Ransom Posted February 17, 2013 Share Posted February 17, 2013 Stolen resource accusations ARE NOT ALLOWED. Some users are coming into this forum and accusing servers of stealing resources. This obviously causes endless pages of fighting. Guilty or not, they make the accused server look guilty. Beyond the security measures provided by MTA it is your responsibility to secure your resources. Most of the problems arising from your failure to do so, aren't things MTA developers or support staff can arbitrate. If there is a problem with a server somehow abusing the server list (ie cloning another server name), then file a moderation report through https://forum.multitheftauto.com/topic/26205-server-list-spam/ and we will consider that. We will also consider invididual reports about leaked or stolen gamemodes, just don't post it in public and cause drama all over the forums. Join Discord and request to be added to private support — do not send messages to me. 2 Link to comment
Ab-47 Posted March 19, 2013 Share Posted March 19, 2013 I support this rule, I totally agree with you on this. Server owners should compile their scripts or keep them in a safe place, nothing MTA team could do about that, unless ability to compile those files in the "Mods > Deathmatch > Resources", after the download of a servers resources, or even set restrictive access to those files. Well, I still agree with ya. Link to comment
Sex* Posted March 20, 2013 Share Posted March 20, 2013 I support this rule, I totally agree with you on this. Server owners should compile their scripts or keep them in a safe place, nothing MTA team could do about that, unless ability to compile those files in the "Mods > Deathmatch > Resources", after the download of a servers resources, or even set restrictive access to those files. Well, I still agree with ya. Compiling is pointless because you can decompile them very easily. But FFS has some part in the script that if u decompile it, it will not be usable and is pointless. But idk how to do it. Link to comment
AMARANT Posted March 20, 2013 Share Posted March 20, 2013 So what's the best way to protect our scripts? Maybe this? Link to comment
Anderl Posted March 20, 2013 Share Posted March 20, 2013 I support this rule, I totally agree with you on this. Server owners should compile their scripts or keep them in a safe place, nothing MTA team could do about that, unless ability to compile those files in the "Mods > Deathmatch > Resources", after the download of a servers resources, or even set restrictive access to those files. Well, I still agree with ya. Compiling is pointless because you can decompile them very easily. But FFS has some part in the script that if u decompile it, it will not be usable and is pointless. But idk how to do it. That is wrong. So what's the best way to protect our scripts? Maybe this? Use the cache attribute in your client scripts (it can still be stolen, but it's much harder and only a person with true knowledge in networking would be capable of stealling it). Link to comment
FFS-Racing Posted March 21, 2013 Share Posted March 21, 2013 I support this rule, I totally agree with you on this. Server owners should compile their scripts or keep them in a safe place, nothing MTA team could do about that, unless ability to compile those files in the "Mods > Deathmatch > Resources", after the download of a servers resources, or even set restrictive access to those files. Well, I still agree with ya. Compiling is pointless because you can decompile them very easily. But FFS has some part in the script that if u decompile it, it will not be usable and is pointless. But idk how to do it. That is wrong. Is it though? Link to comment
Phat Looser Posted March 25, 2013 Share Posted March 25, 2013 Best way to protect your resources: Put the important part SERVER SIDE. Done. Link to comment
Ab-47 Posted March 25, 2013 Share Posted March 25, 2013 Best way to protect your resources:Put the important part SERVER SIDE. Done. What if the important part was client sided only? Link to comment
Castillo Posted March 25, 2013 Share Posted March 25, 2013 You can send the code from server side and execute it client side. 2 Link to comment
Kenix Posted July 3, 2013 Share Posted July 3, 2013 Best way to protect your resources:Put the important part SERVER SIDE. Done. Only where it needed. Link to comment
Atton Posted October 19, 2013 Share Posted October 19, 2013 Considering how scripts can be made and the measures that can be taken. Pretty much no one has legitimate grounds to complain. I agree with this rule. Link to comment
