Jump to content
Sign in to follow this  
fluffycalico

Local save file DD1 vs DDA

Recommended Posts

In DD1 the local save files caused the game to be hacked to pieces.  Anyone with google and $20 could have the best gear and pet in the game or worse gear and a pet better than anything that actually dropped anywhere.  I am looking at you weapons that 1 shot bosses from full health.

The main thing most of us wanted out of DDA was no hackable save files.   We were told there was going to be very strong cheat protection in place this time.

I reason I bring this up is I have now seen 2 people say that DDA will have local save files again.   Is this true?  Because if it is the game gear will be hacked to pieces again in days.   It happened in every game with local save files.    If they have brought back local save files alot of us will want refunds when those hacked gear/pets are back which are completely game breaking in a game with multiple players and tradable items.   Can we get a confirmation that the local save files are gone?  Because if you left them in game no amount of anti-cheat code is going to stop the problem that those local save files cause in pretty much every single game they have been used in for any company.

Edited by fluffycalico
  • Like 1

Share this post


Link to post
Share on other sites

Whether we save files locally or from a server does not prevent anti-cheat or fool proof cheating from taking place. I have played games completely server side where almost everyone did some sort of cheating or abusing exploits. I have also played games saved locally with very good anti-cheat systems in place. Consoles in Dd1 were way worse in respect to cheating as PC, one must ask why did this happen? We must analyse what made it easier, why more people engaged in cheating before we can get any understanding in how to prevent it.

I hope they have decent anti-cheats in place, they have assured us they will, that they are fully aware of the issue. I wait in trepidation to see what their solution is. I actually hope that players were able to cheat in the Beta so they can tighten their anti-cheat before the release rather than deal with it when we already have a flood of modified items in game.

Share this post


Link to post
Share on other sites

Haven't they any plans for there to be an open and ranked mode like in DD1?  It seems there will probably always be a small minority of people who will want to play the game, but have no real interest or even understanding of a tower defense strategy game, and get all thier fun out of one-shot killing everything with hacked gear, or seeing thier bowling balls spit out like machine guns..! 

Where there's a will, there's a way.. Evidence of that is on the last gen consoles, where some clever player or two initially found a way to decompress the Hex save files so they could be manipulated, and then opened the way and created and distributed easy to use tools for use by anyone with basic computer knowledge who could follow a simple tutoral. The 360 game has been broken for years. 

Stopping hackers ruining the game for us legit players is a huge challenge, though they seemed to have done a decent job in DD2, as I can't recall any instances of hacking or modding taking place.. (though I may be wrong) and that's because of server side game saves. I, like the vast majority of us  would like the ability to play Awakened offline though and will hope they do indeed have a strong anti-cheat system in place. 

 

  • Like 1

Share this post


Link to post
Share on other sites

Re one shot bosses, they have taken a note from the CDT and 'hard coded' damage caps into the game, so no matter how you hack the server won't allow damage over the limit, hopefully something similar exists for attack rate.  

 

Seeing as offline play (was foolishly) promised (I think) how can they avoid local save file.

Share this post


Link to post
Share on other sites

C:\Users\<USERNAME>\AppData\Local\DDS\Saved\SaveGames\DDA_Player_0.esv

That's your savegame right there. It looks like a simple serialized file. The first line includes a hash value, which is probably synchronized with the server. If that is their best effort so far, I have not much hope.

On the other side the protection might be implemented on a different level. I could think about a way to have a completely unprotected xml file, but the loot would still be savely generated and any modification would be detectable, when synchronizing with the server again.

4 hours ago, All Your Yeahs said:

[...]

Stopping hackers ruining the game for us legit players is a huge challenge, though they seemed to have done a decent job in DD2, as I can't recall any instances of hacking or modding taking place.. (though I may be wrong) and that's because of server side game saves. I, like the vast majority of us  would like the ability to play Awakened offline though and will hope they do indeed have a strong anti-cheat system in place.

How can you assume, that "the vast majority" would like this and that? Could you please stop making up statistics on the spot or overgeneralizing your standpoint? Besides this, you are basically asking for conflicting goals. You won't get an absolutely secure, hack-free game, which can also be played offline. Although you can definitely make things hard enough, so that breaking them would not be worth the effort or costs.

