Free Allegiance Forums

the point of the hardware IDs is that they are hard to change, and less invasive than other ways to identify you.

right now, i believe the only way you can get a new account not to be linked to your old one (and circumvent security), is to buy/build a completely new computer which has no parts from any other computer you've played on, and to use a new internet connection (different IP), and then keep your mouth shut so people don't suspect you're someone else, and even then, i think the powers that be can spot that it's actually the same person.

if we didn't use hardware ID numbers to identify people, we would need some other way too identify them (e.g. require a small donation so we get ID from the bank), and most other ways would be too much trouble for people and would put off people from trying to play.

The system works well, thought it has it's compatibility issues.

the system probably isn't going to get changed any time soon, but it has been said that it may change if allegiance is demonstrated to be working in linux (not vmware).
I think last time someone got asgs working in a vmware they helped the admins fix asgs so that it would no-longer allow you to log in in a vm.

if this vm does indeed report actual hardware IDs then it might be allowed.

I should probably say that speculating on how asgs works isn't appreciated in the interests of keeping our games secure.

p.s. welcome to allegiance /smile.gif" style="vertical-align:middle" emoid=":)" border="0" alt="smile.gif" />

I'm just trying to contribute, I'm not trying to compromise the integrity of the game, nor do I want to make it easier for people to "hack". I've done a fair bit of work in information security, and I've never really believed in security through obscurity. It's no easier to hack software running in vmware than it is to decompile it in the first place. I believe the only security risk would be in building a unix version of ASGS, that would probably be easier to decompile or abuse in an unconventional manner.

The only potential problem I see with vmware/wine/etc is with the account-linking aspect of ASGS. I didn't want to create a problem, but I don't know enough about how that works so I was looking for a way to test it. If there is no way to effectively work with that, then it is possible to disable ASGS from working in vmware altogether. However, I really have to wonder if it is all that effective. If someone is capable of running the game in vmware, then I suspect they are capable enough to change their hardware and ip address.

Thank you for the welcome, and I appreciate the feedback.
Alleg is a great game, I wish I had found it sooner.

I have some thoughts on this issue, but am saving them for another thread. Thanks for getting it running. One more check mark for Mac OS compatibility towards ASGS moving away from .NET. (I certainly am not wanting to pressure anyone, so don't take it that way)

Troll: This is Linux not Mac! GTFO!

Tashim wrote:QUOTE (Tashim @ Sep 5 2008, 12:25 AM) I'm just trying to contribute, I'm not trying to compromise the integrity of the game, nor do I want to make it easier for people to "hack".

i wasn't accusing you, just giving a friendly warning not to publicly post about how you think asgs works.

we've had discussions about security through obscurity, the general result is:
we want to have secure games
you can't have total security -> you make your security system hard enough to crack that it isn't worth the effort
asgs works, and has worked well
if someone can bypass it, then it will get reviewed/patched

fuzzylunkin1 wrote:QUOTE (fuzzylunkin1 @ Sep 5 2008, 01:08 AM) Troll: This is Linux not Mac! GTFO!

Not much difference my friend, not much difference /smile.gif" style="vertical-align:middle" emoid=":)" border="0" alt="smile.gif" /> (I feel like I had better be watching for flying bullets now) /mrgreen.gif" style="vertical-align:middle" emoid=":D" border="0" alt="mrgreen.gif" />

ASGS has never had any specific "Fail in VMWare" code in it.

What it HAS done is (on the server side) reject bogus information that VMWare was passing to it. It's possible that VMWare these days is more compatible than it was in the old days.

That being said - we probably don't want people running it in VMWare or a similar virtualization environment, since it's so much easier to change hardware (for example create a new virtual disk and clone your existing disk to it, giving you a "New" signature).

Since I'm currently working on minor bugfixes for the .NET 2.0 version of ASGS (currently in closed beta) I will most likely have to put in some code that makes it refuse to run in a VM environment at all.

Pook

I was unable to run allegiance in vmware on a windows host, I was only able to get it working on a vmware linux host.
On a windows host, it complained about an invalid key.

For a linux host, I tried more than one virtual machine, with a different configuration, and the accounts still ended up linked, which is good. What needs to be determined, is if different systems are still uniquely identifiable, or if all virtual machines on the same OS appear the same.

To test that, I need someone else to reproduce my work, and create an account in a linux-hosted virtual machine, and then we can see if it links with the test accounts I created.

So far, my attempts to reproduce your results have failed, but I can't conclude anything quite yet. I have to do a little more work with my install before I can say "pass/fail". My install is a linux host, but I suspect it's the same distro that you're using (Ubuntu), so this would only tell us something about that one distro.

2.0? Why not 3.5?

2.0 is so 2.0 years ago.