Comments on: MMORPG Security: Secret Chat Exploits

By: ekspekt

ekspekt — Tue, 30 Jun 2009 21:06:06 +0000

interesting post, will come back here, bookmarked your site

By: Munk

Munk — Tue, 23 Jun 2009 04:16:39 +0000

Thank you and good luck with your own game (:

I think the lack of documentation is probably a result of:
(b) are known by insiders who don’t want to talk about them
The insight you’re looking for is probably just buried in the bugreport logs, and generally nobody publishes those. My experience suggests that hackerish types will try even harder to break a game than they would a normal business website, often because finding and reporting bugs is commonly *encouraged* by game masters, who reward found exploits with special in-game items that provide a strong motivation for people to hack ethically, while banishing those who exploit without reporting.

If you’re interested in seeing the stuff that got caught in SSW’s code (heh, nobody’s perfect), the bug reports (all 2254 of them) are searchable as long as you’re logged in.

By: neb

neb — Sat, 08 Nov 2008 04:01:31 +0000

Munk, I'm glad to hear from someone else writing their own game code. From your link, your game looks great. Congratulations on making it into beta! I'm still implementing gameplay features in alpha myself.

By: Munk

Munk — Fri, 07 Nov 2008 21:31:00 +0000

Another good example of why building your own code is often much better than trying to use 3rd-party code. Most of the chat systems I tried out in SSW had terrible built-in security or load-handling problems. I ended up rolling my own eventually, just so I knew it properly sanitized and authenticated transactions and could handle load without dropping messages.

By: neb

neb — Thu, 06 Nov 2008 02:12:46 +0000

I’m working on it rampantly, Andrew! Thanks for taking the time to leave a comment.

By: Andrew

Andrew — Thu, 06 Nov 2008 00:21:51 +0000

Hey Nyhm, thanks for dropping by. I’m glad you found my post interesting. And wow, you’re developing your own MMORPG? That’s amazing! :)