Triggers for LOMAC in 1.13?

[A.S]

Hi AS, I dont really understand what your saying mate, I'm under the impression that if a game is holding unencrypted data in memory then it's a hexploiters wet dream, if LOMAC or DCS is running unencrypted data you are at risk and I dont mean from LUA.

 

You dont even have to do it "this way", there are unfortunatly other easier ways to cheat in lockon:

 

I give you just few examples what i have heart, seen over 4 years being friend and guest of many squadrons. Some told me this secret, others that and so on. Further this is not meant to be a "how to hack" instruction, but unfortunatly various things can be done and HAVE to be addressed to public

attention in order to improve things in future projects.

 

You may ask, how do i know all this ? Well simple, just by sharing infos with community since Lockons´ birth. I also have interest in "spotting" such unfair things as much as i can in terms of Fair Play in TCL league (im Admin over there, so.. ) and have also developed various methods to "bust" some of these methods.

 

Back to topic, without detailing it:

 

• Since the release of Lockons´ 3Dmax plug-in it is very simple to re-modify every Airframe with a hollow sphere surrounding them in various collors and place it back into game, so you can see Jets from huge ranges. Everyone who understands a little bit of 3dmax, will imediatly understand what im saying here.
  
• You can even do it simpler, by just adding one specific line under each aircraft in modellod.txt what will swap your aircraft model to whatever you like like carriers, bigger other Jet 3d-models and so on
  
• ppl have achieved to change their flightmodels in specific ways (may it be weight or others) or just swapped the CLSIDs completly
  
• Others have changed values in sound.cfg so they could hear missiles from miles being launched, and to top it they also changed the missile sound itself to hear it significantly....you dont see it, but you know something is inbound ..from miles...cuz you hear it
  
• a old classic was to use the lua gap to read out bandit flight datas in realtime useing various tools
  
• from other squads i know the approach to change missile trailer smokes....in length and colors...so they could be seen
  
• etc, etc, etc, etc
  

As you see, and unfortunatly there ARE many ways of "cheating" meanwhile in Lockon. Things what ppl found out and mostly shared with a whistling "but dont share" smile. I wil not name the squads or the mates, it is wide spreaded and to be honest its not even important, who.

It´s somewhat like "all know, noone tells ..." :music_whistling:

 

 

Important is, that developers must ..no MUST! ..think about this issue ..may it be unaccessable sources or Anti-Cheat-Programs similar what was enjoyed in FalconAF and changed combat "bigtime".

I have heart, that many pilots flew absolutly different once ACP was running in background.

Maybe its the nature of humans to find out always the "winning path" rather then the "glorious" one...who knows....

Who knows, what else is possible meanwhile, i stepped back from Lockon after 4 years, all i do now is trying to provide under the guidance of others a observed plattform, so others can compete in and enjoy flightsim-competitions ...its TCL.

There we "forced" the MUST of uploading the tracks for everyone and each flight, so EVERYONE can watch them. Many left after the announcement of this new rule but many many still fly (700registered pilots).

The days i was active i ALWAYS made my tracks public, i had nothing to fear or to hide, and im proud of it.

 

Peace and out....

Edited July 31, 2009 by A.S

[RvEYoda]

Who knows what future patches will bring, but if some flaws like these

will indeed be fixed (nobody knows), but if they are, then I can

explain some crazy cheats available in lockon right now.

You wouldn't believe how much you can do.

 

Basically, it is possible to set your game up as you press a button,

and someone 50km just dies....I'm not kidding.

When I last time tried to bring the issue public, I was attacked for

showing people how to cheat, so this time i will not explain the mechanics

behind, but let's just say (and Im sure many others know a lot more than

I do about this) it is possible to make your aim9 go 100km and track like

an Aim54 - WITHOUT RWR warning.

 

There is a load of other problems. I only have my word to back up that I aint

using these things online. If you dont believe me, go ahead.

[A.S]

That´s what i hate about all this issue.

 

At the very beginning days of Lockon those things were new...and were handled in screcy whoever found out what first ....etc ...but meanwhile its just toooo visible and i think things MUST MUST MUST be said ....not being afraid of anything.

 

If you wanna stick with those conditions and lie yourself...fine....if you wanna raise that issue in hope to get response or solutions...speak.

 

 

(funey though..never heart about that one you just mentioned :megalol:)

[RvEYoda]

I have informed some working with ED about it.

