Idea for a ban system

[CoD]

I have an idea for the banning system, but I don't know if it woud work well.

I read in this forum about a unique-id banning system, based on an unique id instead of ip or username.
This would be a very good starting point, but people would always be able to change their unique id because tremulous is open source and so we have whole access to the code.

But... if we'd use some cryptography changing the unique-id would be still possible but very hard to do.

I have 2 options: one faster but weak and the other a bit more slow but stronger.

Faster and weak
Unique-id is used to encrypt some files on your tremulous base folder.
Nothing customizable (like cfg files) but something needed.
If you change your unique-id you'd not be able to play trem anymore, because trem wouldn't be able to decrypt these files.
Weak point: A cheater has just to find the encryption routine and decrypt and re-crypt his files.

Slower and strong
Use sign.
We could generate a "main tremulous" key pair.
The public key should be distributed with the game, while the private key should be kept on one centralized server.

In the installation processes or maybe at the first game start, trem should generate a unique-id, connect to the central server and have the unique-id signed with the private key of the tremulous team.

I'm not talking about encryption, I'm talking about signing: every server would be able to see the unique-id in plaintext and ban it (if needed), but every-server would also be able to verify the signature of the unique-id using the public key of the main trem server, making unique-id cheating nearly impossible (apart form uninstalling and re-installing trem completely)

The only weak point is the time used to verify a signature before logging on a server, but this is the stonger system I can think about.

[Henners]

I fail to see how this would stop someone just registering a new id?

[CoD]

This is the problem, I know.
But getting a new id and having it signed wouldn't be as easy as changing name.

Most people won't try... I think.

[bsel]

The idea of signing and encryption is a good one but must be implemented in another programm that is not even OpenSource I think. The program should use some hardware identifications to create the unique ID, send them encrypted to a server and receives a signed unique ID.
Problems appear when changing hardware. But well... as the most are using Win (I guess) they are used to it

Image of idea

[Timbo]

The only reason GUID systems work at all is because each GUID has some monetary value associated with it. In other words, you can't just hand out GUIDs for free because then there is nothing stopping somebody with a banned GUID just grabbing a new one.

The only way to make such a system work is to actually sell the GUIDs, if only for a nominal fee. I'm fairly unconvinced Tremulous has a large enough playerbase to make this feasible though, especially if the number of donations we have received so far is anything to go by</subtle> .

[bsel]

The only reason GUID systems work at all is because each GUID has some monetary value associated with it. In other words, you can't just hand out GUIDs for free because then there is nothing stopping somebody with a banned GUID just grabbing a new one.

The only way to make such a system work is to actually sell the GUIDs, if only for a nominal fee. I'm fairly unconvinced Tremulous has a large enough playerbase to make this feasible though, especially if the number of donations we have received so far is anything to go by</subtle> .

If the UID creator is a proprietary programm, you can create a unique ID for free.

The creator calculates a value related to some hardware components or the operating system. This value is send encrypted to the UID server. The UID server calculates an unique ID and signes it with a private key. This signed UID is send back to the creator.
Now the Tremulous client has to send the signed UID to the Tremulous server. The server verifys the signed UID using the public key of the UID server.

[Timbo]

What's to stop the user feeding the closed source fingerprint creation program with false information (about hardware or whatever data source it uses)? Not a lot.

[bsel]

First of all it will stop these base destroyers. I don't think they will reverse engineer this.
Also I don't think it is simple to get the whole information which the programm uses to calculate the fingerprint.
I know, it is only a question of time. But that's the same with all anti cheat programs, too.
Nothing is secure... and trust is a weakness.

[Quaoar]

TKers, cheaters and lamers of this variety will not go through all the trouble. A lot of them really are just early adolescents getting off on screwing with other people with little to no effort. Forcing them to do something as complicated as fake their hardware to get a new GUID will stop pretty much all of them. The one dedicated bastard with a grudge and some knowledge? Well, you can't win 'em all. But with this, it'll at least be easier.

Trem's greatest weakness against malevolent players really is the fact that nobody is uniquely identifiable. Even if you made GUIDs free and exceptionally easy to obtain, it'd still be better than having no universal identification system at all.

