Perfect Pitfall! (1:42)

Cybergoth · December 9, 2005

Hi there!

IMO watersigns are probably the best idea. At least that would stop the occasional cheater.

How about scrambling the data with a special key? In the source-distribution just release another key. So you secure that you can only record and playback official tournament input with the matching official tournament build of the Emulator :twisted:

Greetings,

Manuel

+stephena · December 9, 2005

Uihjah. You rarely hear "impossible" from a developer. You're sure you don't have any good ideas here?

Oh, I have ideas, but almost none that can't be worked around. Stella is GPL'ed, so we can't rely on any 'security through obscurity' in the source code. And because it's GPL'ed, I can't create and release a binary without releasing the source. So any idea we come up with can't rely on not editing the codebase.

So, that leaves a public/private authentication scheme. Maybe someone can come up with some ideas on how to (efficiently) do this, and have it benefit both developers and hiscore maintainers. But frankly, there are two problems with this:

(a) those security issues/coding are out of my area of expertise, and if they're to be implemented at all, I'd need both input and coding help from someone else

(b) I wonder if we're not taking this whole thing a little too seriously. I mean, yes, we need secure authentication and encryption for banking, but for saving the scores for an obsolete machine??

What for example, if the data was only editable within Stella itself? In "competition mode" disable the editor and you're halfway there

Well, seeing as the editor won't be present in 2.1 anyway, that problem is eliminated.

IMO watersigns are probably the best idea. At least that would stop the occasional cheater.

How about scrambling the data with a special key? In the source-distribution just release another key. So you secure that you can only record and playback official tournament input with the matching official tournament build of the Emulator

979316[/snapback]

OK, but we need several things. One, we need to make sure that the Stella exe wasn't modified (ie, recompiled to circumvent the security). That means the exe has to be signed. Then the output INP file has to be signed, to eliminate the possibility that it was edited in something other than Stella. And then, we need some way to circumvent this whole procedure for developers, so they can work with unsigned INP files. And then, someone has to create and maintain the keys ...

Cybergoth · December 9, 2005

Hi there!

(b) I wonder if we're not taking this whole thing a little too seriously. I mean, yes, we need secure authentication and encryption for banking, but for saving the scores for an obsolete machine??

Hm... maybe I'm just hanging out too much on places like MARP and Twingalaxies... I sure had the impression that there's lots of people out who think that it matters a lot

(See, Twingalaxies for example is printing(!) a book with "official" world records.)

OK, but we need several things.

Heya, now you're talking!

One, we need to make sure that the Stella exe wasn't modified (ie, recompiled to circumvent the security). That means the exe has to be signed.

Not sure if this is required, when the recorded data is scrambled. You'd need to have your modified exe recompiled with the matching key, or it can't unscramble the data.

And then, we need some way to circumvent this whole procedure for developers

Hm... just let it be plain untouched data then in their mode/exe.

And then, someone has to create and maintain the keys ...

Hm... maybe it'd be time again to remove the dust from my Visual Studio...

Greetings,

Manuel

tmont · December 9, 2005

I'm not sure if you guys are aware of this, but this site is devoted to what you guys are doing. They've modified emulators (like adding rerecording support and frame advance, for example) for NES, SNES, Genesis, N64, and others to create "tool-assisted speedruns." Some of the coders there might be able to help (if you need any, I have no idea what you guys are talking about).

Edited December 9, 2005 by HeckYesIDid

+stephena · December 9, 2005

Hm... maybe I'm just hanging out too much on places like MARP and Twingalaxies... I sure had the impression that there's lots of people out who think that it matters a lot
(See, Twingalaxies for example is printing(!) a book with "official" world records.)

I guess I do see the appeal of it. But does any other emulator go to these extremes? How does MAME deal with it?

Not sure if this is required, when the recorded data is scrambled. You'd need to have your modified exe recompiled with the matching key, or it can't unscramble the data.

Like I said, I'm not fully versed in security/signing issues. Maybe I'm thinking it's harder than it really is.

Hm... maybe it'd be time again to remove the dust from my Visual Studio...

Probably will be a while before I'm ready to add it though. For now, I'm working on getting the eventstream saving and then loading again. We can worry about the auth/encryption after it's working properly.

Zach · December 11, 2005

Has anyone tried "z26 -r250 pitfall.bin" yet? :lol: Don't know why I didn't think of it earlier.

Thomas Jentzsch · December 11, 2005

Has anyone tried "z26 -r250 pitfall.bin" yet?

I used -r1000 (and video mode 2), else I probably would still not be ready.

Sign In

Perfect Pitfall! (1:42)

Recommended Posts

Cybergoth

Link to comment

Share on other sites

+stephena

Link to comment

Share on other sites

Cybergoth

Link to comment

Share on other sites

tmont

Link to comment

Share on other sites

+stephena

Link to comment

Share on other sites

Zach

Link to comment

Share on other sites

Thomas Jentzsch

Link to comment

Share on other sites

Join the conversation

Recently Browsing 0 members

Apps

My Activity Streams

More