[QUOTE=ertug20;52050383]I don't think that there really is a proper solution, to be honest with you. No matter what, they can most likely get around it.
[/QUOTE]
Right, I see the logic there, but I don't think "people can just get around it" is an excuse to not make things more secure and actually harder to get around.
As Bobblehead said, what if someone's doing something REALLY malicious and we need to blacklist them? Ideally, we'd want them to not be able to get around it as easily as this.
[QUOTE=iDeku;52050401]Right, I see the logic there, but I don't think "people can just get around it" is an excuse to not make things more secure and actually harder to get around.
As Bobblehead said, what if someone's doing something REALLY malicious and we need to blacklist them? Ideally, we'd want them to not be able to get around it as easily as this.[/QUOTE]
This reminds me of DRM issues. At the end of the day it really ends with who tries harder and if the other side gives up.
[QUOTE=ertug20;52050409]This reminds me of DRM issues. At the end of the day it really ends with who tries harder and if the other side gives up.[/QUOTE]
Any conflict in life?
[QUOTE=ertug20;52050409]This reminds me of DRM issues. At the end of the day it really ends with who tries harder and if the other side gives up.[/QUOTE]
I agree with that analogy completely and this does seem to be a case of that, but "someone eventually cracking your drm" isn't a reason to not have drm at all, imo.
[QUOTE=bobbleheadbob;52050412]Any conflict in life?[/QUOTE]
I do not. It just reminds me of script enforcer and how it tried to fix DRM issues. As you can tell, regardless of how in-depth it went, it didn't truly accomplish its goal completely.
[QUOTE=iDeku;52050413]I agree with that analogy completely and this does seem to be a case of that, but "someone eventually cracking your drm" isn't a reason to not have drm at all, imo.[/QUOTE]
It's like with Denuvo. Sure, it might eventually get cracked. But if only a few games out of dozens have been cracked, and most of them at a significant delay, it's serving its function.
[QUOTE=TFA;52050423]It's like with Denuvo. Sure, it might eventually get cracked. But if only a few games out of dozens have been cracked, and most of them at a significant delay, it's serving its function.[/QUOTE]
I suppose. It's more of an "is this work really worth it". It would stop the easy and really bad "hackers" but it would not stop the serious and malicious people.
[QUOTE=ertug20;52050430]I suppose. It's more of an "is this work really worth it". It would stop the easy and really bad "hackers" but it would not stop the serious and malicious people.[/QUOTE]
If you had to register your server to a steam account, it would take significantly more time, effort, and money on the part of any "serious and malicious people" such as Stoned. Especially if you had to link it to a phone. There's a certain point where it becomes unprofitable to keep opening new accounts/servers from a business standpoint, which is where these people are coming from. It might be an inconvience to legit users, yes, but only once and most people already have verified their steam accounts / made API keys anyways.
[QUOTE=TFA;52050456]If you had to register your server to a steam account, it would take significantly more time, effort, and money on the part of any "serious and malicious people" such as Stoned. Especially if you had to link it to a phone. There's a certain point where it becomes unprofitable to keep opening new accounts/servers from a business standpoint, which is where these people are coming from. It might be an inconvience to legit users, yes, but only once and most people already have verified their steam accounts / made API keys anyways.[/QUOTE]
I agree with the sentiment of making it take significant more time, and effort -- but I don't feel like this would be an appropriate solution, personally.
[QUOTE=TFA;52050456]If you had to register your server to a steam account, it would take significantly more time, effort, and money on the part of any "serious and malicious people" such as Stoned. Especially if you had to link it to a phone. There's a certain point where it becomes unprofitable to keep opening new accounts/servers from a business standpoint, which is where these people are coming from. It might be an inconvenience to legit users, yes, but only once and most people already have verified their steam accounts / made API keys anyways.[/QUOTE]
You clearly haven't looked into how much money some of these servers make. It would never become unprofitable especially when there are services for it.
[QUOTE=iDeku;52050465]I agree with the sentiment of making it take significant more time, and effort -- but I don't feel like this would be an appropriate solution, personally.[/QUOTE]
I don't mean this in a hostile or snarky way at all, but what would you propose?
[editline]2nd April 2017[/editline]
[QUOTE=ertug20;52050479]You clearly haven't looked into how much money some of these servers make. It would never become unprofitable especially when there are services for it.[/QUOTE]
Mind clarifying what these services are? Also, how much do you think users would stick around when the server is routinely disappearing off their history/favorites, and also has a massive controversy surrounding it?
[QUOTE=TFA;52050482]I don't mean this in a hostile or snarky way at all, but what would you propose?
