Git Repository Hacked
#81
Posted 20 August 2013 - 07:12 AM
#82
Posted 20 August 2013 - 09:45 AM
on first join:
player opens urt client
player enters username+password and client sends to auth server
if correct, auth server gives client a random 'auth key' eg. HJSGDKFHSFS3243GHJ which is also stored in the auth server user database
on subsequent joins:
player opens urt client
still use same 'auth key' from last time
no need to login
when player connects to game server:
client tells auth server it wants to be authed in a given game server(client also sends a random key different every time he connects to a server)
client sends auth key with this information (also to auth server)
if the clients auth key matches the 'current' auth key (in the auth server database)
- then auth server tells the gameserver that that player is to be authed and gives the gameserver the random key
- the gameserver just has to check that the random key from the auth server and the random key from the client match up
- the game server now knows for sure that the player is who he claims to be
analysis
a malicious client(modified) cannot steal identity since the auth key lookup would fail
a malicious server cannot steal the players identity since the server never gets to see the auth key
#83
Posted 20 August 2013 - 12:57 PM
Frankie V, on 19 August 2013 - 04:51 AM, said:
You did not read my post carefully. I was saying that I don't believe your modified ioq3 engine would be GPL-2 if it wasn't for the COPYLEFT.
read https://www.gnu.org/...t/copyleft.html
#84
Posted 20 August 2013 - 04:44 PM
sun2, on 20 August 2013 - 09:45 AM, said:
OR you could simply do something similar to SSH or other standard encryption.
http://www.wimp.com/howencryption/
Im guessing that this is how it was set up in the first place... but anyway...
#85
Posted 20 August 2013 - 11:41 PM
hasufell, on 20 August 2013 - 12:57 PM, said:
read https://www.gnu.org/...t/copyleft.html
My apologies Hasufell for taking your words out of context. We are simply not use to the shear amount of support we have been receiving and really thought of the incident as yet another day to deal with.
Quote
Moment over
As a personal comment I would like to thank all of you for showing your support, it means a lot, and I'm positive that the rest of the team feels the same way.
#86
Posted 21 August 2013 - 12:52 AM
Frankie V, on 20 August 2013 - 11:41 PM, said:
Aww, Frankie.
By this definition, code is only closed if all the media it’s on is shredded, burned, encased in concrete and dropped into the Mariana Trench.
Really, this whole post looks like something found on the barn wall of a certain farm.
Beginner’s Guide to Urban Terror (woefully out of date)
Daily Deadnade (Last updated September 9, 2016)
#87
Posted 21 August 2013 - 02:03 AM
Offtopic - I got 3 paragraphs into the FSF definition of 'free software' before realising they were *^$%ing nuts. I'll stick with the OSI definition of open source TYVM.
#88
Posted 21 August 2013 - 09:12 AM
#89
Posted 22 August 2013 - 12:29 PM
thumb, on 21 August 2013 - 09:12 AM, said:
Ditto. The community supports you.