In a client-server game architecture, what are the possible ways to verify that the client has not modified things like gfx assets or client side scripts?
Obviously no solution is perfect, but I would love to hear some ideas.
I am thinking something like an hash on all the files in the resources directory. Does that sound feasible?
Answer
If this is for hack prevention, it's a losing battle.
Things like hashes and sending random bits of data back to the server for validation come to mind, but nothing stops the hacker from using a separate, non-compromised copy of the original data as source for answering such checks.
Same goes for sending checksums of in-memory resources.
One way might be to send screenshots or checksums thereof, but then you hit the problem of different video cards/drivers rendering subtly different frames...
All that said, I'd consider outsourcing the problem to someone who has been doing it for a while, like http://www.evenbalance.com/ (punkbuster).
No comments:
Post a Comment