The Benefits of Open Source Development

Davy Darkrage · Jun 24, 2015

The security concern mentioned is called "security through obscurity." It has its merits, and I do think that with the source code in hand you are more likely to be able to find and potentially exploit vulnerabilities.

However, it would allow such attack vectors to be identified and (hopefully) patched, rather than left open and unknown. As long as backups are taken frequently and securely, it seems unlikely much real damage would result in the long-term (though that's assuming a few things).

It doesn't mean that it will always be vulnerable, just because you have the source code. It means vulnerabilities are more likely to be discovered.

Nevertheless, it is just one of many considerations to make when releasing open source code.

xXWilee999Xx · Jun 24, 2015

Davy Darkrage said:
The security concern mentioned is called "security through obscurity." It has its merits, and I do think that with the source code in hand you are more likely to be able to find and potentially exploit vulnerabilities.

However, it would allow such attack vectors to be identified and (hopefully) patched, rather than left open and unknown. As long as backups are taken frequently and securely, it seems unlikely much real damage would result in the long-term (though that's assuming a few things).

It doesn't mean that it will always be vulnerable, just because you have the source code. It means vulnerabilities are more likely to be discovered.

Nevertheless, it is just one of many considerations to make when releasing open source code.

And having the source code at all isn't really gonna do anything if the program is patched.

Shamus The Brute · Jun 24, 2015

So, that's the only main concern for everyone? "Hacking?"

Not that I am justifying the act but...did not POTCO's last few years experience an influx of hackers/modders as well? I am not trying to minimize the problem (Lord knows that I've 'tried' to do my part to speak against such behavior), but given the fact that POTCO was still beat down hard by the issue of in-game hacking/modding...I think perhaps it's safe to say that POTCO players' themselves grew somewhat accustomed to such behavior, unfortunate as it were. The game's key attraction was not entirely hampered therefore and if I had to remind everyone, that was POTCO's very sense of community (the like of which such hacking could 'never' destroy).

What I most want to convey about hacking is that it will always be an issue (simply because of the flaw of being human means also that some people's hearts will never be 100% in the right place).
So what strategy could an open-source (POTCO) project deploy in order to counteract the problem of in-game hacking/modding? :walk the plank:

By reverse, reverse-engineering the very vulnerabilities initiated in-game. Therefore, theoretically speaking such in-game patching would create a more whole, solidified game (would it not)?

*** IF your naïve to think that ALL in-game hacking/modification can completely be eliminated 100% of the time, then you've got a lot to learn in LIFE about the resourcefulness of human beings. :rolleyes:

Davy Darkrage · Jun 24, 2015

@xXWilee999Xx
You can only patch against attack vectors you know exist.. but right, that was what I was saying. You can patch vulnerabilities that are found, and it is completely possible for open-source code to not be vulnerable to exploits.

ReillyLv50PEACE Keepers · Jun 24, 2015

Shamus The Brute said:
So, that's the only main concern for everyone? "Hacking?"

Not that I am justifying the act but...did not POTCO's last few years experience an influx of hackers/modders as well? I am not trying to minimize the problem (Lord knows that I've 'tried' to do my part to speak against such behavior), but given the fact that POTCO was still beat down hard by the issue of in-game hacking/modding...I think perhaps it's safe to say that POTCO players' themselves grew somewhat accustomed to such behavior, unfortunate as it were. The game's key attraction was not entirely hampered therefore and if I had to remind everyone. that was POTCO's very sense of community (the like of which such hacking could 'never' destroy).

What I most want to convey about hacking is that it will always be an issue (simply because of the flaw of being human means also that some people's hearts will never be 100% in the right place).
So what strategy could an open-source (POTCO) project deploy in order to counteract the problem of in-game hacking/modding? By reverse, reverse-engineering the very vulnerabilities initiated in-game. Therefore, theoretically speaking such in-game patching would create a more whole, solidified game (would it not)?

