Skulltag 97D Beta 4 Released!

(warning: My dialect shows here.)
To the Skulltag TEAM(heh):

There is no real good reason NOT to release the source. If you can give me one that doesn't say "people can cheat" I'd love to hear it. It's logical fallacy (and quite stupid) to think that opening the source will create cheating when cheaters already EXIST. Look at your "competition"...

http://zdaemon.ath.cx/bans/

Just take a look at this list. This is proof enough for me that closed source does not block cheaters. I'm surprised that the entire world isn't BANNED from Zdaemon yet.

like it matters anyway-CHEATING TELLS ON ITSELF EVERYTIME. If you can figure out a way to cheat without people figuring it out, you deserve to be on the dev team, not banned, because obviously-- if you know enough to disassemble the compiled code, modify it, and recompile it to cheat, you have coding expertise that is quite advanced beyond our years---to cheat in a little video game.


I just wonder who the fuck would want to cheat at a game anyway. If a PLAYER sucks, at least he should have the balls to practice instead of-- I dunno-- HACKING INTO THE GAME CODE. That's a level of dedication into "making my game sux" that I just can't fathom.

You're not fighting cheaters, you're fighting evil-fucks/retards/idiots/pariahs/losers/dicks/etc.. And you will ALWAYS lose that war. Might as well acknowledge the fact that people will cheat ANYWAY, and releasing the source won't stop that, and holding the source won't either.

Oh, and you're also taking advantage of the old doom license. Smooth move.

EDIT: Carn, congratulations on missing the point. That doesn't even make sense. I'd reword that if I were ye.. just saying.

like it matters anyway-CHEATING TELLS ON ITSELF EVERYTIME. If you can figure out a way to cheat without people figuring it out, you deserve to be on the dev team, not banned, because obviously-- if you know enough to disassemble the compiled code, modify it, and recompile it to cheat, you have coding expertise that is quite advanced beyond our years---to cheat in a little video game.I just wonder who the fuck would want to cheat at a game anyway. If a PLAYER sucks, at least he should have the balls to practice instead of-- I dunno-- HACKING INTO THE GAME CODE. That's a level of dedication into "making my game sux" that I just can't fathom.

I think this plays a bit too far into the ideology of what an open source multi-player project would be like. Letting others understand all the procedures by which your game works leaves the doors wide open for punks who just casually enjoy inflicting chaos on those who enjoy online play. Besides, what other alternative is there to monitor for cheaters when most people volunteer for the responsibility of being a server admin?

Besides, i doubt that trying to keep cheaters from discovering worse ways to exploit the program by closing the source is selfish. It is a disadvantage to the Linux communities, but this is the first binary release for Linux so problems are to be expected. And come on,

Instead of opening the source I think we'd rather have anybody who's got the programming experience, the motivation, and interest in Skulltag simply ask to join the team.

I doubt you'd see this type of invitation coming from the zdaemon community.

edit. congrads on the new release. Glad to see Carn didn't completely burn himself out.

Mindless Rambler said:

Wine + Windows Skulltag it is.

Dont' drink and play skulltag!
A hotfix is coming soon for skulltag!
The netcode had a few holes accidentially created when they were fixing bugs...

doom2day said:

The netcode had a few holes accidentially created when they were fixing bugs...

Actually, it came from the addition of demo recording. But, no matter. It's all fixed and the hotfix will be released soon!

How would a open source game protect against cheaters anyway? I'm not saying it isn't possible, I am just curious what sort of form the cheat protection would take. It doesn't seem like you could query the client for a MD5sum or anything because a modified version could just return the "proper" value. I can't think of how you could stop cheaters in an open-sourced game besides building a high enough wall of "security through obscurity" that they would just stop bothering. That or including a closed-source component like an encryption DLL or something, but I don't know how that works with the licensing.

edit: I guess Carmack thinks the latter solution (or at least did 8 years ago).

skadoomer said:
Besides, i doubt that trying to keep cheaters from discovering worse ways to exploit the program by closing the source is selfish. It is a disadvantage to the Linux communities, but this is the first binary release for Linux so problems are to be expected. And come on,

It generates and environment where opening sources becomes even harder, because if each engine is on the defensive in such a way, the amount of people who will want to contribute will decrease, while the ones who will want to hack cheats will not decrease. Cheats will be harder to make, but also harder to spot. In not releasing the source you're showing your distrust of cheaters, yes, but also anyone else. And why trust you in turn? What you get is different closed subcommunities that more or less despise each other (and this definitely breeds mischeivous cheaters).

