Captain Hindsight rocks :)
Advertisement
Urban Terror meets Github
Rate Topic:
#51
rastablaster 
Posted 07 June 2014 - 10:43 PM
MultiQuote
#52
Fenix
former FS member
Posted 08 June 2014 - 01:26 AM
hasufell, on 07 June 2014 - 10:38 PM, said:
This is contradictory.
On the one hand you are pro obscurity (because that's the only barrier you currently have against cheaters), on the other hand you decrease the chance of random collaborators by that obscurity.
Then you say there are not enough collaborators. And because there are not enough collaborators, you have to rely on obscurity to have anything against cheaters.
On the one hand you are pro obscurity (because that's the only barrier you currently have against cheaters), on the other hand you decrease the chance of random collaborators by that obscurity.
Then you say there are not enough collaborators. And because there are not enough collaborators, you have to rely on obscurity to have anything against cheaters.
It is not contradictory at all: keeping the code closed source require less time than creating an open source anticheat that works. There are not enough collaborators: well, if people do not apply to join FS it's not my fault. I did that, I did help, then I resigned because of this community (more or less 90% of the reason). If this community keeps bitching, people will keep quitting, hence game dev will be slower and the only one suffering from this it's the community itself. See how stupid this is???
hasufell, on 07 June 2014 - 10:38 PM, said:
I work for an open source project with more than 200 collaborators (for free, most of the time it just sucks ass) while I study and do other coding in my free time. So?
So you are a programmer, you got free time (apparently) and instead of helping you are just complaining. See what's wrong with this? Why don't you apply to join FS? Manpower is always welcome as far as I know
This post has been edited by Fenix: 08 June 2014 - 01:30 AM
Follow me: https://github.com/danielepantaleone
#53
matt
Posted 08 June 2014 - 11:59 AM
http://www.gamasutra..._the_scoop_.php is a nice read for everyone who is seriously interested on the topic of combating cheat development in multi-player games. On the first page he disproves your point that closed source development is of any help against cheat developers. In fact you are only measuring your popularity against other tactical shooters when claiming that obscurity helped you in the past. It is perfectly fine to say you don't want open development for reasons like keeping control over the project, but then don't complain that no one wants to enter your turf and don't spread FUD that Open Source is inherently insecure which you definitely should know better.
#54
hasufell
Posted 08 June 2014 - 12:40 PM
Fenix, on 08 June 2014 - 01:26 AM, said:
Why don't you apply to join FS?
I can tell you exactly why: because of
* not being full opensource with apparently no obvious reason as matt pointed out
* not having a real open development workflow (explained a few comments back what it means)
* reactions like these (you almost had me hacking on the code in order to make fixing this bug possible... and btw, last time I checked you were running code from zlib-1.1.3 which is ancient and has a lot of vulnerabilities)
If you care, you are probably interested in improving those points. Otherwise, just keep telling people to "stop complaining" and see if that helps with getting contributors on board.
matt, on 08 June 2014 - 11:59 AM, said:
http://www.gamasutra..._the_scoop_.php is a nice read for everyone who is seriously interested on the topic of combating cheat development in multi-player games. On the first page he disproves your point that closed source development is of any help against cheat developers. In fact you are only measuring your popularity against other tactical shooters when claiming that obscurity helped you in the past. It is perfectly fine to say you don't want open development for reasons like keeping control over the project, but then don't complain that no one wants to enter your turf and don't spread FUD that Open Source is inherently insecure which you definitely should know better.
++
#55
matt
Posted 08 June 2014 - 01:59 PM
See http://www.etlegacy.com/ and http://unvanquished.net are probably good examples on how hobbyists create successful idTech3 games in an open and collaborative way. There is also http://ioquake3.org/ itself. I recently stumbled upon the excellent now-standalone and Open Source http://www.thedarkmod.com/ which is using idTech4. You have to be aware that you are competing with these other games. There are few people skilled enough and willing to donate their free time to such huge and complex projects. Just try take our criticism in a constructive way. I am not really a community insider, but it seems to me you want to monetize on your completely proprietary free-to-play HD remake. Maybe it is time to rethink your strategy on the legacy Urban Terror in the future. I would love to see an actively developed fork that does the necessary cleanup without a gatekeeper who fears changes and is restrained by the commercial success of the company behind it.
