No, it's like Quakeworld already does, except it is much more precise (and also more CPU hungry), so instead of being able to see someone when he's far from the corner of the wall he's hiding behind, you will only be able to see him as he moves around the corner. Doesn't eliminate wallhack cheats completely, but it makes them pretty close to useless.

Neither is the obscurity module.


You could start by reading this very thread.


For your current 'solution', it's easy:
Time to break: 0 seconds
Benefits: None. Doesn't even work.
Drawbacks: Discriminates against people using alternative computers or operating systems.

I can only guess how much time you've lost on that 'solution', but you can provide some solid numbers. If you want to, but you probably don't.

So, OK, let's go this way. Please note that if you read this thread, you can already find one security measure which already exists, which you can use right now, but which you blissfully choose to ignore. But here's a proposal:

Idea: None
Parts: None
How it works: No parts, doesn't do anything
Implementation details: Again, none
Who will implement it: Nobody, it's already "implemented"
Timetable: You can use it now. Doesn't require a skilled coder nor an average QW developer.
Time to break: 0 seconds
Time to create: 0 seconds
Benefits: None. Doesn't even work.
Drawbacks: None

So there you go, it already exists, it has the same benefits as your 'solution', but it doesn't have any drawbacks, unlike your 'solution'.

Happy now?


Well, that works to your advantage. You keep claiming your 'security' module works, and those who don't understand the issue might even believe you. So yeah, somebody does benefit from ignorance, but it's not me. You can 'sell' your project thanks to people believing a lie.

90% of QW player don't know how to build their own CFGs from scratch, you really belive players will start to recompile their kernels just to cheat?

There's actually no public links for a ezQuake model cheat! So if a guy want to use hacked models, hel'll have to make his own hack or use yours! In both cases the majority of players will not be able succeed. Oh, and this is a lot of work for a stupid cheat that will not guarante any real advantage over a better player!

GL, Driver, radar, and all sort of visual cheats can be easily identified by mvdsv demos analysis and snapshots.

Aim bot, speedhack, etc O_o even my grandma knows when a player use this stuff.

Security module was never considered a 100% cheat free measure, it's just a "good start"! If a players has it working, means he fulfill the minimum requirements to play a serious game. Is that hard to understand this?

From your previous post it's clear you don't want to solve anything. Instead of helping with the development of a better solution to the problem (server or clientside), you prefer to release a exploit to it. You don't want to join ezQuake or mvdsv dev teams? Fine, do and release a public and better solution for it. In 10 seconds there'll be lots of players asking it to be integrated to the official version. But from your point of view, destroy somebody else's work is the better solution! Your behavior reminds me the bad guy from Die Hard 4 ("You don't listen to me? Well you'll see, I'll destroy all of you bastards"!

So if they can't recompile a kernel, what is the chance that they can make a cheat in the first place?


That's a common miconception. I have not released any cheats. You can't use a hacked model with what I've released. You still need to program a cheat.


Oh, and maybe I once again link to Enemy Detector for 3D Games (or did some anonymous moderator remove my link last time around?) Well, here it is: A public cheat for Ezquake (and other GL games) for Windows. And if some overzealous moderator decides to remove the URL, could you please leave the rest of the paragraph in there? Thanks.


Bingo. Do that.


OK, then what exactly is it we need an obscurity module which doesn't even work for?


Yes, because you could achieve the exact same goal without discriminating against people.


Of course I do. I want to solve the discrimination.


Well, then I'll say it's clear you didn't read the thread. A better solution has already been posted. Well, two have been posted.


I already have.


I didn't watch Die Hard 4. The Ezquake behaviour more reminds me of "oh, you're black, you're not welcome here", though.


(

Where can I download it?

Security module is aimed to protect against client binary modification hacks. It also have some protection against proxy cheat (f_server) but it is not really usefull.

Just spend some time and read rules-related flame-wars here (movement script, fakeshaft, teamoverlay, fallbunny, etc, etc) - this small changes in rules cause to pretty noticeable changes in game. People are not worried about aimbot, speedhack or wallhack - if some noob will use it, he and his team will be banned from league after the first match they win. This 'hard' cheats can be easily detected from demos.