[Pilo T]

just kick/ban by IP :roll:

[CoD]

IP ban doesn't work for dynamic connections like mine and it's extremely unuseful for shared ip connection like (in italy) fastweb italia.

I don't know if this exists also in other countries, but here we have fastweb customers sharing 2 or 3 IPs when connecting to the internet (fastweb is a WAN)
If you ban 1 ip you'll ban thousand of possible players.. is this correct? I don't think so.

Let's not forget that remulous is open source: we don't need a super-strong system capable of lasting forever because we don't rely on big releases.

Just implement a guid and then we'll go on changing the code in new versions: open source is strong because it can be adapted day by day.
If somebody will find a way to cheat with the guid system, we could make it stronger.

[Confess]

The best way to actually ban someone, is not to have it ban based off of crap that can be recreated, but to be banned based off of Volume Id and MachID. Volume ID is the ID of your harddrive, and although it can be changed, with the backup of MachID, it is practically fail safe. The only way for the person to bypass the ban, is to essentially get a new Nic Card, and change there Volume ID. Which is a lot of trouble...and if they do it again, ban them again...eventually they will give up. It becomes too costly.

[rasz_pl]

The only reason GUID systems work at all is because each GUID has some monetary value associated with it. In other words, you can't just hand out GUIDs for free because then there is nothing stopping somebody with a banned GUID just grabbing a new one.

The only way to make such a system work is to actually sell the GUIDs, if only for a nominal fee. I'm fairly unconvinced Tremulous has a large enough playerbase to make this feasible though, especially if the number of donations we have received so far is anything to go by</subtle> .

if its something like $1-3 then I'm all for it [I'm a cheap ass]. Make GUID check optional server side and add icon to server list to show which ones are "secured". This will let newbies play for free, and us more safe. Also with GUID (crypto, no sending in the clear, only hashes handshake with ONE central server) it WILL be possible to ban from logs, maybe even central GUID server could ban ppl acording to statistics (or flag gfiefers and send daily mail to admins)

[Henners]

That would split the game into two seperate communities - those that pay and those that dont. And tbh, I imagine it would be fairly rare that enough "secure" people were online to actually get a game or two going on the secure servers. Everyone would just play on the unsecured servers anyway, and it would be back to square one.

[rasz_pl]

oh RLY? cos the same can be said about american servers, that onyl americans play trem so european servers would be empty all the time, or that everyone plays old maps so beta map DB@ would be empty all the time, or that there are only so many players yet so many servers, and pll will play in small groups only ..

it WILL work. 1-3 bucks is small enough even for such a cheap ass like me, but to much to spend for a 1-2 minutes of griefer "fun" (and you can trace the money from banned GUIDs)

[Henners]

Completely different. There is no barrier between european/american players and servers and no barrier between custom maps/non custom maps.

I severely doubt enough people would pay for a UID to make forming a seperate set of servers viable, especially since it doesnt really get you anything for your money.

[jclements]

I would just like to go on record as someone who would pay for a unique ID system.

[rasz_pl]

it would give my 2 things, one I would donate that way, two I would be sure that griefer pays for his stupidity

[Vector_Matt]

What many of you seem to be forgetting is that since Trem is open source it would be easy to compile a version that sent fake info to the server.

[Confess]

I will not support a game that was free, and then turned its back on the community to make it pay to play. Look at Infantry, the game was free, then went to pay...they also had servers that where Free, with restrictions. You will kill this game if you do anything that requires money. I would also like to note that this happened with a game that I played...even though it was a "small" amount of money, no one would do it....it had like 100 people, as compared to 10,000. Then the public made an effort to make the game Free, and we successfully where able to do it.

Your best bet is to do what I suggested in an earlier post. It has worked for us very much so.---http://tremulous.net/phpBB2/viewtopic.php?p=9051&highlight=#9051--- is the post.

[Teiman]

Its imposible to design a system that will work for 100% or idiots. But you can design a system that will work for 95% of idiots and that is enough.

I think that 95% system is uniqueid, so banning will work with something much usefull than the IP.

A option can be to use a "optional" safety module, like Fuhquake do and other quakeworld engines do. This module will provide punkbuster features.

