CaDiLLaC 1 Posted April 24, 2013 same bs is happening in all wasteland rooms as well. Share this post Link to post Share on other sites
Karim 10 Posted April 24, 2013 Anyone know of a working/locked server one can join? I just joined one but the hosts computer went into hibernation mode and server shut down. Skype name: karim_swe Share this post Link to post Share on other sites
modlock 1 Posted April 24, 2013 (edited) Hello Evryone, i've seen lots of information and hatefull comments in this topic witch is good! we are a community and we react on our common problems. you guys manage to find a quickfix (rebooting game) infortunatly since this ''hack?'' spread from server to server / client to client it is impossible to get it away! most players do not come on forum to see whats going on, and arent aware of the problem and just jump from server to server without of any clue. So instead of trying to blame BIS or Mr ''Soon Ex-Arma Player'' could we try to find a better way against it while BIS work on a fix? (i know nothing but i will though ideas to wake up some of you) - Locate the injection system so we can block it on server side? (like locking down the custom files (face, sounds..) - Rename every - server as '' If you look like Harry Poter Restart your game '' (it should countain a bit more the problem and some lucky of us should get some gaming time) - I dont know! try to be a community and keep looking on whats the problem and how can we fix it, instead of beeing like This is X or Y fault! or NO its because its Alpha! =) Sincerely, Jordann Edited April 24, 2013 by modlock Share this post Link to post Share on other sites
WalkerDown 1 Posted April 24, 2013 Hello can someone point me to the developers answer to this? I'm sure that after two day a dev come up to give us a sort of explanation or to tell us what they are doing, but I didn't found any. Thank you. Share this post Link to post Share on other sites
afp 1 Posted April 24, 2013 Since they managed to corrupt files on client computers, this become pretty serious. Security holes and vulnerabilities like allowing remote execution, access to disk, etc can lead to worse situations like downloading external trojans or RAT tools and taking over the computer. Its not only about losing serial numbers or whatever Steam identities but some of us could also keep work data or important files on the same computer. Antiviruses may also be ineffective since this kind of malware may be custom and using installed arma rights or some other people may disable scaning on Arma folder for speed reasons. This reminds me of Microsoft and early versions of Windows, "we'll take care of security later"...and they did, after millions of dollars loses. Most of the vulnerabilities today are not in the operating system itself but mostly in the installed programs, including the web browsers. Well, I'm not sure why I started this thread, I guess I hope to find some support so Bohemia approach the security issue as a top priority and provide some minimum safety even if its an Alpha version. Thank you. Share this post Link to post Share on other sites
modlock 1 Posted April 24, 2013 (edited) Here buddy.. thats what have been said on page 2 ignore him, just attention jerk, cause it's nothing new, just replace of old functionality with newer , more optimized and powerfulvarious MP frameworks were part of engine since Arma 1 thru A2 and OA ... even while not perfect it's was under BattlEye watchful eye MPF was then replaced by BIS_fnc_MP in Take On Helicopters and Arma 3 has advanced version of it so once again I repeat , there is no security in Alpha so this and that script command, function or else can be exploited and abused and yes, security related 'stuff' will come ... Not much explanation, but im sure they are working on this since this impact the wall community. Edited April 24, 2013 by modlock Share this post Link to post Share on other sites
Forty40 10 Posted April 24, 2013 In the moment i'm typing there's 463 servers online, 400 of them are completely empty and there's only 289 users playing online (MP). Right, it's alpha, there's no security.. so, since there's no security we must accept this situation and let this alpha-with-no-security dying, waiting for someone to come up with this awaited "security". Now, honestly, there's no other solution than moving to another game now? Share this post Link to post Share on other sites
martinsker 10 Posted April 24, 2013 ... I just registered to fully agree with you. That was clear, nothing else to add. Share this post Link to post Share on other sites
