Clientless Discussion

~~pro4never~~ · 11/27/2011, 21:20

Am I the only one who really would love to see TQ actually take a stance against botting?

I mean come on... it would be hilarious. They've postured for so long yet never done a single thing to effectively eliminate what is laughably simple to detect.

No matter how well you 'secure' these paid bots they are simply doing something that the game was never designed to allow.. The fact of the matter is that TQ really has no desire to fully eliminate botting as it will leave their servers empty. Instead they will simply ramp up the number of botjailings, release all sorts of public statements about how awesome they are at fixing bots and the world will keep on going.

Sure there may be some more encryption changes, some botcheck packets added/changed but I strongly doubt anything serious will come of it.

Even if it does cause change then I think that would be awesome. There's no public development left around conquer and all that's left is varying levels of semi professional programmers trying to earn a few quick bucks off of a dying game. Personally I see nothing wrong with letting the situation unfold.

Me and korv have gotten into this side debate before but I do feel like bringing it up one extra time...

The whole attitude of trying to 'protect the game from ourselves' to avoid TQ changing things is quite laughable... Trying to restrict the flow of public information has done nothing but drive a nail into the already lacking public development side of the conquer botting community. All that we have left is some (admittedly, quite talented) people trying to keep making a profit while driving the game into the ground. I have nothing against people trying to make money and I applaud anyone who can do it effectively... but anyone who wants to make the claim that having some free basic bots or current patch, unstable, ****** private servers is going to be more of an intensive for tq to do a large scale crackdown than these large paid bots is quite frankly a moron.

lostsolder05 · 11/27/2011, 22:51

Quote:

Originally Posted by -Isaac-

Absurd, but again, 60+ vs unlimited, I could give a *****. If people are that crazy about CO, use different VPS, trade in a way they don't get routed to and banned, they deserve the glory.
A couple thousand, but can your internet handle the thousands of packets being transmitted with 'ninja' farming? Think before you speak. Have you, yourself ran a thousand clients?

I said a few thousand as a absolute max point that could be handled not that I myself could handle said amount. My point was unlimited shouldn't be claimed if the authors are aware that more then a few thousand could ever be archived.

@Edit I'll just leave this here
"Remember BJX Bot? Hundreds to THOUSANDS could be used." - Isaac

First the trash about Chrome not being able to handle more than a few clients, now that its' stable, we get the 'no unlimited clients plx.'
People who put the effort, with brains, to buy multiple VPSes with different IPs in a various range, not similar ones are smart. Again, transferring items to the account is a whole new task. For all that effort, I mind as well bulk a couple times.

@Your Picture, cool story bro. Guess what? I don't play CO or get paid. Go cry some more. You wish you could bot thousands of accounts, instead you whine.

I don't even play official Conquer nor do I need to use someone elses standalone as I myself have had one months before they went public.

Honestly now that I think about it I doubt limiting your clientless would change the measures that TQ will take to stop standalones. Which makes this entire discussion pointless really.

Korvacs · 11/27/2011, 23:31

This discussion isnt to change anything, i just thought it was interesting, if changes come about because of it then thats great but that wasnt the intention of it.

TQ have never had a game guard system before, so would be interesting to see how developers deal with it, considering its likely you will need to emulate game guard in order to do clientless.

And while restricting the flow of information to the public might be laughable to some people it makes alot of sense. If the flow had been better controlled in the past then its likely we wouldn't be seeing such a massive crack down on botting as we are now.

~~Nitroxide~~ · 11/28/2011, 01:49

If TQ somehow do manage to temporarily stop clientless, It's far from worth re-releasing and maintaining it again. I sure hope that this much is obvious.. please do save us all the nonsensical extra work load that doesn't bring any extra profit to the table.

~~pro4never~~ · 11/28/2011, 02:31

Quote:

Originally Posted by Korvacs

And while restricting the flow of information to the public might be laughable to some people it makes alot of sense. If the flow had been better controlled in the past then its likely we wouldn't be seeing such a massive crack down on botting as we are now.

While I feel I should avoid continuing offtopic here... I've never understood this claim of yours.

Lets say for example that blowfish was never released publicly.

No (public) 5095+ pserver sources, no proxy examples, nothing.

Are you honestly claiming that not having it released publicly would have stopped any of the paid bots from existing? Anyone capable of creating a bot worth charging for (therefor incentive to create such a bot outside of educational and personal interest) would have simply reversed the encryption themselves and tq would be every bit as likely to have continued advancing their protection systems.