[bsel]

I have finished a test program to 50%. I will post it soon, so you can see, the signed UID is possible and not easy to crack. And I hope somebody will try to fill it with manipulated data.
I do it only for GNU/Linux. If it works and the responses are good, maybe I will try a Win32 client too.

[bsel]

Here it is! The first testversion of the uidcreator. GNU/Linux only.
UID-Creator

Please read COPYING and LGPL before using .
The uidcreator is using GnuTLS for encrypted data transfer. So I shipp it with file libgnutls.so. I hope this is all it needs to run.

There is not much output. The received signed UID from the server is stored in uid.asc.

Happy hacking.

UPDATE: The server IP address was wrong. I have created a new package with the correct one.
UPDATE2: Added libgcryp.so.11 for successfull execution.
Start the program with: LD_LIBRARY_PATH=. ./uidcreator

[rasz_pl]

compile statically, i hate to try to run some old linux proggie without source linked to some libs i dont have

[CoD]

For anyone interested in testing uid-creator I opened a thread in feedback.

The address is : http://tremulous.net/phpBB2/viewtopic.php?p=9922#9922

 :wink:

[bsel]

compile statically, i hate to try to run some old linux proggie without source linked to some libs i dont have

Sorry, but I did not manage to compile it static. The problem is, I have to load GnuTLS dynamically.
But you are right, I will see what I can learn

UPDATE: I now (hopefully) static compile the things. Also the LD_LIBRARY_PATH is not needed anymore. The new package is on the server.

[Vector_Matt]

Here it is! The first testversion of the uidcreator. GNU/Linux only.

When you get a windows version, let us know. I want to get a version of linux but I had porblems with Ubuntu not wanting to run installed programs and I have no idea what distributions would be good for gaming.

[bsel]

I have created a (mostly) static build of the uidcreator.
It's still available at this place
I hope it does now run on most systems. It is a 32bit binary.

[rasz_pl]

sure you did
error while loading shared libraries: libstdc++.so.5: cannot open shared object file: No such file or directory

rasz@rasz-desktop:~/Desktop$ ldd uidcreator
        linux-gate.so.1 =>  (0xffffe000)
        libdl.so.2 => /lib/tls/i686/cmov/libdl.so.2 (0xb7f9a000)
        libstdc++.so.5 => not found
        libm.so.6 => /lib/tls/i686/cmov/libm.so.6 (0xb7f78000)
        libgcc_s.so.1 => /lib/libgcc_s.so.1 (0xb7f6e000)
        libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0xb7e3f000)
        /lib/ld-linux.so.2 (0xb7faa000)



soo
Lets start from the beginning.
What are you trying to do? Generate some string individual to specific computer ? Not possible. I can virtualise and feed my specific data every time to your program.
The only working model is a central GUID server, and as Timbo said it will only work if GUID has some monetary value (only way to trace real life ppl is thru CC numbers)

[bsel]

sure you did
error while loading shared libraries: libstdc++.so.5: cannot open shared object file: No such file or directory

rasz@rasz-desktop:~/Desktop$ ldd uidcreator
        linux-gate.so.1 =>  (0xffffe000)
        libdl.so.2 => /lib/tls/i686/cmov/libdl.so.2 (0xb7f9a000)
        libstdc++.so.5 => not found
        libm.so.6 => /lib/tls/i686/cmov/libm.so.6 (0xb7f78000)
        libgcc_s.so.1 => /lib/libgcc_s.so.1 (0xb7f6e000)
        libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0xb7e3f000)
        /lib/ld-linux.so.2 (0xb7faa000)

Hmm, how should I build this static... please tell me if you know.
Maybe I should compile it on another system with libstdc++.so.6

I hope you all have the newest version. Updated 10 mins ago... or so... :roll:

soo
Lets start from the beginning.
What are you trying to do? Generate some string individual to specific computer ? Not possible. I can virtualise and feed my specific data every time to your program.
The only working model is a central GUID server, and as Timbo said it will only work if GUID has some monetary value (only way to trace real life ppl is thru CC numbers)

Just try to feed it with wrong information.
And tell me how it works and the time you have needed to get this far.

By the way: this is a central UID server. The fee is the time you need to crack it, if you want to get arround.