Solved

Python. Is it massively open to hacking?

Posted on 2014-01-16
7
323 Views
Last Modified: 2014-03-06
Hi,
I am interested again in making an RTS, this time in Python.

How secure is Python? Maybe I don't know enough, but since it is interpreted, I'm concerned that my .py code can be simply copied from memory and hijacked by people? What security does Python guarantee in its interpreter?

Also, I have done competitive RTS since '97 and cheating is endemic in gaming. What might you suspect about the ease of a map hack, for example, into my code?

If my players can only play the game from my .py file location, can they do anything to, with it?
Is it thoroughly invulnerable? Hope so!
I was told my Java RTS was hackable
0
Comment
Question by:beavoid
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 22

Assisted Solution

by:Patrick Bogers
Patrick Bogers earned 167 total points
ID: 39786489
Hi

Python is very difficult to lock down and the byte-codes are well understood.
So if you are concerned for code-stealing i would suggest a better to protect language.
0
 

Author Comment

by:beavoid
ID: 39786579
But, it is such a pity, because it is the emerging killer app of languages. Are you implying it can be locked down?

Well, let me compare. I previously did this project in Java. Could hijackers just as easily have hijacked my byte code, anyway?
Is Python completely universal now, also?

thanks
0
 
LVL 22

Expert Comment

by:Patrick Bogers
ID: 39786611
Hi again,

There are some pretty good decompilers for Java so yes, chances are there.
Python is becoming more and more universal now yes. Remember Python is open source and from this thinking not made for obfuscating.

Not a expert on this field but i have been reading about Cython which combines the power of Python and the programmabillity for C++, try it..
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 16

Assisted Solution

by:gelonida
gelonida earned 333 total points
ID: 39787118
Python is probably even easier to hack than Java, as normally even more symbols are accessible in a non obfuscated way by introspection.

On the other hand. There's very good decompilers and annotators for C / C++ as well.
So a really motivated person will be able to hack any code independent of the language.

I think the only way to make a game safe is, that the game depends on some magic code running on a server.

To make it a little more difficult (this will not stop any serious hacker) you could use tools like pyobfuscate (though it works only on a per file basis and does not obfuscate interfaces), use py2exe or cxfreeze,
0
 

Author Comment

by:beavoid
ID: 39787211
Other questions I have asked on this have resulted in me holding the game state entirely on the server, and sending clients only their valid vision. This way hacking memory results in nothing, as only visible data is available. This should make my concerns null. As long as gameplay is tolerable, I'll be fine?
0
 
LVL 16

Accepted Solution

by:
gelonida earned 333 total points
ID: 39787971
Yeah I think  revealing the minimum information for each client is probably the best way to reduce cheating.

Tricky part is to balance server speed and game fluidity with cheat robustness.

What's perhaps as important than cheat avoidance is. cheat detection / detection of atypical 'players' and banning them as soon as they fall into some setup 'traps'.
0
 

Author Comment

by:beavoid
ID: 39799046
Hacking my game code might be pointless, because I think I'll make the client game-screen-terminal-endpoint instantiate from a locked position in my folder / code, on my game server. So, hacking the code on the client side would be pointless if it instantiates every time only from an inaccessible class I specify. At any rate, my game is going to be played entirely on the server and clients will receive only vision related to their valid position, so hacking attempts of any kind would be futile, and amusing.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Notify sent to other threads in Java 9 41
Fast way to search item into Java Array (Rhino compatible) 2 37
convert Systemjs to Webpack 3 73
Ruby or Python 7 48
A short article about problems I had with the new location API and permissions in Marshmallow
In this post we will learn different types of Android Layout and some basics of an Android App.
This tutorial covers a step-by-step guide to install VisualVM launcher in eclipse.
Viewers will learn how to properly install Eclipse with the necessary JDK, and will take a look at an introductory Java program. Download Eclipse installation zip file: Extract files from zip file: Download and install JDK 8: Open Eclipse and …

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question