Python. Is it massively open to hacking?

Posted on 2014-01-16
Last Modified: 2014-03-06
I am interested again in making an RTS, this time in Python.

How secure is Python? Maybe I don't know enough, but since it is interpreted, I'm concerned that my .py code can be simply copied from memory and hijacked by people? What security does Python guarantee in its interpreter?

Also, I have done competitive RTS since '97 and cheating is endemic in gaming. What might you suspect about the ease of a map hack, for example, into my code?

If my players can only play the game from my .py file location, can they do anything to, with it?
Is it thoroughly invulnerable? Hope so!
I was told my Java RTS was hackable
Question by:beavoid
  • 3
  • 2
  • 2
LVL 19

Assisted Solution

Patricksr1972 earned 167 total points
ID: 39786489

Python is very difficult to lock down and the byte-codes are well understood.
So if you are concerned for code-stealing i would suggest a better to protect language.

Author Comment

ID: 39786579
But, it is such a pity, because it is the emerging killer app of languages. Are you implying it can be locked down?

Well, let me compare. I previously did this project in Java. Could hijackers just as easily have hijacked my byte code, anyway?
Is Python completely universal now, also?

LVL 19

Expert Comment

ID: 39786611
Hi again,

There are some pretty good decompilers for Java so yes, chances are there.
Python is becoming more and more universal now yes. Remember Python is open source and from this thinking not made for obfuscating.

Not a expert on this field but i have been reading about Cython which combines the power of Python and the programmabillity for C++, try it..
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

LVL 16

Assisted Solution

gelonida earned 333 total points
ID: 39787118
Python is probably even easier to hack than Java, as normally even more symbols are accessible in a non obfuscated way by introspection.

On the other hand. There's very good decompilers and annotators for C / C++ as well.
So a really motivated person will be able to hack any code independent of the language.

I think the only way to make a game safe is, that the game depends on some magic code running on a server.

To make it a little more difficult (this will not stop any serious hacker) you could use tools like pyobfuscate (though it works only on a per file basis and does not obfuscate interfaces), use py2exe or cxfreeze,

Author Comment

ID: 39787211
Other questions I have asked on this have resulted in me holding the game state entirely on the server, and sending clients only their valid vision. This way hacking memory results in nothing, as only visible data is available. This should make my concerns null. As long as gameplay is tolerable, I'll be fine?
LVL 16

Accepted Solution

gelonida earned 333 total points
ID: 39787971
Yeah I think  revealing the minimum information for each client is probably the best way to reduce cheating.

Tricky part is to balance server speed and game fluidity with cheat robustness.

What's perhaps as important than cheat avoidance is. cheat detection / detection of atypical 'players' and banning them as soon as they fall into some setup 'traps'.

Author Comment

ID: 39799046
Hacking my game code might be pointless, because I think I'll make the client game-screen-terminal-endpoint instantiate from a locked position in my folder / code, on my game server. So, hacking the code on the client side would be pointless if it instantiates every time only from an inaccessible class I specify. At any rate, my game is going to be played entirely on the server and clients will receive only vision related to their valid position, so hacking attempts of any kind would be futile, and amusing.

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

The purpose of this article is to demonstrate how we can use conditional statements using Python.
Basic understanding on "OO- Object Orientation" is needed for designing a logical solution to solve a problem. Basic OOAD is a prerequisite for a coder to ensure that they follow the basic design of OO. This would help developers to understand the b…
This tutorial covers a practical example of lazy loading technique and early loading technique in a Singleton Design Pattern.
This tutorial covers a step-by-step guide to install VisualVM launcher in eclipse.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now