Yet another Skulltag source thread

[andrewj]

Same feeling here, that there's something morally wrong about taking open code, enhancing it and then keeping the result closed. It isn't just Carmack's open code in Skullag, it's Randy Heit's and Christoph Oelckers' etc...etc...

[BilboHicks]

Cutman said:

Oh ok. It was a question for everyone though really, I'm just curious to see what everyone wants it for.

Essentially for the same reasons as DaniJ. Except I wanted to build my mod to take advantage of improved networking. IIRC, one of the skulltag devs contacted me for my source code when I first released my mod, when I hadn't sorted out a source download yet. So yeah, spirit of community and all that I suppose too.
Saying that though, there seems to be a large clan/tournament type player base with skulltag and a release of the full source code would, I would imagine, cause some exploitation by cheaters which would initially impact honest players. Thing is, with open source, the ST team would need to probably rely on more 'outside' people in the ST community to submit anti-cheat fixes from then on, as security upgrades. It seems to me that that's not desirable for them.

A closed source security model would probably be a great compromise, but like aabra says, there doesn't seem to be much desire to do this either. Perhaps the ST team can get another dev onboard who would be keen to work on this solely for them?
Just my 2 cents :-)

[leileilol]

Cutman said:

I have yet to see anyone answer this so, why DO people still want the source code for it?

Simply compiling a binary blob for myself would be nice.

[exp(x)]

Yeah, that's another thing.

Want a 64-bit build? Too bad
Want a mac build? Too bad
For some reason their build doesn't work for you? Too bad

[myk]

BilboHicks said:
Saying that though, there seems to be a large clan/tournament type player base with skulltag and a release of the full source code would, I would imagine, cause some exploitation by cheaters which would initially impact honest players.

That factors in and will always be there to a point because the game is competitive, but a closed source program also acts like a "clan castle". The developers of different programs have little to share, and thus little to support each other with, and the player bases eventually enhance this division. The conditions under which the engines are developed and maintained affect the behavior of their users.

[BilboHicks]

myk said:

That factors in and will always be there to a point because the game is competitive, but a closed source program also acts like a "clan castle". The developers of different programs have little to share, and thus little to support each other with, and the player bases eventually enhance this division. The conditions under which the engines are developed and maintained affect the behavior of their users.

I think I see what you mean, that this hurts the entire community as whole in the long term.

[LexiMax]

Carnevil said:

AlexMax: You can't rely on self-policing because you can't always tell when someone's cheating. It's not like someone has a massive sign above their head saying "I'M CHEATING." A cheat isn't any good if it's detectable.

And if it's not detectable by any human means, than the cheat is either ineffective or the community is ignorant

Personally, I prefer being ignorant. Giving other players the benefit of the doubt avoids the drama mongering that "OMG YOU'RE A FUCKING CHEATER" ends up doing. And if it turns out they were cheating, then who cares, it's not like the time was lost, I still had fun playing against the cheater precisely because I was ignorant, and now that the cheater is shunned from the community I never have to play with him again.

The crux of my argument relies on good faith, however. If a community is filled with more hackers than legit players, then it is natural to assume bad faith by someone who beat you. However, from my observations, the only time that hacking starts to become ridiculously commonplace is in abandoned closed-source projects that are no longer updated, such as many commercial PC games after the developer has dropped support for the game, and even in those situations it's a bit of a stretch.

I will also freely admit the case of the ginormous community where there are a ciritcal mass of hackers proportional to the userbase wherein human policing is simply impossible or at the very least impractical (Counterstrike: Source and World of Warcraft). However, it's funny to note that in the case of the former game, where it is possible to write modifications for the game, people have deemed the existing closed source security checks implemented by the developer ineffective and have made attempts at their own security checking plugin, made possible only by the fact that it supports modification. And it goes without saying that Skulltag...or any other multiplayer Doom source port...will never ever ever ever have the problem of being too big of a community to police effectively.

I've already gone over why self-policing works for small games like Skulltag in my past posts, and have now defended against two potential other situations where closed source might actually be beneficial. The ball is in your court.

[Creaphis]

There are many hypothetical cheats that would be effective but still indetectable by human means. As long as they can't accomplish anything brazenly impossible, and as long as that certain player always uses that certain cheat (so that there's never a sudden jump in ability), these cheats could not be accurately spotted by the community.

