Quote:
Originally Posted by Loly Taa
[You must be logged in to view images. Log in or Register.]
If I were to venture a guess at why Rogean is asking for a stream cryptographer...
Recently we've seen that wsock32 and eqgame.dll can be used to hook already existing EQ functions and re-write them. Since Rogean has access to the crypto server-side, and now he also has access to change things on the client side. I'd guess that he wants to work out an entirely new encryption system for p1999 to make ShowEQ no longer work on the server. If on the backend and on the frontend the crypto is changed to be the same then you'd need some clever girls to get ShowEQ working again.
I worked on EQEmu back during the big crypto hubbub. A developer named Quagmire was the big man when it came to breaking their crypto. There was once a time when Sony/Verant used very strong encryption, to the point where our only option would be scanning the memory of the client for the key, which was detectable.
Sony/Verant gave up because the amount of cpu they used just to keep the crypto strong started to weigh heavily on the back-end, and people would just get the key out of memory anyways, and they really didn't have a way to detect that at the time.
Problem is, now getting the key out of memory quietly is even easier. Since most computers have Firewire ports and Firewire has unrestricted direct memory access the same technique could be used even more quietly here to find the key.
TL;DR, my guess is Rogean is trying to stop ShowEQ, though I'm not sure how effective it would be.
|
A VPN could work, but again, the client has to have the key to decrypt the incoming transmission, so again it's stored locally in memory somewhere.
The real only way it would work? Something like those online gaming services where they run the software on their machine and just forward you a display and accept input. Now that would be true client security.