asked on
How to prevent memory hacking in game's score?
Hi,
I'm building a java mobile game and i need to prevent people from hacking the score via the memory. I thought of maybe like this,
-Instead of using numbers in the score's main variable, we use Alphabets like 1=AG, 2=RE
-So the canvas or display just reads the score's alphabets and translate it to a number.
Will this work? If no, do you any better idea?
Melv
I'm building a java mobile game and i need to prevent people from hacking the score via the memory. I thought of maybe like this,
-Instead of using numbers in the score's main variable, we use Alphabets like 1=AG, 2=RE
-So the canvas or display just reads the score's alphabets and translate it to a number.
Will this work? If no, do you any better idea?
Melv
Computer GamesEncryptionJava
Last Comment
melwong
ASKER
Hi,
We're building a game that can upload scores to a remote server and giving cash to top scorers. Thus, we really NEED to ensure almost hack-proof in our games.
You said,
"It would work but it is usually possible to look at two instances of the game and see which code has changed so spot the incrementing score."
Do you have an example how a hacker can perform the above? Are you still referring to mem hacking or something else?
We're building a game that can upload scores to a remote server and giving cash to top scorers. Thus, we really NEED to ensure almost hack-proof in our games.
You said,
"It would work but it is usually possible to look at two instances of the game and see which code has changed so spot the incrementing score."
Do you have an example how a hacker can perform the above? Are you still referring to mem hacking or something else?
It will depend on how much the hacking will recover in cash compared with time taken to "fix" the score.
If I was trying to hack it I guess I would look at trying to dump the memory into a file at two points. Ideally before and after getting some points without anything else changing. Is the game launched from the server, played independently and then the score uploaded back to the server so that you can give each session a unique identity of does it run entirely independent of the server and you simply send in your scores?
If I was trying to hack it I guess I would look at trying to dump the memory into a file at two points. Ideally before and after getting some points without anything else changing. Is the game launched from the server, played independently and then the score uploaded back to the server so that you can give each session a unique identity of does it run entirely independent of the server and you simply send in your scores?
ASKER
the user would download the game into the phone. then play it on the phone, get the score and upload to server. when you said session, what kinda session you're referring to? There's no session at this moment.
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
I think you're quite right. The game is just casual Tetris like games. Any special insights on dev on this type of game? It's on J2ME MIDP 1
If you are going to go along this line maybe put a checksum in there as well. The best disincentive is to have a system check that looks for a change which doesn't match the checksum and permanently disables the game requiring a reinstall. Then the effort invoved in testing the hack is outweighed by the effort of reinstalling.
Bear in mind though that most gamers are not programmers. Because games programmers do both they can easily get caught building in defences against hacking which only a minority of players will be capable of.