The exact same argument applies to current encryption as well as future encryption...

1: As long as there is a game with a player base worth exploiting (for profit), exploits will be made.

2: As long as such exploits are made, the game creators will continue to add in new layers of protection or update/change existing protection methods.

3: As long as the value of exploiting the game outweighs the hassle of overcoming the new protection, these exploits will continue to exist.

Now... how does the public KNOWLEDGE of encryption method really change this? It opens up new routes for exploitation (IE: learning projects and personal hacks/bots) but it doesn't even begin to enter the equation that is causing the protection to be constantly updated...

Note: The only exception to this 'rule' is if/when such personal hacks become released publicly. It's been proven time and time again though that any such hacks worth using will either become pay to use or will disappear within a few weeks->months (CoOperative, sirhooks, etc). There is simply no reason for a properly maintained and effective exploit to be released for free to the public... but that is due to personal choice and the annoyance of updates/exploit users weighed against the lack of rewards rather then any sort of restricted information flow.

Korvacs · 11/28/2011, 09:49

Untill the encryption was released publicly in the coemu source there was a lul in the botting in conquer where by we had 6-8 months of no heavy botting, so yes i think it stands to reason that we would have significantly less botting now than we do currently if that encryption had been kept private, and as a direct result botting wouldn't have had such a directly negative impact on the game and we would still be happily botting without worrying about being straight up banned.

And of course no clientless at all, which is whats currently destroying the game.

CptSky · 11/28/2011, 15:44

Quote:

Originally Posted by Korvacs

Untill the encryption was released publicly in the coemu source there was a lul in the botting in conquer where by we had 6-8 months of no heavy botting, so yes i think it stands to reason that we would have significantly less botting now than we do currently if that encryption had been kept private, and as a direct result botting wouldn't have had such a directly negative impact on the game and we would still be happily botting without worrying about being straight up banned.

And of course no clientless at all, which is whats currently destroying the game.

The encryption was known by "good coders". The current encryption isn't public, no? We still have 3 big bots... There is more cheat than before the Blowfish encryption and during this period, the encryption was public and for a long time... I don't think it will change anything if the current encryption is released publicly because that's not everyone who can make a nice bot and someone who is able to do it will be able to get the encryption.

Also, clientless bots are due to the knowledge of the game. TQ never changed anything on the game, so the protocol is highly knows. It wasn't true in the past... Now, coders are able to make advanced bot for the game. The old encryptions have been publicly available for a long time, and it never changed the way we were botting. Now, the encryption isn't public and all bots are clientless and blablabla... It can be associated to the responsibility of the old programmer, but, it's just a part of the reasons...

Anyway, I would say that TQ has to make changes in their policies... These kind of irresponsibility will just causes that the bot's creators will have to work more for the next generation of bot. And, maybe the game will die, but eh, I think it's already the situation. CO2 is a game of the past and it's funny to see how it can be worse.

Korvacs · 11/28/2011, 15:57

Quote:

Originally Posted by CptSky

The encryption was known by "good coders". The current encryption isn't public, no? We still have 3 big bots... There is more cheat than before the Blowfish encryption and during this period, the encryption was public and for a long time... I don't think it will change anything if the current encryption is released publicly because that's not everyone who can make a nice bot and someone who is able to do it will be able to get the encryption.

Also, clientless bots are due to the knowledge of the game. TQ never changed anything on the game, so the protocol is highly knows. It wasn't true in the past... Now, coders are able to make advanced bot for the game. The old encryptions have been publicly available for a long time, and it never changed the way we were botting. Now, the encryption isn't public and all bots are clientless and blablabla... It can be associated to the responsibility of the old programmer, but, it's just a part of the reasons...

Anyway, I would say that TQ has to make changes in their policies... These kind of irresponsibility will just causes that the bot's creators will have to work more for the next generation of bot. And, maybe the game will die, but eh, I think it's already the situation. CO2 is a game of the past and it's funny to see how it can be worse.

Indeed we have 3 on the current encryption, but given that the current encryption is still heavily based off the old blowfish encryption it was substantially easier to break than the legacy->blowfish change which introduced multiple new aspects. The same cannot be said for change from blowfish->cast and from cast->current in which only a handful of changes were made.

