one thing you are forgetting is that SOE made this to work a certain way eg the client for their use on one login server not 50 or 100 loginservers all sharing and transfering information. all it would take is ONE person with ill intentions and the skills to pull it off and what you propose would put everyone at risk because, and this is the key all the loginservers would have to communicate with one another. It is the only way to transfer lsaccount ids and so forth and edit them automaticly. ontop of that we cant make the client transmit anything it doesnt already transmit.
the more things connected to the loginservers the more insecure they are, hell look at the current public ls and what someone is doing bringing ti down, now imagine if all loginservers were connected to each other imagine what that one person could accomplish.
Along with THAT risk there is the risk of all that account info just floating about cyberspace its just a bad idea no matter how you slice it.
I think images original plan is the best ONE public loginserver and the private ones listed in a central place where people can pick and choose which they want to play on.
Hell you cant even transfer accounts between servers on live without paying them a hefty fee and when you do pay them it takes them a while to do it dont you think the reason for that is the fact that its not a simple thing to do?
I would NEVER condone a system in which if someone compromises one ls all would be at risk because they are all located centrally sharing account information and so forth. its just too dangerous
Not only that but there is no reason for it the minilogin users use minilogin to NOT be on the public loginserver for their own reasons i highly doubt they want their own login server connected to the puclic loginserver. what you are proposing doesnt make sense, and im sorry for saying that but it just doesnt.
Why go through all that work why put EVERYONES supposedly private ls at risk by them all being connected to the already massivly insecure public login server when the people who DO use minilogin dont WANT to be connected to the public LS anyway.
and please dont say its best that everyone is connected and sharing the public ls because shards of dalaya disproved that long long ago they are private and have a far far bigger userbase then any one server on the public ls heck probably all of them put together dont come close to the ammount of players SoD has at any given time most ive seen on PEQ the most popular server on the public LS is about 200 or so
the LSID IS in the NEW Release of minilogin your talking about totally reinventing the wheel. and yes we can put anything we wnat in any hunk of code but the questions are one will it actually work properly TWO how secure will it be cause i sure as hell dont want my server compromised because its connected to another server that gets hacked like the public LS Does DAILY. nor do i want my users in a possition to have their accounts hacked because someone compromises their account through someone elses server.
not only is your idea an enourmous ammount of work for the develpers but then the users are gunna have to keep track of the ls password then the password theyt use on each and every worldserver they connect to...
Its full of more holes then swiss cheese security wise. images method is best in this case all loginservers standalone listed in a central location not interacting with all thee other loginservers plus one that getshacked every day and brought down that is the most secure way.
again MOST people are going to use the public LS anyway the people who DONT use it already are the ones who are going to be using this the most.
and yes there are client limitations why do you think you cant have an eqhost.txt file full of loginservers to choose from. remember this system was made by soe yes it was reverse engineered by the emu staff past and present but the way its got to work with the client is the same and that setup is only for ONE login server the way they designed the client thats how it works.
but all that aside the worst part of your idea is the huge security risks to EVERYONE that it poses
|