[A.S]

coolness :thumbup:

[Kuky]

I have informed some working with ED about it.

 

That's the right way to go Yoda... you can and should let others know of existing issue but not go on talking exactly hot to do it because then you're only giving open doors to those that don't know how to cheat and would try it just so they can win.

[RvEYoda]

I partially agree, but in some situations it isn't possible to explain in public

bug or issue without fully telling how to tell how it is triggered, but most

importantly I believe there is the issue of likelyhood of getting a fix.

 

I agree with AS on this one that these issues should be brought fully into

the open, but i'm not going to start another forum war now.

[Frostie]

Any crazy cheat like mentioned, aim9 flying like an aim54 with no warning, wth. Can be picked up with Tacview. And servers have forums with threads dedicated to worming out these anomolies.

Any form of cheat which can't be seen through Tacview is beatable by good teamwork. Even if someone can see you 100km away with a big arrow and HERE flashing above your head, they have an immediate advantage, but they still have to enter BVR. They're still trackable on radar.

 

What shouldn't be happening is the wide spread broadcast by people who don't fly Lockon anymore of how to cheat, I don't even want to know about the fact that you can hack in to the previously thought unreachable depths of the game to tweak missile performance etc. Most people probably I should imagine 90-98% don't bother with 3d programs or have hacking skills. But some will learn after hearing its possible. eg. flying dinosaurs seen on these forums and suddenly this guy has SA of the Gods, online.

Yes we can work together to try and fix problems LRM.

 

Tell the developers but don't ruin it for the rest of us.

[A.S]

Think good and twice, noone is ruining anything, in long terms !! :smilewink:

[GGTharos]

Actually you're wrong. Very wrong.

 

Thanks to a release of certain videos, certain techniques proliferated very widely and essentially became a nightmare online. What if there was a decision made to NOT do anything about it?

 

Think good and twice, noone is ruining anything, in long terms !! :smilewink:

[A.S]

Actually you're wrong. Very wrong.

 

Thanks to a release of certain videos, certain techniques proliferated very widely and essentially became a nightmare online. What if there was a decision made to NOT do anything about it?

 

Actually you are wrong ! things were already done and known :smilewink:

 

And i start asking myself, those who say "dont tell others" might fear "something" defending a own egoistic position.

 

Those "infos" havent been found out by single person only always...cmon man...we know that´s under the table spreaded "pssssst" stuff..... time to grow up.

 

.. the sim itself lacks....spoken or NOT ... spreaded or kept as conspiracy...whatever..... it is how it is...and therfore it must be issued...period.

Edited August 1, 2009 by A.S

[Kuky]

but AS, if those videos were not released (and why aren't they deleted by now?) only few would know about it and this exploit flying would be very limited online... it really is killing this sim right now... it's lot easier to find only few guys that somehow don't comply with the rest when they fly... but when 1/2 people are doing it its all gone very bad... like now...

 

I guess the only good thing now is ED decided to patch up lockOn one more... maybe lot of negative noise because of the flaws and wide spread use online made them decide to fix these things.

[A.S]

I agree with the fact, that those "finding" should have been addressed to DEVs rather then publishing them on youtube. That´s right.

But we also do know, regardless of this movie, that meanwhile many things are hollow and widely spreaded. Unavoidable, as you know.

So what to do? Covering in silence and praying? where its way to late already? Won´t help either.

 

Next question:

 

Has lockon lost its "playability-value" due to all those uncoverings on online servers?

I think not. Reason why is simple. Often pilots exploit situations without knowing, that they exploit something....they just do what they have found out, what "works" best. "I learn a game".

Very few may use those exploits intentionally and even that is not easy.

So in other words intentionally or not...you will face those moments, because its in the flaws of this sim.

 

But what to do then? Is it still fun?

Well, if you try to fly in your understandings of realistic fighting - what is realistic is the next question right here - you still can do it.

You still can manage your flight in "proper" ways, trying to avoid risks, training on your SA and descission, working on proficiencies in combat situations..etc etc... you still can have alot fun.

IF you want you achieve good scores on stat-pages...well then you will find yourself very quick restricted in "save-fly-much kill" patterns ...over n over....and maybe that kills your joy.

Personally im not concerned much about exploits or those lacks in the sim....meanwhile its a old sim....and we have to live with it somehow...im more concerned about those guys who meanwhile can do "way more", even though very rarely seen.