[editline]2nd April 2017[/editline]
Mind clarifying what these services are? Also, how much do you think users would stick around when the server is routinely disappearing off their history/favorites, and also has a massive controversy surrounding it?[/QUOTE]
Only time will tell. What I do know is that some of these servers are making some really nice money. I don't know the cost of buying an aged steam account with a random verified disposable number but I doubt it could honestly be that much.
[QUOTE=ertug20;52050510]Only time will tell. What I do know is that some of these servers are making some really nice money. I don't know the cost of buying an aged steam account with a random verified disposable number but I doubt it could honestly be that much.[/QUOTE]
50 dollars a day can really add up, especially when it's being paid directly to Facepunch, and especially if every time their account is banned it would crash.
[QUOTE=bobbleheadbob;52050593]50 dollars a day can really add up, especially when it's being paid directly to Facepunch, and especially if every time their account is banned it would crash.[/QUOTE]
You wouldn't know how much these servers make unless you are up there with them. You would be suprised.
[QUOTE=ertug20;52050599]You wouldn't know how much these servers make unless you are up there with them. You would be suprised.[/QUOTE]
They would stop making money really fucking fast if their server crashed every 4 hours.
[QUOTE=bobbleheadbob;52050608]They would stop making money really fucking fast if their server crashed every 4 hours.[/QUOTE]
If they can hack into the steam API and push out random redirect servers then surely they can fix a hard-coded server crash function.
[QUOTE=ertug20;52050599]You wouldn't know how much these servers make unless you are up there with them. You would be suprised.[/QUOTE]
It's not a question of whether or not they [B]can[/B] do it. Yes, they can. I know how much these servers make.
It's meant to inconvenience them, as TFA has already stated.
[QUOTE=TFA;52050482]
how much do you think users would stick around when the server is routinely disappearing off their history/favorites, and also has a massive controversy surrounding it?
[/QUOTE]
It would also be very annoying for them to constantly have to rebuy GMod, set up a server, and go from there when it goes down.
[QUOTE=ertug20;52050617]If they can hack into the steam API and push out random redirect servers then surely they can fix a hard-coded server crash function.[/QUOTE]
You overestimate their skill, particularly if it's implemented via C++
e:
"Hacking" into the Steam API is a strong word. It's not like it has strong verification checks; you've always been able to spoof A2S info, and this is likely pretty similar. Haven't delved that far into this variant of spoofing in particular, so I may be wrong.
[QUOTE=iDeku;52050629]It's not a question of whether or not they [B]can[/B] do it. Yes, they can. I know how much these servers make.
It's meant to inconvenience them, as TFA has already stated.
It would also be very annoying for them to constantly have to rebuy GMod, set up a server, and go from there when it goes down.[/QUOTE]
You can buy an absolute crazy number of Garry's Mod copies via G2A. It's not exactly a solution. Would it slow them down? Yes.
Would it potentially make it so hard that they stop doing it, with how much money they may bring in, I don't think so.
[QUOTE=TFA;52050631]You overestimate their skill, particularly if it's implemented via C++
e:
"Hacking" into the Steam API is a strong word. It's not like it has strong verification checks; you've always been able to spoof A2S info, and this is likely pretty similar. Haven't delved that far into this variant of spoofing in particular, so I may be wrong.[/QUOTE]
The steam API (steamworks, not the new one) is made in C/C++. There are modules out there that show how to get directly into the engine of the game from a GMod DLL module and edit some otherwise difficult variables.
Maybe I do over-estimate their skills but surely, with enough money, you can pay somebody to do anything.
[QUOTE=ertug20;52050649]You can buy an absolute crazy number of Garry's Mod copies via G2A. It's not exactly a solution. Would it slow them down? Yes.
Would it potentially make it so hard that they stop doing it, with how much money they may bring in, I don't think so.
The steam API (steamworks, not the new one) is made in C/C++. There are modules out there that show how to get directly into the engine of the game from a GMod DLL module and edit some otherwise difficult variables. With enough money, you can do anything.[/QUOTE]
Right, you've ignored what TFA has mentioned about their players sticking around.
Honestly, I'm not trying to accuse you of anything here -- but perhaps we have fundamental differences about this. You seem to think that if a solution doesn't fix this 100%, then it's not worth implementing, while acknowledging that there is no solution to this issue and that ANYTHING can eventually be bypassed with enough effort, and so, nothing should be done about this.
Almost every suggestion people have thrown up, you have been trying to say, "no, don't do it because it could eventually be bypassed with enough effort." and this is just going to lead to a circling of going back and forth on this thread where people are going to find a new method, go
"hey guys, i think we could d-"
"no, don't. there's no point because eventually.."
Do you see how this isn't productive? This entire thread has been that, pretty much, and I'm very tired of seeing it.
People want to make it [B]harder[/B] for the to do this, we (at least I) fully acknowledge it'll never fully be possible to stop them, but inconveniencing and making it harder for them to cross a hypothetical border is better than giving them a full VIP pass in.
