I am writing a score server for client/server games such that various
games can talk to one server. Each game would thus register for a
name/password and use that in their code to send data to the server.
Now, putting aside all the problems with cheat detection found in closed
source software, it seems my problem is exacerbated by the need to
distribute full code to make the client (this will be the AGPL so server
code is also included).
Does anybody have some good references, or good ideas, on how this can
be accomplished, such that each game client can uniquely identify itself
with the server? That is, how can I adequately protect some "keys" in a
completely AGPL project?
NOTE: I already understand the problem with detecting cheaters, and I
realize this is a part of the same problem. I'm just hoping that
somebody has an idea that the most basic identity of a game client can
be protected.
--
edA-qa mort-ora-y
http://disemia.com/
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
The dis-Emi-A haXe Library -- all you'd ever need to make Flash games
http://wiki.disemia.com/The_dis-Emi-A_haXe_Library
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Sign: Please digitally sign your emails.
Encrypt: I'm also happy to receive encrypted mail.
to list as well.
---------- Forwarded message ----------
From: David Gerard <dgerard(a)gmail.com>
Date: 20 Apr 2008 12:25
Subject: Re: Writing a secure client/server with open source
To: edA-qa mort-ora-y <eda-qa(a)disemia.com>
On 20/04/2008, edA-qa mort-ora-y <eda-qa(a)disemia.com> wrote:
> Andy wrote:
> > The general consensus is "The attacker already knows the algorithm" thus
> > revealing the source should not be a problem. Compilation is NOT a
> > secure way of hiding something anyway.
> I agree, but at least it prevents casual abuse of the server. That is,
> a bit of obfuscation is likely enough to rid the game of the majority
> of cheaters or abusers. I agree it does nothing to deter the hardcore
> attacker.
It does nothing to stop them either, because their code can be copied
and used by others. "Secure client" is fundamentally an oxymoron. See
http://en.wikipedia.org/wiki/Trusted_client (which I rewrote a while
ago to try to explain this simple point which nevertheless
consistently evades people). You can't give people the secret and also
keep it from them - it's *impossible*.
If you want this to work, you have to make the *protocols* proof
against cheats, e.g. only allowing a certain number of actions per
time or whatever. Come up with a protocol that would still work if
every single player had a copy of the protocol and could implement an
optimal bot client for it ... because that's what they can do anyway.
- d.
David Picón Álvarez wrote:
>> On the other hand, I've never much liked the EU as a project, and I
>> always opposed my own country's membership. A recent trip to visit the
>> Parliament in Brussels did little to convince me of its fundamental
>> democratic credentials (although I recognize some people there are doing
>> good work, like apparently the Spanish parlamentarian David Hammerstein).
>
> The fact is the European Union isn't waiting for you to support it in order
> to exist. The EU is a reality on the ground, and we have to live with it. We
> can take political action to try to get rid of it, or change it into
> something we prefer, from the understanding that, if we ignore it, it
> doesn't go away.
>
That is of course true; a third alternative would be to agitate for our
own country to leave the EU, which is common in some country, which
would make EU legislation irrelevant in that country - still, I think
the petiition has merit: if the EU Parliament was to shift to free
software and open standards and do it for political reasons, this would
be a significant victory.
>
> Without wanting to go into OT, if someone is sufficiently childish to think
> that their "recognition" of an actually existing institution such as
> Europarl matters, or that by withdrawing it they can somehow better take
> charge of their future, they deserve as much political influence and power
> as they get, zero.
Without going too far into OT, this misses the mark of how modern
institutions work and uphold their power. Institutions in countries like
the European ones thrive on recognition - if they didn't have it, they
would lose their power and become irrelevant. If (to take a contemporary
example) the Basque parliament were to declare independence tomorrow,
this would mainly be an assertion of not recognizing the Spanish
government's sovereignty over the area. The American declaration of
independence, likewise: An assertion of lack of recognition followed by
a struggle which ended with British loss of control over the area.
And, in practically all revolutions and similar upheavals, things have
started with people not "recognizing" the authorities' right to control
them in certain ways. Power *begins* with recognition: If nobody
recognized the government, it would be unable to govern; it can only
uphold its power by force as long as the vast majority *does* recognize
it as the reality on the ground - if a vast majority didn't and
consequenctly didn't obey the laws, no police force in the world could
save it.
