Python. Is it massively open to hacking?

Posted on 2014-01-16
Last Modified: 2014-03-06
I am interested again in making an RTS, this time in Python.

How secure is Python? Maybe I don't know enough, but since it is interpreted, I'm concerned that my .py code can be simply copied from memory and hijacked by people? What security does Python guarantee in its interpreter?

Also, I have done competitive RTS since '97 and cheating is endemic in gaming. What might you suspect about the ease of a map hack, for example, into my code?

If my players can only play the game from my .py file location, can they do anything to, with it?
Is it thoroughly invulnerable? Hope so!
I was told my Java RTS was hackable
Question by:beavoid
  • 3
  • 2
  • 2
LVL 19

Assisted Solution

Patricksr1972 earned 167 total points
ID: 39786489

Python is very difficult to lock down and the byte-codes are well understood.
So if you are concerned for code-stealing i would suggest a better to protect language.

Author Comment

ID: 39786579
But, it is such a pity, because it is the emerging killer app of languages. Are you implying it can be locked down?

Well, let me compare. I previously did this project in Java. Could hijackers just as easily have hijacked my byte code, anyway?
Is Python completely universal now, also?

LVL 19

Expert Comment

ID: 39786611
Hi again,

There are some pretty good decompilers for Java so yes, chances are there.
Python is becoming more and more universal now yes. Remember Python is open source and from this thinking not made for obfuscating.

Not a expert on this field but i have been reading about Cython which combines the power of Python and the programmabillity for C++, try it..
Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

LVL 16

Assisted Solution

gelonida earned 333 total points
ID: 39787118
Python is probably even easier to hack than Java, as normally even more symbols are accessible in a non obfuscated way by introspection.

On the other hand. There's very good decompilers and annotators for C / C++ as well.
So a really motivated person will be able to hack any code independent of the language.

I think the only way to make a game safe is, that the game depends on some magic code running on a server.

To make it a little more difficult (this will not stop any serious hacker) you could use tools like pyobfuscate (though it works only on a per file basis and does not obfuscate interfaces), use py2exe or cxfreeze,

Author Comment

ID: 39787211
Other questions I have asked on this have resulted in me holding the game state entirely on the server, and sending clients only their valid vision. This way hacking memory results in nothing, as only visible data is available. This should make my concerns null. As long as gameplay is tolerable, I'll be fine?
LVL 16

Accepted Solution

gelonida earned 333 total points
ID: 39787971
Yeah I think  revealing the minimum information for each client is probably the best way to reduce cheating.

Tricky part is to balance server speed and game fluidity with cheat robustness.

What's perhaps as important than cheat avoidance is. cheat detection / detection of atypical 'players' and banning them as soon as they fall into some setup 'traps'.

Author Comment

ID: 39799046
Hacking my game code might be pointless, because I think I'll make the client game-screen-terminal-endpoint instantiate from a locked position in my folder / code, on my game server. So, hacking the code on the client side would be pointless if it instantiates every time only from an inaccessible class I specify. At any rate, my game is going to be played entirely on the server and clients will receive only vision related to their valid position, so hacking attempts of any kind would be futile, and amusing.

Featured Post

Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
difference of if loops 23 49
by zero exception 10 39
Adding multiple JVM environments to RedHat 6 7 18
Query group by data in SQL Server - cursor? 3 30
Since upgrading to Office 2013 or higher installing the Smart Indenter addin will fail. This article will explain how to install it so it will work regardless of the Office version installed.
Computer science students often experience many of the same frustrations when going through their engineering courses. This article presents seven tips I found useful when completing a bachelors and masters degree in computing which I believe may he…
This theoretical tutorial explains exceptions, reasons for exceptions, different categories of exception and exception hierarchy.
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

774 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question