Renegade Public Forums
C&C: Renegade --> Dying since 2003™, resurrected in 2024!
Home » Archived Forums » RenGuard Client » Why not open source?
Why not open source? [message #172723] Sun, 25 September 2005 03:45 Go to next message
howang is currently offline  howang
Messages: 57
Registered: September 2005
Location: Hong Kong
Karma: 0
Recruit
Well, I am a server owner, I run a renegade server with rg & brenbot. But I get lots of feedback from the players that they don't trust rg and think it is a spyware. Yes, you cannot explain because nobody knows what your program is doing. Maybe it is a keylogger that steal password and send it back to the rg server. Maybe it is a cdkey stealing program. Maybe it scan for cookies and steal passwords. Nobody knows what rg is doing except the programmer of it. The worst part is, DJM & Crimson here always use bad language. How can we trust it!?

I think you guys are making a good job to keep the game fair, but please behave yourselves properly! There are too much bad language here & we cannot trust this site, the only thing to do is open source. Once you open source, everyone will trust you.

If you think that open source will let crackers know how to bypass it, I can tell you that this is a stupid point. Open source won't decrease the security, but let more programmer join & help you to fix bugs!


Thanks blazer for the xwisp! My dream comes true!
<Ghostshaw> duh
<Ghostshaw> its awesome
<Ghostshaw> cheat the cheaters :P
Re: Why not open source? [message #172724 is a reply to message #172723] Sun, 25 September 2005 04:04 Go to previous messageGo to next message
mac is currently offline  mac
Messages: 1018
Registered: February 2003
Karma: 0
General (1 Star)
Administrator/General
Not going to happen. I'm a fan myself of GPL software and have released several of them licensed under the General Public License. RenGuard is not one of them, for obvious reasons.

having the source code available means everyone can modify the software as they wish, and release their own versions, defeating the entire purpose of this software. There may be only one valid version at the same time, and we're the ones that are releasing it.

if you do not trust this software, use tools like regedit/regmon to see what it is actually doing on your system.. or just don't use it.


Quote:


danpaul88: buggy bugs brenbot because buggy befriends brainlessness

Re: Why not open source? [message #172725 is a reply to message #172724] Sun, 25 September 2005 04:16 Go to previous messageGo to next message
=HT=T-Bird is currently offline  =HT=T-Bird
Messages: 712
Registered: June 2005
Karma: 0
Colonel
mac wrote on Sun, 25 September 2005 06:04

Not going to happen. I'm a fan myself of GPL software and have released several of them licensed under the General Public License. RenGuard is not one of them, for obvious reasons.

having the source code available means everyone can modify the software as they wish, and release their own versions, defeating the entire purpose of this software. There may be only one valid version at the same time, and we're the ones that are releasing it.

if you do not trust this software, use tools like regedit/regmon to see what it is actually doing on your system.. or just don't use it.

IIRC, there is a clause in the GPL that, in effect, forces patches to make their way upstream to the developers... Look Round Eh


HTT-Bird (IRC)
HTTBird (WOL)
Proud HazTeam Lieutenant.
BlackIntel Coder & Moderator.

If you have trouble running BIATCH on your FDS, have some questions about a BIATCH message or log entry, or think that BIATCH spit out a false positive, PLEASE contact the BlackIntel coding team and avoid wasting the time of others.
Re: Why not open source? [message #172726 is a reply to message #172724] Sun, 25 September 2005 04:36 Go to previous messageGo to next message
howang is currently offline  howang
Messages: 57
Registered: September 2005
Location: Hong Kong
Karma: 0
Recruit
mac, maybe you can open souce part of it, just keep the RG exe valid & data transfer with rg network part in binary format. I think this will keep it secure & won't be cracked.

