Discussion in 'WIP and Development Status' started by SirJava92, Dec 12, 2014.
@SirJava92 Java and you won't allow decompilation while used on Bukkit? That is pretty amazing.
BTW: Some prove that you are the original developer of Nodus?
@SirJava92 Can we please have a bit of proof you are the developer? We have seen that it is being made by a SirJava.
If you are the right one then all I can say is, respect to you sir. Help the community against hackers.
I'm kind of confused lol.
How do you mean this?
@SirJava92 The fact that your name is in the launcher etc doesn't prove that you are the developer. Identity theft is a thing.
And still: how do you see this working? Everything on here must be checkable and decompilable.
that will be a problem.
Excellent choice! I see you have chosen to rely on the tried and tested tactic of security by obscurity! That was a fantastic decision!
I will rest assured know that your secrets are indeed safe behind the impenetrable wall of obfuscation. Also, choosing to violate the GPL license that accompanies Bukkit was another great design decision!
All in all, I can't wait for your fantastic plugin to be thwarted in a matter of days by people trying to program around it.
Nice sarcasm, haha.
I know that nothing is safe but we are here at minecraft, some 12 years old kids are writing (mostly skidding) hack clients, they don't even know the word 'obfuscation'. The major biggest hack clients will not even try to bypass this system. If someone succeded a bypass, good job, you wasted you'r time. I know that nothing is 100% detectable or secure, but it give's a lot of more security then ncp.
@SirJava92 But without decompiling we don't know if your plugin is secure.
"I only give out a way to decompile to the highest bukkit team member, so he can be sure that no Virus is inside."
@SirJava92 That won't do the trick on Bukkit. Read the articles @mythbusterma posted.
So what's stopping me from believing that you downloaded NCP and did some nice little edits the messages it gives out?
Your website(?) (the team-radon one) is, from what I can tell, is merely a wrapper around it's .de counterpart.
Nice pingback to the XMLRPC btw.
As long as no code is provided you can't claim anything "high performance" or ever "anticheat".
This forum already saw many "high performance" plugins with threadsleep inside main thread...
As for java obfuscation, there are lots of debugging and profiling tools available for developers, no matter how strong obfuscation is, codeflow can be restored, its only matter of time.
Any attempts from code's side to resist debugging shattered with custom build JVM and in simple cases with agent and class instrumentation.
I suggest creating a GitHub repo.
Because it have a noknockback and forcefield detection (Not just the old way with NPC's).
The thing is: the obfuscation should prevent the decompiling for Kids, that create the hack clients. I doesn't matter if someone decompile it, but there will only a few peoples doing this, and that's what i want.
@SirJava92 If you obfuscate it you won't even be able to put a download up
of course i can. maybe not here, but i will.
Good luck with it.
Even if you say you only develop Nodus or any "hack client" for money. You still contributed to the reason we need anti cheat systems in the first place.
I personally would not trust any project you upload.
@SirJava92 btw you should fix a glitch I found on every anti cheat that allows you to fly xD
@extended not rly, mojang is mostly the reason. The community knows hundres of fails & bugs in the servers and they just working on RABBITS or HORSES
Instead of starting another large project (this plugin), why don't you fix the buggy Nodus?
Even if you do create this "Hight performance" anti-cheat plugin, who says that people are going to trust you? Think about it, you're claiming to have created one of the most popular hack clients why should anyone trust what you want them to download? Unless they can see the source code to see that your plugin isn't malicious they won't. Most server owners won't know how to decompile/de-obfuscate the plugin and just won't trust you.
Have you even thought through the implications do obfuscating your plugin past the point of "It stops 'kids' from looking at the source code"?
Edit: Looking at the "speed detection try outs" video I can't help but feel that players using any speed potion (That can be used in vanilla minecraft) will cause the player to be shown as hacking when, in fact, they're not.
I know you people have doubts about this project so why are you giving it more attention than it deserves?
Do you really think that everyone here want to down any project for arbitrary reasons? @teej107
this about process, if developer change his mind and post code to evaluate and review - its ok ever if he reject to do so for long time.
Bukkit's GPL license has absolutely no relation with this.
You can't release closed software in Java that utilises an open source library, so yes, it is very related.
In that case, I have to say, this license is insanely stupid.
And great to see that 90% of my linux softwares violate that license.
Most of the Linux kernel's libraries are LGPL, which does permit this kind of usage. Furthermore, almost all of the software you use on a Linux system is open source. Also, the rulings on using GPL linkings in non-GPL software is fuzzy at best, with arguments on both sides, since any libraries software uses are going to be dynamically linked anyway.
But, GNU has been quite strict about their usage in Java, despite it's strictly runtime resolution. Yes, GNU GPL is a pretty awful license in that regard, but it is what Bukkit chose to use.
Separate names with a comma.