The most dangerous cheats for qw is a league-allowed clients without rulesets. Lets imgine some div1 player took ezQuake sources, add some cheats to it:
- cl_brokenankle_sucks
- allow fullbright textures for backpack.mdl (VERY VERY EVIL CHEAT!)
- allow to replace eyes.mdl with player.mdl
- allow /packet command
- force client always reply ruleset: smackdown, fakeshaftff
- unblock cl_rollalpha variable
- unblock f_* triggers
then he compile client, and distribute it over his team....
I dont saw you playing in any leagues, so i assume you are noskill noob and at just dont understand why fb-textures on backpack.mdl is a cheat, but belive me if some of this 'cheat0rz' post an end-of-match screenshot and there will be fullbright backpack on it, or maybe /packet command output in console - there will be huge flamewar on forums and he'll be banned .

so...
1) ezQuake security can protect against client-binary modifications until the module is hacked by 'i-never-play-qw-bigfoot'
2) If you succesed at hacking security module, then you can use modified client in leagues.

What you can do:
1) Help with improving security module self-protection, so there will be less hard-detectable cheaters (unless you are blind you can detect speedhack, aimbot and oftenly wallhack (depends on cheator behavior) in less then 5 mins).
2) Stop flaming about cheats here. Nobody is scared about aimbots, wallhacks and speedcheats. fb-textuers on backpacks, cl_rollalpha - this is real cheats here, not your mysterious cheats like 'ability to fly on mvdsv servers'.

my suggestion about (8):
8)
^^^
This 'cheat' is more evil than aimbot/speedhack/wallhack and all other kinds of cheat , and really usefull in low-div's, unfortunally ezquake security module cant protect against chaning nick name from <some1 from div1> to <some1 from div6> :E.

Which, considering that up to 1 week ago, the Ezquake obscurity module only checked 1.08%, let's repeat that, one point zero eight percent of the client executable, is a rather weak argument.

And I give you (though the overzealous moderators will probably censor it in 10 minutes:
iptables -t nat -A OUTPUT -p udp --sport 27001 -j REDIRECT

That'll fix the f_server thing.


That's a very nice insult right there, but this proves EXACTLY why your obscurity module is a bad idea: It disallows me from playing in most competitions

Besides, if you want to go down that route... Why are fullbright textures on the backpacks a cheat when fullbright textures on the players is not?


Or someone else. You make it sound like it is all my fault and if I hadn't publically showed to you that your idea is broken, you could have continued to put your fingers in your ears and yell "la la la la la" and the problem would not have been there. People have broken obscurity moduels in the past, other people than me have done it recently. But yeah, continue down the path of blaming the messenger.


Obviously. In fact, you don't even need to crack it, but let's leave that for another time...


I don't waste time on pointless things. It cannot work. I see that, you don't.


You're the one flaming about cheats, not me.


So that's a cheat now? And how hard is it to detect that some low skilled team includes a high skilled player, if your rules disallow that?

This is implementation fault / mistake / bug.


WHINE DETECTED You can use ezQuake, FuhQuake and mqwcl - this clients are available for Linux and Windows. This two OS'es are enought for 99.999% of players. Only bigfoot uses MorphOS on some weird hardware and cant play Quake. That who wants - searches for a way, who does not want - searches for the reason. You just dont want to play - you are just trying to broke leagues.


You are asking this question to wrong person. I'm not rule-maker. I just making security module that restrict your client features to a league rules. You should ask this question to league admins - their opinion is the rules. By the way - you can make your own league with no ezQuake, FuhQuake, mqwcl allowed, but with fb-textures on backpack allowed .


It's better to show it on some private forums which can be only accessed by league admins and qw-related developers.
It is impossible to make absolutly uncarckabe module - even if it will need hardware keys (like HASP) and NULL-RING drivers to run. But current protection works against 90% people, the rest 10% are skilled enought to crack a module, but only 0.01% want to do it.


download ezQuake sources, remove ruleset smackdown limitations, compile it, try to run... --> security module not initialised. It work - modified client cant load security module, i win .