 

Other aspect:

 

Lockon still can be very very interesting in multiship flights....good teamworks and good matches - besides 24/7 "everything can happen" servers.

But then...do you see much Squads fighting vs eachother ?? NO, they dont, because they fear the drama.....acutally they cause the drama.

 

It wont help you to claim someone about the situation just because he released a movie (what was not very smart), but you can make the best out of it..... frustrations come very quick once stuck in same patterns...but i think, lockon (so every flightcombatsim) has alot alot more beautifull aspects to be discovered.

 

Those to enjoy and to find out, even issuing the "bad" sides.

[Moa]

The only way to avoid significant cheating is to control missile intercepts etc on the (multiplayer) server. That would also fix lag issues, since the server's record of events would be authoritative. You can sometimes see the effects of lag in TacView recordings. A dedicated server should have enough processing time to do this, since time wouldn't be wasted doing graphics.

 

I also think you're right A.S. about being prepared to make your in-game tracks public. If you're prepared to supply others with your tracks (as soon as you land) then there's not enough time to change stuff and people get an idea of what you were able to see.

 

The 51sts 'encryption' tool was a nice gift to the community but I must say the protection is very, very weak. Anyone who has a little bit of programming experience could break this and run TacView in real-time. No-one else would be able to tell. For example, it is an hour's work for me to easily defeat this 'protection' but choose not to (which shows in my crappy A2A stats, lol). Incidentally, I easily reverse-engineered ED's weak password protection on mission files (disclaimer, I was building a dynamic campaign engine, now on hold, and needed to read and write that field) - if you are going to do encryption you ought to do it right.

 

Therefore, I think that until some of the calculations are handled on the server there will always be the worst cheats (I'm hoping this is an idea ED might consider for DCS). The way to handle graphics cheating might be for the program to save a few snapshots of the screen buffer in memory and automatically forward them to the game server once a player is dead or disengaged. The server software could easily (automatically) detect graphics anomalies.

 

Exported game data should be delayed by 60 seconds for all aircraft except the player's. That would fix that particular problem.

 

I won't ask about other squadrons but I do know that the 169 takes its motto of "Play hard, play fair" very seriously. In my year there I've never heard an exploit being privately suggested for use there and I don't think it would be tolerated if it was. That's one reason we're very grateful for all Yoda's hard work in trying to defeat some of the known exploits and increase the realism of the sim.

Edited August 1, 2009 by Moa
typos

[GGTharos]

The only way to avoid significant cheating is to control missile intercepts etc on the (multiplayer) server. That would also fix lag issues, since the server's record of events would be authoritative. You can sometimes see the effects of lag in TacView recordings. A dedicated server should have enough processing time to do this, since time wouldn't be wasted doing graphics.

 

Actually the BEST way to deal with lag is to have the missile be controlled on the target's PC. What you propose is an incorrect solution to the problem. As for cheating - there are other ways to deal with this.

 

I also think you're right A.S. about being prepared to make your in-game tracks public. If you're prepared to supply others with your tracks (as soon as you land) then there's not enough time to change stuff and people get an idea of what you were able to see.

 

The 51sts 'encryption' tool was a nice gift to the community but I must say the protection is very, very weak. Anyone who has a little bit of programming experience could break this and run TacView in real-time. No-one else would be able to tell. For example, it is an hour's work for me to easily defeat this 'protection' but choose not to (which shows in my crappy A2A stats, lol). Incidentally, I easily reverse-engineered ED's weak password protection on mission files (disclaimer, I was building a dynamic campaign engine, now on hold, and needed to read and write that field) - if you are going to do encryption you ought to do it right.

 

This wasn't an encryption tool - all it does is break the ability of tacview to read its own files. It isn't even obfuscation. The trick is to get past the file lock, if any, to modify it while it's being written.

 

As for ED's mission editing lockout, that's all it's meant to do. It's also not encryption so er no, why would anyone be serious about that?

 

Therefore, I think that until some of the calculations are handled on the server there will always be the worst cheats (I'm hoping this is an idea ED might consider for DCS).

 

I doubt that it is, because this is in fact incorrect, at the very least when it comes to technical merit.

 

The way to handle graphics cheating might be for the program to save a few snapshots of the screen buffer in memory and automatically forward them to the game server once a player is dead or disengaged. The server software could easily (automatically) detect graphics anomalies.

