Kryptos

Don't bullshit yourself xavier. Firstly, IPv6 is nothing new, as I previously mentioned. Having support for it for the past 18 months is nothing big considering that documentation of IPv6 goes back to 1998, as well as before that. That still leaves five years of unaccounted progress on the IPv6 protocol on Microsoft's behalf. I will however apologize for my inaccurate timeframe as I have not been a Windows user for some time and am not aware of their current status. But, that brings me to the question; who are you to stick up for Microsoft in the first place? You accuse me of being the voice of authority on RFC standards when I merely discussed what they were and where they are located, and then you immediately dive into the Microsoft world as though you're their official spokesperson, so please refrain from being hypocritical and unjust. As far as security standards go, there are security groups out there that maintain exploits that have yet to be released, referred to as "0 day" groups. Now I'm not saying that these groups are easy to find, but if someone has access to a group like this then they have access to exploits that haven't even entered the computing world yet. As well, considering your argument pertaining to firewalls, a quick Google search returns documents similar to the one found here which goes over similar techniques that I was referring to; tunneling, mapping ACL rules, etc. Also, you don't necessarily need an exploit to gain access to a system, in fact, as seen with Kevin Mitnick, one of the best methods is through employee incompetence, otherwise known as social engineering. I understand what you were trying to get at, with exploits such as the Cisco WLSE/HSE Default Username and Password Vulnerability that was recently uncovered, as well as the ISS BlackICE ICQ Parsing Buffer Overflow Vulnerability. If the patches are applied correctly, with the exception of the Cisco vulnerability that can't be patched, then a system maintains a much more secure nature against exploit code usually used by Script Kiddies, however, if an attacker who understands the infrastructure of the Internet wants to gain access to a highly secure system then they'll stop at nothing to get what they want, and those are the attackers that are impossible to defend against. As well, in reference to DoS, DDoS, and DRDoS attacks; DoS (Denial of Service) attacks, such as the Kiss of Death Attack, are normally defendable against since they are older and outdated, routers and firewalls can be configured to discard packets that are similar to ones used in DoS attacks, and can also be configured to block specific hosts, although some bandwidth lag may be noticed. As well, the attacker is easily traced since they directly interacted with the target, unless they routed through numerous systems. DDoS (Distributed Denial of Service) attacks are much more difficult to defend against, they use a distributed means of attacking the target; generally the attacker installs software on remote systems that will be used in the process of the attack, these are called zombies. The attacker then sends the zombie's messages to tell them to commence the attack. This means that no direct interaction between the target and the attacker takes place, making it much more hard to trace in the aftermath, although the attacker did install remote software on the attacking systems which means that if someone gains access to one of those systems and the attacker was sloppy and forgot to remove entries from the log files then they can be traced. Finally, DRDoS (Distributed Reflective Denial of Service) attacks are both the most dangerous and the most difficult to trace. One of the more notable forms of this attack is the BGP (Border Gateway Protocol) attack. The BGP protocol is used by the core routers of the Internet to exchange routing tables as well as perform numerous other tasks. In this attack the attacker sends tainted packets to the core routers telling them that the target is requesting to swap routing tables. This immense amount of data then forces the target machine offline. The problem with blocking this type of attack is that it is unreasonable to block core routers because that would, in the end, block access to the Internet. Ciao, Kryptos

A lot of people are missing the point as to why having synchronized pedestrians and vehicles is impossible, or at least extremely difficult. As someone previously mentioned, bandwidth is the first obvious limitation; as well, the MTA engine itself uses the same memory addresses that are occupied by pedestrians and vehicles to synchronize the multiplayer aspect of the game. As far as the traffic you see in GGM goes, which isn't synchronized, it's run through the natural game engine and files, thus not largely consuming any extra space, although the problem with that is that if one player steals a pedestrian's vehicle then the vehicle will appear from no where on the other player's screens. There is one method that could possibly be approached to sychronize pedestrians and traffic, assuming bandwidth and computational power are no factor. First, the server would have to be running a global version of the game, an extremely hacked version at that, generating real-time traffic and pedestrians at all locations and keeping their actions documented at all times, thus the server would have to be extremely fast and have a large amount of RAM (Random Access Memory). When a user enters an area that area's pedestrians and traffic are then directed to the client which is updated, the previous areas pedestrians and traffic are overwritten with the new area's data. Of course, this method must work in a cascading fashion so that the traffic and vehicles don't immediately disappear. Of course, this system is hypothetical and follows similarly to my MMORPG methods of allowing the GTA game engine to cope with larger amounts of players, e.g. if the player is in 'Downtown' there is really no use to load the players in the 'Ocean Beach' district. The method this uses is a radius checksum algorithm, all users within a specific radius, or in this case all pedestrians and traffic, are loaded based on the coordinates of the user, checked by the server. /* The code contained here is server-side; the server is meant to calculate what packets the user gets based on their coordinates. This code is just an example, and contains errors and missing data. Also, no timers were included, and this code should continually update based on what the server's bandwidth can cope with. The code defines arrays based on holding 20 vehicles and 20 pedestrians in any one area at a time, thus not overloading the client. This code is also missing things like "ped_look_x", "ped_look_y" and other such values that are necessary. */ double car_x[20], car_y[20], car_z[20], ped_x[20], ped_y[20], ped_z[20]; // No point in returning any values in example code. void city_packet(double *x, double *y, double *z) { double x_min, x_max, y_min, y_max; x_min = (*x - 20); x_max = (*x + 20); y_min = (*y - 20); y_max = (*y + 20); /* Assume we have a function called get_data(double *x_min,...double *y_max) that updates the traffic and pedestrian locations to suit the user's new location. */ get_data(&x_min, &x_max, &y_min, &y_max); /* From here, let's assume that get_data(...) has updated the global variables. */ /* Assume we have a function called send_city(double *car_x,...double *ped_z) that contains network code to send traffic and pedestrian packets. */ send_city(&car_x, &car_y, &car_z, &ped_x, &ped_y, &ped_z); } /* You'll notice this code doesn't feature a radius algorithm, rather a square algorithm. The area of the square in this case is 40 x 40, or 800 square units, which is perhaps too many. The major problem with this is that it updates for every user on the server numerous times per second, ergo the algorithm consumes large amounts of the processor, the RAM must hold data for all traffic and pedestrians on the server, and an extensively large amount of bandwidth is created. As well, take into account that this code uses extensive amounts of pointers to simplify the processes. */ Anyway, the reason it is technically impossible is because no one has a T3 or OC-xx line installed, the costs are too significant, and computational speed has yet to reach the needs of a standard server for this idea. As well, the amount of time that would have to be dedicated are too immense, so don't expect to see anything like this in the near future. Ciao, Kryptos

