[QUOTE=FPtje;42884764]I highly suspect you of using dropbox for version management.[/QUOTE]
[img]http://i.skarphet.com/a5ff2_screenshot.png[/img]
I don't use Dropbox
Coming soon: GitHub repo integration for scripts!
[QUOTE=_Undefined;42903076]Coming soon: GitHub repo integration for scripts![/QUOTE]
Holy s#!^. I love you.
Now that this thing went viral have you thought about better encryption for client side files?
Bad guys just need to join a server, run a public decrypter and don't even need to "trade" stuff.
I guess that's pretty bad for skins/anti-cheats.
[QUOTE=LennyPenny;42903738]Now that this thing went viral have you thought about better encryption for client side files?
Bad guys just need to join a server, run a public decrypter and don't even need to "trade" stuff.
I guess that's pretty bad for skins/anti-cheats.[/QUOTE]
What are you on right now?
As far as I'm concerned, what you just said makes no sense at all, nor is it concrete.
edit:
Also, if you're regarding to scripts, and not CoderHire itself - It is the DEVELOPER's duty to make sure it's secure (not a liability of CoderHire, or _Undefined). Besides anyone with some simple Lua knowledge can steal files from any server - So yeah. (Not just talking about Client-Side files either.)
[QUOTE=Safixk;42903756]What are you on right now?
As far as I'm concerned, what you just said makes no sense at all, nor is it concrete.[/QUOTE]
Example here:
You join a server with a fancy pointshop skin you want to have.
The server has to send the file containing the skin to you, so you can display it.
Gmod saves and "encrypted" version of the the file in gmod/gmod/cache/lua, so you don't need to redownload it the next time you join.
You just need to decrypt that file and you have the pointshop skin, the server used. And as I said, ways to decrypt it are already public.
Edit:
[QUOTE=Safixk;42903756]edit:
Also, if you're regarding to scripts, and not CoderHire itself - It is the DEVELOPER's duty to make sure it's secure (not a liability of CoderHire, or _Undefined). [/QUOTE]
It was aimed at everyone who is selling clientside stuff.
Edit2:
[QUOTE=Safixk;42903756]Besides anyone with some simple Lua knowledge can steal files from any server - So yeah. (Not just talking about Client-Side files either.)[/QUOTE]
No.
[QUOTE=LennyPenny;42903793]Example here:
You join a server with a fancy pointshop skin you want to have.
The server has to send the skin to you, so you can display it.
Gmod saves and "encrypted" version of it in gmod/gmod/cache/lua so you don't need to redownload it the next time you join.
You just need to decrypt that file and you have all the client side scripts, in the this case the pointshop skin, the server provides. And as I said, ways to decrypt it are already public.[/QUOTE]
Herp derp. Read my edit.
[QUOTE=_Undefined;42903076]Coming soon: GitHub repo integration for scripts![/QUOTE]
Git[B]Hub[/B] repo integration? What do you mean by that? I create a script and automatically creates a GitHub repo for me, or simply that I can publish updates to my scripts using GitHub? Didn't you mean pure git repositories on your server?
[QUOTE=whisperity;42903856]Git[B]Hub[/B] repo integration? What do you mean by that? I create a script and automatically creates a GitHub repo for me, or simply that I can publish updates to my scripts using GitHub? Didn't you mean pure git repositories on your server?[/QUOTE]
Git[b]Hub[/b] integration with scripts, so downloads are pulled from the master branch and commits to master are pushed as new versions to the site.
[QUOTE=_Undefined;42903909]Git[b]Hub[/b] integration with scripts, so downloads are pulled from the master branch and commits to master are pushed as new versions to the site.[/QUOTE]
Understood. Though I think it would be much better if you checked for releases or tags on GitHub, instead of plain commits into master. (Most people not familiar with the Git workflow tend to just commit and push into master and that's it.)
[QUOTE=whisperity;42904059]Understood. Though I think it would be much better if you checked for releases or tags on GitHub, instead of plain commits into master. (Most people not familiar with the Git workflow tend to just commit and push into master and that's it.)[/QUOTE]
Good point, releases make much more sense.
[QUOTE=LennyPenny;42903793]Example here:
You join a server with a fancy pointshop skin you want to have.
The server has to send the file containing the skin to you, so you can display it.
Gmod saves and "encrypted" version of the the file in gmod/gmod/cache/lua, so you don't need to redownload it the next time you join.
You just need to decrypt that file and you have the pointshop skin, the server used. And as I said, ways to decrypt it are already public.
Edit:
It was aimed at everyone who is selling clientside stuff.
Edit2:
No.[/QUOTE]
and gmod puts a link to the loading url in your console and any skid worth a pimple on his face can rip the loading screen and mirror it somewhere else for his own needs
whats ur point?