 

Uh ... so you want some sort of CPU-eating image recognition (which is also just not bloody feasible, or at the least a huge waste of time) and waste my bandwidth too? WTF?

 

Exported game data should be delayed by 60 seconds for all aircraft except the player's. That would fix that particular problem.

 

That's not useful, especially since real-time data is valuable for legitimate purposes. ED had already implemented the ability to disable exports, controlled by the server.

[RvEYoda]

Im all for delayed universal exports, given that the "playerplane" exports

are fixed. Currently for example the radar export doesnt export updates

in F-15 TWS mode, along with a few other issues.

 

This is partially why my scripts are much longer than could first be thought

necessary. Simply cause I need to use global object data to produce the

avionics data backwards.

 

For example TWS follows target would not work without it.

[Case]

The 51sts 'encryption' tool was a nice gift to the community but I must say the protection is very, very weak. Anyone who has a little bit of programming experience could break this and run TacView in real-time. No-one else would be able to tell. For example, it is an hour's work for me to easily defeat this 'protection' but choose not to (which shows in my crappy A2A stats, lol).

Anyone with a little bit of programming experience could break most ACMI locking schemes. The reason I chose for this very basic way of locking ACMIs is to stop the vast majority of people that don't have that little bit of programming experience from using Tacview to gain uber SA. Completely encrypting ACMIs would also work but it would be completely overkill for what you are trying to achieve.

[GGTharos]

In addition it would almost certainly use more CPU than strictly necessary.

 

It is also possible that the Vyrtuoz may help secure tacview so that third party solutions are not necessary. That in and of itself might not be too hard to do.

[RvEYoda]

Why not just have the Tacview export script keep the data in RAM for 1-2 minutes before

saving it to a file?

 

Ofc, assuming everyone is using the same (new?) tacview, or the server enforcing some

built in tacview.

[104th_Crunch]

...or have Tacview built in to Lock On/DCS, or some form of ACMI built in. For the future anyway.

[GGTharos]

Why? Having tacview as is right now makes it so much more flexible.

[Moa]

Why not just have the Tacview export script keep the data in RAM for 1-2 minutes before

saving it to a file?

 

Ofc, assuming everyone is using the same (new?) tacview, or the server enforcing some

built in tacview.

 

That's what I was thinking. It would be nice to let the player's aircraft information through in real-time tho' for the sim pit builders.

 

An 'export proxy' would be able to do this. I've been thinking of doing this but have been busy chasing down race conditions and distributed transaction issues in the beta 169 stats.

Edited August 1, 2009 by Moa
Added export proxy idea

[Moa]

Actually the BEST way to deal with lag is to have the missile be controlled on the target's PC. What you propose is an incorrect solution to the problem. As for cheating - there are other ways to deal with this.

 

 

 

This wasn't an encryption tool - all it does is break the ability of tacview to read its own files. It isn't even obfuscation. The trick is to get past the file lock, if any, to modify it while it's being written.

 

As for ED's mission editing lockout, that's all it's meant to do. It's also not encryption so er no, why would anyone be serious about that?

 

 

 

I doubt that it is, because this is in fact incorrect, at the very least when it comes to technical merit.

 

 

 

Uh ... so you want some sort of CPU-eating image recognition (which is also just not bloody feasible, or at the least a huge waste of time) and waste my bandwidth too? WTF?

 

 

 

That's not useful, especially since real-time data is valuable for legitimate purposes. ED had already implemented the ability to disable exports, controlled by the server.

 

You cannot trust the client's PC, so having missile intercepts on the victim's PC is not sensible. Have them on the 'neutral' server (or so one would hope).

 

> As for ED's mission editing lockout, that's all it's meant to do. It's also not encryption so er no, why would anyone be serious about that?

 

If you're not going to do it right, then why bother?

 

> Uh ... so you want some sort of CPU-eating image recognition (which is also just not bloody feasible, or at the least a huge waste of time) and waste my bandwidth too? WTF?