[QUOTE=iDeku;52050674]
People want to make it [B]harder[/B] for the to do this, we (at least I) fully acknowledge it'll never fully be possible to stop them, but inconveniencing and making it harder for them to cross a hypothetical border is better than giving them a full VIP pass in.[/QUOTE]
This exactly. And even if it goes on for weeks, at least we'll have fought against this instead of laying down and accepting that it's fine to break the ToS repeatedly.
[QUOTE=iDeku;52050674]Right, you've ignored what TFA has mentioned about their players sticking around.
Honestly, I'm not trying to accuse you of anything here -- but perhaps we have fundamental differences about this. You seem to think that if a solution doesn't fix this 100%, then it's not worth implementing, while acknowledging that there is no solution to this issue and that ANYTHING can eventually be bypassed with enough effort, and so, nothing should be done about this.
Almost every suggestion people have thrown up, you have been trying to say, "no, don't do it because it could eventually be bypassed with enough effort." and this is just going to lead to a circling of going back and forth on this thread where people are going to find a new method, go
"hey guys, i think we could d-"
"no, don't. there's no point because eventually.."
Do you see how this isn't productive? This entire thread has been that, pretty much, and I'm very tired of seeing it.
People want to make it [B]harder[/B] for the to do this, we (at least I) fully acknowledge it'll never fully be possible to stop them, but inconveniencing and making it harder for them to cross a hypothetical border is better than giving them a full VIP pass in.[/QUOTE]
That is true I suppose. The goal here is to get as close to fixing the issue while not inconveniencing everybody else. The only reason why I'm so against the steam key system is because it's such a huge inconvenience to teach it to hundreds of clients who have absolutely no idea what Lua or FTP is.
While, yes, they will learn in due time, but it's a huge convienence for everybody because of one person. It goes back to the whole [B]TSA[/B] issue where because of one incident, it becomes so much more of an inconvenience for everybody else in the name of "security".
I am also sick of that as well but there really is no easy solution or deterrent to this without completely inconveniencing everybody. It goes back to the whole DRM argument. There is no true solution to it. There can be a hundred different solutions but [B]they should choose something that doesn't completely inconvience both hosting providers and new server owners.[/B]
[QUOTE=TFA;52050692]This exactly. And even if it goes on for weeks, at least we'll have fought against this instead of laying down and accepting that it's fine to break the ToS repeatedly.[/QUOTE]
Technically they are already showing that it's not okay by blacklisting their servers over and over and over. I do get your point though.
My concern isn't that they'll think it's "ok," but that they're free to break the rules because they're not enforced.
[QUOTE=DarthTealc;52051136]@ Anyone who sees a fake redirect server - Keep reporting them
@ Gmod Devs / Robotboy - Keep blocking any servers with fake information
@ SuperiorServers - Take down any servers with fake information. That way you can keep running your actual servers without being blocked. If you must advertise to other regions, put up actual servers in those regions without fake information.
@ Host of Superior Servers - Consider dropping them if they continue to violate the terms of use. They're putting your network at risk (be it of being blocked as some suggested, or just getting bad publicity)
Problem solved. Everyone's happy.
Can we fix Awesomium now?[/QUOTE]
Awesomium cannot be fixed, only replaced, but most of the candidates for its replacement aren't compatible with 32bit Apple OS', which makes up a significant portion of Garry's Mod's playerbase.
[QUOTE=Redfiend;52051180]Awesomium cannot be fixed, only replaced, but most of the candidates for its replacement aren't compatible with 32bit Apple OS', which makes up a significant portion of Garry's Mod's playerbase.[/QUOTE]
Could I have a citation as to the "significant portion" part?
Not trying to argue, I'd just like to see.
[t]https://cdn.discordapp.com/attachments/194984765798088705/298292600782192640/unknown.png[/t]
Another day, another set of new IP's to block.
[code]
45.76.113.185:27015
45.76.113.185:27016
45.76.113.185:27017
[/code]
[QUOTE=iDeku;52051199]Could I have a citation as to the "significant portion" part?
Not trying to argue, I'd just like to see.[/QUOTE]
It was more that it isn't compatible with OSX at all. As for the significant portion part, iirc someone did a rough estimate with it being around 3%, which is 30k or 40k players I think.
-snip- too edgy
If we make the internet run on Derma instead, we won't need anything anymore.
[QUOTE=The Commander;52051211][t]https://cdn.discordapp.com/attachments/194984765798088705/298292600782192640/unknown.png[/t]
Another day, another set of new IP's to block.
[code]
45.76.113.185:27015
45.76.113.185:27016
45.76.113.185:27017
[/code][/QUOTE]
At this point we should make a dedicated "SUP Blacklist bypass update thread"
Sorry, you need to Log In to post a reply to this thread.