DD2 does not only have server sided game saves, that alone would not help. What makes DD2 secure is the fact, that everything is calculated server-side. CG already stated, that this would not be the case for DDA, because running all the necessary servers would be too expensive. But if DDA brings in the required success (=> money), we might see this in something like DD3.

4 hours ago, Hover Tower 2000 said:

Re one shot bosses, they have taken a note from the CDT and 'hard coded' damage caps into the game, so no matter how you hack the server won't allow damage over the limit, hopefully something similar exists for attack rate.  

 

Seeing as offline play (was foolishly) promised (I think) how can they avoid local save file.

The question is not how can you avoid having a local save file, but detecting anomalies with generated loot or modified data. I do not really see the point of having hard caps in the game. This cap would have to be so high, that it would not limit the best legitimate stats. And if you can hack all your stats to those limits, the difficulty of the game will be trivial anyway.

4 hours ago, All Your Yeahs said:

Haven't they any plans for there to be an open and ranked mode like in DD1?  It seems there will probably always be a small minority of people who will want to play the game, but have no real interest or even understanding of a tower defense strategy game, and get all thier fun out of one-shot killing everything with hacked gear, or seeing thier bowling balls spit out like machine guns..!

[...]

They have not shared any details, how the offline mode might differ. I would love to see a differentiation into "ranked" and "open" again, while ranked requires an always-on connection and important stuff is calculated server-side. But the benefits would be quite limited, as long as they keep their standpoint on not spending too much on the servers.

Edited by The Ich

Share this post


Link to post
Share on other sites

Easy anything you do in offline play can't come into the online version. Hack your offline all you want as long as it cant ever make it back into the online version.   

However seeing that the online uses local save files again makes me strongly consider trying to get a refund as its going to be hacked to pieces again which they promised it would not be.  While I really want DDA I have 0 desire to group with tons of players running around with gear from places they could never hope to clear to earn the gear

Edited by fluffycalico
  • Confused 1

Share this post


Link to post
Share on other sites

Im not sure with them bringing the game to Switch and with cross save being a thing how you could make it that offline progress cannot ever carry to online. Is there may be a way to be always able to play on the go with the switch and always be online? I am not sure. Cross saves would mean if I am correct need some sort of cloud server with your data to allow you to transfer your save from one system to another. I imagine checks will be put in at least at this stage to validate your game is some way. I dont know enough about anti-cheat or such to know the in and outs, but I expect them to have a plan in mind to help deal with modified items or such. Perhaps someone who is better qualified can answer the issue enough to ensure us that steps can be taken in a viable way.

Share this post


Link to post
Share on other sites
2 minutes ago, dizzydiana said:

Im not sure with them bringing the game to Switch and with cross save being a thing how you could make it that offline progress cannot ever carry to online. Is there may be a way to be always able to play on the go with the switch and always be online? I am not sure. Cross saves would mean if I am correct need some sort of cloud server with your data to allow you to transfer your save from one system to another. I imagine checks will be put in at least at this stage to validate your game is some way. I dont know enough about anti-cheat or such to know the in and outs, but I expect them to have a plan in mind to help deal with modified items or such. Perhaps someone who is better qualified can answer the issue enough to ensure us that steps can be taken in a viable way.

They sure didn't have a plan in DD1 to stop it

Edited by fluffycalico
  • Like 1

Share this post


Link to post
Share on other sites
13 minutes ago, fluffycalico said:

They sure didn't have a plan in DD1 to stop it

I sure dont want a repeat of DD1  playing on console was a joke, especially where modifying of items are concerned. I am convinced slightly with the theory that was the reason they abandoned console in under a year of release. I dont want them abandoning this game due to people who cannot be bothered to actually play the game as intended. I have never modified items or used the dumb stacking tower glitch/exploit, I never saw a reason to.

Edited by dizzydiana
  • Like 3

Share this post


Link to post
Share on other sites

It is, or at least should be, one of the greatest concerns of people that play co-op. I can only hope Chromatic feels the same way. It ruined DD1. It was not a small or infrequent issue at all, and I hope really fucking hard that they're well aware of the issue and will do everything to make it as difficult as possible. Unfortunately, everything they've stated so far as to how their files work sort of makes me think it'll be the opposite. Which forces you to white list people/play with only specific people, etc. It's a pain. 

