2012-08-16, 19:13 | Link #41 | |
Senior Member
Join Date: Apr 2006
|
Quote:
For a zero-day release where 10k player's were trapped in-game a few hours after it went live? You wouldn't need too much secrecy. |
|
2012-08-16, 19:29 | Link #43 | |
Senior Member
Join Date: Feb 2009
|
Quote:
|
|
2012-08-16, 20:12 | Link #44 | ||
Senior Member
Join Date: Apr 2006
|
Quote:
Quote:
|
||
2012-08-17, 01:00 | Link #45 | |
I disagree with you all.
Join Date: Dec 2005
|
Quote:
|
|
2012-08-17, 15:50 | Link #46 | |
Senior Member
Join Date: Feb 2009
|
Quote:
As for the rest, yeah there's very little wiggle room due to the setting. The problem is, we keep getting people complaining that there should be more wiggle due to reasons x,y,z and putting down the author, when reasons x,y,z are things that either will kill large numbers of people, assume Kayaba is an idiot or bluffing, the set up would be easy to hack, etc. For example, I've seen people going on about how easy it should be to hack the server itself. Let's take a moment to think the set up through. We are Kayaba, creator of the technology, and lead designer and programmer of SAO. We have full administrative access and rights to the servers, full authority to send out patches, etc. And we want to screw people over and lock thousands of people into a death game. To that end, we have to prevent tampering with the servers. When we pull the trigger on the whole thing, there are a number of things that would happen to lock things down. First, all users other than us have all rights to the servers revoked. You were an admin? Congratulations, you not only no longer have admin rights, your account doesn't even exist anymore. Security permissions for all files and folders are reset so that only we have access. All remaining passwords are changed to something that hasn't been used before. Services not required for SAO are shut down and firewalled. The bios are all flashed with an image that removes all but the hard drive from the boot order, and is protected with a different password. Just for good measure, he takes over the company router the same way. MAC address (for those not familiar, it's the hardware address/id burned into your network card) filtering is enabled, the list for it pulled from the players within the game. Within the SAO server software, all persons with moderator or administrative rights have their rights reset to that of a common player, are kicked from the game, or both. Log out is removed from common player menu options, the MAC addresses of all current player connections are stored, and the game refuses all connections from hardware not on the list. The servers are now no longer under Argus company control. They can not log in to them, access files on them over the network, can't even reboot without pulling the power cord. Not that rebooting will do them any good as they can't get into the bios, so the servers just reboot from the hard disk, and start up all the services, without them ever being allowed to intervene. They've essentially been locked out of their own system. Normally recovery from such an attack would have them shutting off the power, opening up the servers to reset the bios, then once they can boot to something other than the hard drive, re-image the servers from the last back up, and resetting or replacing the router. Unfortunately, that's not an option in this case. Shutting down and wiping the servers will kill everyone that's trapped. They can try shutting down and compromising just one of the servers, then reconnecting it. We're smart though, so at the bare minimum, we've got the SAO software doing the same sort of file checking that Blizzard does for it's games. More likely, we're checking everything to see if it's been tampered with, and if anything's changed, it gets kicked. Permanently kicked if we're being particularly safe. So they're basically left with trying to brute force passwords as far as simple methods go. That can take a long time, and we've made sure they don't even know what user name they'd be needing to try, nor are we allowing them infinite attempts without. So they're left with trying to find new security exploits in the operating system, or in SAO, that would let them back in, modify files, with an ultimate goal of sending a valid log out command to all players. That takes time. They don't know what changes we made with SAO. Sure they could theoretically safely sacrifice a server to get copy of the updated server, compare it to what it should be, and decompile and start analyzing anything that's changed. Easier said than done, and while it may let you know what he did, it will not necessarily let you through to change it. Remember, we/Kayaba have/has the luxury that most people attempt to secure a system don't. There are only about 10,000 machines in the world we wish to communicate with, and all of them are connected to us at the start, giving us the hardware address for them. So we can just drop all network packets originating from anything that isn't a known machine to us. So virtually all attack attempts would need to be done using MAC address spoofing, and/or man in the middle attacks. Screw up with those, and someone is disconnected too long, and killed. And the sort of hacking they'd need to do would require a lot of trial an error, and errors are likely to be killing people. So over all, it'd be a royal pain to do. Virtually every attempt made on it would be risking someone's life. Odds are good the only service you'd have access to would be SAO, and you'd effectively be poking around trying to find a root access exploit without tipping off the server that you're poking around. Worse case scenario, one of your attempts irrecoverably corrupts a database, crashes the service, and everyone dies. Far from quick, or easy, and difficult to get authorization to risk the lives of innocent people by effectively hijacking their connection. |
|
2012-08-17, 16:19 | Link #47 | |
I disagree with you all.
Join Date: Dec 2005
|
Quote:
Another would be to homebrew a protocol to connect to the server (just to fuck with the hackers). Based around whichever certificate technology's the strongest at the time. And of course, change the certificates regularly. Sounds like a pain, but again, what do I care? |
|
2012-08-17, 17:12 | Link #48 | |||||
Try me! <3
Join Date: Apr 2011
Location: Germany
Age: 40
|
Quote:
Quote:
Here's an article about "Regulation and licensure in engineering": http://en.wikipedia.org/wiki/Regulat...in_engineering Quote:
Quote:
Quote:
Where else should we speculate, if not in the speculation thread?
