Just had my first warp hack experience

LOL really? Server side. You think these people are actually hacking into the EQ servers to warp around?

I laughed at that too.

It's not server side. It's just modifying the location in memory on the client. If they recorded every single movement you made and audited it, they could easily see when people are using a warp hack, but...

The first problem is that it would take more hard drive space than is available in the world to track every single movement that every single person makes on every single server every single second. In other words, it's not going to happen.

The second problem is that there are valid reasons for your client to say you are at x location that just happens to be a lot further away than the last location that was reported to the server. It's called lag. If they didn't allow for lag, your character would be rubber banding all over the screen as the server corrected your location over and over.

Now, what they can do (and for all we know, they may already do this) is log every time your character's current location is "greatly" far away from it's last reported location. In other words, if you are on one side of the map, and the next second you are completely across the zone on the other side, it could flag that for later auditing.

This still would not be a 100% automated way to detect warpers though. It still could be lag or a bug. There would need to be someone that gets notified when an account starts racking up warp hits. Then they could evaluate the data, and determine if the individual in question is actually using a warp hack.

IMHO, a much simpler and more elegant solution, and one which is used in a lot of non-gaming applications, is to encrypt the location data in the client. The actual location fields would be part of longer 256-bit encrypted strings which can't be broken by simple reverse engineering. Even if they knew the word addresses of the location fields, inserting arbitrary values into those fields would simply port your toon to oblivion. Unfortunately, encryption technology is not well understood in the gaming industry as a whole.

Nor is it understood by most people. Let me know how many CPU cycles it takes to encrypt all that data on both the PC and the EQ server.

256 bits per character, that's four 64-bit words. Not a whole lot of CPU cycles.

Since the communication is bi-directional the encryption keys would be in memory so really only creating an extra step, I seem to recall them trying something like that for spawn info list on zone in to thwart magic track and it only ended up taking people a few extra hours to break it most patches.

Even using something more basic like a quickly changing random number or timestamp and a quick crc to ensure that the method for changing location is used wouldn't really help. It might stop the dumbest of memory hackers, but anyone with a little experience can simply find that method location and disassemble it to figure out the algorithm. Or anyone with a little more experience would just set the stack up and jump to the method.

The problem really lies with the memory/udp coordinating system that is used. It was actually a pretty clever and impressive set up (kind of) back in 1999 when they wrote the game for dial-up connections and an audience with limited access to the sort of tools that people use to do this kind of stuff. Now days it seems ludicrous to trust the client so much.

There are lots of checks they put in for things over time, but the nature of movement in EQ makes it a little harder than just adding a check for "is this new data consistent with what we know?" However it does seem like a problem that could have been solved since the zone maintains heading, velocity, etc. and there are a finite number of things that force change a players raw position, all of which should be able to be checked server side.

On the other hand, half the time I get feared in plane of fear I end up teleported to 0,0 and I would rather not get flagged for warping when I forget to put my resist gear in. I've seen a few people warp over the last few TLPs and all of those people eventually got banned because it's pretty obvious and super weird looking.

Okay, sorry, let me rephrase, the other way was just simpler to state. One type of hack does not inject into the client, whereas the other does.

The one that does not inject into the client is virtually untraceable, because it does not do anything different than a person who is physically there would be doing themselves. It targets PCs/NPCs and performs actions. It moves, it casts, it does this and that, but it doesn't need to be intrusive to do so. Doesn't mean it can't get you banned, it just means it "safer" to use, especially if you're actively there and able to respond and/or stop the bot when a GM contacts you.

Then the one that does tells the server I am at X, and the server complies "Oh, okay, so you are!" Or, "I am going X speed!" Oh, okay, let me update that for you then. I am hitting at X speed. Sure thing buddy! This IS traceable. Because it forces the server to update these details in a way that isn't normally possible. Yes, lag can cause rubber band effects. Which is why, when this behavior is detected, we'd want a GM to go and watch the person. I've argued this point previously whenever someone said, "P99 can trace it!" That they can. In the same way DBG can trace it. It shows up as a flag saying someone is moving at a speed not possible, or moving from A to Z at a speed not possible. Then, a GM from P99 goes and watched the person to see if it is in fact lag or they are warping/speed hacks/etc..

The difference between P99 and EverQuest is that P99 is not only a smaller community, but they also have more GMs available to them. So, they have people that are monitoring this, they have people who are in-game all day to take petitions and watch for foul play. DBG does NOT have this anymore. So, reporting players that are warping is the best way to get the attention of the GMs for the game. When they receive a report, they CAN check the logs and then monitor those players in-game. Those logs ARE there. This is how people got caught back when SOE ran the game and actually had GMs and took the time to actually read petitions and do a job.

No one suggested they ban without confirming. But reporting a situation allows a GM to do their job and get out there and confirm. If nothing else, it allows a GM to flag an account to be monitored.

The method(s) involve PhD-level applied math. Data encryption is hard science. If, done properly, it was as easy to reverse-engineer as you make out, then nobody's bank records would be safe, and 100% of the US population would have had their IDs stolen by now. Keys are divided up between client and server, so even identifying memory locations for a client-side piece of key won't help the hackers crack the algorithm in any reasonable amount of time.

Having said that, of course, it must be noted that a small-scale gaming company like DBG is unlikely to invest what it would cost them to use state-of-the-art technology. There are mid-range options that aren't very expensive to use, but would still slow down the hackers for at least a few months at a time before an updated algorithm needed to be patched in. It would make sense to patch the encryption whenever a new TLP is released.

It seems like the real problem lies in the fact that the game relies on the client to make decisions that should be made by the server.

In bank record parlance, this would be the equivalent of you being able to decide how much money you have or being able to transfer out more money than you actually have. You can use your banking client to tell the bank how you want to manage your money. But the bank's server decides whether or not that is possible (e.g., whether you have the funds and are allowed to transfer them).

With EQ, the client seems to tell the server where the character is, instead of the server controlling that seemingly important function.

So it seems to me that encryption isn't nearly as important as server-side control. All inputs from the client should be treated as suggestions; as "what the player wants to do." But ideally, the server should always control whether or not the player's wishes come true.

Do I understand that right?

Not really true. Even without the warp hacks it still inserts custom .dll files into the game which can be seen by DBG.

Yes, but the work involved would be close to making a new game. Look how many years it took them to just move kick and other abilities to be server side.

And modern games often seem to suffer from the same design issue. Even if the technology exists to create games that don't need to rely on client-side processing, it appears that game companies continue to utilize client-side processing to cut server and bandwidth costs.