Jump to content

Heden

Modz Gold Member
  • Posts

    7
  • Joined

  • Last visited

Everything posted by Heden

  1. None, I'm totally authorized to be here... but you can't understand.
  2. Mods should be officially supported like most modern indie games are.
  3. Oh yes, I did not said that the methods I suggested are 100% sure but all of them put together are probably the best way to "secure" a C# binary and will prevent most developers from modifying the game. That worked well for the software I worked on. And yes, native DLL to authentify, login, chat and access rooms (all exchanged data in fact) would be the best (and still not 100% secure). Especially for a game which has never been released on MacOS (or Linux)...
  4. Room data could be secured (at least a bit) and DLL could be locked (at least a bit). Something I forgot in suggestions to secure game is to do a hash check on the compiled DLL (that's what I do on the software I'm working on). After compilation, the DLL hashes are crypted and stored in Unity assets (which are quite hard to access the content). Then on launch the game checks what DLL has been modified and reacts depending on which DLL has been modified (in my case I close software without warning). The whole method(s) to check the DLL hash is obfuscated, in IEnumerator and not obvious to spot (like in a Monobehavior class). Removing the thread on 3DX forum is dumb and just proves game developers don't care about game development.
  5. My first account "Heden" has been banned here and the attached email address leaked to pierrousss. I don't care but that's not cool... Then my second account to answer has been removed. I just wanted to have a chance to explain a bit things. Anyway, compiled C# will never been 100% secured but with all those (simple) methods applied, the game will be a lot more "safe". For the 4) I am talking about simple methods like for example "Download(string nameOfDataToDownload)". This is so obvious to spot and easy to modify... There is no security at all in such method, nothing controlled, not permissions or rights management.
  6. I find it quite fun and a bit ridiculous (or the reverse) to ban my account here and leak my email address to Pierrousss... 1) As I said to Pierrousss and xRosa: I did not do that for the bad and I apologized several times. To be honest, if I wanted to make that for the bad, I would have simply downloaded rooms without showing me anywhere (I don't need to enter rooms to get them), then upload the best ones online with monetized download links. I didn't do that because I wanted a reaction from devs, not to get anything from it. I know what I did is not nice for the authors, but that's probably the best way to make devs react (everybody know they don't even read forum anymore for years!). 2) Email addresses are private data. Forum like yours should never leak email addresses to anyone. Especially to angry people who threatened me physically (like Pierrousss did on chat in game)... 3) I did not use any existing DLL, but injected my own code in vanilla DLL. I firstly wanted to see if this shit was possible after reading a post on this forum. I don't want to get the rooms of others. I have mine, and most knows I spent a lot of time on it and I'm very happy with it! The best way to secure the DLL is described here after (in case 3DX Devs can read and don't know): Everyone should know first that because Unity code is C#, it's hard to secure it (C# is compiled as DLL in IL code which is basically Instructions that can be easily decompiled) but it can be made so complex to hack that very few would spend time studying how to decompile. Here are some ways to secure a lot rooms and DLL: 1) Obfuscation! Obfuscation is good for commercial games and it's also possible to obfuscate with uncommon characters that most decompilers can't deal with. 2) IEnumerator! Put sensitive methods in IEnumerator methods. Most decompilers can't fully decompile IEnumerators. 3) Encrypt! Currently data are download without any encryption, just pure json gzipped... The Zip should at least have a password (encrypted in DLL). 4) No generic method! Avoid generic methods to download world files 5) Restricted Access! Do not allow WORLD files to be downloaded when owner is offline
×
×
  • Create New...

Important Information

By using and viewing this site, you agree to our Terms of Use.