Author Topic: Aurora C# Code Protection  (Read 7835 times)

0 Members and 1 Guest are viewing this topic.

Offline Panopticon

  • Russia - Astra Imperia
  • Rear Admiral
  • *
  • P
  • Posts: 808
  • Thanked: 15 times
Re: Aurora C# Code Protection
« Reply #15 on: November 10, 2018, 01:43:46 AM »
This topic pops up once every year or two and Steve has always been pretty clear that he doesn't care about that, it's a personal project he chooses to share, and doesn't seem to want it to be more than that, which is fine.
 

Offline ndkid

  • Warrant Officer, Class 1
  • *****
  • n
  • Posts: 79
  • Thanked: 1 times
Re: Aurora C# Code Protection
« Reply #16 on: November 10, 2018, 06:38:30 PM »
C# Aurora loads everything into memory at start up into collection objects and doesn't touch the database again until you save the game. It is MUCH faster.

The C# development in its current form began in March 2016.
You might want to put in at least some sort of occasional async writeback, or else an app or computer crash after a few years of play could make someone *real* unhappy. :-)
 
The following users thanked this post: Agoelia

Offline alex_brunius

  • Vice Admiral
  • **********
  • Posts: 1000
  • Thanked: 41 times
Re: Aurora C# Code Protection
« Reply #17 on: November 11, 2018, 03:24:59 AM »
You might want to put in at least some sort of occasional async writeback, or else an app or computer crash after a few years of play could make someone *real* unhappy. :-)

Autosave have been a standard feature, or even default enabled feature of most other games that you play for a prolonged time  ::)
 

Offline Father Tim

  • Vice Admiral
  • **********
  • Posts: 1022
  • Thanked: 82 times
Re: Aurora C# Code Protection
« Reply #18 on: November 11, 2018, 02:06:38 PM »
You might want to put in at least some sort of occasional async writeback, or else an app or computer crash after a few years of play could make someone *real* unhappy. :-)

Autosave have been a standard feature, or even default enabled feature of most other games that you play for a prolonged time  ::)

And the description of C# Aurora includes it, way back on page 1 of the Changelist.
 
The following users thanked this post: Agoelia

Offline Jovus

  • Sub-Lieutenant
  • ******
  • J
  • Posts: 109
  • Thanked: 26 times
Re: Aurora C# Code Protection
« Reply #19 on: November 14, 2018, 08:42:07 AM »
I think the best thing you could do is use a license that is as restrictive as you want it to be. This should discourage all 'good faith' mucking about while requiring minimal work or maintenance from you.

As for 'bad faith' mucking about, there's not much you could do about it, and what you could do would probably make working on your own project a bother to you. As has already been mentioned, building a checksum mechanic so you can distinguish between your release and some modded version is probably your best bet, technically.
 

Offline TMaekler

  • Captain
  • **********
  • Posts: 454
  • Thanked: 58 times
Re: Aurora C# Code Protection
« Reply #20 on: November 14, 2018, 10:47:25 AM »
On a different side of code stealing: code for an 4x isn't of that much interest to the general public - so there won't be a lot of people who could have an interest (other than maybe for "sports").

The only people I can imagine being interested would be those who do commercial 4X games - and honestly they could benefit from the planned AI routines in Aurora quite a lot :-D
 

Offline Erik Luken

  • Administrator
  • Admiral of the Fleet
  • *****
  • Posts: 5192
  • Thanked: 127 times
  • Forum Admin
  • Discord Username: icehawke
Re: Aurora C# Code Protection
« Reply #21 on: November 14, 2018, 12:10:49 PM »
The only people I can imagine being interested would be those who do commercial 4X games - and honestly they could benefit from the planned AI routines in Aurora quite a lot :-D

Shhh. Don't tell them.
 

Offline Puciek

  • Able Ordinary Rate
  • P
  • Posts: 2
  • Thanked: 2 times
Re: Aurora C# Code Protection
« Reply #22 on: November 14, 2018, 05:36:54 PM »
Quote from: TMaekler link=topic=10217. msg111038#msg111038 date=1542214045
On a different side of code stealing: code for an 4x isn't of that much interest to the general public - so there won't be a lot of people who could have an interest (other than maybe for "sports").

The only people I can imagine being interested would be those who do commercial 4X games - and honestly they could benefit from the planned AI routines in Aurora quite a lot :-D
And they would be as stupid as oculus if they decided to re-use someone else code without permission ;) https://www. irishtimes. com/business/technology/facebook-owned-oculus-hit-by-500m-judgment-over-stolen-code-1. 2960645
 

Offline Karlito

  • Petty Officer
  • **
  • K
  • Posts: 27
  • Thanked: 3 times
Re: Aurora C# Code Protection
« Reply #23 on: November 15, 2018, 09:20:49 PM »
Steve, it's probably not worth investing too much effort into code protection. No matter what, you won't be able to stop a lone person with knowledge and time from doing whatever they want with their own computer, and if you're worried about distribution and reuse, the correct mechanisms to use are legal ones, rather than technical ones.
 
