info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
JS games on the web, and preventing piracy
25 views
Skip to first unread message
bit-n...@hotmail.com
Sep 2, 2017, 2:10:23 PM9/2/17
to
...I've posted bout this before, but thought I'd do it again, just to get more people's input.
So - talking about games, it seems to me that it would be advisable to shift games from retail CDs/DVDs to the web - because it would SEEM that this would prevent piracy. How? Well - there's no files on a disc to crack, like with a DVD, so, here - the idea would be, you stick your credit card into a website, and it spits out the JS for the game....right?
Umm no.
What if someone LEGITIMATELY buys the game, (with their credit card), then simply waits to download it, and simply COPIES everything between the SCRIPT tags into a separate file, and zaps it onto the Internet on a torrent or something???
...What I'd like to discuss is ways in which THIS CAN BE PREVENTED!!
There *must* be some way to ensure that only people who've paid get to play....?
I was thinking - when you pay, you'll get some kind of "username n password" from the site, which you login with, to start getting the game - what if the game periodically checks for the fact that you're logged in with these two, (ie. a CLIENT-SIDE cookie check, in JS) before it lets you proceed? ..But a cracker could simply check for these lines in the source and remove them, couldn't they?
Yall have any other ideas?
So - talking about games, it seems to me that it would be advisable to shift games from retail CDs/DVDs to the web - because it would SEEM that this would prevent piracy. How? Well - there's no files on a disc to crack, like with a DVD, so, here - the idea would be, you stick your credit card into a website, and it spits out the JS for the game....right?
Umm no.
What if someone LEGITIMATELY buys the game, (with their credit card), then simply waits to download it, and simply COPIES everything between the SCRIPT tags into a separate file, and zaps it onto the Internet on a torrent or something???
...What I'd like to discuss is ways in which THIS CAN BE PREVENTED!!
There *must* be some way to ensure that only people who've paid get to play....?
I was thinking - when you pay, you'll get some kind of "username n password" from the site, which you login with, to start getting the game - what if the game periodically checks for the fact that you're logged in with these two, (ie. a CLIENT-SIDE cookie check, in JS) before it lets you proceed? ..But a cracker could simply check for these lines in the source and remove them, couldn't they?
Yall have any other ideas?
Evertjan.
Sep 2, 2017, 6:19:04 PM9/2/17
to
bit-n...@hotmail.com wrote on 02 Sep 2017 in comp.lang.javascript:
> There *must* be some way to ensure that only people who've paid get to
> play....?
Why?
> There *must* be some way to ensure that only people who've paid get to
> play....?
Because you wish it?
Sounds like faith to me.
--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
JJ
Sep 3, 2017, 3:42:12 AM9/3/17
to
On Sat, 2 Sep 2017 11:10:13 -0700 (PDT), bit-n...@hotmail.com wrote:
> What if someone LEGITIMATELY buys the game, (with their credit card),
> then simply waits to download it, and simply COPIES everything between
> the SCRIPT tags into a separate file, and zaps it onto the Internet on a
> torrent or something???
>
> ....What I'd like to discuss is ways in which THIS CAN BE PREVENTED!!
> What if someone LEGITIMATELY buys the game, (with their credit card),
> then simply waits to download it, and simply COPIES everything between
> the SCRIPT tags into a separate file, and zaps it onto the Internet on a
> torrent or something???
>
>
> There *must* be some way to ensure that only people who've paid get to
> play.....?
> There *must* be some way to ensure that only people who've paid get to
>
> I was thinking - when you pay, you'll get some kind of "username n
> password" from the site, which you login with, to start getting the game
> - what if the game periodically checks for the fact that you're logged in
> with these two, (ie. a CLIENT-SIDE cookie check, in JS) before it lets
> you proceed? ..But a cracker could simply check for these lines in the
> source and remove them, couldn't they?
>
> Yall have any other ideas?
You can't prevent downloaded application from being copied elsewhere. But
> I was thinking - when you pay, you'll get some kind of "username n
> password" from the site, which you login with, to start getting the game
> - what if the game periodically checks for the fact that you're logged in
> with these two, (ie. a CLIENT-SIDE cookie check, in JS) before it lets
> you proceed? ..But a cracker could simply check for these lines in the
> source and remove them, couldn't they?
>
> Yall have any other ideas?
you can detect whether the application is run from your site or not. And if
not, you can make it to silently stop working. Protect the source code by
uglifying and obfuscating it. Preferrably, using custom-made obfuscation
method. So that the code would be difficult to understand. Use virtual code
if you're serious about this.
Andrew Poulos
Sep 3, 2017, 4:20:28 AM9/3/17
to
On 3/09/2017 8:18 AM, Evertjan. wrote:
> bit-n...@hotmail.com wrote on 02 Sep 2017 in comp.lang.javascript:
>
>> There *must* be some way to ensure that only people who've paid get to
>> play....?
