14 Feb 12, 07:35PM
(14 Feb 12, 06:49PM)Zarj Wrote: Firstly, it would be easy to have the client send their MAC address to the server. The issue with this is that MAC addresses are easy to spoof, and so that's barely a level of security.Yeah, but that's merely a way to get a "unique" ID, nothing else. It can still be modified quite easily, plus many network cards and OSs actually let you change the MAC address.
(14 Feb 12, 06:49PM)Zarj Wrote: Secondly, Unique IDs would be a reliable option, even with an open source game. Here's how:Wait, do you notice a pattern here? What was the problem we were trying to solve, again?
[...]
The only issue with this system is finding a way to stop people from getting a new ID: meaning if some hacker asks for a new ID, the system should be able to do an IP check or something similar to keep them from getting one.
This whole "unique ID" business simply won't work reliably until you make sure that each player can get only one ID. For commercial games, this is fairly easy, because getting a new ID means you'd have to buy the game again (although nothing stops you from doing that). It's even easier for systems like Steam, because AFAIK if you get caught cheating with a certain Steam account, the IDs for all VAC-secured games associated to that account get blacklisted.
For an open-source game, I doubt this problem can be solved reliably.