  • Like 3

Share this post


Link to post
Share on other sites
11 hours ago, fluffycalico said:

In DD1 the local save files caused the game to be hacked to pieces.  Anyone with google and $20 could have the best gear and pet in the game or worse gear and a pet better than anything that actually dropped anywhere.  I am looking at you weapons that 1 shot bosses from full health.

The main thing most of us wanted out of DDA was no hackable save files.   We were told there was going to be very strong cheat protection in place this time.

I reason I bring this up is I have now seen 2 people say that DDA will have local save files again.   Is this true?  Because if it is the game gear will be hacked to pieces again in days.   It happened in every game with local save files.    If they have brought back local save files alot of us will want refunds when those hacked gear/pets are back which are completely game breaking in a game with multiple players and tradable items.   Can we get a confirmation that the local save files are gone?  Because if you left them in game no amount of anti-cheat code is going to stop the problem that those local save files cause in pretty much every single game they have been used in for any company.

Making a game with central ized servers does not prevent cheating, although it makes certain kinds of cheating more difficult. Really the problem with DD1 was the lack of checks placed on anything at all. The game doesn't check or care if values are in valid ranges, and that's the real problem. All DDA needs to do is make security checks on items to see if they fall within possible ranges, and while that won't prevent cheating entirely, it will constrain the degree to which it is possible.

Central servers just makes it easier to detect and take action against cheaters, it doesn't in any way prevent cheating directly. The same checks that the server runs can also be done by the game code locally. And modifying that generally results in VAC bans on Steam.

  • Confused 1

Share this post


Link to post
Share on other sites
8 minutes ago, Alhanalem said:

Making a game with central ized servers does not prevent cheating, although it makes certain kinds of cheating more difficult. Really the problem with DD1 was the lack of checks placed on anything at all. The game doesn't check or care if values are in valid ranges, and that's the real problem. All DDA needs to do is make security checks on items to see if they fall within possible ranges, and while that won't prevent cheating entirely, it will constrain the degree to which it is possible.

Central servers just makes it easier to detect and take action against cheaters, it doesn't in any way prevent cheating directly. The same checks that the server runs can also be done by the game code locally. And modifying that generally results in VAC bans on Steam.

So your solution is instead of people paying $20 for gear better than anything that drops in game...instead they pay $20 and have exactly the best possible gear that could drop anywhere...this in no way fixes the problem.  Tons of people running around in max gear and max pet, that could not tower defense their way out of a paper bag is just as big of a problem.

  • Like 1

Share this post


Link to post
Share on other sites
6 minutes ago, fluffycalico said:

So your solution is instead of people paying $20 for gear better than anything that drops in game...instead they pay $20 and have exactly the best possible gear that could drop anywhere...this in no way fixes the problem.  Tons of people running around in max gear and max pet, that could not tower defense their way out of a paper bag is just as big of a problem.

No... that's not my solution or what I said in any way.... And as I said, all of this and more is still possible on central servers, it's just easier to get caught.

In all actuality, they were on the right track with Ranked mode, but as I said, due to the lack of checks it was still possible to manipulate item data in real time. Ranked saves were stored in the Steam cloud. It's the lack of security that was the real problem, which is my point. Servers are not a maigal aura of anti-cheatness.

I'm just trying to dissuade you from the notion that just because a game was built on a central server model, that it automatically will have less cheating, because that's simply not true in the slightest. Hacks and cheats will always be a thing. The most you can do is limit their impact.

Share this post


Link to post
Share on other sites
4 minutes ago, fluffycalico said:

So your solution is instead of people paying $20 for gear better than anything that drops in game...instead they pay $20 and have exactly the best possible gear that could drop anywhere...this in no way fixes the problem.  Tons of people running around in max gear and max pet, that could not tower defense their way out of a paper bag is just as big of a problem.

The same could be said for people who buy authentic loot for real money. Grey market trading is a thing, there are sites who explicitly deal in such things and profit.people sell accounts and all sorts of stuff already in games with a larger player base than DDA coiuld ever get. All companies can do is to put in checks and balances as best they can. You can never prevent cheating entirely, even the best secured system can be broken into, you hear stories of data breeches all the time, these can cause allot more distress to people and we are dealing with global companies. I am as upset about the thought of cheating in game as most people, but I try to be realistic.