Thanks blazer for the xwisp! My dream comes true!
<Ghostshaw> duh
<Ghostshaw> its awesome
<Ghostshaw> cheat the cheaters :P
Re: Why not open source? [message #172731 is a reply to message #172723] Sun, 25 September 2005 05:09 Go to previous messageGo to next message
Dave Mason is currently offline  Dave Mason
Messages: 2357
Registered: April 2004
Location: Shropshire, England
Karma: 0
General (2 Stars)
howang wrote on Sun, 25 September 2005 11:45

The worst part is, DJM & Crimson here always use bad language.


I'm not a part of BHS, and I think Crimson is glad of that Big Grin

Secondly, Crimson doesn't use bad language.

I just have a disliking for illiterate fools and cheaters. You, on the other hand..... well, if everybody new typed as well as you, I'd be more than happy.


www.myspace.com/midas
Re: Why not open source? [message #172738 is a reply to message #172723] Sun, 25 September 2005 05:52 Go to previous messageGo to next message
mac is currently offline  mac
Messages: 1018
Registered: February 2003
Karma: 0
General (1 Star)
Administrator/General
The RenGuard client is too intigrated to be taken apart and release parts in open source.. there is a open speficiation for the Server Side Client, if anyone wishes to develop their own SSC though

Quote:


danpaul88: buggy bugs brenbot because buggy befriends brainlessness

Re: Why not open source? [message #172864 is a reply to message #172723] Mon, 26 September 2005 08:40 Go to previous messageGo to next message
warranto is currently offline  warranto
Messages: 2584
Registered: February 2003
Location: Alberta, Canada
Karma: 0
General (2 Stars)
howang wrote on Sun, 25 September 2005 06:45

Well, I am a server owner, I run a renegade server with rg & brenbot. But I get lots of feedback from the players that they don't trust rg and think it is a spyware. Yes, you cannot explain because nobody knows what your program is doing. Maybe it is a keylogger that steal password and send it back to the rg server. Maybe it is a cdkey stealing program. Maybe it scan for cookies and steal passwords. Nobody knows what rg is doing except the programmer of it. The worst part is, DJM & Crimson here always use bad language. How can we trust it!?



So you're saying that just because something is not opn source, there may be a problem with it? Wow, I guess people had better stop using Microsoft products, Blizzard products, EA products, Corel producst... ect. MOST things you come across in the coomputer world ar closed source. And I suggest you re-evaluate your ideals. Heck I don't swear, yet I can trust someone who does. If it were as you are stating, it must be very hard to find someone you trust.
Re: Why not open source? [message #172981 is a reply to message #172724] Tue, 27 September 2005 01:25 Go to previous messageGo to next message
light is currently offline  light
Messages: 988
Registered: January 2005
Karma: 0
Colonel
mac wrote on Sun, 25 September 2005 07:04

if you do not trust this software, use tools like regedit/regmon to see what it is actually doing on your system.. or just don't use it.


I vote for the latter option.


http://www.azupload.com/displayImage.php/setid2745.png
Re: Why not open source? [message #172984 is a reply to message #172723] Tue, 27 September 2005 02:36 Go to previous messageGo to next message
Sir Kane
Messages: 1701
Registered: March 2003
Location: Angerville
Karma: 0
General (1 Star)
Hey! Why not ask valve for the VAC2 code! It might have keyloggers and serial stealers or even worse it reads cookies! Oh noes!


Proud N9500 and proud N6270 user. Creator of the IEE libraries (original bhs.dll) and the RB series software.
http://n00bstories.com/image.fetch.php?id=1189992501http://www.n00bstories.com/image.fetch.php?id=1257492907
Re: Why not open source? [message #172985 is a reply to message #172864] Tue, 27 September 2005 03:24 Go to previous messageGo to next message
howang is currently offline  howang
Messages: 57
Registered: September 2005
Location: Hong Kong
Karma: 0
Recruit
warranto wrote on Mon, 26 September 2005 23:40


So you're saying that just because something is not opn source, there may be a problem with it? Wow, I guess people had better stop using Microsoft products, Blizzard products, EA products, Corel producst... ect. MOST things you come across in the coomputer world ar closed source. And I suggest you re-evaluate your ideals. Heck I don't swear, yet I can trust someone who does. If it were as you are stating, it must be very hard to find someone you trust.


