Hyper.nl Unreal Services The forum of Hyper.nl Unreal Services and the semi-offical resource for Winged Unicorn's Unreal mods    FAQ   Search   Memberlist   Usergroups   Register   Profile   Log in to check your private messages   Log in  GemDagger using "Password=" ?          Hyper.nl Unreal Services Forum Index -> The Website View previous topic :: View next topic   Author Message Zombie Joined: 27 Jan 2004 Posts: 295 Posted: Wed Aug 18, 2004 9:07 pm    Post subject: GemDagger using "Password=" ? I read on the website that BoddaFlow's GemDagger now has security using the old password system. While it certainly aids in inventory stealing it is still possible for the password to be stolen and re-used. When the password is entered in the command line it saves it to the player's URL options string. Whenever the player joins other servers it is printed in their server console logs. So I advise not to join servers where you think the admin may try to steal your information and re-use it. Another option is to re-start Unreal with a blank "Password=" user.ini entry. If inventory protection is starting to get popular I might try to crack into this field and write an advanced identification system which can be used for inventory stealing protection. It would spawn onto clients to gather further information and send it back to the server where it could compare with any other mod which needs it. -Zombie Back to top Hyper Joined: 24 Jan 2004 Posts: 1227 Location: Middelburg, The Netherlands Posted: Wed Aug 18, 2004 9:56 pm    Post subject: I know about this problem. That's why I advise players to NOT use a password that's identical to any other passwords, AND to change the pass from time to time. The security has it's problems (The password from the user.ini can not always be accessed for some reason) but it's certainly better than no protection at all. _________________ Alter your reality...forever. Hyper.nl Unreal Services unreal://hypercoop.tk Back to top Zombie Joined: 27 Jan 2004 Posts: 295 Posted: Thu Aug 19, 2004 3:09 am    Post subject: Hyper wrote: I know about this problem. That's why I advise players to NOT use a password that's identical to any other passwords, AND to change the pass from time to time. Yea, I just caught that in between your example pictures in the instructions. The password thing should be okay if the player does the right things, but there might be easier ways that could be done with minimal or no player procedures. Back to top Hyper Joined: 24 Jan 2004 Posts: 1227 Location: Middelburg, The Netherlands Posted: Thu Aug 19, 2004 1:06 pm    Post subject: Zombie wrote: Hyper wrote: I know about this problem. That's why I advise players to NOT use a password that's identical to any other passwords, AND to change the pass from time to time. Yea, I just caught that in between your example pictures in the instructions. The password thing should be okay if the player does the right things, but there might be easier ways that could be done with minimal or no player procedures. Easier ways, and still as effective? How? _________________ Alter your reality...forever. Hyper.nl Unreal Services unreal://hypercoop.tk Back to top Zombie Joined: 27 Jan 2004 Posts: 295 Posted: Thu Aug 19, 2004 5:34 pm    Post subject: Well, it is part of the idea of spawning an actor on the client to retrieve certain unique information and send it back to the server. That information from the client can be compared automaticaly after connection with already logged information on the server and if they don't match it will strip the player bare. This method has actually been discussed with somebody I've talked to who has contact with Booda so he might be informed and already writing something like that. -Zombie Back to top Hyper Joined: 24 Jan 2004 Posts: 1227 Location: Middelburg, The Netherlands Posted: Fri Aug 20, 2004 5:55 pm    Post subject: Zombie wrote: Well, it is part of the idea of spawning an actor on the client to retrieve certain unique information and send it back to the server. That information from the client can be compared automaticaly after connection with already logged information on the server and if they don't match it will strip the player bare. This method has actually been discussed with somebody I've talked to who has contact with Booda so he might be informed and already writing something like that. -Zombie I already suggested such an idea, with a client part which captures the needed data, and then sends it to the server part for comparison. But building it is of course a lot more difficult. _________________ Alter your reality...forever. Hyper.nl Unreal Services unreal://hypercoop.tk Back to top Display posts from previous: All Posts1 Day7 Days2 Weeks1 Month3 Months6 Months1 Year Oldest FirstNewest First         Hyper.nl Unreal Services Forum Index -> The Website All times are GMT + 1 Hour Page 1 of 1   Jump to: Select a forum ~ The Unreal Universe ~----------------NewsHelpDeskProjectsUnreal server setup, administration and troubleshootingGeneral ~ Hyper.nl Unreal Services ~----------------Network / Server status messagesThe WebsiteHyperCoopHyperDMHyper.nl Crystal CastlesOther tools / services ~ MCoop 2.3 & AKMCoop 2.01 ~----------------Download & InfoSupportTutorials ~ Winged Unicorn's other Unreal mods ~----------------Download ~ The Forum Management ~----------------Moderator Forum  You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum Powered by phpBB © 2001, 2005 phpBB Group