The idea is simple. What if the server software checked the file sizes of every client file for consistency and looks for files that aren't supposed to be there. If it finds anything that isn't correct it wouldn't let you connect to a SMP server.
This would be a deterrent for some of the hacks, because there would simply not be enough wiggle room to include everything.
Oh and in b4 it doesn't let me use insert illegal version change client here. It's not a valid argument.
One word.... Lag
From my understanding (which may be incorrect) the client would have to download a mod to be accepted to the server. This mod would force the client to send the entire minecraft.jar to the server and the server would check it, then it would allow the client to join.
It's not the Minecraft.jar, it's the Minecraft.exe. The client is the thing that starts Minecraft and connects to servers and single player games. Don't get it confused with the jar. It's different and isn't used for most mods at least.
It's not the Minecraft.jar, it's the Minecraft.exe. The client is the thing that starts Minecraft and connects to servers and single player games. Don't get it confused with the jar. It's different and isn't used for most mods at least.
That would be very easy to counter and cause way too much stress on the server. Especially with the original already in the hackers hands, it wouldn't take more than a few minutes to bypass.
It's not the Minecraft.jar, it's the Minecraft.exe. The client is the thing that starts Minecraft and connects to servers and single player games. Don't get it confused with the jar. It's different and isn't used for most mods at least.
You, sir, are poorly informed. The exe is just the windows launcher, which checks for updates and then passes on the user's session to .minecraft/bin/minecraft.jar. The jar is a java archive, which contains all of the minecraft classes, along with the default texture pack and some other necessary and optional resources. This is also the file that is usually modified with mods, as it is minecraft itself.
/rantbackontopic
Theoretically, it's possible to force the client to do a checksum of critical files, but you'd be relying on trusting the client to provide the actual checksums. If the new save format decreased loading times, you could also force the client to re-download a sort of "core" jar, that contains the critical files from minecraft.net, when done, minecraft.net reports to the server that the client should (again, should) be clean. Client checking is a big issue, especially for java because of it's ease to decompile and recompile, and it's probably not something that notch/jeb will be looking to implement in the near future.
The third window is to basically do what the top hack clients do. Use much better obfuscation and byte-code changes to prevent most people from being able to make changes. By the time they implement this, the Modding API would be out, keeping everyone happy. Theoretically.
No security system is perfect, and because of the popularity of minecraft, said systems would age much quicker.
This would be a deterrent for some of the hacks, because there would simply not be enough wiggle room to include everything.
Oh and in b4 it doesn't let me use insert illegal version change client here. It's not a valid argument.
http://www.minecraftforum.net/viewtopic.php?f=1&t=155932
Crates
http://www.minecraftforum.net/viewtopic.php?f=1&t=239467
Item Scrolling
http://www.minecraftforum.net/viewtopic.php?f=1&t=174539
From my understanding (which may be incorrect) the client would have to download a mod to be accepted to the server. This mod would force the client to send the entire minecraft.jar to the server and the server would check it, then it would allow the client to join.
http://www.twitter.com/PoopCoolbro/
http://www.minecraftforum.net/viewtopic.php?f=1&t=155932
Crates
http://www.minecraftforum.net/viewtopic.php?f=1&t=239467
Item Scrolling
http://www.minecraftforum.net/viewtopic.php?f=1&t=174539
That would be very easy to counter and cause way too much stress on the server. Especially with the original already in the hackers hands, it wouldn't take more than a few minutes to bypass.
You, sir, are poorly informed. The exe is just the windows launcher, which checks for updates and then passes on the user's session to .minecraft/bin/minecraft.jar. The jar is a java archive, which contains all of the minecraft classes, along with the default texture pack and some other necessary and optional resources. This is also the file that is usually modified with mods, as it is minecraft itself.
/rantbackontopic
Theoretically, it's possible to force the client to do a checksum of critical files, but you'd be relying on trusting the client to provide the actual checksums. If the new save format decreased loading times, you could also force the client to re-download a sort of "core" jar, that contains the critical files from minecraft.net, when done, minecraft.net reports to the server that the client should (again, should) be clean. Client checking is a big issue, especially for java because of it's ease to decompile and recompile, and it's probably not something that notch/jeb will be looking to implement in the near future.
The third window is to basically do what the top hack clients do. Use much better obfuscation and byte-code changes to prevent most people from being able to make changes. By the time they implement this, the Modding API would be out, keeping everyone happy. Theoretically.
No security system is perfect, and because of the popularity of minecraft, said systems would age much quicker.