*** IF your naïve to think that all in-game hacking/modification can completely be eliminated 100% of the time, then you've got a lot to learn in LIFE about the resourcefulness of human beings.

The wreckage is real.

xXWilee999Xx · Jun 24, 2015

Shamus The Brute said:
So, that's the only main concern for everyone? "Hacking?"

Not that I am justifying the act but...did not POTCO's last few years experience an influx of hackers/modders as well? I am not trying to minimize the problem (Lord knows that I've 'tried' to do my part to speak against such behavior), but given the fact that POTCO was still beat down hard by the issue of in-game hacking/modding...I think perhaps it's safe to say that POTCO players' themselves grew somewhat accustomed to such behavior, unfortunate as it were. The game's key attraction was not entirely hampered therefore and if I had to remind everyone, that was POTCO's very sense of community (the like of which such hacking could 'never' destroy).

What I most want to convey about hacking is that it will always be an issue (simply because of the flaw of being human means also that some people's hearts will never be 100% in the right place).
So what strategy could an open-source (POTCO) project deploy in order to counteract the problem of in-game hacking/modding? By reverse, reverse-engineering the very vulnerabilities initiated in-game. Therefore, theoretically speaking such in-game patching would create a more whole, solidified game (would it not)?

*** IF your naïve to think that ALL in-game hacking/modification can completely be eliminated 100% of the time, then you've got a lot to learn in LIFE about the resourcefulness of human beings.

I highly doubt anyone in the POTCO community could bypass the compiler we use. Maybe POTCO has some good people, but I highly doubt they could even bypass our compiler. It is too good.

Shamus The Brute · Jun 24, 2015

xXWilee999Xx said:
I highly doubt anyone in the POTCO community could bypass the compiler we use. Maybe POTCO has some good people, but I highly doubt they could even bypass our compiler. It is too good.

I sense the overwhelmingly pride you do feel in TLOPO's security. Well...that's always a good thing to understand.

However, be very careful what you claim (yourself, as a sort of 'public relations' representative of TLOPO) because despite your own confidence such words could possibly come back to haunt you some day (unfortunate as that might be).

Look. As pointed out by someone earlier this month, I know absolutely nothing about how to develop a game. What I do understand is that with any game (and especially a MMORPG), the developmental status of a game will usually be put on the defensive rather than the offensive. And even if I am wrong in saying this, I understand a lot of the inner-junk which drives human behavior towards the urge to do wrong.

Shamus The Brute · Jun 24, 2015

Besides in-game hacking, what other concerns do people have about an open-source, POTCO project? :pirate1:

ReillyLv50PEACE Keepers · Jun 24, 2015

Shamus The Brute said:
Besides in-game hacking, what other concerns do people have about an open-source, POTCO project?

I am scared that crazy people like me will do something CRAZY.

Shamus The Brute · Jun 24, 2015

ReillyLv50PEACE Keepers said:
I can scared that crazy people like me will do something CRAZY.

Just try to refrain from doing so (because remember, 'Crazy' Ned is not so CRAZY when he remembers to take his prescription meds). :rolleyes:

Besides, a game full of CRAZY Neds means less chance for any one player to stand out and what better way to stand out than to become a "positive" role model and player within this CRAZY community.

GangStarr · Jun 25, 2015

xXWilee999Xx said:
It's barely possible to hack TLOPO at all... it would be hard for even professionals to manage to somehow hack TLOPO.

.............................

lol

Compiling the game with "Nairai" or what ever you guys are calling it will not make it impossible to reverse the game, unless you plan on making a kernel module or something, lol. And, i doubt you guys will drop 300 dollars for a csc just to sign a driver ring 0

Well, we'll wait and see. IDA pro will say otherwise

xXWilee999Xx · Jun 25, 2015

GangStarr said:
.............................

lol

Compiling the game with "Nairai" or what ever you guys are calling it will not make it impossible to reverse the game, unless you plan on making a kernel module or something, lol. And, i doubt you guys will drop 300 dollars for a csc just to sign a driver ring 0

Well, we'll wait and see. IDA pro will say otherwise

GangStarr · Jun 25, 2015

xXWilee999Xx said:

Mind shedding a little light on why this compilation method will be so extraordinary? I'm pretty sure every game that has ever been published had a really good "compiler " but still had hackers.

