Cybergoth Posted December 9, 2005 Share Posted December 9, 2005 Hi there! IMO watersigns are probably the best idea. At least that would stop the occasional cheater. How about scrambling the data with a special key? In the source-distribution just release another key. So you secure that you can only record and playback official tournament input with the matching official tournament build of the Emulator Greetings, Manuel Quote Link to comment Share on other sites More sharing options...
+stephena Posted December 9, 2005 Share Posted December 9, 2005 Uihjah. You rarely hear "impossible" from a developer. You're sure you don't have any good ideas here? Oh, I have ideas, but almost none that can't be worked around. Stella is GPL'ed, so we can't rely on any 'security through obscurity' in the source code. And because it's GPL'ed, I can't create and release a binary without releasing the source. So any idea we come up with can't rely on not editing the codebase. So, that leaves a public/private authentication scheme. Maybe someone can come up with some ideas on how to (efficiently) do this, and have it benefit both developers and hiscore maintainers. But frankly, there are two problems with this: (a) those security issues/coding are out of my area of expertise, and if they're to be implemented at all, I'd need both input and coding help from someone else (b) I wonder if we're not taking this whole thing a little too seriously. I mean, yes, we need secure authentication and encryption for banking, but for saving the scores for an obsolete machine?? What for example, if the data was only editable within Stella itself? In "competition mode" disable the editor and you're halfway there Well, seeing as the editor won't be present in 2.1 anyway, that problem is eliminated. IMO watersigns are probably the best idea. At least that would stop the occasional cheater. How about scrambling the data with a special key? In the source-distribution just release another key. So you secure that you can only record and playback official tournament input with the matching official tournament build of the Emulator 979316[/snapback] OK, but we need several things. One, we need to make sure that the Stella exe wasn't modified (ie, recompiled to circumvent the security). That means the exe has to be signed. Then the output INP file has to be signed, to eliminate the possibility that it was edited in something other than Stella. And then, we need some way to circumvent this whole procedure for developers, so they can work with unsigned INP files. And then, someone has to create and maintain the keys ... Quote Link to comment Share on other sites More sharing options...
Cybergoth Posted December 9, 2005 Share Posted December 9, 2005 Hi there! (b) I wonder if we're not taking this whole thing a little too seriously. I mean, yes, we need secure authentication and encryption for banking, but for saving the scores for an obsolete machine?? Hm... maybe I'm just hanging out too much on places like MARP and Twingalaxies... I sure had the impression that there's lots of people out who think that it matters a lot (See, Twingalaxies for example is printing(!) a book with "official" world records.) OK, but we need several things. Heya, now you're talking! One, we need to make sure that the Stella exe wasn't modified (ie, recompiled to circumvent the security). That means the exe has to be signed. Not sure if this is required, when the recorded data is scrambled. You'd need to have your modified exe recompiled with the matching key, or it can't unscramble the data. And then, we need some way to circumvent this whole procedure for developers Hm... just let it be plain untouched data then in their mode/exe. And then, someone has to create and maintain the keys ... Hm... maybe it'd be time again to remove the dust from my Visual Studio... Greetings, Manuel Quote Link to comment Share on other sites More sharing options...
tmont Posted December 9, 2005 Share Posted December 9, 2005 (edited) I'm not sure if you guys are aware of this, but this site is devoted to what you guys are doing. They've modified emulators (like adding rerecording support and frame advance, for example) for NES, SNES, Genesis, N64, and others to create "tool-assisted speedruns." Some of the coders there might be able to help (if you need any, I have no idea what you guys are talking about). Edited December 9, 2005 by HeckYesIDid Quote Link to comment Share on other sites More sharing options...
+stephena Posted December 9, 2005 Share Posted December 9, 2005 Hm... maybe I'm just hanging out too much on places like MARP and Twingalaxies... I sure had the impression that there's lots of people out who think that it matters a lot (See, Twingalaxies for example is printing(!) a book with "official" world records.) I guess I do see the appeal of it. But does any other emulator go to these extremes? How does MAME deal with it? Not sure if this is required, when the recorded data is scrambled. You'd need to have your modified exe recompiled with the matching key, or it can't unscramble the data. Like I said, I'm not fully versed in security/signing issues. Maybe I'm thinking it's harder than it really is. Hm... maybe it'd be time again to remove the dust from my Visual Studio... Probably will be a while before I'm ready to add it though. For now, I'm working on getting the eventstream saving and then loading again. We can worry about the auth/encryption after it's working properly. Quote Link to comment Share on other sites More sharing options...
Zach Posted December 11, 2005 Share Posted December 11, 2005 Has anyone tried "z26 -r250 pitfall.bin" yet? Don't know why I didn't think of it earlier. Quote Link to comment Share on other sites More sharing options...
Thomas Jentzsch Posted December 11, 2005 Author Share Posted December 11, 2005 Has anyone tried "z26 -r250 pitfall.bin" yet? I used -r1000 (and video mode 2), else I probably would still not be ready. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.