Carnevil said:
Who's going to fix them then? You?

Any coders looking over the code would certainly be able to provide patches to cheats, yes, and with the help of the source, other players can provide hints to hacks and abuses. And this isn't limited to the cheating issue: If the source is available any coder can submit some awesome patch that would likely be nothing but an annoying feature request in a closed scenario.

Linguica:
How would a open source game protect against cheaters anyway?

Protection in the sense of blocking out cheats should be less easy to implement. The main strengths would be in generating trust (by showing trust and by encouraging participation) to generate an evironment where cheating is more or less pointless. While cheating may be relatively more accessible it should also be possible for people beyond the core development team to track it down, and while there are always assholes, there's less motivation to cheat against something one can participate in and feel part of.

Letting cheating have its way in an indirect way, due to doors being closed, hinders the development of the MultiPlayer community and engines.

What does Skulltag have to hide anyway? FFS the game you're stealing ideas and such from (q3a) has its source open totally and it's many many generations later.

It benefited from a bunch of security hole fixes after that and id even committed a big one to their Q3A and W:ET patch releases

I guess you're a big fan of vegetative bitrot, then

Is counterstrike open source? It's an add on to an existing game. Why isn't anybody screaming at them to release the source code for it? *sighs* It's obvious that there's just no pleasing some of you. Skulltag and Zdaemon are closed source, and they will be for a long time to come I'm sure. The developers that need the Skulltag source already have it, and anybody interested in working with the source can simply apply to join the Development Team. Anyways, the discussion regarding open source is now CLOSED. If you want to talk about Skulltag then please be my guest however let's keep this topic civilized.

Hi there.

These aren't the Skulltag forums. You don't have the authority to declare a particular subject "closed".

Thanks, and have a good day.

Aabra said:
Anyways, the discussion regarding open source is now CLOSED.

Wrong. People can talk about whether Skulltag is open or closed, or what that means to them or implies, all they want. All you can decide is whether you participate in said discussion.

Aabra:
If you want to talk about Skulltag then please be my guest however let's keep this topic civilized.

Other than perhaps exp(x)'s "buttmonkeys", which was a while back and brought no repercussions, I see no signs of lack of civility. It the subject makes you nervous, stick to the posts discussing other matters (or you'll end up sounding like someone from the ZDaemon team).

And Counterstrike, heh... I never cared about it myself (the theme and artwork alone are lame), but isn't it known as a community breeding cheaters and assholes?

Aabra said:

Is counterstrike open source? It's an add on to an existing game. Why isn't anybody screaming at them to release the source code for it?

Show us the Half-Life source code, else that argument is and will remain fallacious.

Linguica said:

How would a open source game protect against cheaters anyway? I'm not saying it isn't possible, I am just curious what sort of form the cheat protection would take. It doesn't seem like you could query the client for a MD5sum or anything because a modified version could just return the "proper" value.

They could follow the Cube model: provide the sources but also make official binaries that are only allowed to connect to the official servers (the official binaries contain some kind of key that is not in the publicly released sources, and maybe changes to various protocols).

Sure that could still be defeated by someone with enough skill and determination, but it raises the bar high enough to prevent a lot of cheating.

Beta 4.1 Hotfix has been released. It fixes numerous errors that came to light in 4.0

http://www.skulltag.com/forum/viewtopic.php?f=1&t=9013

Carnevil said:

I know, I'm just the worst kind of scum there is! Someone spending countless hours creating a free add-on for everyone and giving the source to those who helped make it possible is definitely up there with pedophiles and serial killers!

