[CF-Devel] sounds system

Mark Wedel mwedel at scruznet.com
Thu Jul 19 18:30:17 CDT 2001 

On Thu, 19 Jul 2001, Andreas Vogl wrote:
>
     
     
     >
     
      I agree that we shouldn't give away critical information to the client.
     
     >
     
      But I think it really doesn't make sense to bother about minor stuff
     
     >
     
      like map size, player- or soundsource locations.
     
     >
     
     
     >
     
      Don't forget that all the map data for crossfire is available to anyone.
     
     >
     
      If I want to make a cheat client, I can integrate the whole CF map-bundle
     
     >
     
      in my client.
     
     >
     
      Then, I can easily create features like these:
     
     >
     
      - Whenever a player approaches a gate with magic_ear, the password gets
     
     >
     
        printed automatically.
     
     >
     
      - When a player approaches a locked gate, the exact coordinates of the
     
     >
     
        appropriate key get printed.
     
     >
     
      - When a player is fighting a monster, the monster's resistances get
     
     >
     
      listend.
     
     >
     
      etc etc...
     
     
 That is a big presumption that all maps on most all servers remain public.
I agree that if that remains true, then worrying about this security is
pretty pointless.  At that point, we might as well send the entire map
(walls and floors at least) to the client.

 There are of course cases right now where this is not the case.  Random
maps are different each time, so hence the client will never be able
to know location of various things, or even the size of the map, in a reliable
fashion.  Random maps are a poor example in many areas, as they are as
cleverly made as human made maps of course, so giving away extra details
isn't quite a big deal.

 But if crossfire grows and becomes more popular, I could certainly see more
'private' maps that are only available on a specific server (or select few,
but traded privately, and not publically).

 I'd really hate to do something now, and then when the above happens and
people complain about the security flaws, have to re do it all over again to
fix those bugs.  May as well do it right in the first place.

 As said, this is a matter of risk.  I remember many of the early adventure
games basically gave this info away (all maps were of standard size, and you
could know your precise coordinate on that map), and certainly that isn't a
big deal.  And even my case of private maps is not perfect of course - as
people play them enough, they could effectively reproduce/make public versions
of them (you may not know precise detail of monsters for example, but you
would know where treasure rooms are and what not).

 Is size of map, location of sounds, and where the player is on the map a
terrible amount of information to give out?  No.  If the sounds could be done
without giving out that information should that be done instead?  Yes.

 Even my example still gives out some information.  In the watefall example
(ie, treasure behind waterfall), if the waterfall has a sound radiuse of say
10, then once the player gets within 10 spaces, they would know precise where
they are.  This may or may not be a big risk - on one side, if your that
close, you might already be able to see it or going the final 10 spaces is not
a big deal, on the counter side, maybe it is behind the wall, and you have to
go a long way around before you can get to it.  But even in that later case,
giving that clue may still be reasonable.

 I know I may seem a bit picky about giving out unneccessary information to
the client, but some of this is due to the cumulative nature.  Individually,
each piece probably doesn't seem like that much, and if you evaluated each
piece on its own, you would probably come to the conclusion that leaking that
individual pieces is fine.  But leaking all the pieces may be enough to really
generate useful information.

Consider a gif image.  Seeing 1% of the pixels chosen at random probably won't
let you have idea what the picture is.  Getting 25% of the pixels would
probably give you some clue as to the nature of the picture (portrait, nature
scene, etc).  Getting 50% would probably give you a good chance of identifying
the specific person, or where the picture was taken (if you've also visited
it), etc.  And IMO that is a bit like crossfire.  Provide enough individual
'leaks', none of which themselves gives much, and you may get to the 50%
stage of the picture, where you really do have a lot of information when
that is all summed together.

More information about the crossfire mailing list