So recognition *is* a very important political currency (thus also the
hairsplitting on both sides over "recognition" in the Israel/Palestine
conflict).
br (and I better get back on topic),
Carsten
--
http://www.modspil.dk
Ciaran O'Riordan wrote:
> Free Software Foundation Europe <press(a)fsfeurope.org> writes:
>> 5. FSFE co-launches Open Parliament initiative
>
> I've put more information in a blog entry:
> http://fsfe.org/en/fellows/ciaran/ciaran_s_free_software_notes/the_open_par…
>
>
I'm not entirely sure what to think of this petition, like in whether to
sign or distribute it: On one hand, I'm in favor of free software and
think its distribution and adoption in Europe would be a good thing.
On the other hand, I've never much liked the EU as a project, and I
always opposed my own country's membership. A recent trip to visit the
Parliament in Brussels did little to convince me of its fundamental
democratic credentials (although I recognize some people there are doing
good work, like apparently the Spanish parlamentarian David Hammerstein).
So, how can I sign or recommend the petition without fundamentally
recognizing the Parliament, when actually I don't? This might actually
limit the petition's potential appeal in many countries, at least in
"Euro-sceptical" quarters (which in Denmark tend to be the left, and
some nationalists - the pattern might be different in other countries).
br
Carsten
--
http://www.modspil.dk
It has been another busy month for software freedom. Open Standards have
continued to dominate discussions in ICT with the MS-OOXML proposal being
accepted by ISO as a standard. FSFE and numerous other parties have observed
this process from the beginning and have reason to be concerned about the state
of international standardisation. You could read more about this in our
lead story below.
Document freedom, open access and software licensing are increasingly
important topics of discussion. Awareness of these issues has never been
higher but at the same time the challenges faced have never been so difficult.
As Free Software becomes more accepted, so too do the attempts by those
supporting restrictions and constraint to undermine our movement. We need
your help to ensure that logic, fairness and decisions for the benefit of all
continue to be heeded by decision-markets in Europe and beyond. If you
have some free time, please visit http://fsfeurope.org/contribute/ and
see how you can contribute to our success.
Shane, FSFE Zurich Office
1. MS-OOXML approved by ISO, FSFE concerned about standardisation process
2. FSFE context briefing: Interoperability woes with MS-OOXML
3. Document Freedom Day - young but strong
4. Keynote at Chemnitzer Linux-Tagen, Germany
5. FSFE co-launches Open Parliament initiative
6. Speech on Free Software licensing and the GPLv3 at OSiM USA
7. FTF delivers licensing courses in Zurich, Switzerland
FORTHCOMING EVENTS
8. (2008-04-19) Linuxwochen, Krems, Austria
9. (2008-04-19) Linuxwochen, Graz, Austria
10. (2008-05-15 to 2008-05-17) Linuxwochen, Vienna, Austria
1. MS-OOXML approved by ISO, FSFE concerned about standardisation process
Microsoft received Ecma's approval for the partial documentation of its
Office 2007 file format in December 2006 as Ecma-376. Ecma then filed
Ecma-376 for ISO approval as DIS29500. This raised concerns that in
spite of claims to the contrary this would turn out to be a strategic
move to get ISO approval at all cost for pure marketing purposes.
FSFE's own experience in some countries and the reports about various
irregularities around the world confirmed that concern. These concerns
also overshadow the final approval of MS-OOXML as an ISO standard. ISO
certification was never a seal for Open Standards, as demonstrated by
patent-encumbered formats like MPEG. But if technically deficient
documentation gets ISO approval, it questions ISO on a much more
fundamental level.
http://mail.fsfeurope.org/pipermail/press-release/2008q2/000206.htmlhttp://www.fsfe.org/fellows/ciaran/ciaran_s_free_software_notes/what_s_wron…http://www.fsfe.org/fellows/greve/freedom_bits/re_enacting_the_parrot_sketch
2. FSFE context briefing: Interoperability woes with MS-OOXML
FSFE released a context briefing on interoperability problems caused by
Microsoft's Office OpenXML format: "The proposed MS-OOXML/DIS29500
specification raises serious technical and legal concerns. This context
briefing highlights three examples of how the proposed specification and
its practical implementation in MS Office 2007 hinders interoperability,
fosters vendor dependence and results in market distortion."
http://fsfeurope.org/news/2008/news-20080305-01
3. Document Freedom Day - young but strong
We are happy to announce that the first Document Freedom Day was a
complete success. Great response we received from the teams during the
preparations and registration process, resulted with lots of activities
on March 26th all over the globe. DFD Teams did their best to pass the
message of document freedom and importance of Open Standards. DFD flags
were hoisted around the world in Africa, Australia, Asia, Europe, North
and South America.
