of our series we saw some of the reported examples of the
exploits that are taking place in EverQuest
primarily on the Time Locked Progression Servers. In Part
we spoke with two individuals who had experience in
limiting the ability to hack on their emulated servers. In our final
part today we approach Sony Online Entertainment to find out what can
be done from their end to put a stop to the hacking.
We had determined that the early fixes that Rogean and Haynar had
implemented on their emulated servers may not be ideal on a large
commercial scale for SOE. However, since the time of the interview,
Rogean did contact me with some updates.
"Using packets with unpredictable variables to crash a client running
MacroQuest was just the beginning for us," Rogean began. "Even
selectively using that method, many of the hack programmers found new
ways to 'toughen' their distributions to make them impervious to the
sort of vulnerabilities that we exploited to detect them... We came up
with a brand new system of detection that we were able to embed into
the client directly without actually modifying the client itself.
Through this system we can then keep a watchful eye on the memory space
of the client. We can check to make sure that there are no external
modules loaded into the client that are reading or changing the
client's memory. If this system detects this, it sends the name of that
module with a specific flag to the server, which logs it for later
review. All of these flags came back as MQ2Main.DLL on Project 1999.
This system introduces a whole new level of detection available to us
that can also be adapted to the hackers' attempts to avoid it. They may
try to avoid it, but they are taking the chance that we alter our
detection to pick up on them and they lose their main character. In
most cases, this is not worth the risk."
The bigger issue that SOE may face is that once the cheaters are
comfortable using the hacks and do not see punitive actions taking
place against the hackers, they feel all the more confident that they
can get away with using them.
"It's just like if in real life," Rogean continued. "If you don't see
many police pulling over speeders or you get away with driving faster
and faster over time, you get comfortable driving those speeds... until
finally you get pulled over.
"That's what we did. We pulled over 365 people at once, publicly, and
that will stick in everyone's minds that we take our anti-hacking rules
very seriously, and we won't give up trying to detect them."
I called up Thom Terazzas, Producer of EverQuest. If anyone knew what
SOE was doing or would be doing to combat the hacks, it would be him.
Thom was familiar with the problem. He also knew the importance in
letting players know that bans are happening.
When we spoke about customer service vocalizing the bans Thom
recognized that it hasn't been happening much lately.
"I don't think they've done it recently as far as notifying the
community about mass bannings," he said, "but it is a big deal to us
too... I think what we need is just a little more promotion of
information from CS a little more often on the message forums--just to
let them know we're on to them."
Even though it is a concern to Thom and his development team, it may
take some time yet before the issue can be fully addressed.
"Obviously there's a lot of juggling we need to do in order to make it
a priority," he continued. "The expansion, [Veil
], is something that we're really focused on right
now. That has gotten, I would say, 80 percent of the[development] focus
here. So doing anything that dramatically combats the hacking is
something that we would really like to do, but it is not something
we've been able to do."
That's not to say, however, that no time has been spent investigating