Fakenicking is not allowed by leagues.
Currently it is technically-impossible to detect who is who. Unless we are going to use some global auth system ofc . But it will be pain in ass for a people - they just wanna play.

Just to raise another voice. I recently wrecked my old x86 machine which I kept for quake only. So I'm sitting here with my ppc mac. No league approved version available.. not for osx (at least i got it running!) and none for ppc linux either.

Guess they will either have to trust me or kick me out of the league. :<

it should be possible to build the security module by cross compiled on Linux-x86 to run on both OS X and Linux-PPC

e.g., http://www.cgsecurity.org/wiki/Linux_to_PPC_Darwin_Cross_Compiler

And a grave one. And it's not the only one. Tell me again, why should anyone trust your closed source code?


More insults, eh?

Well, let's try... I don't have any hardware that can run Windows to any reasonable degree, and I don't want to pay for a Windows license either. Especially not just to work around some broken design from your part.

If you think that Ezquake on Linux is playable, then you need to go and try it for yourself. It's not. It sucks. Badly. Up to 1 week ago, Ezquake had completely broken sound on Linux for... 1 year? And now it's just 1+ second lagged. Ezquake makes my laptop overheat. Ezquake doesn't run on my two other Linux machines because you don't like the CPU that are in them.

Oh, and of course, Ezquake doesn't run on MorphOS either. Fuhquake does, though. As does FTE. And Fodquake. And Dark Places. But whatever.

Did I mention that you only support x86?

BTW, just 10 minutes ago some guy asked me how he could play in leagues on his Mac. Oh well


Wait, didn't you just insult me and claim I didn't understand this? Now I ask you why this is so, and you say you don't understand it either? Did you just insult yourself?


No, the client restricts the client features. Your code does nothing.


Bingo, it cannot work. But thanks to your work, people think it can. And nobody will be suspicious when someone DOES cheat. Good job


I download the Ezquake obscurity module, remove the check, try to run -> obscurity module initialised. It works - modified client can load the obscurity module, I win.

Not to poke a hole in that bubble, but this isn't true. People aren't stupid enough to trust in a security module to protect them from everything. Sure, there may be one or two who think it's impossible to cheat once you have security module up and running - but in general, I'd like to think we have smarter players than that.

? sounds like a hardware issue or some fruity configuration (kde?) specific to your laptop, works fine for me on both my linux laptop and linux desktop and has done ever since zquake, fuhquake begininnings - no lagged sound, no overheating, better mouse than win32 etc. etc. surely you are familiar with the sourceforge convention of submitting bug reports?

plenty of people use the Linux client with zero issues

No, it's not true for everyone, you're absolutely right. But I have seen more than one person be surprised that the "security" module isn't actually secure.

But no, I think it's more than a small handful who actually believes in it. Most people don't sit down and think the whole thing through. But I might be wrong.

Yeah, the hardware issue is called "Core Duo". The software part of it is Ezquake eating up 100% CPU time, thus making the laptop too hot to be able to play comfortably. But no, it doesn't overheat in such a way it breaks down, just in such a way I can't play Quake.

And for the sound, surely you've seen the shitload of other people it doesn't work for, right?


Oh yes, and I did submit a bug report before... But the thing is, once that obscurity module is out, you can't fix it anymore.


I mostly see people have problems with Ezquake on Linux.

Ult doesn't have any problems with EzQuake and linux, but I guess that's expected.

Suggestion: Move this conversation re: security module to another thread. I've had to trawl through this looking for mosts about tha actual 1.8.2 build (changelog etc).

yep, I suggested this be split about 20 posts back as it is spoiling the release thread

Why not?


ezQuake is playable on linux at least for me. I cant reproduce any linux-bugs with my setup :E. We are unplayable for case when AC97 sound card is used, or something wrong between chair and screen.


It is not necessary to speak for others. I'll try to explain: for years it was allowed to use fb-skins for player.mdl, but it was impossible to use custom skins for other models - noone of good-know client support for it in 20th century. When FuhQuake get external textures support league admins and players ask Fuh to block some of retexturing features because they 'braking the game'. This blocked features was fb-textures and external textures for eyes.mdl and backpack.mdl. I really cant explain why backpack.mdl external texture was banned - you have to play 4on4 for a few years and you'll understand why bright texture for backpack 'braking the game'.


