Things We Would Love To See Added/Changed

[mufeline]

If Ryzom ever wants to get big, or have self-sustaining playerbase my opinion is that the following should be fixed. Most are speed enhancements serverside, but the most important is making the game secure.


1) Enhanced security for accounts and game communication

The present model of having the same login name for both game and forums is a big no-no. Knowing the half of needed information to log in to another players account is a bad thing that should be fixed. Same goes with the client/server communication, which should be done with closed, encrypted and effective stream instead of using existing protocols like HTTP. Passwords should be longer than 8 characters if player so wishes - maximum allowed password length should be at least 32 characters.

2) Real database backend instead of ToySQL

Postgres, Oracle, MSSQL... MySQL has very bad security, durability and standard compatibility record. It might be fast in some cases, but the speed has been implemented mostly to look good in speed tests and not in worst case scenarios. And running any DBMS is ongoing worst case scenario. There are big sites running MySQL as backend, but most need to use proxies and caches to keep the sites actually usable due MySQL deficiencies.

3) OS with better TCP/IP, processing performance and security track record than Loonix

FreeBSD, OpenSolaris, OpenBSD... Loonix has been written to look good in artificial speed tests - Kernel, TCP/IP stack and c-library are all sub par compared to other even more "free" alternatives. FreeBSD can run Oracle faster under emulation layer than real Loonix for example. And of course the kernel vulnerability flavor of the month issue of Loonix doesn't make it that lucrative...

4) Private server for microkitten to imagine he's the lord of universe

If PvP and outpost warfare has priority in development, the present security model is real threat. PvP crowd tends to be very competitive and in any PvP based game exploiting game mechanics, client/server communication etc. is ongoing trend. Even with Ryzom's quality(?) playerbase PvP started dragging the worst out of people in strive for supremacy in PvP.

What might drag me back into Ryzom has been said several times over before the fall by Jyudas. Add removal of experience cats and Ryzom could have enough pull again. If the password/account name silliness isn't fixed I won't be back.

[acridiel]

If the password/account name silliness isn't fixed I won't be back.

I agree with most of your points, only that "privat server" thing for y´knowwho may be a wheee bit tricky. Don´t ya think he´ll feel all alone?
Poor kitty

And the PW silliness: Funny thing, but I know just ONE other game that doesn´t do it like that. Mind you, I see the same danger as you do, but it seems to be some kind of standard procedure in MMO business... *sigh*
Some things are meant to be silly, it seems

CU
Acridiel

[sidusar]

Mind you, I see the same danger as you do

Perhaps one of you could enlighten me then? I'm no expert on password security, and as layperson attempting to apply common sense I don't see any greater danger from your account name being common knowledge.

If some uberhacker manages to read the datastream between you and the server, or put a keylogger on your computer, or whatever, he's going to get your login name as well as your password anyways. Similarly if you naively give your password to someone, I assume you'd naively give them your login name with it.

I can see it being an extra danger if your password is some word that's easily guessable for someone who knows you, but that's why it shouldn't be. Any random 8-character password means 62^8 (=twohundredthousandbillion) possible combinations for an account stealer to try. If they can crack that, I think they can crack my account name too.

What personally made me feel unsafe was that Klients uses the same login name and password as the game, and seems to store them in a plain txt file on your computer too? I've never used Klients because of it.

What would make me feel safer than a secret login name, is a second password that is only needed for the game itself (so that the game requires two passwords), and that you need to enter using one of those on-screen keyboard thingies.

[dakhound]

bit dramatic

not exactly a massive problem iirc

[sidusar]

Not until now, but until now Ryzom's always been rather small. I would expect it to become more attractive to malicious individuals as it grows in popularity.

If it grows in popularity.

[mufeline]

If some uberhacker manages to read the datastream between you and the server, or put a keylogger on your computer, or whatever, he's going to get your login name as well as your password anyways. Similarly if you naively give your password to someone, I assume you'd naively give them your login name with it.

With the account name known, there is no need for the *cracker* (hacker isn't a term that applies in any way on malicious computer activity, mind you!) to do anything on your computer. Remember, the cracker may not be targetting you specifically, but just because your account is easily accessible. Breaking in a specific computer is hard and unless in "fortunate" circumstances, trojanizing a machine is beyond trivial. Running a perl script quessing some predetermined passwords/account and logging into the game/boards server directly is different matter altogether. Done well, no-one even notices that some kind of breakin attemt is in progress.

We humans are silly and tend to use easy to remember passwords, even the account names plainly as such. Having password made only from numbers and characters is something else entirely than 255 possibilities/character. Anyone who has password composed only as a sequence of random characters including numbers and special chars, hands up!

When the account name is publicly known, anyone with the knowledge can try some tries with each account name gathered, using just account name, "password", etc. directly to server in order to cause some kind of havoc if weak account name-password pair is found.

And the PW silliness: Funny thing, but I know just ONE other game that doesn´t do it like that. Mind you, I see the same danger as you do, but it seems to be some kind of standard procedure in MMO business... *sigh*

Ultima Online has private login account name, LotRO has private login account name, Horizons IIRC had private account name, Vanguard has private account name, Asherons Call has private account name... So it's actually pretty uncommon to have the name you login with shown on public boards. Some of these games *might* have the same account to log on into server and boards, but in those cases using a nickname in boards instead of the login name is common practise.

[sidusar]

When the account name is publicly known, anyone with the knowledge can try some tries with each account name gathered, using just account name, "password", etc. directly to server in order to cause some kind of havoc if weak account name-password pair is found.

Ah, the law of many tries? Just go through the known account names and try passwords until you happen upon an easy one. Yes, that one I can understand, thank you.

Still, if the forums didn't show account names, it'd still be pretty easy to find used account names just by seeing which are taken, and then you can try out passwords on those...

[mufeline]

Still, if the forums didn't show account names, it'd still be pretty easy to find used account names just by seeing which are taken, and then you can try out passwords on those...

True, but still lot of more effort than just trawling the forums and collecting the usernames.

I gotta admit that with present population and playerbase the problem is slight, but if Ryzom will ever grow to be big enough to be afloat, this isn't just trivial matter anymore. And all the seeds of gaining some advantage - outposts, cats etc. are there for people who want to gain something by exploiting.

[kaetemi]

1) Enhanced security for accounts and game communication

I believe there are more important security issues than that. And obscuring the protocol won't help your 'security'.

2) Real database backend instead of ToySQL

The login system uses MySQL, but according to some of stuff I've read, some or most of the shard simply serializes it's stuff from and to binary files, and uses the data directly from memory.

3) OS with better TCP/IP, processing performance and security track record than Loonix

99% of all ingame communication goes over UDP. Also, it seems that you (and not Ryzom) kind of have some serious problem with some stuff.

[mufeline]

I believe there are more important security issues than that. And obscuring the protocol won't help your 'security'.

The question isn't pure about security, but using extremely chatty services when more terse, specialised ones can do communication with less than half of the bandwidth.

99% of all ingame communication goes over UDP. Also, it seems that you (and not Ryzom) kind of have some serious problem with some stuff.

Last time I checked UDP was pretty much a part of IP stack... =P Yeah - I do have issues with religious fanatics (for which I count the herd following a certain Mr Stallman) and I'm bloody proud of it