Also, "My opponent might be cheating, but that's okay," is a rare mindset, even among mature and optimistic individuals, and nobody can force him or herself to think this way if they don't feel it naturally. I'm glad that you would be comfortable in that situation, but not everybody will be, so you haven't hit upon a general solution here.

[Carnevil]

exp(x) said:

Yeah, that's another thing.

Want a 64-bit build? Too bad
Want a mac build? Too bad
For some reason their build doesn't work for you? Too bad

Opening the source won't solve this problem. Do you really think the anti-cheat protection is going to let you use a different executable to play?

AlexMax said:

And if it's not detectable by any human means, than the cheat is either ineffective or the community is ignorant

Did people know the instant that baseball players started using steroids? Did people know the instant the Patriots stole the signals of opposing teams that they did that? The answer to both is a definite "no." Were both ineffective? Absolutely not. Were the communities ignorant? Obviously, but that's a moot point. No one has a crystal ball that lets them see the activities of another.

Self-policing does not work (hello Congressional hearings on steroids) because you just plain can't tell who's cheating and who's not. If you want to play with cheaters (you don't seem to mind), then you go right ahead. In the mean time, I will continue to advocate policies which lead to the greatest security (aka security through design and obscurity).

[leileilol]

Carnevil said:

Opening the source won't solve this problem.

Yeah you're right, i mean damn if Doom wasn't open sourced we could still play it on xp online with others on other OSes no problem!!! And since there is no sound support for PCI card/onboard peripherals we'll all seek careers in the mime business.

Carnevil said:

Do you really think the anti-cheat protection is going to let you use a different executable to play?

Hmm what was that virtualization discussion from earlier about again?

[myk]

Creaphis said:
Also, "My opponent might be cheating, but that's okay," is a rare mindset, even among mature and optimistic individuals, and nobody can force him or herself to think this way if they don't feel it naturally.

I think you reduced his "mindset" to something convenient to you. It's not that cheating is okay, but that it is understandable that it may happen, so one makes the best of the situation. Thus people rely on suitable and reasonable measures to counter it. The mindset is nothing special in an open source community. The point is making cheating rather meaningless or pointless, not next to impossible. Making it next to impossible is too much work, has too many bad side effects. Also, ZDaemon has historically had a large player base notwithstanding the known possibility to cheat.

In the scenario you pointed out above you already conditioned the cheating, making it likely not much more of a benefit than an optimal setup, with the added danger of being detected, which becomes more probable with increased use of the cheat, and depends on what tools and techniques are used during detection, plus the acquired technical knowledge of the people checking for cheats. The cheater is himself unsure whether he's not detectable.

Carnevil said:
Do you really think the anti-cheat protection is going to let you use a different executable to play?

Yes, on a server not applying the module. It's probably better not to have such a module, but if people insist on such a form of anti-cheat control, it's better than closing the whole engine.

[LexiMax]

Carnevil said:

Self-policing does not work (hello Congressional hearings on steroids) because you just plain can't tell who's cheating and who's not. If you want to play with cheaters (you don't seem to mind)...

That's enough.

If a supposed cheater is not being obvious enough to be caught, then I am willing to give him the benefit of the doubt that he is simply a good player because like you said, he might actually be a good player who is simply aliasing. Assuming the worst from players results in screaming CHEATER!!! every time you get beaten, and is a terribly pessimistic attitude to have over what is essentially a computer game with nothing riding on it. Skulltag is not and will never be a professional sport with money riding on it, so your comparisons between it and pro football, baseball, etc. don't hold much water.

Creaphis said:

Also, "My opponent might be cheating, but that's okay," is a rare mindset, even among mature and optimistic individuals, and nobody can force him or herself to think this way if they don't feel it naturally. I'm glad that you would be comfortable in that situation, but not everybody will be, so you haven't hit upon a general solution here.

If they refuse to respond in a mature manner, it is an attitude problem of the individual or community, not the fault of the source being opened. You yourself admit that it is characteristic of mature and optimistic individuals, and I see nothing wrong with encouraging that kind of maturity in a community.

[Carnevil]

AlexMax said:

Skulltag is not and will never be a professional sport with money riding on it, so your comparisons between it and pro football, baseball, etc. don't hold much water.

