Open GoogleCodeExporter opened 9 years ago
That would be great, but we are very concerned about security. Since the game
is open-source we need to be extra-confident that noone will steal anyones
password or other private data, and also protect from fake/fraud data (so noone
could submit he won in 1000 games or something like that).
Original comment by kromster80@gmail.com
on 13 Mar 2013 at 12:32
Original comment by kromster80@gmail.com
on 13 Mar 2013 at 12:32
I'm aware of the security requirements, obviously feature like that cannot be
implemented without a proper planning. ;)
I just wanted to get some feedback from you and Lewin about the idea and if
it's positive, how we could cooperate in order to deliver it for the players.
Original comment by luk...@klis.pl
on 13 Mar 2013 at 12:40
I'm interested to see Lewins opinion too.
I think we can setup and try to run a test system after we release current
version (~1 month)
Original comment by kromster80@gmail.com
on 13 Mar 2013 at 12:44
It would be nice to have but it would be a lot of work. Any private data like
passwords should not be sent over unsecured connections, so we'd probably need
to use something like HTTPS for all of the transfers. We need to ensure there's
no security holes in the client side and server side code. Preventing people
from submitting that they won 1000 games would be quite hard in an open source
project since people can look at how it works and recompile the code if
necessary.
To be honest I'd prefer it if someone else had to worry about it, e.g. if we
could use Steam (Age of Empires HD is being released on Steam soon, I wonder
how hard it would be to convince the KaM publishers to help us do something
like that...).
Original comment by lewinjh@gmail.com
on 14 Mar 2013 at 12:01
Using Steam or alike would solve only the server part security, but we still
would need to secure the client part (incl. stats). We could as well try with
Lukas in a test-mode and see how it goes. (via wrapper class) I'm sure that
will be a useful experience (and possibly we could adapt that wrapper class to
something else if we need to).
Original comment by kromster80@gmail.com
on 14 Mar 2013 at 4:58
Original issue reported on code.google.com by
luk...@klis.pl
on 13 Mar 2013 at 12:24