Events and activities of more than 200 DFD teams ranged for street
events and speeches to an award for the German governmental body that adopted
good policies in the field of Document Freedom and Open Standards. We are
expressing our biggest gratitude to all DFD teams for being part of the
community and contribution in making DFD08 successful.
http://documentfreedom.org/
4. Keynote at Chemnitzer Linux-Tagen, Germany
Shane Coughlan, the coordinator of FSFE's Freedom Task Force, delivered the
keynote speech at Chemnitzer Linux-Tagen at 13:00 on the 1st of March. The
title of the keynote was 'Free Software in the ICT mainstream' and covered
issues ranging from licensing through to Free Software on the desktop. The
key message of the speech was that we have come a long way, and now that we
are a mainstream technology we can accomplish even more. The big question
remaining for each individual is simply "what will I contribute to this?"
http://chemnitzer.linux-tage.de/2008/vortraege/detail.html?idx=223
5. FSFE co-launches Open Parliament initiative
The Open Parliament petition was launched in March to initiate a review of
the European Parliament's policies regarding internal software use and file
formats for published information. If this petition gathers enough support
to launch a review, FSFE will have a guiding role in the process. The
official petition is an internal matter for the European Parliament, but
there is also an online petition where FSFE asks free software supporters to
show their support. This petition was co-launched with OpenForum Europe and
ESOMA. More information on this will be published soon on the fsfe.org
blogs.
http://www.openparliament.eu/
6. Speech on Free Software licensing and the GPLv3 at OSiM USA
Shane Coughlan, FTF coordinator, delivered a speech entitled 'Analysing
Whether GPLv3 Has Improved Free Software Licensing' at OSiM USA on Tuesday
the 12th of March in San Francisco. The speech covered topics ranging from
the creation of GPLv3 and its place in licensing through to examining the
place of GPLv3 in tomorrow's market. Reaction was positive and productive
discussions with telecommunications companies took place afterwards.
7. FTF delivers licensing courses in Zurich, Switzerland
Shane Coughlan, FTF coordinator, delivered two training courses in Zurich,
Switzerland as part of the Free Task Force programme to increase awareness
and understanding of software licensing issues. On the 7th of March a half
day session entitled 'Free Software in the public sector' was delivered, and
on the 21st of March another half day session entitled 'Introduction to Free
Software licensing' was presented to an audience of local Free Software
advocates and activists. If you are interested in helping the FTF with its
outreach programme and would like to have training sessions in your area,
please contact the FTF as soon as possible:
http://fsfeurope.org/projects/ftf/contact
FORTHCOMING EVENTS
8. (2008-04-19) Linuxwochen, Krems, Austria
On Tuesday 15 April 2007 at 16:15, Reinhard Müller gives a speech about open
standards and free document formats at a Linuxwochen event at the Danube
University Krems. The FSFE also has a booth at the event where it informs
about its work and about Free Software in general. Admission is free for the
whole event.
http://lug.krems.cc/linuxtag2008/
9. (2008-04-19) Linuxwochen, Graz, Austria
On Saturday 19 April 2007 at 12:00, Reinhard Müller gives a speech about open
standards and free document formats at Linuxwochen event at the University of
Applied Sciences "Johanneum" in Graz. The FSFE also has a booth at the event
where it informs about its work and about Free Software in general.
Admission is free for the whole event.
http://www.linuxtage.at/
10. (2008-05-15 to 2008-05-17) Linuxwochen, Vienna, Austria
>From 15 to 17 May, an event of the Linuxwochen Austria will take place in the
building of the Austrian Chamber of Commerce, Rudolf-Sallinger-Platz 1, 3rd
district, Vienna. A group of Fellows will be present with a booth where they
inform about FSFE, the Fellowship, and Free Software in general.