__________________
|
|||||
2012-08-17, 18:31 | Link #50 | |
Senior Member
Join Date: Oct 2011
|
Quote:
|
|
2012-08-17, 18:44 | Link #51 | |
Senior Member
Join Date: Apr 2006
|
Quote:
You can argue until you're blue in the face that the author is an idiot, and the anime is lame, but since the anime has not addressed any of your complaints you're not going to get ANY traction. It is the setting, and the anime has ignored your complaints from the opening minutes of the show. Case closed, no? Again, we have the basic setting that says that 10,000 people are trapped. People are very welcome to argue their interpretation, and you can argue yours. But you're complaining that the author or the anime makers are dumb because they haven't addressed your point. It's a little... off. Whether it's logical or not, they haven't addressed it yet so no one knows yet. He makes an excellent point though. You allow exactly 10k people to connect. You ID those people by whatever method you wish (hardware ID most likely). You allow those exact ID's to connect until they die. And once they die you never allow them to connect again. A home-based router that you can buy at a knock-off electronics store can limit connections to certain hardware ID's, and no one else.The government can begin tampering by killing someone and trying to take over that connection. Last edited by Adigard; 2012-08-17 at 18:55. |
|
2012-08-17, 19:15 | Link #52 | ||||
Senior Member
Join Date: Feb 2009
|
Quote:
Quote:
Quote:
Quote:
The bottom line is that while Kayaba can't make the servers unhackable, he can make it difficult and dangerous enough to severely limit what most sane people are willing to do. |
||||
2012-08-17, 21:55 | Link #53 | |
Senior Member
Join Date: Sep 2010
|
Quote:
Basically if the NervGear can kill or not isn't the question. The question is if someone is willing to exploit it to kill. Any hardware in real life can kill if purposed for, from your simple pencil to airplanes. Also you need to take into account that almost all manufactured goods are produced with higher margins/thresholds of durability so they can perform for years or extended periods without failure. So, let's take for example a CRT television/monitor. It's harmless with everyday use but all the capacitors and other stuff inside of it holds enough electric charge to kill you even after turned off. That's why it has stickers warning you not to open and only let qualified technicians repair it. Don't mention your own kitchen appliances like microwaves and other stuff. As for durability and perfomance. Take for example your basic computer processor rated at 2-3GHz. Most of them come from the same silicon waffer but the speed ratings are basically limiters/multipliers/clock rates imposed on the chips in the factory. That's why you can overclock your processor to 6 Ghz or even 9 Ghz, how long it last before it fries depends on the cooling of course. Same with another day to day machine. A car with an average 200 HP at 6000RPM. How many people tap the full potential of such engine? most people won't use more than 30% of that power and won't rev it beyond 3500RPMs. But a racedriver on a race track might, but also the engine and car components would need more frequent maintenance since it degrades them faster. Also the tires on a day to day basis last upwards of 50,000 miles, but take them to a race or drifting and they won't last more than a few laps totalling a few dozen miles. There are a lot stuff on your daily life that looks harmless but can kill you. Even your little 9V battery powers stun guns and tasers (the later had cases of killing people too). A lot of today's devices like in the case of processors are restricted within their operation limits via software, whose to say Kayaba the very inventor of the NervGear can't update/change the firmware? Also my 2 cents take on the frying your brain. You don't need to fry the whole brain to kill someone. Have you ever heard of a stroke? Just a little damage on a critical part of your brain might lead to you ending up paralyzed, a vegetable, coma or death. That little damage can come from an hemorrhage, aneurysm, a tumor, et al. The brain is a very delicate organ and it doesn't take a lot to damage it, just something targeted is enough. In the case of SAO, the NerveGear and Kayaba's plan, it kills by frying your brain with microwaves. Today we can use elemagnetic pulses on the brain to momentarily change the personality and decision ability of people, even jam the motor control of the body. So being more devious, since the device already intercepts/redirects your brain signals you can do other stuff to kill like making your body release all it's adrenaline and sending your heart into a tachycardia which might end up in a heart attack. Last edited by Kamui04; 2012-08-17 at 22:24. |
|
2012-08-18, 05:23 | Link #54 | ||
I disagree with you all.
Join Date: Dec 2005
|
Quote:
Quote:
Obviously, because then you can just disconnect it entirely. |
||
2012-08-18, 09:43 | Link #55 |
Moe Kyun~!
Join Date: Aug 2010
Location: Philippines
|
There's one thing I don't get much in regards to how the primitive NervGear sends signals...
(1) How do microwave signals send / intercept nerve signals to the brain? (2) Do you think future consoles (especially something that involves headgear) should include this dangerous technology?
__________________
|
2012-08-18, 10:09 | Link #56 | |
Senior Member
Join Date: Sep 2010
|
Quote:
We can't intercept them but we can scan our brains and it's activity with MRI and CAT scans. Today those machines are room sized, but development in this field is continuing. Remember that 30-40 years ago computers were the size of a room and had no more processing power than your scientific calculator. From some documentary or article I read recently, some scientist were able to see what a patient could see from just translating his brain activity. They started by having the subjects looking at a card with a letter, then they scanned the visual cortex of the brain to see what kind of activity and pattern it made. After a while the computer by just looking at the brain activity it would interpret this signals and show a lowres image of what letter the subject was seeing directly from the brain. As for inputting signals in the brain they already can do some crude stuff. They use a mesh/net on your head or a wand that sends electromagnetic pulses into the brain. This focused pulses affect the targeted region of the brain. For example while receiving this pulses it could change your personality or decision making momentarily like making you more altruistic or choosing answers that you couldn't normally chose. Also targeting other regions it affects your motor control, like making you shake a limb, unable to move it, disable your fine motor control or even disabling the limiters that prevent you from exerting so much force that it damages your muscles. |
|
|
|