Well, I am a software developer too! Why I have to open sources? Why I have to give out my hard-written code? The reason is to exchange ideas with other programmer! One of the reason is to let people know that your program won't do anything that is bad. Another bug reason is to give this as an example to the beginners and let them know how to write a program like this. This is very important! If everyone close their sources, the computer world won't grow up so fast! And this forum (FUDforum and the old phpbb2 are both open source) won't exist! Don't just think that programmer must be selfish! Programmers should share their works, because this help the whole computer world! As a user, you should support the open source network too! Not just because most of the open source programs are free, this is because they teach the next generation how to write programs! If there is not open source, I think your M$ Windows will cost > US$1000 because no one can challenge it! Think about it, open source really help the computer world a lot.


Thanks blazer for the xwisp! My dream comes true!
<Ghostshaw> duh
<Ghostshaw> its awesome
<Ghostshaw> cheat the cheaters :P
Re: Why not open source? [message #172987 is a reply to message #172723] Tue, 27 September 2005 03:48 Go to previous messageGo to next message
mac is currently offline  mac
Messages: 1018
Registered: February 2003
Karma: 0
General (1 Star)
Administrator/General
It's not usefull when it comes to security related products like RenGuard, since many of its security features lies in the closed source client.. there would be dozens of illegal branches of RenGuard which have scanning disabled etc, if the source code were available.

We have several people under a non disclosure agreement which have examined the inner workings of renguard from a security standpoint


Quote:


danpaul88: buggy bugs brenbot because buggy befriends brainlessness

Re: Why not open source? [message #173024 is a reply to message #172723] Tue, 27 September 2005 10:45 Go to previous messageGo to next message
dead6re is currently offline  dead6re
Messages: 602
Registered: September 2003
Karma: 0
Colonel
howang wrote on Sun, 25 September 2005 06:45

Well, I am a server owner, I run a renegade server with rg & brenbot. But I get lots of feedback from the players that they don't trust rg and think it is a spyware. Yes, you cannot explain because nobody knows what your program is doing. Maybe it is a keylogger that steal password and send it back to the rg server. Maybe it is a cdkey stealing program. Maybe it scan for cookies and steal passwords. Nobody knows what rg is doing except the programmer of it. The worst part is, DJM & Crimson here always use bad language. How can we trust it!?

I think you guys are making a good job to keep the game fair, but please behave yourselves properly! There are too much bad language here & we cannot trust this site, the only thing to do is open source. Once you open source, everyone will trust you.

If you think that open source will let crackers know how to bypass it, I can tell you that this is a stupid point. Open source won't decrease the security, but let more programmer join & help you to fix bugs!


Your users need to learn some facts:

1) DJM is NOT part of BHS
2) I have never seen Crimson use bad languge, unless you calling in on the fake cheats!
3) I use ProcessGuard, it can tell you exactly whats its trying to access, so I can tell what is happening. I get no keyboard hooks or scanning cookies. Only renegade directory files.
4) The cd key is encrypted within Renegade, Im guessing MD5 as that is one way. This make it virtually impossible to crack it.
5) Open source would release the protocol and then a fake RenGuard client could be made! We don't want this to happen.