Literally the only way you're going to stop "Hackers" is to make an actual anti-cheat, lol. ESPECIALLY when the client side vanilla representation of POTCO is basically open source.. and the game engine (Panda3D) is open source. Oh, and Astron is open source! TPLO or what ever it's called IS open source

That, and if you want to be like a Bastian Suter over at battleye and sign a kernel driver

xXWilee999Xx · Jun 25, 2015

GangStarr said:
Mind shedding a little light on why this compilation method will be so extraordinary? I'm pretty sure every game that has ever been published had a really good "compiler " but still had hackers.

Literally the only way you're going to stop "Hackers" is to make an actual anti-cheat, lol. ESPECIALLY when the client side vanilla representation of POTCO is basically open source.. and the game engine (Panda3D) is open source. Oh, and Astron is open source! TPLO or what ever it's called IS open source

That, and if you want to be like a Bastian Suter over at battleye and sign a kernel driver

Okay, well how about you speak to Loblao himself now (the one who created it). Going to get him on these forums.

loblao · Jun 25, 2015

Hi GangStarr, nice to meet you! For some time, I've been hearing that you'll reverse engineer Nirai. That's no big deal. However, some inaccurate things have been said. Please allow me describe Nirai's security model.

First of all, Nirai is now open source! No more security through obscurity. In fact, it's never been. Panda3D and Python are almost 98% of its code and they are publicly available. Because of that, looking for TLOPO-specific code is unfeasible. You gotta be quite lucky or determined to find the relevant 2%. The rest is just Panda3D/Python/third-party code you aren't interested into. Ain't it cool?

https://github.com/nirai-compiler

2. For most projects, AES is used. Remember Kerckhoff's principle (since you mentioned kernel I'm assuming you know what you are talking about, therefore you should know it): even if you use a dissembler, you won't know the key, as long as it's done properly. And for TLOPO I will do it correctly. Ain't it cool?

3. Nirai supports Python bytecode obfuscation. Even if you happen do dump PyImport_FrozenModules array, a lot of garbage would be dumped. The bytecode is deobfuscated just in time. Ain't it cool?

4. Nirai generates a static executable. That means no exposed python DLL. That means no Python code injection. Ain't it cool?

5. The connection between TLOPO client and server uses properly validated TLS. We use certificate pinning, so even if you happen to intercept it, the client would not accept your certificate. Ain't it cool?

6. All our phases are digitally signed and properly verified. Phase files which are tampered with are not loaded at all. Ain't it cool?

7. TLOPO AI method properly validate all requests. For example, if you request an invalid weapon in your inventory, it refuses to add it and logs such event. Ain't it cool?

Now, I'm gonna make you an invitation. Since Nirai is open source, go ahead and have fun! Clone and build it (docs are yet to made but if you claim you can decompile it you must be able to compile it, which is extremely easier and doable), compile the sample project and try to reverse engineer it. But... the sample project is easy to "hack". There's no security enforcement: AES key is hardcoded into the exe and the obfuscation process is ridiculous (let's see if you can even figure that out).

After you have successfully hacked the sample project (I would consider only arbitrary Python code injection or module dumping, with proof-of-concept, successful), move on to a real-world application which is already using (an older version) of Nirai: Toontown Next. I doubt you can harm them in anyway. Ain't it cool?

However, if you do find any serious exploit in Nirai, feel free to report it at

https://github.com/nirai-compiler/src/issues

So long,
Loblao

xXWilee999Xx · Jun 25, 2015

loblao said:
Hi GangStarr, nice to meet you! For some time, I've been hearing that you'll reverse engineer Nirai. That's no big deal. However, some inaccurate things have been said. Please allow me describe Nirai's security model.