My belief is that if TQ made another sizeable encryption change like legacy->blowfish that we would again be faced with several months (or in the case of CoGenius years) of down time. The people who maintain the bots are good dont get me wrong, but i dont think anyone can honestly say that they are exceptionally good at cracking/reversing encryption, although personally i think one of the members of chrome is ahead in this area, could be wrong, and dean comes in last and im sure he would agree with that, unless he really does sit around twiddling his thumbs for a few weeks when the encryption changes.

CptSky · 11/28/2011, 16:20

Quote:

Originally Posted by Korvacs

Indeed we have 3 on the current encryption, but given that the current encryption is still heavily based off the old blowfish encryption it was substantially easier to break than the legacy->blowfish change which introduced multiple new aspects. The same cannot be said for change from blowfish->cast and from cast->current in which only a handful of changes were made.

My belief is that if TQ made another sizeable encryption change like legacy->blowfish that we would again be faced with several months (or in the case of CoGenius years) of down time. The people who maintain the bots are good dont get me wrong, but i dont think anyone can honestly say that they are exceptionally good at cracking/reversing encryption, although personally i think one of the members of chrome is ahead in this area, could be wrong, and dean comes in last and im sure he would agree with that, unless he really does sit around twiddling his thumbs for a few weeks when the encryption changes.

Yes, it's true, the new changes aren't really signifiant... Maybe another encryption change may be good for the game

We return to the fact that TQ has to change something, like they made before. They blocked the ItemType, they blocked COtobo... They have to block the clientless bot, and, they'll one day.

I approve, they're probably not the best at cracking/reversing encryption. There isn't a lot of people who is exceptional at this

A lot of the encryption knowledge is from people like unknownone... If TQ do a significal change, I would say that it can be good to keep the encryption private for some months, and anyway it will be public one day because someone will release it. But, for a change like for the moment, there is no point to keep it private.

And to be honest, I think that with a signifiant change like that, I wouldn't be able to reverse the encryption. Actually, I'm good for protocol/file format, but I'm really bad in encryption

And if there is a signifiant change, I want the knowledge private to avoid the current situation in PServer/Botting.

~~BaussHacker~~ · 11/28/2011, 16:26

Quote:

Originally Posted by Korvacs

Untill the encryption was released publicly in the coemu source there was a lul in the botting in conquer where by we had 6-8 months of no heavy botting, so yes i think it stands to reason that we would have significantly less botting now than we do currently if that encryption had been kept private, and as a direct result botting wouldn't have had such a directly negative impact on the game and we would still be happily botting without worrying about being straight up banned.

And of course no clientless at all, which is whats currently destroying the game.

Won't change anything in this case.

~~Nitroxide~~ · 11/29/2011, 03:39

Quote:

Originally Posted by Korvacs

Indeed we have 3 on the current encryption, but given that the current encryption is still heavily based off the old blowfish encryption it was substantially easier to break than the legacy->blowfish change which introduced multiple new aspects. The same cannot be said for change from blowfish->cast and from cast->current in which only a handful of changes were made.

My belief is that if TQ made another sizeable encryption change like legacy->blowfish that we would again be faced with several months (or in the case of CoGenius years) of down time. The people who maintain the bots are good dont get me wrong, but i dont think anyone can honestly say that they are exceptionally good at cracking/reversing encryption, although personally i think one of the members of chrome is ahead in this area, could be wrong, and dean comes in last and im sure he would agree with that, unless he really does sit around twiddling his thumbs for a few weeks when the encryption changes.

I'll put a $1000 bet on this not being the case, we've never taken that long to crack bespoken stuff. We ripped through the new one like a chicken sandwich.

Infamous is extremely capable and would have clearly gotten it faster then dean even if he was alone on the job. We look forward to working on any others with him, he's a cool guy

If TQ have any brains they will stay away from new encryptions, especially when they can't even implement them properly, sup M.

Bring it on TQ

Korvacs · 11/29/2011, 09:58

Quote:

Originally Posted by Nitroxide

I'll put a $1000 bet on this not being the case, we've never taken that long to crack bespoken stuff. We ripped through the new one like a chicken sandwich.

Infamous is extremely capable and would have clearly gotten it faster then dean even if he was alone on the job. We look forward to working on any others with him, he's a cool guy

If TQ have any brains they will stay away from new encryptions, especially when they can't even implement them properly, sup M.

Bring it on TQ

lol, now re-read what i said, the change from legacy (and by legacy i mean auth encryption, as they were the same) to blowfish was massive, the latest encryption which you guys "ripped through like a chicken sandwich" was absolutely nothing compared to that change, while like i said many of the people involved in bots are talented, none of them including Infamous would say they are talented at reversing encryption. Im not going to take the bet as of course sparkie is some what of a unknown quantity in this, he is extremely talented but even the most talented can struggle with something they have never experienced before.