You're missing my point. My point is that self with the scrutiny of the entire world watching, most cheating is undetectable (and that does NOT mean it's ineffective). Therefore, self-policing just plain does not work. A proactive, preventative approach must be taken.

Your arguments suggest that you're willing to tolerate a small amount of cheating and not throw a fit over it. I'm not willing to tolerate it, and I doubt the players in the Skulltag community would tolerate it either.

[Creaphis]

AlexMax said:

If they refuse to respond in a mature manner, it is an attitude problem of the individual or community, not the fault of the source being opened. You yourself admit that it is characteristic of mature and optimistic individuals, and I see nothing wrong with encouraging that kind of maturity in a community.

I said that tolerance of cheating is rare even among mature, optimistic individuals. Carnevil has just stated he would not tolerate cheating, and I wouldn't either. Now, of course, you have the option of supporting your argument by calling us immature and unduly pessimistic, at the cost of turning this thread into a complete and utter shitfest.

[BilboHicks]

AlexMax said:

If a supposed cheater is not being obvious enough to be caught, then I am willing to give him the benefit of the doubt that he is simply a good player because like you said, he might actually be a good player who is simply aliasing. Assuming the worst from players results in screaming CHEATER!!! every time you get beaten, and is a terribly pessimistic attitude to have over what is essentially a computer game with nothing riding on it. Skulltag is not and will never be a professional sport with money riding on it, so your comparisons between it and pro football, baseball, etc. don't hold much water.

Have to say, these are valid points in my view. But, I'm sure that some ST clan members may not share it, which get's back to myk's POV.
Pardon my ignorance, but wouldn't password protected servers/games at least help seriously competitive clans and other players shield themselves from pubbie cheaters? Surely a clan which decides to cheat would eventually be discovered and 'disbarred'?

EDIT: After some googling, yep, it looks like ST does support password protected servers. Hmmn.

[LexiMax]

Carnevil said:

Your arguments suggest that you're willing to tolerate a small amount of cheating and not throw a fit over it. I'm not willing to tolerate it, and I doubt the players in the Skulltag community would tolerate it either.

Unfortunately, cheaters don't care how much you or the Skulltag community "tolerates" cheating, they will figure out a way to cheat in Skulltag if they want to and there is nothing that can be done about it.

[myk]

Carnevil said:
A proactive, preventative approach must be taken.

Why take more strict preemptive measures than a business that moves millions and millions of dollars? Why take Skulltag that seriously? There are reasons why stricter controls and limitations don't take place in the sports industry.* What are you going to do, place a cop after each sportsman and blood-test them all all the time? Likewise, closing the source has restrictive and awkward effects on our community. Opening the source and applying reasonable "anti-doping" techniques can work well enough, and works better the more widespread the practice is. Since good faith plays a role, putting good faith into it is the first step to take to make it work.

* Aside from corporate corruption, which does not apply here in the same way.

[LexiMax]

BilboHicks said:

Pardon my ignorance, but wouldn't password protected servers/games at least help seriously competitive clans and other players shield themselves from pubbie cheaters? Surely a clan which decides to cheat would eventually be discovered and 'disbarred'?

I already went over this earlier in the thread. Public cheaters cheat to get themselves noticed and to cause a nuisance, so their cheats are so blatantly obvious that they would be kicked off of any well-policed server within a few minutes. Password protection does nothing against those who participate in the competitive community with subtle cheats.

[Creaphis]

Passworded servers can help clans play with less concern about cheating players, but I'm concerned for the quality of public games. Not everyone is in a clan, and not everyone wants to play with the same few clanmates every day.

AlexMax: You're making unsafe psychological assumptions again. Not every public cheater wishes to be noticed as a cheater. What about those players on public servers who would use some subtle cheats to appear as an excellent but human player, in the hope of gaining undeserved respect? What about those who would cheat for some other, yet unpredicted reason? No group of humans can be polarized as easily as you claim.

Also, your posts are starting to include the subtext that "There WILL be cheating if the port is made open-source" which is not exactly a powerful argument for release.

[Graf Zahl]

Q: What's worse than a cheater?
A: Paranoid people (particularly paranoid admins)


They can take the fun quicker out of anything because they are unable to trust. (No, Creaphis, I wouldn't ever want to play with you online! ;))


Unless you can prove that open source will cause more cheating this whole argument will be academic - and I know that you will never be able to prove it. :P

[exp(x)]

Carnevil said:

Do you really think the anti-cheat protection is going to let you use a different executable to play?

