f13.net

Found an interesting thread (http://www.eveonline.com/ingameboard.asp?a=topic&threadID=1347565) on Eve-O

YouTube Video (http://www.youtube.com/watch?v=TL9YHlng0VE) of someone using dev tools on the main server, allegedly via a python injection attack. With it, you can do pretty much everything a GM can (super cloak, scan system, warp to anyone, anywhere etc etc).

EVE is just one giant pile of exploits.  :awesome_for_real:

Hey look, thread has been deleted  :grin:

http://scrapheap-challenge.com/viewtopic.php?t=35622&postdays=0&postorder=asc&start=0

http://eve-search.com/thread/1347565/page/1

Mostly everything said on the forums is complete bogus because of people throwing in their guesswork. The guy who made it however is selling the uberscanner, warp to 0 autopilot, 5 second session timer and contract dump to file supposedly. I'm waiting to see who puts the word out first: CCP or a your favorite MMOzine.

If nobody knows about it, then it doesn't exist! :ccp:

eve-o doesn't allow threads talking about bugs and exploits hth

Given how cheap it is to send information that is non-interactive in any game it makes sense that all of this is basically possible.

I.E. when you scan something down with the on board scanner, its much more likely that the server gives your client location information than it does the calc each time. Its probably much cheaper to query the information than query the information and the process. The local machine does the processing. Because of this, every time you scan you're going to get information relating to where everything is in the system so long as you can access that info out of the client you are going to know:

1. Whether a ship is on a permanent or temporary grid.

2. Ship type and other pertinent info. Probably player ID as well. Given that local exists its probably easier to set up an identifier for set of ship information when a player enters local and simply always refer to that identifier. I.E. player A is in a falcon. Rather than send "falcon, player name X" each time it just sends the player ID which is then cached once.

Since temporary grids are tied to objects and since there exists methods to warp to ships in your gang. It follows that if you can modify the client, you can probably warp to any object that you can scan down, but the client typically prevents it.

GM actions however are probably off limits. Those would require the server acknowledging the action, which won't happen without authorization. That is to say you won't be able to get access to GM tools unless you know a way to trick CCP or the server into thinking you're a GM. And you'll forgive me if i doubt if authentication is handled client side.

edit: all of this is just speculation by someone who doesn't do networking, just thinking about how I would design a system that would send as little information as possible and streamline actions as much as possible without getting into the problems of making it too easy to cheat.

From SA:

Welp, so much for CCP ever fixing the lag.  :awesome_for_real:

explain that in English?

thanks

Which part? The bit where the 'normal' client is also the GM client, the server code, and the Dev toolkit, or the lag?

If I'm reading it right, the lag boils down to the server (node? grid?) recalculating everything individually for every client each 'tick', rather than simply outputting the server/node/grid state to every client at once.

Apparently Fnorgen the Icelandic wonder programmer set things up so that every eve client is in effect a partner to the server.  This means that the server is transmitting huge piles of irrelevant data to every client rather than only the data that the client needs to display the game to the player.  Surprisingly, this results in degraded performance.

Stuff such as the position of cloaked ships, drones, cargo cans etc.

One of the nice things about Apochrypha is it made Covert Ops frigs nearly untouchable as cargo cans and drones sere set to have no 'body', so the server didn't have to keep track of their position anymore. That was one of the key decisions in reducing lag. Of course they decloak stuff again now, so covert ops frigs are still nearly invincible and everyone is lagged to death by people launching drone swarms etc.

its one of those quietly not mentioned 'improvements' in Dominion

OK this makes perfect sense.  thanks!

Man, just the other day I was thinking "what ever happened to when we used to trust the client with shit it shouldn't know.."

You go, CCP. I think my favorite part of this is that it would take a massive redesign of the client and server setups to fix.

I'm having flashbacks to Shadowbane.  Someone is going to teleport my ship into the middle of the sun.

Funnilly enough, that's what happens to me when a bridge in cyno is destroyed  :drill:

Doesn't the sun just vomit you out at hilarious speeds if that happens?

God I love EVE.

Show me another MMO (or game for that matter) that has this much drama both in the game and out of the game :D

WoW is doing its damnedest to catch up with their Real ID debacle  :why_so_serious:

Actually that stuff is kinda important to know on the client side. If you don't then it takes longer for ships to decloak on your screen than it does on theirs or on the server.

Which is to say that if you have to get new data for ships each time a new one appears on grid, there is going to be seconds delay between when things show up and when they get seen. This is a big deal if you're landing on grid(you have to load X ships and they have to load just you) or if you're hunting a cloaked ship(cloaked ship will know he is decloaked way before you, essentially negating his lock time)

Some of the posts at SHC have actually been very informative with regards to the super-scanner thing

That's a hilarious way to implement their netcode. And it'd involve a hilarious near-impossible effort to fix this, i.e. implementing a more traditional client server model. They'd have to rip everything out from the inside, turning the current Python implementation into mere public interfaces and write everything new beneath it.

Not really, its just an extrapolation of the old "when do you tell someone when another player comes around a corner" problem.

Hmm.  Just when my sub is getting ready to run out. 

Think I'm going to abandon this.