Quote:
Originally Posted by Shin Noir
I think measuring security of a hacker who can reverse engineer a struct from packets vs. someone who can read source and develop a struct disassemble of packets is not leaps and bounds in difference of skill, it's more just a question of desire and patience.
|
the skill difference is enormous, not only do you need more experience in reverse engineering and assembler, but you have to have an idea where you start filtering the netcode
did you ever had to figure out packet structs/opcodes on the current eqemu code? if so, you should know how hard it is, you even got the server source to try out new parameters - but without it the a hacker would just have the packet dump and the client binary
the majority of time currently is still going into discovering what unknown bits are left, not on the actual coding (tho most have been discovered by now).
i did not say anything that hiding the code will help in the long way (i said something similar to security by obscurity a half year ago on eqc when i was not a dev), the point is tho - an initial release could have been done without an additional security layer because the chance on hacking was minimal (not enough people, why should they hack it at all etc) - now with the source all you have todo is tune the showeq parameters from 2001 and you are ready to go - dont tell me that isnt a freaking huge skill difference between one who changes a few parameters in a c/c++ program and somebody who needs to reverse engineer the opcode/struct
Threaded Mode