myonlake Posted November 2, 2013 Share Posted November 2, 2013 (edited) The rule is fine, but the fact is, no one can protect their scripts. MTA has clearly not looked at this common issue very well. Most of the scripts that have been stolen are stolen with attacks and hacking through illegal measures. It's not something anyone can just "protect" as you say. Even if they all were compiled, they'd still be able to get a copy of the files from the source with hacking. And yes, people do hack through layers of firewall in order to get codes. Your compiling measures and encryption is only useful for client-side files. Valhalla Gaming code was stolen, or actually leaked, by a former MTA developer. So why should we trust MTA on all these things. Nobody wanted the code to be stolen, but it still was even though the owners tried to go against it. It might be late now, yes, but you could just think about the whole idea instead of just telling us to keep them safe. Even your networking module can be found from some developer's computer for sure. Had to come straight with this because I'm annoyed. Edited November 3, 2013 by Guest 1 Link to comment
Infinate Posted November 2, 2013 Share Posted November 2, 2013 Valhalla Gaming code was stolen, or actually leaked, by a former MTA developer. So why should we trust MTA on all these things. Nobody wanted the code to be stolen, but it still was even though the owners tried to go against it. That's a very heavy accusation, I was wondering if you could back it up by proof. 1 Link to comment
myonlake Posted November 2, 2013 Share Posted November 2, 2013 Valhalla Gaming code was stolen, or actually leaked, by a former MTA developer. So why should we trust MTA on all these things. Nobody wanted the code to be stolen, but it still was even though the owners tried to go against it. That's a very heavy accusation, I was wondering if you could back it up by proof. Mabako leaked the code - you can even go and ask himself about it. He also admitted it in one the files that he published with the gamemode. 1 Link to comment
Atton Posted November 8, 2013 Share Posted November 8, 2013 The rule is fine, but the fact is, no one can protect their scripts. MTA has clearly not looked at this common issue very well.Most of the scripts that have been stolen are stolen with attacks and hacking through illegal measures. It's not something anyone can just "protect" as you say. Even if they all were compiled, they'd still be able to get a copy of the files from the source with hacking. And yes, people do hack through layers of firewall in order to get codes. Your compiling measures and encryption is only useful for client-side files. Valhalla Gaming code was stolen, or actually leaked, by a former MTA developer. So why should we trust MTA on all these things. Nobody wanted the code to be stolen, but it still was even though the owners tried to go against it. It might be late now, yes, but you could just think about the whole idea instead of just telling us to keep them safe. Even your networking module can be found from some developer's computer for sure. Had to come straight with this because I'm annoyed. Compiling works on both client side and server side scripts.Decomping scripts that are encrypted does not really seem that easy. On top of that you can make the jobs on the server dependent upon a compiled exports system, with a timer to lag the server if a code is not entered. If someone breaks into the server owners computer and steals the source code for the exports system, Then goes on and collects everything else from the server than chances are that person is jesus. However it is quite unlikely that someone with the skill to do this would do this. Link to comment
myonlake Posted November 8, 2013 Share Posted November 8, 2013 I don't see that post any relevant to the case. I know exactly how to protect my code, but to avoid getting physically hacked is not possible. And to add to the direct-steal-away mechanism; what I did was I ran it all through a table obfuscator for 100 times and made a pretty simple check on if the server is original, if it isn't, it'll spam the server until the CPU and RAM are maxed out without MTA cutting any loops or timers or resources. What this means is that whoever is hosting that server is going to have a massive issue with replacing the broken hardware, which may also end up being quite expensive. I am strict enough to protect the code itself whatever it takes, but to get the code - anyone with experience in firewalls and their biggest mistakes will be able to get to it and even bypass these features that I personally optimized for the system. Link to comment
King12 Posted January 22, 2014 Share Posted January 22, 2014 I think you have to use this function in your script and compile it in mtasa compiler. getServerName just let the script check the server name if it's the same written in script then the script will work, if it's false then the script won't work. Link to comment
Recommended Posts