Unique Client ID
Unique Client ID
As Griefers are getting better and better it should be considered about adding a unique ID to a client.
The ID should be unique per computer and not per client, so that deleting a file is not enough.
Lamers have to change the source or manipulate during runtime to circumvent this.
The Unique ID could be drived from the ethernet mac address for example.
just a long CHECKSUM or SHA512 over the mac to make it not easy to go back to the real address.
The real burned in MAC should be used, not the user setable.
Anyway this is a privacy problem, so there should be a one time notice on first startup, where the player has to accept, that a unique id of his system is transmitted to the server.
The Server should be able to ban this unique id instead of ip only.
Also there could be a ID of the client os, so that tablet and smartphone users can be banned too.
The ID should be unique per computer and not per client, so that deleting a file is not enough.
Lamers have to change the source or manipulate during runtime to circumvent this.
The Unique ID could be drived from the ethernet mac address for example.
just a long CHECKSUM or SHA512 over the mac to make it not easy to go back to the real address.
The real burned in MAC should be used, not the user setable.
Anyway this is a privacy problem, so there should be a one time notice on first startup, where the player has to accept, that a unique id of his system is transmitted to the server.
The Server should be able to ban this unique id instead of ip only.
Also there could be a ID of the client os, so that tablet and smartphone users can be banned too.
Re: Unique Client ID
Made my day.
There is no such thing as duty. If you know that a thing is right, you want to do it. If you don't want to do it—it isn't right. If it's right and you don't want to do it—you don't know what right is and you're not a man. -- Ayn Rand
Re: Unique Client ID
dont consider this solution as secure, but better than just ip bans.
- addi
- Member
- Posts: 666
- Joined: Thu Sep 20, 2012 03:16
- GitHub: adrido
- Location: Black-Forest, Germany
Re: Unique Client ID
you know, that minetest is an open source game, and possible griefers can just disable it?
- Calinou
- Moderator
- Posts: 3169
- Joined: Mon Aug 01, 2011 14:26
- GitHub: Calinou
- IRC: Calinou
- In-game: Calinou
- Location: Troyes, France
- Contact:
Re: Unique Client ID
Not all of them will do that. It takes some work to do it.addi wrote:you know, that minetest is an open source game, and possible griefers can just disable it?
Re: Unique Client ID
if its designed to be not easily deactivated, than its not that easy for most griefers!
-
- Moderator
- Posts: 4095
- Joined: Wed Aug 24, 2011 09:44
- GitHub: sfan5
- IRC: sfan5
- Location: Germany
Re: Unique Client ID
I don't know of any OS that does expose the real MAC of an adapter.
The MAC is set to the original one by defualt, but it can be changed.
The MAC is set to the original one by defualt, but it can be changed.
Re: Unique Client ID
its possible to retrieve the physical mac address over the windows api. i think there is sth. in *nix too.
anyway there are many UUIDs or drive serial numbers around just in case...
another way would be the usage of the hostname and the username. this cant be changed very fast. and if its not much documented griefers wont notice much about this feature in code.
http://stackoverflow.com/questions/1685 ... atform-way
anyway there are many UUIDs or drive serial numbers around just in case...
another way would be the usage of the hostname and the username. this cant be changed very fast. and if its not much documented griefers wont notice much about this feature in code.
http://stackoverflow.com/questions/1685 ... atform-way
-
- Moderator
- Posts: 4095
- Joined: Wed Aug 24, 2011 09:44
- GitHub: sfan5
- IRC: sfan5
- Location: Germany
Re: Unique Client ID
"and if its not much documented griefers wont notice much about this feature in code."
Security-by-obscurity is not the way to go.
Security-by-obscurity is not the way to go.
Re: Unique Client ID
if you have to decide between no security at all or s-b-o you will have to choose s-b-o instead of nothing.
this is always better than doing nothing.
this is always better than doing nothing.
Who is online
Users browsing this forum: No registered users and 2 guests