#56
Fenix
Posted 08 June 2014 - 03:06 PM
@matt:
You can't ask me to take your criticism because I'm not anymore a FS developer so it's useless for you to get angry at me. I'm in your very same positon despite that I do believe that OSing UrT will be really bad (unless community prooves the contrary, but i doubt it)
You have to be aware that you are competing with these other games
That is exactly what you do not understand: FS doesn't care of competition. There is no trophy to win. FS does that just for fun as a HOBBY and not as COMMERCIAL game dev. They create the game. If people play the game they will be happy. If people don't play the game surely they won't commit suicide because of that.
I am not really a community insider, but it seems to me you want to monetize on your completely proprietary free-to-play HD remake
Take some time and read this forum. It has been stated several time that FS doesn't want to make money from UrT. They only income they have is from the ADs on this very website and all the incomes are used to pay services they need to keep UrT alive). Yes, you do not pay to play UrT, but someone else does. FS pays services and taxes and you guys come here on their forum bitching around. How would you feel if someone come into your house, that you paid with your money, and start pooping around??
@hasufell:
I can understand the reasons why you do not want to join FS. About the issue on github you linked, well TTimo replied to you and tbh I do not feel like I can contraddict what he said (he's TTimo after all).
About this: http://www.gamasutra..._the_scoop_.php
Well guys, feel free to help FS fighting hackers, nothing stops you, just yourselves
You can't ask me to take your criticism because I'm not anymore a FS developer so it's useless for you to get angry at me. I'm in your very same positon despite that I do believe that OSing UrT will be really bad (unless community prooves the contrary, but i doubt it)
You have to be aware that you are competing with these other games
That is exactly what you do not understand: FS doesn't care of competition. There is no trophy to win. FS does that just for fun as a HOBBY and not as COMMERCIAL game dev. They create the game. If people play the game they will be happy. If people don't play the game surely they won't commit suicide because of that.
I am not really a community insider, but it seems to me you want to monetize on your completely proprietary free-to-play HD remake
Take some time and read this forum. It has been stated several time that FS doesn't want to make money from UrT. They only income they have is from the ADs on this very website and all the incomes are used to pay services they need to keep UrT alive). Yes, you do not pay to play UrT, but someone else does. FS pays services and taxes and you guys come here on their forum bitching around. How would you feel if someone come into your house, that you paid with your money, and start pooping around??
@hasufell:
I can understand the reasons why you do not want to join FS. About the issue on github you linked, well TTimo replied to you and tbh I do not feel like I can contraddict what he said (he's TTimo after all).
About this: http://www.gamasutra..._the_scoop_.php
Well guys, feel free to help FS fighting hackers, nothing stops you, just yourselves
This post has been edited by Fenix: 08 June 2014 - 03:14 PM
Follow me: https://github.com/danielepantaleone
#57
FS Frankie V
-
FS chief admin
Assets Manager & Lead Animator
- Account: frankiev
-
Country:
- Joined: 10-January 10
- Posts: 2,910
Posted 08 June 2014 - 08:31 PM
matt, on 08 June 2014 - 11:59 AM, said:
http://www.gamasutra..._the_scoop_.php is a nice read for everyone who is seriously interested on the topic of combating cheat development in multi-player games. On the first page he disproves your point that closed source development is of any help against cheat developers. In fact you are only measuring your popularity against other tactical shooters when claiming that obscurity helped you in the past. It is perfectly fine to say you don't want open development for reasons like keeping control over the project, but then don't complain that no one wants to enter your turf and don't spread FUD that Open Source is inherently insecure which you definitely should know better.
Well given enough information I can prove that it was BladeKiller on the grassy knoll with a rusty pipe but it's still going to be an opinion with out the empirical evidence and as interesting as an “editorial†it's still an opinion based on implementation.
Also take into consideration that the article is dated July 24,2000, a year after Quake 3 was released and cheating “was†ramped it has about as much validity as a history book with the paragraph “Some day man will land on the moonâ€.
The problems of cheating today is of little relevance as to product, a game, as there is no profit from the developer side of things to add a key feature as a working AC solution and the amount of ongoing support is a money pit that given enough players of a given title, like WOW for example, the most common solution to the problem is to just ignore it or is solved once the shelf life, as product, expires due to the lack of interest.
As for the ideals of what is open and whats closed I have to admit I'm somewhat confused as most of the comments I see in this area, and since I'm not a coder, seems to be dated as well as to the ideological foundation of the individual as to yet again an opinion lacking a true definition of what is open and what is closed?
Now as I see it, from a artist/content creator stand point I'm some what forced to think in terms as to whats in the best interest of those who play the game, who are of the same mind that whats the big deal about “the codeâ€, and a simple count it's easy enough to come up with the total number of those who just want to play the game out number the total number of those who are interested in just getting the code.