~~Nitroxide~~ · 11/29/2011, 11:10

Quote:

Originally Posted by Korvacs

lol, now re-read what i said, the change from legacy (and by legacy i mean auth encryption, as they were the same) to blowfish was massive, the latest encryption which you guys "ripped through like a chicken sandwich" was absolutely nothing compared to that change, while like i said many of the people involved in bots are talented, none of them including Infamous would say they are talented at reversing encryption. Im not going to take the bet as of course sparkie is some what of a unknown quantity in this, he is extremely talented but even the most talented can struggle with something they have never experienced before.

You obviously have no idea, we did the vanilla and blowfish too. Things are not always as they seem

- Polymorphic
- Cryptical
- Dissimulation
- Obscurantism
- Brain F**k

No idea who Sparkie is but he certainly had no part in cracking the encryption on our side, or are you suggesting that "Sparkie" might have been a key role in the helping hand Infamous gave us?

Korvacs · 11/29/2011, 11:41

Quote:

Originally Posted by Nitroxide

You obviously have no idea, we did the vanilla and blowfish too. Things are not always as they seem

- Polymorphic
- Cryptical
- Dissimulation
- Obscurantism
- Brain F**k

No idea who Sparkie is but he certainly had no part in cracking the encryption on our side, or are you suggesting that "Sparkie" might have been a key role in the helping hand Infamous gave us?

Sparkie has assisted in breaking the legacy, blowfish, cast and the latest encryption change and all password encryption methods, his role has been key in basically all attempts to crack the co encryption. Im not really suggesting anything this is common knowledge.

And well i guess i was correct when i said that a member of Chrome was above the rest in this field, or are you suggesting that Inf might have been a key role in your attempts to break all of the encryptions? lol.

InfamousNoone · 11/30/2011, 12:58

Quote:

Originally Posted by Korvacs

Sparkie has assisted in breaking the legacy, blowfish, cast and the latest encryption change and all password encryption methods, his role has been key in basically all attempts to crack the co encryption. Im not really suggesting anything this is common knowledge.

And well i guess i was correct when i said that a member of Chrome was above the rest in this field, or are you suggesting that Inf might have been a key role in your attempts to break all of the encryptions? lol.

Sparkie didn't help with the newest password encryption. It was mainly broken (from what I'm aware of) by myself and Cyanogen (with minimal -- but some help from John). I'm not sure of Nitroxide's contributions because I never personally talked to him in that period of time, I only spoke to Cyanogen.

Quote:

Originally Posted by -Isaac-

Unlimited clientless is fine. Average users don't even use as much as you think. Plus, stupid botters would get banned. It's always those mass botters that get raped. Teaches them a lesson, hehe.

The amount of people who mass bot with 60+ clients is pretty low, at least in Chrome. I've only heard one guy talk about running 30 accounts. Most players run 1-5 accounts on Chrome, that I spoke to. Most listen to our advice, about not running more than 15 accounts. Chrome's 'unlimited' hasn't hit anything hard.

Out of curiosity, Korvacs, you still play CO? Why is clientless botting important to you? You said the public shouldn't have access. Is it because you wanna rape up CO yourself with 60 clientless accounts? Don't throw 'morality' into a pixelated game. "Don't ruin games for others. It throws economy off. etc etc" Most of these bot developers could probably give a rats @ss about the game. They are in it for the $$$, not cps.

Have a nice day. I rarely check these forums, flame away~

He may not play CO anymore, but I still do ocasionally which then heavily influences what gets added to CAI, and what we omit. Even so that's not the point; ruin the game too much -> down-shoot of players -> down-shoot of sales -> loss of $$$

Quote:

Originally Posted by TheBoyWhoLost

How is this a attempt to increase the user base of CoGenius? Please bring in the details. Your post really makes me think that you would never make an agreement with the creator of CoGenius cause you are scared to lose members to them. Thats how i read this post atm.
I don't see how an agreement on dropping the clientless rate would be an attempt to promote your own bot. The major goal of it is to stop the ridiculous amount of characters being logged in to bot with.

If you don't see how it's an attempt, like I said, you shouldn't be a part of this discussion (or play ignorant -- Which I don't think you are because I think you just lack the ability to... well... think).