Admission is free for the whole event.
http://www.linuxwochen.at/
You can find a list of all FSFE newsletters on
http://www.fsfeurope.org/news/newsletter.en.html
Copyright (C) FSFE. Verbatim copying and distribution of this entire
article is permitted in any medium, provided this notice is preserved.
http://computerworld.co.nz/news.nsf/tech/2F5C3C5D68A380EDCC257423006E71CD
A 3D duplicator called RepRap, released under GPL, aiming to make a
version that can replicate itself.
This will be the point at which hardware patents become as damaging to
innovation as software patents are.
We really need to get the hard thinking about our rights in regard to
such devices now rather than later. Has RMS had anything to say on the
subject?
(cc'd to Mr Stallman for his attention)
- d.
also sent to info arond fsf.org
---
Hello,
My name is Bogdan Bivolaru (surname Bogdan). I write for some time to
support free software, but some of my ideas seemed to be underpromoted.
So I thought why should these ideas lie lonely on my websites/blogs - I
should offer them to the wider world, so that these ideas get promoted,
gain traction and who knows? maybe one of them turns into a real
project. So here I publish them, to the home of the free software
definition and the home of free software concept and the home of the GNU
Project.
In this message I present my ideas on collaboration between
non-programmers in the land of freedom and in the new software economy.
I have so far written several articles/ideas on promoting Free Software
using Free culture. I'll attempt to summary these ideas here and provide
links for further reading. Please do send comments and questions (also
send negative comments).
What I believe Free Culture needs to grow:
* free software tools for sharing artwork and their integration into
creational tools - GIMP, OpenOffice, Blender, Audacity need
versioning capabilities;
* a tool to find others work according to different criteria - free
software "coders" have http://krugle.org, artists need something
similar to the proprietary "Goo gle" Image Labeler - or semantic
search engine for artwork, such as
http://nepomuk.semanticdesktop.org/;
* making artwork files formats more modular so that artists can work
in parallel (autonomously) of each other;
* lots of marketing targeted to artists.
I believe there is empirical evidence that people appreciate freedom as
long as they experience it directly. Likewise, I believe artists will
best experience freedom in software not by filing bugs and writing
documentation, but by submitting their own work to a common pool of
artwork an see it being improved by others who either have more time or
are more experienced.
I see these two concepts, free software and free culture, as symbiotic
because:
* Free software is an enabler for Free Culture (free culture is
impossible in the absence of free software);
* Free Culture creates test cases that can be used to promote Free
Software (allows us to say "look what can be done with Free
Software!");
* Free Culture enlarges our user base with active, participative users;
* Free Cultural works can be included (embedded) in Free software -
for icons, themes, examples.
What else means promoting Free Software through Free Culture? It means
we need to start advertising the collaboration tools in our software. We
have to enable and encourage artists to share their work with other
artists and with the world - just as our programmers do. Go out there
and tell student/young artists how they can work more efficient as a
collective. Show them examples of "free cultural projects' that are
successful and which they can contribute to. Examples include:
1. Wikipedia <http://en.wikipedia.org/wiki/Main_Page>
2. Students for Free Culture <http://freeculture.org/>
3. Mutopia Project - sharing free music sheets
<http://www.mutopiaproject.org/>
4. Project Gutenberg, the first producer of free electronic books
<http://www.gutenberg.org/wiki/Main_Page>
I consider as part of the free culture any reproducible work:
* accounting exercises for teaching in schools;
* office templates (there are already several office templates
projects);
* 2D images;
* 3D models with textures;
* psychology questionares;
* music sheets.
Should we have a community that goes by the principles of "free
software" for each or most fields of human activity, we shall achieve
far greater success than what we got by now.
A sizable, realistic objective for free culture: add versioning support
to the "The Blender 3D Model Repository"
http://e2-productions.com/repository/modules/PDdownloads/
Last, but not the least I should remark that supporting free culture
does not deny proprietary culture artists to use our free software tools
- that's why they are free software, so that one can use them for any
purpose they wish.
Other thoughts of mine on this matter:
* Promoting Free software [kind of
agressive]https://www.fsfe.org/en/fellows/vadania/my_ideas_on_how_to_improv…
* Non software contributors in Free Society
https://www.fsfe.org/en/fellows/vadania/my_ideas_on_how_to_improve_free_sof…
* Promoting Linux as a tool for a participative community
https://www.fsfe.org/en/fellows/vadania/my_ideas_on_how_to_improve_free_sof…
* Workspace for Colaborative Development in Different Domains
http://thetuxproject.com/node/263
* Freedomware calls for artists, end users
http://thetuxproject.com/node/286
All materials are CC-BY-SA unless otherwise noted. Please do contact me
if you find any material that is not under a free license.