First of all, Nirai is now open source! No more security through obscurity. In fact, it's never been. Panda3D and Python are almost 98% of its code and they are publicly available. Because of that, looking for TLOPO-specific code is unfeasible. You gotta be quite lucky or determined to find the relevant 2%. The rest is just Panda3D/Python/third-party code you aren't interested into. Ain't it cool?

https://github.com/nirai-compiler

2. For most projects, AES is used. Remember Kerckhoff's principle (since you mentioned kernel I'm assuming you know what you are talking about, therefore you should know it): even if you use a dissembler, you won't know the key, as long as it's done properly. And for TLOPO I will do it correctly. Ain't it cool?

3. Nirai supports Python bytecode obfuscation. Even if you happen do dump PyImport_FrozenModules array, a lot of garbage would be dumped. The bytecode is deobfuscated just in time. Ain't it cool?

4. Nirai generates a static executable. That means no exposed python DLL. That means no Python code injection. Ain't it cool?

5. The connection between TLOPO client and server uses properly validated TLS. We use certificate pinning, so even if you happen to intercept it, the client would not accept your certificate. Ain't it cool?

6. All our phases are digitally signed and properly verified. Phase files which are tampered with are not loaded at all. Ain't it cool?

7. TLOPO AI method properly validate all requests. For example, if you request an invalid weapon in your inventory, it refuses to add it and logs such event. Ain't it cool?

Now, I'm gonna make you an invitation. Since Nirai is open source, go ahead and have fun! Clone and build it (docs are yet to made but if you claim you can decompile it you must be able to compile it, which is extremely easier and doable), compile the sample project and try to reverse engineer it. But... the sample project is easy to "hack". There's no security enforcement: AES key is hardcoded into the exe and the obfuscation process is ridiculous (let's see if you can even figure that out).

After you have successfully hacked the sample project (I would consider only arbitrary Python code injection or module dumping, with proof-of-concept, successful), move on to a real-world application which is already using (an older version) of Nirai: Toontown Next. I doubt you can harm them in anyway. Ain't it cool?

However, if you do find any serious exploit in Nirai, feel free to report it at

https://github.com/nirai-compiler/src/issues

So long,
Loblao

Here's a TL;DR for those who need it: Ain't it cool?

John Macbatten · Jun 25, 2015

loblao said:
6. All our phases are digitally signed and properly verified. Phase files which are tampered with are not loaded at all. Ain't it cool?

Would it be possible to make some sort of texture pack type of thing that let people make their own phase files?

xXWilee999Xx · Jun 25, 2015

John Macbatten said:
Would it be possible to make some sort of texture pack type of thing that let people make their own phase files?

We will consider that.

loblao · Jun 25, 2015

In that case, they would be loaded from different phases (no overwriting) and restricted by extension (i.e. sound and textures only), so that cheaters don't replace models to perform glitches such as go out the map.

Mike Wass · Jun 25, 2015

John Macbatten said:
Would it be possible to make some sort of texture pack type of thing that let people make their own phase files?

If texture packs would be made. Only textures/sounds would be loaded. Models would be used from the standard downloaded resources, to prevent issues that may come in-game from end users changing up the models. (I.e, changing a huge building into a dog. The issues that can follow are self explanatory).

The Benefits of Open Source Development

Davy Darkrage

xXWilee999Xx

Wanted Pirate

Shamus The Brute

Davy Darkrage

ReillyLv50PEACE Keepers

Wanted Pirate

xXWilee999Xx

Wanted Pirate

Shamus The Brute

Shamus The Brute

ReillyLv50PEACE Keepers

Wanted Pirate

Shamus The Brute

GangStarr

Pirate

xXWilee999Xx

Wanted Pirate

GangStarr

Pirate

xXWilee999Xx

Wanted Pirate

loblao

Buccaneer

xXWilee999Xx

Wanted Pirate

John Macbatten

Wanted Pirate

xXWilee999Xx

Wanted Pirate

loblao

Buccaneer

Mike Wass

Former TLOPO Developer