>
> Why?
>
> Because you wish it?
>
> Sounds like faith to me.
And I have faith that you are right ;-)
> bit-n...@hotmail.com wrote on 02 Sep 2017 in comp.lang.javascript:
>
>> There *must* be some way to ensure that only people who've paid get to
>> play....?
>
> Why?
>
> Because you wish it?
>
> Sounds like faith to me.
Andrew Poulos
Evertjan.
Sep 3, 2017, 6:29:34 AM9/3/17
to
Andrew Poulos <ap_...@hotmail.com> wrote on 03 Sep 2017 in
comp.lang.javascript:
[I could be left, or just left alone.]
However, how can you even think I am right,
when I only asked Qs?
Methinks you answered these Qs to yourself,
and came to some reasonable conclusions.
And reason is far superior to faith.
comp.lang.javascript:
However, how can you even think I am right,
when I only asked Qs?
Methinks you answered these Qs to yourself,
and came to some reasonable conclusions.
And reason is far superior to faith.
Thomas 'PointedEars' Lahn
Sep 3, 2017, 1:11:04 PM9/3/17
to
JJ wrote:
^^
Your real name belongs there.
> You can't prevent downloaded application from being copied elsewhere. But
> you can detect whether the application is run from your site or not.
How do you suggest to do this?
> And if not, you can make it to silently stop working.
How?
> Protect the source code by uglifying and obfuscating it.
That does not protect anything. This is old knowledge:
“What one man can invent another can discover.”
—Sherlock Holmes in A.C. Doyle's
“The Adventure of the Dancing Men” (1903)
> So that the code would be difficult to understand. Use
> virtual code if you're serious about this.
What do you mean by “virtual code” in this context?
--
PointedEars
FAQ: <http://PointedEars.de/faq> | <http://PointedEars.de/es-matrix>
<https://github.com/PointedEars> | <http://PointedEars.de/wsvn/>
Twitter: @PointedEars2 | Please do not cc me./Bitte keine Kopien per E-Mail.
^^
Your real name belongs there.
> You can't prevent downloaded application from being copied elsewhere. But
> you can detect whether the application is run from your site or not.
> And if not, you can make it to silently stop working.
> Protect the source code by uglifying and obfuscating it.
“What one man can invent another can discover.”
—Sherlock Holmes in A.C. Doyle's
“The Adventure of the Dancing Men” (1903)
> So that the code would be difficult to understand. Use
> virtual code if you're serious about this.
--
PointedEars
FAQ: <http://PointedEars.de/faq> | <http://PointedEars.de/es-matrix>
<https://github.com/PointedEars> | <http://PointedEars.de/wsvn/>
Twitter: @PointedEars2 | Please do not cc me./Bitte keine Kopien per E-Mail.
Michael Haufe (TNO)
Sep 3, 2017, 1:14:42 PM9/3/17
to
bit-n...@hotmail.com wrote:
> ...I've posted bout this before, but thought I'd do it again, just to get more people's input.
>
> So - talking about games, it seems to me that it would be advisable to shift games from retail CDs/DVDs to the web - because it would SEEM that this would prevent piracy. How? Well - there's no files on a disc to crack, like with a DVD, so, here - the idea would be, you stick your credit card into a website, and it spits out the JS for the game....right?
If your game is a self contained application, yes. At a minimum you could distributed the "view" for the game an enough logic for server communication which would house the rest of the logic and state. It depends on what type of game this is.
> ...I've posted bout this before, but thought I'd do it again, just to get more people's input.
>
> So - talking about games, it seems to me that it would be advisable to shift games from retail CDs/DVDs to the web - because it would SEEM that this would prevent piracy. How? Well - there's no files on a disc to crack, like with a DVD, so, here - the idea would be, you stick your credit card into a website, and it spits out the JS for the game....right?
> What if someone LEGITIMATELY buys the game, (with their credit card), then simply waits to download it, and simply COPIES everything between the SCRIPT tags into a separate file, and zaps it onto the Internet on a torrent or something???
Assuming the appropriate license, this is stealing and your have legal recourse in most countries.
> ...What I'd like to discuss is ways in which THIS CAN BE PREVENTED!!
>
> There *must* be some way to ensure that only people who've paid get to play....?
> I was thinking - when you pay, you'll get some kind of "username n password" from the site, which you login with, to start getting the game - what if the game periodically checks for the fact that you're logged in with these two, (ie. a CLIENT-SIDE cookie check, in JS) before it lets you proceed? ..But a cracker could simply check for these lines in the source and remove them, couldn't they?
> Yall have any other ideas?
<https://en.wikipedia.org/wiki/Copy_protection#Early_video_games>
Which is far from an exhaustive list.
Thomas Lahn has a signature which is cute, and analogous I think:
"Use any version of Microsoft Frontpage to create your site.
(This won't prevent people from viewing your source, but no one
will want to steal it.)"
0 new messages