Just because you take your free time out to work on a free game doesn't mean that you are immune from critisism.

I've given the source to those who have a legitimate need for it (Randy and Graf), and frankly releasing the source to others will only increase the prevalence of hacks. Who's going to fix them then? You?

Hacks are quite possible without the source release. The same reason nobody writes hacks for Skulltag is the same reason nobody writes viruses for Macs. Once Skulltag gets any sembiance of a competative scene, you'll start to see them in spite of being closed source.

And besides, it's quite possible to be open source and secure at the same time. It is possible through the use of a closed-source anti-cheat module which only runs on 'officially' compiled sources, while making the rest of the source avalible to the public. It's possible, feasable, and has even been done before sucessfully (Quakeworld, Warsow, Urban Terror)

Keep in mind that if Carmack had taken the same selfish views you take, you wouldn't have the Doom source to work on in the first place. Don't shit where you sleep. There is no reason to keep the source code to a source port of a thirteen year old game secret, especially when your source material has been made public before. None.

However, to end this post on a happier note, I am quite happy that demo recording has finally been implemented. This should increase competative interest in Skulltag quite a bit.

Aabra said:

Instead of opening the source I think we'd rather have anybody who's got the programming experience, the motivation, and interest in Skulltag simply ask to join the team.

Forgive me, but, popular as it may still be, the world isn't brimming with dedicated Doom coders willing to commit to a large project. Most people who are asking for the source probably only want to tinker and experiment with it. That doesn't mean they will never create anything substantial out of it, it would just allow them to do so without the pressure of a team of cloak and dagger modders eyeballing them for input. You refuse to release the source, AND you are scaring people off.

chilvence said:

Forgive me, but, popular as it may still be, the world isn't brimming with dedicated Doom coders willing to commit to a large project. Most people who are asking for the source probably only want to tinker and experiment with it. That doesn't mean they will never create anything substantial out of it, it would just allow them to do so without the pressure of a team of cloak and dagger modders eyeballing them for input. You refuse to release the source, AND you are scaring people off.

No shit. Take a look at Odamex's recent changelog, most of the more recent changes aren't even from the main developers, but from random contributors who create and submit patches.

For example, remember the "Oldschool" mode that was so broken that Carn couldn't be arsed to fix it? If the source was open, he might have gotten some patches to help fix it up instead of shitcanning it due to lack of maintenance. And what's more, this is pretty much exactly what X-Doom was for ZDaemon before they too closed the source.

Don't be so damn afraid of opening your source.

AlexMax said:

And besides, it's quite possible to be open source and secure at the same time. It is possible through the use of a closed-source anti-cheat module which only runs on 'officially' compiled sources, while making the rest of the source avalible to the public. It's possible, feasable, and has even been done before sucessfully (Quakeworld, Warsow, Urban Terror)

This is a good point. Also, a lot of cheat prevention can be done with the server code and network protocol. I believe Odamex has wall-hack protection that checks if a player can actually see an enemy player before reporting the latter's position to the former.

EANB said:

Would you rather have open source with heaps of cheaters or closed with a better game?

yeah man, zdaemon and csdoom had great track records with security

Kudos to Alexmax for hitting the nail right on the head. Look at odamex. It's original developers went through hell to release it under the GPL license, but now that they have made it, it is paying off. Patches and advice come from users of the community all the time. The large burden of having to be everywhere all the time is removed from the lead developers and things which fall through the cracks can be handled by common doom fans with a little bit of coding knowledge.

Closed source is never a solution when it comes to preventing cheats. It makes things a pain, sure, but cheats still get made. If I remember correctly, a new wallhack was made for skulltag _very_ shortly after the new OpenGL renderer was added. Closed source tools (like punkbuster ect.) are also no good because they can just as easily subverted. If it is something like a proxy, then by nature it doesn't need to be closed source since it runs remotely.

