Hacked Highscores

Previous topic - Next topic
Print
Go Down Pages1
User actions

Kitty Hello

2011-Jan-27
It happens a lot, because it's so easy to do.

Would you want to use ENCRPYT$() to make is safer?

Wampus

#1
2011-Jan-28
Yep. Don't forget INI files too! e.g the INI file to PowFish looks a little like this:-

[Quality]
FPS=d808b43bedc1035ff3419cc9c316b9d3f3419cc9c316b9d3
Detail=9d2be24871f6ea23e0baceb79ecffcf08ea0c730854802d6
Size=395a2709c03434543338acb4744c399a39272705932c42a4
[Sound]
Music_Volume=cb48e692c4ec50709aebc11e2c7e8be69aebc11e2c7e8be69aebc11e2c7e8be6
Sound_Volume=90a8dd135b93b307cdfdb1f1c0304a4acdfdb1f1c0304a4acdfdb1f1c0304a4a
Speech_Volume=ebaecde55c40d58af7c9855b36bee8edf7c9855b36bee8edf7c9855b36bee8ed
[Achievements]
ACHIEVE0=48f345ce3295e81e34eb89930e46238e85ce9c424fc736f3
ACHIEVE1=d1fccefd9f0c3ca9bb3ae8cf6211c6ebfb27ee1cc7bb6113
ACHIEVE2=e4d0ecd4944c98e21758d93e1193367c5e84be24d685e8b5
[Checksum]
Encrypts=17580fd65dc5e981f3419cc9c316b9d3f3419cc9c316b9d3f3419cc9c316b9d3f3419cc9c316b9d3

etc.

If the decoded data fails a checksum check then its all reset to default (very frustrating if you're trying to cheat).

Leginus

#2
2011-Jan-28
if you use encryption in iphone games though, dont you have to declare it for certain countries?
When submitting I have noticed something about that.

Wampus

#3
2011-Jan-28
OMG! Leginus thanks for drawing my attention to that. I forgot that our world is shaped by insane war monkeys who try to control everything. App submission with any encryption confirmed as a confusing headache in the US: http://discussions.apple.com/thread.jspa?threadID=1647892

However, I've been looking here: http://www.bis.doc.gov/encryption/default.htm and at the documents linked to it like this one: http://www.bis.doc.gov/encryption/decision_tree.pdf

It seems that there are exceptions. For instance by US export standards '"Cryptography" does not include "fixed" data compression or coding techniques.' and if the software uses encryption for authentication only then its OK with US export law, etc. Not sure if Apple would still require you to submit your app with approved encryption though.

I'm going to go ahead and assume that checksums used to authenticate stored data do not need registration.

MrTAToad

#4
2011-Jan-29
Yes, would be good if hiscores are encrypted
Print
Go Up Pages1
User actions
SMF 2.1.4 © 2023, Simple Machines
ProCurve Theme Made By : TwitchisMental