Let all your wishes be granted except one, so you will still have something to strieve for.
Re: Why not open source? [message #173446 is a reply to message #173024] Sat, 01 October 2005 23:22 Go to previous messageGo to next message
howang is currently offline  howang
Messages: 57
Registered: September 2005
Location: Hong Kong
Karma: 0
Recruit
dead6re wrote on Wed, 28 September 2005 01:45


Your users need to learn some facts:

1) DJM is NOT part of BHS
2) I have never seen Crimson use bad languge, unless you calling in on the fake cheats!
3) I use ProcessGuard, it can tell you exactly whats its trying to access, so I can tell what is happening. I get no keyboard hooks or scanning cookies. Only renegade directory files.
4) The cd key is encrypted within Renegade, Im guessing MD5 as that is one way. This make it virtually impossible to crack it.
5) Open source would release the protocol and then a fake RenGuard client could be made! We don't want this to happen.


1) But BHS allow people use bad language here!
2) Take a look on the RG network ban forum, you will find some.
3) Yes, I don't think RG is spyware too, but it is really hard to let people understand this fact.
4) Don't you know that you can put the encrypted key in your registry? It is NO NEED to crack the encryption but just use the encrypted one!
5) Yes, I have think about this point before you said it.


Thanks blazer for the xwisp! My dream comes true!
<Ghostshaw> duh
<Ghostshaw> its awesome
<Ghostshaw> cheat the cheaters :P
Re: Why not open source? [message #173447 is a reply to message #172723] Sat, 01 October 2005 23:35 Go to previous messageGo to next message
Whitedragon is currently offline  Whitedragon
Messages: 832
Registered: February 2003
Location: California
Karma: 1
Colonel
What does bad language have to do with anything?

Black-Cell.net
Network Administrator (2003 - )

DragonServ, Renegade's first IRC interface bot
Creator and lead coder (2002 - )

Dragonade, Renegade's first server side modification
Lead coder (2005 - )
Re: Why not open source? [message #173500 is a reply to message #173446] Sun, 02 October 2005 13:16 Go to previous messageGo to next message
Kanezor is currently offline  Kanezor
Messages: 855
Registered: February 2005
Location: Sugar Land, TX, USA
Karma: 0
Colonel
howang wrote on Sun, 02 October 2005 02:22

dead6re wrote on Wed, 28 September 2005 01:45


Your users need to learn some facts:

1) DJM is NOT part of BHS
2) I have never seen Crimson use bad languge, unless you calling in on the fake cheats!
3) I use ProcessGuard, it can tell you exactly whats its trying to access, so I can tell what is happening. I get no keyboard hooks or scanning cookies. Only renegade directory files.
4) The cd key is encrypted within Renegade, Im guessing MD5 as that is one way. This make it virtually impossible to crack it.
5) Open source would release the protocol and then a fake RenGuard client could be made! We don't want this to happen.


1) But BHS allow people use bad language here!
2) Take a look on the RG network ban forum, you will find some.
3) Yes, I don't think RG is spyware too, but it is really hard to let people understand this fact.
4) Don't you know that you can put the encrypted key in your registry? It is NO NEED to crack the encryption but just use the encrypted one!
5) Yes, I have think about this point before you said it.


My responses to your points:
1) BHS allowing people to swear doesn't make BHS bad. It proliferates free speech.
2) Of course people are swearing in the RenGuard network ban forum -- people are pissed that they're banned. I have never noticed Crimson swear at any particular person on these forums (whether in the Network Bans subforum or elsewhere) without major provocation. If you'd like, you could even review her posts here (Mr. Stalker!): http://www.renegadeforums.com/index.php?t=showposts&id=8 &rid=4243
3) I *know* RenGuard is not spyware. Yes, helping people to understand that can be difficult, but that will never go away.
4) Putting an encryption key in the registry decreases security, since it's wholly easier to read a registry key than to read process memory (and to know exactly what memory to read, you must read the code to find out where that encryption key is stored)
5) Think harder. Seriously... much harder.

My own points:
1) Open-sourcing RenGuard would reveal exactly how it prevents cheats from being used. Then, people would be able to write their own program that says that they are clean, when in fact they are using cheats. Don't say that they won't, because they will.
2) Why don't you write some anti-hack software and then try to break it without the source code? Then, try again with the source code. Once you've completed both, take note how long each took.