  • Like 2

Share this post


Link to post
Share on other sites
14 minutes ago, dizzydiana said:

The same could be said for people who buy authentic loot for real money. Grey market trading is a thing, there are sites who explicitly deal in such things and profit.people sell accounts and all sorts of stuff already in games with a larger player base than DDA coiuld ever get. All companies can do is to put in checks and balances as best they can. You can never prevent cheating entirely, even the best secured system can be broken into, you hear stories of data breeches all the time, these can cause allot more distress to people and we are dealing with global companies. I am as upset about the thought of cheating in game as most people, but I try to be realistic.

I would be perfectly ok with the highest rarity gear being BoP :) Or only tradeable to people who were in your group when you got it.

Edited by fluffycalico
  • Like 1
  • Sad 1

Share this post


Link to post
Share on other sites
49 minutes ago, fluffycalico said:

I would be perfectly ok with the highest rarity gear being BoP :) Or only tradeable to people who were in your group when you got it.

Honestly, same.

Share this post


Link to post
Share on other sites

Making gear no-trade only works in the very short term if the game has any real popularity. As mentioned above there are sites dedicated to grinding out accounts and selling them whole. The world will never be fair. Same effect as buying gear online except then you don't even level a character or I guess here, 4 characters.

Share this post


Link to post
Share on other sites
8 minutes ago, kajerlou1 said:

Making gear no-trade only works in the very short term if the game has any real popularity. As mentioned above there are sites dedicated to grinding out accounts and selling them whole. The world will never be fair. Same effect as buying gear online except then you don't even level a character or I guess here, 4 characters.

It's not the same...someone had to level and grind out that gear.   That is still much different than an infinite pile of the best gear.  Plus do you know how many thousands of times harder it is to grind out a full set with all the right negative stats than it is to look at a screen shot of someones gear when they brag and just hack yours to be the same...or buy it from someone who hacked it to be the same.    Example if only 50 near perfect leather chests dropped for a builder no matter how much account selling happened there would still only be 50.   With the hacking there will be 500,000 of them. 

  • Like 1

Share this post


Link to post
Share on other sites

The hacking will take place. The whole account selling thing would only happen if somehow this small indie company managed to prevent cheating, which yeah, no. Strategies such as making legit items no trade only punishes the honest anyway.
The only way to avoid things like this is to either have a massive company who's profits rely on anti-cheating measures or, in this case get ready to build a friend list of people you trust not to cheat. Me, I only play with my wife. I didn't even enjoy the whole 3+ player DD1/DDE/DD2.

Your best hope I'm guessing will probably be on a PS5/Xbox Scarlett port next year as it'll take a while before people figure out how to hack the new consoles.

Edited by kajerlou1
  • Like 1

Share this post


Link to post
Share on other sites
11 minutes ago, kajerlou1 said:

The hacking will take place. The whole account selling thing would only happen if somehow this small indie company managed to prevent cheating, which yeah, no. Strategies such as making legit items no trade only punishes the honest anyway.
The only way to avoid things like this is to either have a massive company who's profits rely on anti-cheating measures or, in this case get ready to build a friend list of people you trust not to cheat. Me, I only play with my wife. I didn't even enjoy the whole 3+ player DD1/DDE/DD2.

Your best hope I'm guessing will probably be on a PS5/Xbox Scarlett port next year as it'll take a while before people figure out how to hack the new consoles.

Well if you are right then our best bet would be refunds as noone wants to play a multiplayer online progression game where everyone has hacked gear.  And how stupid would you have to be to specifically advertise how much you are going to do to stop cheating if you are going to do pretty much nothing.   Hopefully they are smarter than that.

Everyone I have told about this new version...pretty much the 1st thing out of their mouth is did they stop the local save files and the hacked gear.  If they bring back the single most hated thing from DD1 that drove people a way...no other change they make will matter.   They must get this part right or the game will fail.

Edited by fluffycalico
  • Like 1

Share this post


Link to post
Share on other sites

Or just stop worrying about fairness and random matches with strangers. Make some online or offline friends you can enjoy playing with. It's not like this is an esport title or something. You clearly love the franchise just play it and when you're tired of of random cheaters or find yourself without friends that don't cheat, move on to a new game.

