Final Burn Neo > FBN Discussion
FBA Downloading
Barry Harris:
I'm really excited by the auto download feature that Captain CPS-X is working on. It's pretty exciting and I can see all sorts of good uses for it. I can also see a couple of problems that we need to think about and see if we can somehow prevent.
1. I'm wondering if it's possible to keep unappoved builds out. What I mean is if we have a build that is violating the license can we lock it out? We need some kind of checksum based on the exe and only approved ones are allowed to connect.
2. I'm worried about somebody using this feature and turning it into a auto-download roms feature - not good. Can anyone think of a good way to prevent this? I know the roms are larger than images and bandwidth usage will probably make it very difficult for someone to host - but if we can think of a way to make it more difficult then we probably should.
I'm not saying we can prevent these two things - I'm just saying we should as hard as we can to prevent them. Anyone have any ideas? Probably best not to get into absolute specifics here as we don't want to publically post anything that could help circumvent anything we come up with.
CaptainCPS:
I was worried a bit about that too, and well at least we should make a modification to the license mentioning uses / modifications not allowed to the source code.
Probably we could make this feature excluded from the 'released source' someway but the feature working in the official 'build' release, that way nobody can use the source of that particular feature
Other thing is, something im not sure if it can be done, encrypt the source in a way that cant be modified xDDD we can do a puzzle or something to make that function a hell xDD LOL
Those are the ideas I have right now but probably will come with more later. For now the thing we can do is keep the source of that feature private until we come up with an idea ? :p
SeeYaa!
:biggrin:
0746:
Umm I don't think no 1 is possible. Even if that kind of authentication was introduced, checksum based or otherwise, the fact that FBA is open source will work against it. Its not practical to think about those kinds of security when its this easy to hack. The same thing applies for no 2. If someone really wanted to add that feature, this image downloading feature being or not being there won't make any difference. Because its in the public domain, its not something the developers should worry about. Discouraging is the only thing that can be done about them.
The only thing you could do to protect yourself against rom download is not host roms. For the images, you can put a cap on the maximum no of images that can be downloaded per day per ip address.
CaptainCPS:
Before going to sleep I have an idea for the no 1 ...
Only the official build or allowed builds can use the image download feature, how to make this?... FTP based downloads, only Barry and allowed users can access the server
Source can be released with the URL in blank...then I give Barry the information so he can use it in his build ^^
If anyone wanna use the feature on other builds they must use other server :cool: because mine will have encrypted directory names that cant just be known random + FTP user / pass are needed
For no 2 I havent come with something because FBA is Open Source..and anything we do will be modded / hacked, so its better to discourage the wrong use of the source code like 0746 said :smilie:
SeeYaa!
:biggrin:
kev:
The only way is to put a clause in the licence. At least that way you could go after an abusing build. Also I like caps idea of taking the URL out of the code to save bandwidth but that won't stop determined people. Also we should make the URL configurable if we are not load balancing across multiple servers or maybe randomly select which server to use at the client end?
Navigation
[0] Message Index
[#] Next page
Go to full version