It's really funny when you see so many misconceptions about firewalls, routers, and overall Internet/Intranet security implementations. As well, IPv6, talked about in more detail in RFC 2460, is no new concept. It has been in the works for quite a long time now, but hasn't been fully implemented on a global scale. Firstly, firewalls and routers don't close every port on your system, they use an ACL (Access Control List) to filter packets based on their type and the port they are attempting to enter through. This is merely implemented to provide better security, which is ironic because it only briefly postpones the time it takes for an attacker to breach a target. It does however help stop DoS (Denial of Service) attacks, as well as other variations, e.g. DDoS, DRDoS, etc. So, perhaps you will have to modify the ACL rules to a slight degree, but MTA can just as easily add a snippet of code to work around this problem, or add a tutorial to the site to help change the rules so you can still play MTA. Second, as mentioned before, IPv6 is nothing new. In fact, the point that Windows is just now adding support into their Operating System for IPv6 is quite humerous, although I'm not quite sure how much support is currently available. Linux programmers have been working on IPv6 support for a few years now, and it's taken quite some time to get the current code to where it now is. Anyway, feel free to argue my points. And if you were wondering, RFC's are Request for Comment documents that have been compiled since 1969. Every, or nearly every, protocol that has ever been devised has been documented in the RFC database. There are also numerous other pieces of information in the database, ranging from security to DoS attacks. Ciao, Kryptos

When people get their hands on something, source code in this case, they want their moment in the spotlight; they quickly modify the code to make it appear as though they created it, even though they haven't spent any time developing it or doing any work on it whatsoever, aside from the recognition modifications. Now if you find it hard to understand why this is so wrong, especially considering the fact that YaMM was never officially released to the public domain, then try looking it through a metaphorical viewpoint; you worked for countless hours on source code that was evidentally stolen by other people and completely modified so it in no way gave you any credit for your work, how would you feel? Now let's say that YaMM was released under the GPL (GNU General Public License) agreement, which is used for open source software. The GNU states that, although you can modify the program, you must give the original authors credit for their work. So even if this had of occurred the thief would still be violating the programmer's agreement. As well, take into account time. To completely design a multiplayer mod of this size in the timeframe of a few days or weeks, I'm not sure what the exact count was, with a team of only one person it is nearly impossible. You would have to be a near perfect programmer, which I have yet to see. To end this off, what was done was in no way or form right, it is impossible to even justify this fact. The same applies to anyone else using the source code, especially those idiotic enough to admit to doing so in public forums. In a perfect community everyone who wishes to help out would do so, the source code would be available to everyone since no one would cheat, however this is impossible because the world is in no way an utopia. Anyhow, what I have said is merely my two cents, feel free to disect and attack what I've said; it's your right as a conscious entity to do so. Ciao, Kryptos

Fame, although equitable, is oftentimes not the motivation of a team, although it has been in some isolated circumstances. When someone sits down and decides to work on a project of this size for an extensive time period it's never purely for their name in the credits, rather it's to allow that person, or group in this case, to expand their knowledge on the subject at hand while offering the public a useful service. I assure you that every member of MTA has gained numerous lessons since the original release. Ciao, Kryptos

For now GTAWO will be using GtaT, but soon we will be a completely seperate mod in which we will use only our own modifications. I am currently coding the Client/Server platforms and working on the SCM synchronization and such. The trailor has been released as well, its on the http://www.gtaworldonline.tk site. Thanks for your patients. Kryptos