For my whole $40 investment for my 2 copies we've basically gotten our 20+ hours of entertainment out of the purchase already in the beta. meh Now if they want to bring in a subscription model, or dear lord an in game irl $ store then I'd demand anti cheating measures.  I say all of this but i'll never stop whining about the terrible lighting & shadows despite how powerful UE4 is. haha

  • Like 2

Share this post


Link to post
Share on other sites
6 minutes ago, kajerlou1 said:

Or just stop worrying about fairness and random matches with strangers. Make some online or offline friends you can enjoy playing with. It's not like this is an esport title or something. You clearly love the franchise just play it and when you're tired of of random cheaters or find yourself without friends that don't cheat, move on to a new game.

For my whole $40 investment for my 2 copies we've basically gotten our 20+ hours of entertainment out of the purchase already in the beta. meh Now if they want to bring in a subscription model, or dear lord an in game irl $ store then I'd demand anti cheating measures.  I say all of this but i'll never stop whining about the terrible lighting & shadows despite how powerful UE4 is. haha

If I just want to play with 3 friends I can get out the original xbox and not be online at all.   The whole point of an online game ...is to meet and play with others

  • Like 1

Share this post


Link to post
Share on other sites

What I meant is, like when I started playing Overwatch for example. I spent about 6ish weeks playing kinda random and making friends. After that I just played with the same couple dozen people I knew I could enjoy playing with vs the hundreds I definitely didn't. If you feel like meeting new people and all after that then do so and just count cheaters among all the other undesirables such as screaming 8 year olds, people using the cheapest mic off of alibaba with 10 kinds of screeching interference, streamers that intentionally screw around with their team or people that spend more time typing out messages (in games with text based chat) than playing the game.
 

  • Like 1

Share this post


Link to post
Share on other sites
1 hour ago, kajerlou1 said:

Or just stop worrying about fairness and random matches with strangers. Make some online or offline friends you can enjoy playing with. It's not like this is an esport title or something. You clearly love the franchise just play it and when you're tired of of random cheaters or find yourself without friends that don't cheat, move on to a new game.

For my whole $40 investment for my 2 copies we've basically gotten our 20+ hours of entertainment out of the purchase already in the beta. meh Now if they want to bring in a subscription model, or dear lord an in game irl $ store then I'd demand anti cheating measures.  I say all of this but i'll never stop whining about the terrible lighting & shadows despite how powerful UE4 is. haha 

That's easy to say... but having hacked gear around won't stop the feeling that everything you do, all the time you invest to grind your stuff, is somehow devalued. Furthermore if things get really out of control, hackers could also manipulate your equipment or resources - stuff like this has already happened in other, much bigger games.

A subscription model to finance a "ranked server" could theoretically be a way. But I doubt, that this niche game would have the numbers in players over a prolonged time to maintain it. And when you pay montly for a game, you also expect further development and content... and that is not the business model a small studio can afford. CG will go the classic route with a one-time-purchase and maybe some DLCs in the future with additional content.

3 hours ago, Alhanalem said:

No... that's not my solution or what I said in any way.... And as I said, all of this and more is still possible on central servers, it's just easier to get caught.

In all actuality, they were on the right track with Ranked mode, but as I said, due to the lack of checks it was still possible to manipulate item data in real time. Ranked saves were stored in the Steam cloud. It's the lack of security that was the real problem, which is my point. Servers are not a maigal aura of anti-cheatness.

I'm just trying to dissuade you from the notion that just because a game was built on a central server model, that it automatically will have less cheating, because that's simply not true in the slightest. Hacks and cheats will always be a thing. The most you can do is limit their impact.

Well, of course it has to be programmed correctly. But if all the important calculations are server-side and the client is just a dumb input/output method, then there is practically not much an attacker could do, unless of course he gets access to the server. But that's a completely different level than doing some save file manipulations or memory injections.

I honestly hope, that they do a bit more than just a few "checks". I have already proposed a basic scetch of an idea back in the Kickstarter forum, how you could have legitimately generated gear only, which would also work offline. The only problem is, that you cannot control, how much gear might be generated, but that would require tinkering with the executable and there are methods to make that harder/detectable. The point is, things can be done, if you invest some time into figuring out a good design.

There is definitely no 100% safety, but the more you invest, the more sophisticated an attacker has to be. What's also important is the reputation of the company. And Trendy/CG haven't done a lot in the past to show off much or even any effort in this regard. So that's why it is only understandable, that many people here are very concerned about this topic.

Edited by The Ich
  • Like 1

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...