The fact of the matter is, if you cannot understand my #1 point, then you really shouldn't be writing software and especially not criticising those that do. It doesn't take a computer scientist to realize that any executable on a user's computer can be bent to the user's (in this case, the cheater's) will, no matter what it does nor how it does it. It also doesn't take a genious to know that that bend-to-break thing will occur in an amazingly short amount of time (hours at the very most) if the source code is available.


---
http://www.eve-online.com/download/banners/files/468x60_02.jpg

[Updated on: Sun, 02 October 2005 13:21]

Report message to a moderator

Re: Why not open source? [message #184549 is a reply to message #173500] Tue, 03 January 2006 05:22 Go to previous messageGo to next message
howang is currently offline  howang
Messages: 57
Registered: September 2005
Location: Hong Kong
Karma: 0
Recruit
Kanezor wrote on Mon, 03 October 2005 04:16


4) Putting an encryption key in the registry decreases security, since it's wholly easier to read a registry key than to read process memory (and to know exactly what memory to read, you must read the code to find out where that encryption key is stored)


ok, please take a look at HKEY_LOCAL_MACHINE\SOFTWARE\Westwood\Renegade, there is a value called 'Serial' which contain your Renegade cd key in encrypted form. Steal this string and put it in your own PC's registry makes you own the key.


Thanks blazer for the xwisp! My dream comes true!
<Ghostshaw> duh
<Ghostshaw> its awesome
<Ghostshaw> cheat the cheaters :P
Re: Why not open source? [message #184550 is a reply to message #172987] Tue, 03 January 2006 05:31 Go to previous messageGo to next message
howang is currently offline  howang
Messages: 57
Registered: September 2005
Location: Hong Kong
Karma: 0
Recruit
mac wrote on Tue, 27 September 2005 18:48

It's not usefull when it comes to security related products

Have you hear about linux? Almost most softwares are open source include the security releated softwares such as iptable. Why crackers can hack a closed source Windows easier than an open source Linux?


Thanks blazer for the xwisp! My dream comes true!
<Ghostshaw> duh
<Ghostshaw> its awesome
<Ghostshaw> cheat the cheaters :P
Re: Why not open source? [message #184553 is a reply to message #184549] Tue, 03 January 2006 06:17 Go to previous messageGo to next message
Kanezor is currently offline  Kanezor
Messages: 855
Registered: February 2005
Location: Sugar Land, TX, USA
Karma: 0
Colonel
howang wrote on Tue, 03 January 2006 06:22

Kanezor wrote on Mon, 03 October 2005 04:16


4) Putting an encryption key in the registry decreases security, since it's wholly easier to read a registry key than to read process memory (and to know exactly what memory to read, you must read the code to find out where that encryption key is stored)


ok, please take a look at HKEY_LOCAL_MACHINE\SOFTWARE\Westwood\Renegade, there is a value called 'Serial' which contain your Renegade cd key in encrypted form. Steal this string and put it in your own PC's registry makes you own the key.

Have you actually tried doing that? Because I actually know what I'm talking about when I say that doing only that will result in a different (and most likely invalid) key.


---
http://www.eve-online.com/download/banners/files/468x60_02.jpg
Re: Why not open source? [message #184559 is a reply to message #172723] Tue, 03 January 2006 08:06 Go to previous messageGo to next message
Ghost Assassin is currently offline  Ghost Assassin
Messages: 5
Registered: January 2006
Karma: 0
Recruit
Not to be a damper on high hopes, but regardless of wether renguard is open source or not, what is to stop cheaters from making a "fake or "cracked" renguard. I know you guys have seen it before, cause I have too. I have owned Renegade since the beginning, and watched it develop. I have also done the same with renguard. Now there are some things about renguard that I absolutely do not like, but all around, I think it does a fairly good job. The point is regardless of wether renguard is open source or not, some cheaters have programming skills too, and therefore have the ability to crack it. If it were to be open-sourced, this would only make their job easier.
Re: Why not open source? [message #184561 is a reply to message #172724] Tue, 03 January 2006 08:55 Go to previous messageGo to next message
Goztow is currently offline  Goztow
Messages: 9737
Registered: March 2005
Location: Belgium
Karma: 13
General (5 Stars)
Goztoe
mac wrote on Sun, 25 September 2005 07:04