As to the damage that can be done this has already been proven, least we forget the “leak†of the code including the simple AC in place, there are just some stuff that should not be released or known about as to how they operate, me including, if we need to “first†consider whats best for the players versus catering to a much smaller segment of the community.
And yes that leak hurt both parties as it proves that there are those that can not be trusted if their ideology is greater tan their common scene that the needs of the many out weights the “wants†of the few.
doing "stuff" with dead things.
#58
hasufell
Posted 08 June 2014 - 08:34 PM
Fenix, on 08 June 2014 - 03:06 PM, said:
(he's TTimo after all).
If that is argument enough for you to bundle vulnerable versions of libraries, then that is very sad.
This sounds like a static hierarchical system where the oldtimer has the say.
====
FYI:
zlib
https://github.com/B...on/unzip.c#L142
1.1.3 is vulnerable to probably a LOT of things, just one here http://www.zlib.net/...-2002-03-11.txt
A few diffs with the old source code and unzip.c show large portions of matches. You could argue that someone followed all zlib security advisories over the last decade and fixed them manually in unzip.c. Is that the case? I doubt anyone knows, the git history doesn't tell me either.
jpeg
how about jpeg-6 https://github.com/B...peg-6/README#L4
Want me to skim through all security vulnerabilities since 1998? I diffed your jpeg-6 subfolder against the original one... most of the differences are some whitespace things. The majority of the code seems unchanged.
Those are the things that make life easy for crackers. You don't really expect a cracker to read all your code do you? I just look at the list of vulnerabilities and pick one. No idea if any of that is actually a candidate for developing a cheat, but what about the guys who run this code on servers? Uh.
But hey... it was TTimo who closed the bug. Must be right... or so.
This is the difference between
a) "patches welcome"
and
b) "don't care, no time, don't bother me again"
#59
Fenix
Posted 08 June 2014 - 08:37 PM
hasufell, on 08 June 2014 - 08:34 PM, said:
If that is argument enough for you to bundle vulnerable versions of libraries, then that is very sad.
This sounds like a static hierarchical system where the oldtimer has the say.
====
FYI:
zlib
https://github.com/B...on/unzip.c#L142
1.1.3 is vulnerable to probably a LOT of things, just one here http://www.zlib.net/...-2002-03-11.txt
A few diffs with the old source code and unzip.c show large portions of matches. You could argue that someone followed all zlib security advisories over the last decade and fixed them manually in unzip.c. Is that the case? I doubt anyone knows, the git history doesn't tell me either.
jpeg
how about jpeg-6 https://github.com/B...peg-6/README#L4
Want me to skim through all security vulnerabilities since 1998? I diffed your jpeg-6 subfolder against the original one... most of the differences are some whitespace things. The majority of the code seems unchanged.
Those are the things that make life easy for crackers. You don't really expect a cracker to read all your code do you? I just look at the list of vulnerabilities and pick one. No idea if any of that is actually a candidate for developing a cheat, but what about the guys who run this code on servers? Uh.
But hey... it was TTimo who closed the bug. Must be right... or so.
This is the difference between
a) "patches welcome"
and
b) "don't care, no time, don't bother me again"
This sounds like a static hierarchical system where the oldtimer has the say.
====
FYI:
zlib
https://github.com/B...on/unzip.c#L142
1.1.3 is vulnerable to probably a LOT of things, just one here http://www.zlib.net/...-2002-03-11.txt
A few diffs with the old source code and unzip.c show large portions of matches. You could argue that someone followed all zlib security advisories over the last decade and fixed them manually in unzip.c. Is that the case? I doubt anyone knows, the git history doesn't tell me either.
jpeg
how about jpeg-6 https://github.com/B...peg-6/README#L4
Want me to skim through all security vulnerabilities since 1998? I diffed your jpeg-6 subfolder against the original one... most of the differences are some whitespace things. The majority of the code seems unchanged.
Those are the things that make life easy for crackers. You don't really expect a cracker to read all your code do you? I just look at the list of vulnerabilities and pick one. No idea if any of that is actually a candidate for developing a cheat, but what about the guys who run this code on servers? Uh.
But hey... it was TTimo who closed the bug. Must be right... or so.
This is the difference between
a) "patches welcome"
and
b) "don't care, no time, don't bother me again"
Instead of asking for job to be done, fork the code and send a pull request
Follow me: https://github.com/danielepantaleone
1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users
Advertisement