I have learnt about some ray-tracing features in the new DirectX library
(version 11)
http://www.techarp.com/showarticle.aspx?artno=526
This would, again, let the OpenGL library as lagging behind and playing
catch up with the proprietary library DirectX. This would again turn away
game developers and gamers from our free software operating systems.
As said in the article at TechARP, on the hardware side, AMD and Intel would
have no problem making their devices compatible with the new library. But
Nvidia, is said to be in trouble.
Completely unofficial and unrelated (after all, of all companies said to be
involved only AMD recognizes it is working on this raytracing thing for
DirectX), I see this as an oportunity to gain the support of Nvidia to add
such features to OpenGL - and make them compatible with Nvidia cards.
With Nvidia financing and their marketing muscle we could get financial
support to run a fund raising campaign - similar to the "Free Blender" fund
raising one - to add something like Blender engine ray-tracing features to
OpenGL.
What I think about Nvidia:
I find they do bad not to release their Linux drivers under a free license,
but I have no problem using their commercial interests for the advancement
of freedom - this time in OpenGL.
Here's about "Free Blender" campaign:
http://www.blender.org/blenderorg/blender-foundation/history/
Here are some ray tracing rendering engines:
Blender rendering options in Blender v. 2.3
http://www.blender.org/development/release-logs/blender-232/rendering-optio…
Blender itself is available under the GPL license see
http://www.blender.org/documentation/htmlII/a11911.html
Another free as in freedom ray tracing engine (LGPL)
http://www.yafray.org/
Here is more about OpenGL library http://opengl.org/about/licensing/
Direct X: I intentionally left out of the message the name of producer of
the Direct_X library. This is also part of a personal campaign not mention
their name in posts - as they are not worthy of it.
--
"The best way to predict the future is to invent it.", 1971, Alan Kay:
http://www.smalltalk.org/alankay.html
on ThinkFree Blog [1], the ThinkFree's marketing manager, replying to
a customer asking if ThinkFree (a multiplatform office suite) 'll
support ODF, replied [2]:
I'm marketing manager Benedict from ThinkFree.
Thanks for your suggestion !
We are also considering the ODF support in ThinkFree.
By the way, There is one obstacle for solving the problem…
That is MS Policy for ODF, Because of interoperability with MS Office
in ThinkFree, We still need the MS cooperation that support OOXML,,,
I think you can understand this situation & MS policy strategy…
But we plan to solve this political problems, and also We will make the detour.
Anyway, We feel your kind mind…
Thanks
Please, could someone from FSFE contact ThinkFree [3] to understand
what *MS policy for ODF* are they talking about and what kind of *MS
cooperation* they need to be interoperable with MS Office ???
Maybe those information 'll be interesting for the EU's Anti-Trust
Investigation of OOXML...
bye
---
Stefano Spinucci
FSFE Fellow
[1] http://blog.thinkfree.com/2008/03/24/quantum-leap-thinkfree-will-launch-the…
[2] the Benedict comment was posted on April 8, 2008 @ 12:43 am
[3] http://company.thinkfree.com/views/jsp/user/etc/contact.jsp
Dear Friend,
We have seen the likes of "the politically motivated" slowly bringing a
country into ruin, because they no longer stand for, or even understand, the
idea of having an ideological concept as a goal. Read each other's writings:
it is "I" and rarely "We the people." At the founding of this country, men
(We) stood shoulder to shoulder and fought for FREEDOM; then the government
was formed as a way to defend people from the oppressive processes. The
processes have resurfaced, evolved and become more complex but they are
still processes people have once again allowed themselves to be controlled
by. The country needs to define what was lost over time, and what to fight
for. Do you really want to know what the soul really yearns for leaders to
do, even if they appear to not know it or want it? Try this webblog to get
an idea of the things which this country (We) can (will) stand for:
http://the-next-election.blogspot.com
It is prophetic; and won't go away, and will be satisfied.
John K. Gregory
greg1011(a)bellsouth.net
404-294-1377