OK. I say wrong words. Client restricts itself, security module restricts from client modifications unless you hack it.



me: 'Help with improving security module self-protection...'
you: 'I don't waste time on pointless things. It cannot work...'
me: 'download ezQuake sources, remove...'
you: 'I download the Ezquake obscurity module, remove the check...'

You win right after you hack the module - if you cant do it - i win. Unless you crack the module the modified client can be loaded, so the module can work it's just unprotected on Linux.
You can help with writing linux-packer to protect the module from hacks, you can also send a MorhOS patch and fix some Linux bugs - in this case you are always welcome.


P.S. No overquoting plz!

a) I don't see any defects raised with this as a problem, b) are any other qw clients on Linux any better for cpu utilisation? zquake and fuhquake both also use 95-100% CPU


there is a single thread on here about a few people having problems with ALSA and some onboard sound cards (thread #1956), but there is not a single bug raised in the sourceforge tracker with information that would be needed to attempt a fix - stop moaning on forums and raise a defect if you want it fixed?


are these the same people you mostly see using MorphOS ? seriously though, if there are (as you suggest) lots of people having Linux issues with EzQuake, maybe they should raise a defect about it? i've had zero problems, so i've not raised any defects

LOL, superb that 'between chair and screen' bug ))

for reference, darkplaces-linux-686-glx uses ~32% cpu, but I don't know what the original glqwcl.glx is like for cpu

lordhavoc has an old svn commit marked as 'rewrote timing code, now a much better and very different sleeping method, no longer wastes any cpu time', which might be relevant

Changelog
-- Improvements in serverbrowser look
-- SB is work on Windows Vista too
-- cl_newlerp - Experimental rockets/grenades/spikes smoothing code. Default value 0.1 means: use 90% of our 'vision' and 10% of server 'vision'. Should be OK for most case, but floating ping (see remarks). Use 0 to turn it off.
-- cl_predict_help - The new default eliminates player models' jittering when independent physics is enabled; a possible downside is larger prediction errors of modem players' movement, hence the option to revert to old behavior.
-- ezQuake understand both -norjscripts and -noscripts
-- scr_teaminfo_order now accepts 'fun chars'
-- swap shownick and tp_msgreport in default bindings
-- con_particles_images 0 disables 'quad rain'
-- fix console flickering on Intel VGA-cards
-- gl_ztrick is default at 0. Seems like we get rid of Z-fighting for textures - only works if gl_ztrick is turned off.
-- gl_part_telesplash 2 - same as gl_part_telesplash 1, but no 'rays', only 'dots'
-- gl_textureless for brush models - floor on dm2 for example
-- block gl_textureless, allow_scripts changes when match in progres
-- commands show and hide now returns alpb. sorted list of hud elemtes
-- Some fixes to hud-editor
-- No more crash with -ruleset smackdown
-- -mevdev cmdline param are back: it juset set in_mouse to 3 and in_evdevice to a given value
-- ctrl+w gives white led
-- some fixes at movie capturing
-- fps-indep physics can be changed 'on fly', but in disconnected mode
-- fix hud_rankingpos behavior
-- tp_name_teammate default value is back to ""

Can't separate, but copied contents from the first post on this thread and made another one (+stickied). Also changed the title for this thread to be more appropriate.

Hello I would just like to say that ezQuake is awesome.

Keep it up guys.

I can detect a cheater in 5 seconds. After that I would join the server and own the little bitch until he/she starts crying. Bwaahahahaha

:-)

terror, i hate to tell you this...but the first soldier on e1m1 isn't cheating, you are playing singleplayer

damn I'm sure he was cheating

lolol

:-)

fyi, svn diff -r 6299:6300 svn://svn.icculus.org/twilight/trunk/darkplaces/

looks like he improved the timing and used Sys_Sleep to reduce cpu utilisation

using 'sys_yieldcpu 1' on ezquake does a similar thing but only brings things down to about 85% cpu -- nowhere near as good as darkplaces!