the fog of
  war
  
• Basically, display variables must be modified in
  memory, or read out and displayed elsewhere
  
• Hackers are very good at finding the locations of
  key data in memory, and modifying them
  transparently
  
• Fixes
• Check that players agree on the value of certain
  variables, and the validity of actions -
  synchronization again
  
• Note that you can look for actions that cannot be
  valid with the correct display
  
• Compile statistics on drawing, and see of they
  look off (eg polygons drawn)
  
• Encrypt data in memory to avoid passive attacks

15
Environment Tweaks
Return to Castle Wolfenstein
Hijack GL
16
Compromised Servers

• Many servers have customization options, and the
  community is encouraged to modify the server
  
• This is completely legal
• However, as a game becomes popular, naïve people
  start to play the game
  
• They do not have the skills or knowledge to check
  that the server they are playing on is pure
  
• They will grow frustrated, blame the developer,
  and complain to their friends
  
• Some modifications can be very insidious, and may
  not be legal. For example, hack the server to do
  different damage for opponents
  
• Solution is to warn people when they connect to
  the server, and about any other non standard
  properties (found through validation)

17
Bugs and Design Issues

• Some bugs enable cheating, such as a bug that
  enables fast reloading, or one that incorrectly
  validates commands
  
• Some design decisions make cheating easier
• Embedding cheats codes in single player mode
  makes it easy for a hacker to track down the
  variables that control cheats
  
• Poor networking or event handling can allow
  repeat commands or other exploitations
  
• Age of Empires and Starcraft example all
  resource management is done after all events for
  a turn are processed. Poor networking allowed
  multiple cancel events on the queue, which
  restored multiple resources
• Solution is to avoid bugs and think carefully
  about the implications of design decisions on
  hacking

18
Environmental Weaknesses

• Facilities to deal with the OS or network may
  leave you vulnerable to some forms of attack
  
• Interaction with the clipboard can introduce
  non-printable characters
  
• Interaction with almost any scripting language
  may leave you open to hacks not related to the
  game itself (ie your game could be a way in)
  
• Network connection drops or overloading can cause
  problems
  
• Some cheats destroy the game for every player
  (tip the board) which can be useful if you are
  losing
  
• Others knock off a specific player (your worst
  enemy, one assumes)

19
The Moral of the Story

• You cant win, you just try to make cheating as
  hard as possible and contain the damage

20
Career in Games

• Game specific programs
• SMU Guildhall
• CMU ETC
• USC EA Game Innovation Lab
• Full Sail