Why not? Please explain to me in detail why this would not work. If you can't, then I'll just have to assume that you're just talking out of your ass.

Besides, what's the biggest and hardest to deal with threat? Aimbots. I could make an aimbot for any game I want just by making a really fucked up mouse driver that uses information from the display to move the mouse. Because moving the mouse is how you aim, it's not hard to see that this type of aimbot is just as effective as one built into the source code, but, unlike the latter, something like this wouldn't require a single change to the game binary. This is how many World of Warcraft bots work. Opening the source would not increase the probability of aimbots being created.

Now, I do understand how opening the source as it currently exists would increase the ease of creating wallhacks. However, DaniJ already already pointed out one possible way of dealing with that.

Granted, none of this matters if you agree with AlexMax (which I do), but clearly his line of reasoning does not resonate with you.

[Carnevil]

myk said:

Why take more strict preemptive measures than a business that moves millions and millions of dollars? Why take Skulltag that seriously? There are reasons why stricter controls and limitations don't take place in the sports industry.* What are you going to do, place a cop after each sportsman and blood-test them all all the time? Likewise, closing the source has restrictive and awkward effects on our community. Opening the source and applying reasonable "anti-doping" techniques can work well enough, and works better the more widespread the practice is. Since good faith plays a role, putting good faith into it is the first step to take to make it work.

* Aside from corporate corruption, which does not apply here in the same way.

Now you're grasping at straws here. Your arguments are getting more and more ridiculous. Since when does taking a "proactive, preemptive approach" mean being stricter than companies with multi-million dollar anti-cheating budgets? Since when is that along the same lines as doing blood-testing on athletes? Please.

The only "awkward effects on our community" you speak of is limited to a small group of people who don't even like/play Skulltag in the first place. I assure you that the overwhelming majority of people playing Skulltag don't care about all the joys of being open source, and just want to play in an environment as cheat-free as possible.

You know what works better than opening the source and applying reasonable "anti-doping" techniques? Keeping the source *closed* and applying reasonable "anti-doping" techniques.

Graf: Because security through obscurity works. More obscurity = more obscurity. There, I win. I mean... you're kidding, right? If I can manipulate the source where everything is practically in plain English and spelled out, versus tinkering with the .exe (which is encrypted now) in a hex editor, I'm obviously going to have a much much much easier time doing something like creating a wallhack or aimbot.

[John Smith]

This is pointless. Carn & Co. are not going to release the Skulltag source no matter who makes what argument. The rest of you can argue the merits of open source with them all you want, but as long as they continue to disagree (and they will continue to disagree) then this thread accomplishes nothing, aside from possibly fostering bad feelings.

Quasar, if you really really really want to see the Skulltag source, maybe you should shoot a message to Carnevil asking if you can work out a special deal to gain access to the code similar to what Randy and Graf have. I suppose the same could apply for other interested source port developers. The rest of you who want to see the source released because of the sharing spirit of the community or whatever... well, it's not going to happen, so why brood over it?

[Creaphis]

Graf Zahl said:

Q: What's worse than a cheater?
A: Paranoid people (particularly paranoid admins)


They can take the fun quicker out of anything because they are unable to trust. (No, Creaphis, I wouldn't ever want to play with you online! ;))

I'm really not that paranoid, nor am I that bad a guy to know. There are just many pro-open-source arguments and statements in this thread that irk me. Considering that you've come forth in a few Linux debates to say, "It's Linux fanboys like this that make it look bad," I'm mildly surprised that you've never given an equivalent response here.

Graf Zahl said:

Unless you can prove that open source will cause more cheating this whole argument will be academic - and I know that you will never be able to prove it. :P

Fair enough. This is why I prefer your arguments on this matter. The strong arguments for open-source elaborate on why cheating may not be made more likely by opening the source. The weak arguments have been painting elaborate scenarios and making rash assumptions about why, in the event of cheating, everything will be just dandy.

And, while I'm declaring this and that point as strong or weak, I'll put a few more points in the "strong" pile. For open-source, a strong point is that closing a port's source code goes against what Carmack originally intended, and may be somewhat harmful to the Doom community in the long run and on the whole. But, this is countered by a strong point made by Carn: Skulltag's actual userbase is happy with the current state of affairs.