If you look at Sauerbraten, you will find that it does not have a single line of anti-cheat code in it (the cube anti-cheat concept which someone mentioned earlier was abandoned in sauer). The way it works is by trust (kudos to someone else who mentioned this). You are trusted with the permission to temporarily ban any player you wish from a server (any server, not just YOUR servers), but only one player is able to have that permission at a time. As long as that permission is held by someone you trust, that game can not be ruined. It can be interrupted perhaps, but the cheater will meet a swift ban and will not be able to rejoin until the server empties. It's a concept which works beautifully.

When I say "thirded," I'm not trying to be a dick. There is reasoning behind my actions.

Man if only I was any good at IT :( I barely understand a word any of you guys are saying :(

I believe Odamex has wall-hack protection that checks if a player can actually see an enemy player before reporting the latter's position to the former.

Although that does prevent outrageous wall-hacking, due to the fact that such events would be subject to latency; you are required to "relax" the LOS checks (substantially in a fast game like DOOM) to ensure players don't seem to appear out of thin air around corners. This means that wall hacking still has benefits but it is much less effective.

Do Skulltag and ZDaemon have in-place any measures to guard against other forms of cheat, such as forcing unified light levels and disabling fog? Conceptually, it would amount to the same as the anti-wall-hacking stuff I guess (in as much as only send the player positions to the clients when within the zone of visibilty of the lighting equation server-side).

Surely though, it is impossible to protect against aimbots due to the nature of the data which must be exchanged?

I do think that any substantial amount of anti-cheat protection in a free game is little more than a waste of the developers time. IMO, all that should be attempted are relatively basic "denial of information" measures (which in a sense are optimizations and thus improve the multiplayer experience in any case).

Zorro said:

Closed source is never a solution when it comes to preventing cheats. It makes things a pain, sure, but cheats still get made. If I remember correctly, a new wallhack was made for skulltag _very_ shortly after the new OpenGL renderer was added.

Wallhacks are incredably easy to make for any game using hardware acceleration. I'm no expert, but I imagine when you introduce 3D acceleration, you introduce new attack vectors that are well understood, since no matter what game you're playing it eventually has to go through some well known API. Or something. Either way, it ends up looking like this:

http://video.google.com/videoplay?docid=1207992894969198925

I'll stand by my assertion that the server administrators and their players are the best anti-cheat. If they are given the tools to kick/tempban players from the server, the problem will fix itself, and you don't need to keep the source closed. And keep in mind that we're not even talking about CS here, we're talking about a source port of a 13+ year old game. There is no reason to keep the source for a game like that closed. None.

DaniJ said:

Although that does prevent outrageous wall-hacking, due to the fact that such events would be subject to latency; you are required to "relax" the LOS checks (substantially in a fast game like DOOM) to ensure players don't seem to appear out of thin air around corners.

Last I checked, the LOS checking in Odamex is rather tight and exhibits behavior like you describe. :P

EDIT: Also, it seems like the developers haven't responded to this thread in a long time, probably because they couldn't figure out how to respond and didn't feel like being ridiculed further. A shame, as there are kernels of truth throughout the thread. Oh well, suppose we should wait until the next version is announced to bring it up yet again.

The Skulltag development team strikes me as a group of weak people. Its members show no confidence whatsoever in daring to make the project open source while taking up arms against the nightmare they have contrived in their heads -- the supposed possibility of fueling the production of cheats. Maybe they just lack experience and versatility, unlike their presumed invisible enemies: the people who craft cheats.

Last I checked, the LOS checking in Odamex is rather tight and exhibits behavior like you describe. :P

I stand by what I said. Regardless of your own personal experience, I will guarantee that someone somewhere will be experiencing quality degradation if Odamex's LOS check used to restrict the transfer of peer position data to clients is "tight" enough, as to make wall-hacks completely useless. Sure, packet sizes can be reduced and data can be sent less frequently but server:event > client response latency is beyond the influence of Odamex. Clients behind a slow connection or far from the server will always suffer. However, this measure designed to improve the multiplayer experience actually has negative results for such clients.

I would hope that there is server-level control for such a feature as on servers intended for tournament/competitive use I would personally expect to see it disabled (where, as you say, self-management among peers is a better solution imo).