|
Greetings! I have a fairly popular Unity powered multiplayer game which always calls Network.InitializeSecurity before firing up a server. Someone recently did me the honor of creating a Unity powered cheat client specially for my game, and this client can call any rpc it wants to on any computer connected to the game as if it were the server. It's now in the wild, and my game is basically unplayable most of the time. Since his client can call Network.InitializeSecurity just like mine can, isn't the entire idea of network security irrelevant? If there any way I can "seed" my application's security with something that will make it incompatible with every other Unity application out there?
(comments are locked)
|
|
My solution to this would be to develop your own security system, for an example, the server sends a random password to every player on connection and sends the same password when callingR PC on this particular client.
(comments are locked)
|
oupss.... thanks for reporting this.
Bump? Anyone have any more information on this?
@raoz: I was considering adding a random cookie, or something like that, but not sure how much security that would really add. I guess it depends somewhat on how the current hacks work. Man in the middle may be able to sniff out the password (I'm no expert on this though). I suspect it would at least make things a little harder, if nothing else.
Was hoping the original poster could relay any updates on this issue, if there have been any. What they've tried and whether it worked, or if Unity devs had anything to say...