[QUOTE=Johnny Guitar;42904239]and gmod puts a link to the loading url in your console and any skid worth a pimple on his face can rip the loading screen and mirror it somewhere else for his own needs
whats ur point?[/QUOTE]
I have no point about loading screens, I was talking about clientside lua files.
[QUOTE=LennyPenny;42904262]I have no point about loading screens, I was talking about clientside lua files.[/QUOTE]
you can't protect shit that is gonna get sent to the client is my point
[QUOTE=_Undefined;42903076]Coming soon: GitHub repo integration for scripts![/QUOTE]
Any chance of Bitbucket integration?
[QUOTE=Johnny Guitar;42904481]you can't protect shit that is gonna get sent to the client is my point[/QUOTE]
Ahh, but you can make it harder. So that skids can't do it.
[QUOTE=Zazibar;42904596]Any chance of Bitbucket integration?[/QUOTE]
Will look into it once I have GitHub done, but preliminarily, yes.
[QUOTE=Johnny Guitar;42904481]you can't protect shit that is gonna get sent to the client is my point[/QUOTE]
Sure you can, to a degree at least.
[QUOTE=EvacX;42905306]Sure you can, to a degree at least.[/QUOTE]
no matter what you do, there will always be a way around it and someone will reverse everything you put into place. it's a waste of time
[QUOTE=Johnny Guitar;42905353]no matter what you do, there will always be a way around it and someone will reverse everything you put into place. it's a waste of time[/QUOTE]
That's why I said "to a degree".
[QUOTE=EvacX;42905514]That's why I said "to a degree".[/QUOTE]
you obviously don't get it
as soon as your drm something someone will get around it, it's simply a matter of time.
[editline]18th November 2013[/editline]
[QUOTE=Handsome Matt;42905388]developers need to learn how to separate client / server code, too many times have I seen entire scripts shoved in a single shared autorun script, this is both incredibly terrible practice for developers and also incredibly easy to steal just by joining the server.[/QUOTE]
I do it with sweps and entities for the convenience factor and for the fact that most people don't run around expecting to steal working scripts.
People also need to learn what the cl,sh,sv prefixes mean too.
Meh.
[QUOTE=Phoenixf129;42905755]People also need to learn what the cl,sh,sv prefixes mean too.
Meh.[/QUOTE]
if you can't tell what the prefixes mean just by looking at them then I don't think you have business on coderhire as someone selling scripts. It's painfully obvious.
[QUOTE=Johnny Guitar;42905616]you obviously don't get it
as soon as your drm something someone will get around it, it's simply a matter of time.[/QUOTE]
No, [I]you[/I] don't seem to get it. The fact that it's a "matter of time" doesn't mean anything, you can still [I]delay[/I] it which is why I said "to a degree" and never implied of any sorts that I was talking about "uncrackable DRM" or anything of the likes like what you are assuming.
[QUOTE=EvacX;42905781]No, [I]you[/I] don't seem to get it. The fact that it's a "matter of time" doesn't mean anything, you can still [I]delay[/I] it which is why I said "to a degree" and never implied of any sorts that I was talking about "uncrackable DRM" or anything of the likes like what you are assuming.[/QUOTE]
your to a degree will be completely nullified as soon as someone gets into your drm
[QUOTE=Johnny Guitar;42905788]your to a degree will be completely nullified as soon as someone gets into your drm[/QUOTE]
Are you dense? I never said it wouldn't.
[QUOTE=EvacX;42905804]Are you dense? I never said it wouldn't.[/QUOTE]
how the fuck is it protected if it eventually gets decoded and unless you pull some voodoo magic there is not going to be any decently feasible way besides obfuscation of your lua script, there is no point to this besides accepting the fact your clientside code will be exposed to clients.
Are you really gonna go about the "DRM" again?
[QUOTE=Johnny Guitar;42905823]how the fuck is it protected if it eventually gets decoded and unless you pull some voodoo magic there is not going to be any decently feasible way besides obfuscation of your lua script, there is no point to this besides accepting the fact your clientside code will be exposed to clients.[/QUOTE]
It's protected until the point where the protection is overcome.
I think you're confusing me with somebody who gives a shit and would actually personally do something like DRM, I'm not. I'm just saying it's possible, [I]to a degree[/I], to protect your scripts, which it is.
Hey guys, the initial point was that ways to decrypt cs lua are [U]public[/U].
If one person, or a small of group people crack your encryption, then it doesn't matter, it wouldn't be public, it would be private.
That's how even game publishers do it with their "DRM". They know someone will always crack it, but if it survives long enough/is difficult for the pirates to install, it hurts less than it immediately being on piratebay.
It only matters if [I]everyone[/I] can do it, not just the ones with the ability to reverse code.
Sorry, you need to Log In to post a reply to this thread.