The following users thanked this post: Kytuzian, Jovus, Agoelia

Offline Bughunter

  • Commodore
  • **********
  • Posts: 604
  • Thanked: 39 times
Re: Aurora C# Code Protection
« Reply #24 on: November 20, 2018, 06:54:08 AM »
Agree with previous posters it doesn't seem worth it. Did anyone ever try something like this with VB6 Aurora? That may give some indication if it is likely to happen with the C# version.

Someone may decompile and look at the code or at least parts of it, for their own curiosity or whatever. Would surprise me if this had not happened already.
Actually modifying it successfully raises the bar some.
And the next step, releasing and claiming as your own raises it a lot more. You have a sizable community of players here likely to spot something like that quickly and bring the wrath of the internetz on anyone trying.
 

Offline canshow

  • Petty Officer
  • **
  • c
  • Posts: 26
Re: Aurora C# Code Protection
« Reply #25 on: November 20, 2018, 08:16:13 PM »
Besides obfuscation you can try injecting fake code.

Additionally, you could configure it to act as malware when tampered with.
 

Offline Whitecold

  • Commander
  • *********
  • W
  • Posts: 316
  • Thanked: 74 times
Re: Aurora C# Code Protection
« Reply #26 on: November 21, 2018, 12:49:10 AM »
Besides obfuscation you can try injecting fake code.

Additionally, you could configure it to act as malware when tampered with.

That sounds like a hideous idea that will in no way inconvenience an attacker, but is highly prone to do damage to legitimate users. In fact someone might even tamper with Aurora to provide a clean version without this "feature"
 

Offline sloanjh

  • Global Moderator
  • Admiral of the Fleet
  • *****
  • Posts: 2745
  • Thanked: 81 times
Re: Aurora C# Code Protection
« Reply #27 on: November 21, 2018, 07:50:06 AM »
Agree with previous posters it doesn't seem worth it. Did anyone ever try something like this with VB6 Aurora? That may give some indication if it is likely to happen with the C# version.

I was speaking with a colleague about the philosophy of "since determined and skilled attackers can do it (decompile the code), there's no sense in trying to protect code at all", which is very common in the industry.  His response was "that's equivalent to saying 'I might as well not lock my front door, since a determined burglar can always break in'".

(My understanding is) There's a fundamental difference between C# (and probably all other managed code) and VB6 or C++: the decompiled code is human readable and very close to the original source code, rather than assembly code gobbledygook (sp?).  I haven't done this myself, but for years I've heard that the output from Reflector looks just like original code.  One of the reasons for this is that variable and method names are built into the code because reflection depends on them, and so the information is available for a decompiler.  I think that of Steve's main concern is that people not be able to browse his source code to understand the algorithms and then either modify them or code them up themselves. 

Note that this is a different concern preventing someone from hacking code to disable a licensing system and then posting the cracked version online for non-paying people to use (e.g. for games) - Aurora is free and openly downloadable, so unlike games there's no incentive/harm here.  In this case, the philosophy of "assume someone somewhere will be able to crack it" is valid.  In Steve's case, I think he would benefit from moderate efforts to keep the equivalent of a script kiddy from reading his source code.

With this in mind, I would recommend two things to Steve:
1)  At the very least, run the released product through an obfuscation tool.  This raises the bar of understanding for someone who's e.g. using Reflector.  If he can find a free or cheap encryption tool, that would be even better.  So if anyone knows of such tools, I'm sure he'd appreciate hearing about them.
2)  Create a EULA that specifically forbids reverse engineering (and disclaims warranties and all that other good stuff).  One problem with copyright protection is that if someone understands your algorithms and recodes them in their own words, you're not protected.  But if you tell people not to decompile your DLLs/exes (which you also have protection over), then that (legally) prevents them from running the decompiler to be able to understand your algorithms.  I'm not a lawyer, so all of the above is just my understanding - it might be worth it for Steve to ask a professional about the pros and cons of a EULA - this could be one of the places where putting something out that's poorly worded is worse than saying nothing at all.  A simple "reverse engineering prohibited" statement might be better.

Both of the above should be low cost/low risk for Steve, and have a good chance of knocking out a large fraction of non-expert curious people.  A different way of saying it is that the higher you make the bar/effort to decompile, the harder it is for well-intentioned people to rationalize that they aren't doing harm to Steve by reverse engineering his code.

John
 

Offline canshow

  • Petty Officer
  • **
  • c
  • Posts: 26
Re: Aurora C# Code Protection
« Reply #28 on: November 21, 2018, 02:06:56 PM »
Besides obfuscation you can try injecting fake code.

Additionally, you could configure it to act as malware when tampered with.

That sounds like a hideous idea that will in no way inconvenience an attacker, but is highly prone to do damage to legitimate users. In fact someone might even tamper with Aurora to provide a clean version without this "feature"
It would not need to act in a way to harm the user but thank you for your opinion.
 

Offline Gyrfalcon

  • Sub-Lieutenant
  • ******
  • G
  • Posts: 148
  • Thanked: 11 times
Re: Aurora C# Code Protection
« Reply #29 on: November 21, 2018, 03:36:30 PM »
Malware: software which is specifically designed to disrupt, damage, or gain authorized access to a computer system.

Maybe you meant something entirely different and used the wrong word? Because malware is harmful to the user by definition.
 

 

Sitemap 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54