 

I disagree. Given the server can reconstruct the frame display of a single image in hardware at random times for players why would this be a problem? At the moment the server is producing frames at a far faster rate, since at present all LockOn server instances produces graphics at full frame rates. All I'm suggesting is to occasionally set the viewpoint to a random player, get the players graphic settings, and compare with a screenshot streamed (slowly if need be) from the players game instance. Most of the time the server should not be doing this (which would mean it ran faster than the current system that unnecessarily renders graphics 100% of the time). This would work and would catch cheats (although mods might cause false positives) who only change textures. The server would then do a simple diff between images and warn an admin if there was significant variation. Since this would be done randomly with a low frequency this should cause negligible impact on the game relative to a headless server (you could even assign one of those hyperthreaded quad-cores to do it while the game logic ran uninterupted on the other cores :)).

 

Case I didn't mean to belittle your important contribution (and I hope it didn't sound like it). I was hoping to point out that something stronger ought to be considered for the future (eg DCS).

Edited August 1, 2009 by Moa
more typos

[RvEYoda]

I believe missile intercepts should be done on target machine.

Dispite server safety, the delays are too big for objects flying 1000 m/s

(And closure even larger!)

where 50 ms delay to server can create a 50 m difference in position,

could easily mean the difference between life and death. Think then of 300 ms

ping and we are up in *=)(/#%&. Anything that cannot at least guarantee

a +-1 m precision for the defenders point of view will be trouble.

 

It requires a lot of work to get it safe, YES. and we can have the server confirm all flight paths,

but primarily I think the defender should do these calculations. The server should just verify them

within good limits.

 

This choice was made for many shooter games a few years back.

In its early days CS( counter strike) used the server based method,

but later switched over to one based on the shooter's machine.

 

The last thing I want is a game where server/client response rate/times

will decide how I need to time my defenses.

 

Also Moa please do not delay the universal exports right now.

All LRM (and other stuff as well) will fail cause currently the lockon

radar exports (among other scripts) have bugs in certain AC modes. Im talking

about the export functions provided by ED having bugs. Some give blank

data exported if the plane is in certain modes.

Edited August 2, 2009 by =RvE=Yoda

[GGTharos]

You cannot trust the client's PC, so having missile intercepts on the victim's PC is not sensible. Have them on the 'neutral' server (or so one would hope).

 

This is a GAME, not an authentication issue. If you want laggy play, don't trust the client's PC. Period, end of story, just like that.

Air to Air combat at the very least requires positional accuracy. Guided weapons will work quite poorly if controlled on server, worse yet if on the attacker's PC.

 

If you're not going to do it right, then why bother?

 

Who are you do say it's not done right or that it didn't serve its purpose?

 

I disagree. Given the server can reconstruct the frame display of a single image in hardware at random times for players why would this be a problem?

 

... the same server that is 'better suited to handle more computations' because it doesn't do graphics? And how about minute lag? What then? It won't match.

 

At the moment the server is producing frames at a far faster rate, since at present all LockOn server instances produces graphics at full frame rates. All I'm suggesting is to occasionally set the viewpoint to a random player, get the players graphic settings, and compare with a screenshot streamed (slowly if need be) from the players game instance.

 

... so you want the devs to be developing infeasible and complex security solutions instead of a simulator. Okay.

 

Most of the time the server should not be doing this (which would mean it ran faster than the current system that unnecessarily renders graphics 100% of the time). This would work and would catch cheats (although mods might cause false positives) who only change textures.

 

So much for custom skinning eh? What if the shadowing options don't match? Or the scene option, or ... ;)

 

The server would then do a simple diff between images and warn an admin if there was significant variation. Since this would be done randomly with a low frequency this should cause negligible impact on the game relative to a headless server (you could even assign one of those hyperthreaded quad-cores to do it while the game logic ran uninterupted on the other cores :)).

 

Really, I have no idea why you're advocating ridiculously complex solutions where much simpler ones can be had. ;)

 

Case I didn't mean to belittle your important contribution (and I hope it didn't sound like it). I was hoping to point out that something stronger ought to be considered for the future (eg DCS).

 

What you suggested is unnecessarily limiting. You have a one track 'lock it all down' theme going here and well, I suppose if you can't sleep at night thinking about all those things, you should probably just pull the network wire out of the socket.

 

I'm sorry, but applying monster security measures in a game where often there are better, faster, and less complex solutions - even in real life - leads me to believe that you aren't aware of the following:

 

Security is not foolproof - it will deal with people willing to pay less money than you paid for your security. At which point, and for which application is increased security justified, and how much of it?

 

For a game, nothing more than simple and rudimentary (yet surprisingly robust!) are needed, or justified.