Not going to happen. I'm a fan myself of GPL software and have released several of them licensed under the General Public License. RenGuard is not one of them, for obvious reasons.

having the source code available means everyone can modify the software as they wish, and release their own versions, defeating the entire purpose of this software. There may be only one valid version at the same time, and we're the ones that are releasing it.

if you do not trust this software, use tools like regedit/regmon to see what it is actually doing on your system.. or just don't use it.

Aaaaaaaaaah memories: a post of Mac!


You can find me in The KOSs2 (TK2) discord while I'm playing. Feel free to come and say hi! TK2 discord
Re: Why not open source? [message #184564 is a reply to message #184553] Tue, 03 January 2006 10:31 Go to previous messageGo to next message
howang is currently offline  howang
Messages: 57
Registered: September 2005
Location: Hong Kong
Karma: 0
Recruit
Kanezor wrote on Tue, 03 January 2006 21:17


Have you actually tried doing that? Because I actually know what I'm talking about when I say that doing only that will result in a different (and most likely invalid) key.


Don't know but it works for a complete system clone (HDD clone).


Thanks blazer for the xwisp! My dream comes true!
<Ghostshaw> duh
<Ghostshaw> its awesome
<Ghostshaw> cheat the cheaters :P
Re: Why not open source? [message #184565 is a reply to message #172723] Tue, 03 January 2006 10:42 Go to previous messageGo to next message
Scythar is currently offline  Scythar
Messages: 580
Registered: February 2003
Location: Finland
Karma: 0
Colonel
And in addition, making RG open source would probably increase the RG userbase with some 3, maybe even 5 users Huh . There aren't that many coders around here that won't use RG because they don't know what it does.

There's a hole in the sky through which things can fly.
Re: Why not open source? [message #184566 is a reply to message #172723] Tue, 03 January 2006 11:53 Go to previous messageGo to next message
Crimson is currently offline  Crimson
Messages: 7429
Registered: February 2003
Location: Phoenix, AZ
Karma: 0
General (5 Stars)
ADMINISTRATOR
Well, it's entirely too easy to see exactly what RenGuard is doing by using RegMon, FileMon, and a packet sniffer. You really think we could get away with over 20,000 installations without someone noticing if we were doing something we don't disclose?

Also, regarding swearing: I personally don't have a problem with swearing and swear often myself. I don't generally use foul language when I'm trying to communicate something in a professional manner. But, if you are THAT offended at reading foul words on your screen, then you need to take a hard look at yourself and think about why on earth you are upset by it. I don't have a good justifiable reason to censor "bad words".


I'm the bawss.

[Updated on: Tue, 03 January 2006 11:54]

Report message to a moderator

Re: Why not open source? [message #184761 is a reply to message #184561] Thu, 05 January 2006 06:51 Go to previous message
mac is currently offline  mac
Messages: 1018
Registered: February 2003
Karma: 0
General (1 Star)
Administrator/General
Goztow wrote on Tue, 03 January 2006 10:55


Aaaaaaaaaah memories: a post of Mac!


Sarcasm Uhh.. I'm still here, though not really active.


Quote:


danpaul88: buggy bugs brenbot because buggy befriends brainlessness

Previous Topic: Renegade Quick Match problem
Next Topic: CP1 Loadscreen Text
Goto Forum:
  


Current Time: Thu Nov 07 16:26:08 MST 2024

Total time taken to generate the page: 0.01413 seconds