Community Problems: Mod theft and exploits
by Eric Hartman · in Torque Game Engine · 07/14/2005 (2:15 pm) · 27 replies
I'm having some problems in the Blockland mod community. I'm posting this here because I don't want to hear from anyone who can't get $100 together. I'd like to get the opinions of the GG staff and anyone who has run a community before. It's a little complicated so feel free to ask questions.
The Problems:
------------
Several different mod makers have been intentionally coding exploits into their mods that allow them to gain power on any server.
Some modders have been taking code and models from other mods and claiming that it is their own.
The makers of the the mod called TBM (it stands for The Better Mod, ugh) have had their code stolen in this way. But they have also become ultra paranoid and childish. They seem to think that no one else has a brain capable of actually figuring out how do anything without stealing from them. They complain about people using their clever methods of doing things. They even rant on about people stealing their ideas.
The TBM crew have also coded exploits into their own mod so they can have power on any server.
Now for the next version of TBM, they are planning to have all the code dso'd AND code things in such a way so that if you remove one .dso from the others, it will delete itself and damage your Blockland folder. One member of their team also went on about opening up users computers to attack so that he could further punish them for stealing his code.
I really don't know what to do. The exploit situation makes me think that I shouldn't allow people to post .dso'd mods so any exploits could be discovered. But the code theft situation leads me to think that maybe they have a point. But with dsos there is no way to stop or even discover exploits that people code in. Also theres the problem of their destructive protection scheme that I find disgusting. Also the only reason they can even make mods is because I released my code, why should they get to keep theirs?
Any moderator on any forum that I've ever been to would have banned them a long time ago. But banning them or enforcing the no dso'd mods rule is going to be a war. Its going to be a war to police the mods for dso files and its going to be a war against the TBM crew who will no doubt decide to start their own knock-off Blockland type game. I don't have time to baby sit right now, so what should I do?
The Problems:
------------
Several different mod makers have been intentionally coding exploits into their mods that allow them to gain power on any server.
Some modders have been taking code and models from other mods and claiming that it is their own.
The makers of the the mod called TBM (it stands for The Better Mod, ugh) have had their code stolen in this way. But they have also become ultra paranoid and childish. They seem to think that no one else has a brain capable of actually figuring out how do anything without stealing from them. They complain about people using their clever methods of doing things. They even rant on about people stealing their ideas.
The TBM crew have also coded exploits into their own mod so they can have power on any server.
Now for the next version of TBM, they are planning to have all the code dso'd AND code things in such a way so that if you remove one .dso from the others, it will delete itself and damage your Blockland folder. One member of their team also went on about opening up users computers to attack so that he could further punish them for stealing his code.
I really don't know what to do. The exploit situation makes me think that I shouldn't allow people to post .dso'd mods so any exploits could be discovered. But the code theft situation leads me to think that maybe they have a point. But with dsos there is no way to stop or even discover exploits that people code in. Also theres the problem of their destructive protection scheme that I find disgusting. Also the only reason they can even make mods is because I released my code, why should they get to keep theirs?
Any moderator on any forum that I've ever been to would have banned them a long time ago. But banning them or enforcing the no dso'd mods rule is going to be a war. Its going to be a war to police the mods for dso files and its going to be a war against the TBM crew who will no doubt decide to start their own knock-off Blockland type game. I don't have time to baby sit right now, so what should I do?
About the author
#22
But really you can only ever do so much. Fix one hole and they will find another. In this case, TBM have some nasty people in their team, but it began with wanting to protect their code. But if you write mods for a system with no protection, then that's just tough surely? Write mods for another system or buy Torque and write a mod for that.
To be honest, if people download a mod which is not officially sanctioned, then it should always be at their own risk. Official mods, from trusted sources should be listed on your website.
Oh and as a final point, I think an offical updater should be written for retail so people can trust that too. Then modders can choose to use the updater or people can choose to download them separately.
Good luck with it all.
07/25/2005 (12:39 pm)
In the retail version you need to enforce (IMHO) some rules for writing/modifying files (like restricting access to certain folders, could that even be part of the install package, to make certain files read only or adminstrator only?). Then this exploit goes away (I think). But really you can only ever do so much. Fix one hole and they will find another. In this case, TBM have some nasty people in their team, but it began with wanting to protect their code. But if you write mods for a system with no protection, then that's just tough surely? Write mods for another system or buy Torque and write a mod for that.
To be honest, if people download a mod which is not officially sanctioned, then it should always be at their own risk. Official mods, from trusted sources should be listed on your website.
Oh and as a final point, I think an offical updater should be written for retail so people can trust that too. Then modders can choose to use the updater or people can choose to download them separately.
Good luck with it all.
#23
07/25/2005 (5:25 pm)
Torque can be set up to fairly secure vis a vis mods - the only thing that a malicious mod can do is trash your game directory, but not kill your computer (unless it tricks the user into running a binary or something).
#24
I've been in communication with the author over on his forum. (I've also written some rather technical and involved posts in his forum, and I think I confused the hell out of some eight year olds. Oops, wrong audience. :-) ) He seems to like the idea of just changing the implementation of the few script functions capable of doing damage, and altering the script-loading engine so it refuses to load unauthorized scripts if the .cs source for the .cs.dso file can't be found.
07/25/2005 (5:57 pm)
Thanks for that, Ben. I'm not sure what my problem was, but what I was trying to do sounds suspiciously like solving the halting problem. I've been in communication with the author over on his forum. (I've also written some rather technical and involved posts in his forum, and I think I confused the hell out of some eight year olds. Oops, wrong audience. :-) ) He seems to like the idea of just changing the implementation of the few script functions capable of doing damage, and altering the script-loading engine so it refuses to load unauthorized scripts if the .cs source for the .cs.dso file can't be found.
#25
07/26/2005 (12:22 am)
Sounds like a fine solution to me.
#26
Mod creators must have their work "approved", during which time the key is added and the .dso is distrubuted w/ the changes. No key, mod won't run.
Sometimes the simplest solution...
07/27/2005 (5:04 pm)
I like your idea of a proprietary "key" inserted into "approved" mods.Mod creators must have their work "approved", during which time the key is added and the .dso is distrubuted w/ the changes. No key, mod won't run.
Sometimes the simplest solution...
#27
07/27/2005 (5:13 pm)
Using RSA signing, that could be made truly secure - a client would always be able to validate a mod as being "trusted." Though you'd better not be easily fooled into signing bad stuff. ;) 
Associate Kyle Carter