[myk]

Carnevil said:
Now you're grasping at straws here. Your arguments are getting more and more ridiculous. Since when does taking a "proactive, preemptive approach" mean being stricter than companies with multi-million dollar anti-cheating budgets? Since when is that along the same lines as doing blood-testing on athletes? Please.

Many of the negative effects of keeping the source closed have been addressed here; I said some things in regard to the community, or why the sources are available in the first place, and others said more about development. That is the "cost" on the community, which is not there when you make the sources available, even if you have to face difficulties similar to those in sports sometimes.

The only "awkward effects on our community" you speak of is limited to a small group of people who don't even like/play Skulltag in the first place.

Why? Read what I said previously and address what I said, instead of dismissing it without reason. What I sad about "clan castles" and the like does not apply to a small group. Your accusation on open source proponents specifically not liking Skulltag (which is an engine that can be given a wide degree of uses) is kind of weak considering their main beef with it is that its source is closed.

I assure you that the overwhelming majority of people playing Skulltag don't care about all the joys of being open source, and just want to play in an environment as cheat-free as possible.

Rather, most aren't involved in development and don't have a personal opinion. They probably don't make such an issue over cheating either, which is clear from seeing how many people can play even when cheating is a possiblity. Many people don't mind using both Skulltag and ZDaemon, for example. The majority of Skulltag users don't use it because of the "cheating issue". There might be some that are obsessed with that, but most play it because of the features, or the buddies they found on it. I'm sure they would accept either a closed source or open source implementation, for the most part.

In fact, I see that you (and Creaphis) stick only to addressing the "cheat security" issue, as if it were the only thing to consider in opening or closing the source code.

[Kira]

John Smith said:

This is pointless. Carn & Co. are not going to release the Skulltag source no matter who makes what argument. The rest of you can argue the merits of open source with them all you want, but as long as they continue to disagree (and they will continue to disagree) then this thread accomplishes nothing, aside from possibly fostering bad feelings.

It's true when some arguments (especially the ones concerning closed source modules), are totally ignored in the discussion going here.

[LexiMax]

Creaphis said:

AlexMax: You're making unsafe psychological assumptions again. Not every public cheater wishes to be noticed as a cheater. What about those players on public servers who would use some subtle cheats to appear as an excellent but human player, in the hope of gaining undeserved respect? What about those who would cheat for some other, yet unpredicted reason? No group of humans can be polarized as easily as you claim.

I already went over this. If its respect they're after, then they're going to have to also participate in community tournaments where public scrutiny is much much tighter. Getting respect from people who matter and such. That's what gets them caught.

Of course, they can always refuse to participate in such events, preferring to rack up high scores in FFA games with their "subtle hacks". However, this behavior would be seen as highly suspicious, as no doubt other good players will notice this guy after a while, notice that he has outright refused serious games or playing coy games, start to grow suspicious, and start monitoring the player more closely.

Also, your posts are starting to include the subtext that "There WILL be cheating if the port is made open-source" which is not exactly a powerful argument for release.

This is my last attempt at stating this, I don't know how much clearer I can get:

"Cheating WILL occur regardless of if the port is open source or not."

[Aabra]

Ooooooooook guys, let's all take a step back... calm down and drink a beer. Tempers are starting to flare (I'm guilty of this myself too.) and it's counter-productive.

Instead of arguing let's look at the facts:

1) The Skulltag Devs would like to release the source.

2) In order to release the source, more security work has to be done.


Everything outside of this is almost irrelevant. If the source is to be released, we need to do more security work. So, as opposed to fighting against each other - let's try to work together here.

Instead of a broad term like closed source modules which really doesn't say very much if all you brainiacs could go out there and find some extremely specific ways to help increase security along with links to examples/etc that could help our coders out.

I think this is definitely the most productive thing that we can do here. Arguing with each other only creates bad feelings.

[Creaphis]

I think we all just want to rant some more. Good try though.

[exp(x)]

Aabra said:

Instead of arguing let's look at the facts:

1) The Skulltag Devs would like to release the source.

2) In order to release the source, more security work has to be done.

Everything outside of this is almost irrelevant.

Number two a questionable fact, and that's one of the reasons why there is so much discussion here.