chortles 263 Posted April 24, 2013 I believe that this is a more important statement, from the first page of this thread: nothing unexpectedthe BIS_fnc_MP https://community.bistudio.com/wiki/BIS_fnc_MP is evolution of TOH's replacement https://community.bistudio.com/wiki/BIS_fnc_MP_(Take_On_Helicopters) of A2/OA old MPF (multiplayer framework) https://community.bistudio.com/wiki/Multiplayer_framework as Alpha has no security yet, cheating or exploiting ingame scripting and functions is bound to happen Emphasis on that first line and that last line by me. Share this post Link to post Share on other sites
maddogx 13 Posted April 24, 2013 The whole file curruption / injection thing was debunked. Unless you have seen some other (verified) case where this has happened... Share this post Link to post Share on other sites
teaboy 11 Posted April 24, 2013 Exactly the reason why i have not played MP in arma 3 yet. I own a business and have over 25,000 contact details and other sensitive data on my computer which doubles as a gaming pc and work computer. So i can ill afford to take risks by playing online with no anti hacking protection, as its not just the server that can be hacked but also the client computers that are connected to the server. Share this post Link to post Share on other sites
raggamafia 10 Posted April 24, 2013 (edited) Comrades, The only thing you can do atm is to organize yourselves, run a passworded server with an admin on and make sure that everyone has a fresh and unaffected client running before connecting. i dont see any chance for public servers (without security-systems like BE) to block that "script-exploit" by themselves as the used functions are within the game engine, BUT BY THEORY you could try to overwrite the used function in init.sqf of your mission by writing BIS_fnc_MP = {}; Havent tried myself, just spitting out ideas. Enjoy Edited April 24, 2013 by raggamafia Share this post Link to post Share on other sites
NeuroFunker 11 Posted April 24, 2013 ignore him, just attention jerk, cause it's nothing new, just replace of old functionality with newer , more optimized and powerfulvarious MP frameworks were part of engine since Arma 1 thru A2 and OA ... even while not perfect it's was under BattlEye watchful eye MPF was then replaced by BIS_fnc_MP in Take On Helicopters and Arma 3 has advanced version of it so once again I repeat , there is no security in Alpha so this and that script command, function or else can be exploited and abused and yes, security related 'stuff' will come ... any security in beta at least? Share this post Link to post Share on other sites
maddogx 13 Posted April 24, 2013 any security in beta at least? Probably earlier, I'd say. Assuming there are no major game breakers in the dedi server exe (and I don't think there have been any), they will be rolling it out next week. Security shouldn't be far behind after that. Share this post Link to post Share on other sites
rundll.exe 12 Posted April 24, 2013 Someting that would fix this "spreading" problem, and should be implemented by BIS (long time ago) is a proper reset of ALL game variables and configs after EACH mission start (SP, MP, load game, and also on the server) Prolly it would also fix the MP #restart bug. It makes no sense to allow persistent variables to carry over from one mission to the other, and can only lead to frustration like this one (or the "overwriting NIL problem... etc). And please, this problem has nothing to do with custom files, buffer overflow or "injection". It's just a simple scripting command that the game allows to send code between clients and servers. Fun thing is that this same code allows to modifiy itself, and is never reset, unless you restart your game... Share this post Link to post Share on other sites
chortles 263 Posted April 24, 2013 Someting that would fix this "spreading" problem, and should be implemented by BIS (long time ago) is a proper reset of ALL game variables and configs after EACH mission start (SP, MP, load game, and also on the server) Prolly it would also fix the MP #restart bug.Personally I wouldn't be surprised if something about how BI is building the Arma 3 single-player campaign is actually dependent on not-resetting... Share this post Link to post Share on other sites
dmarkwick 261 Posted April 24, 2013 It makes no sense to allow persistent variables to carry over from one mission to the other, and can only lead to frustration like this one (or the "overwriting NIL problem... etc). ... unless we wish to consider running stats or DayZ-like persistent behaviors.... but in any case I agree there shouldn't be any inter-mission info exchange. Share this post Link to post Share on other sites
SanMiguel 10 Posted April 24, 2013 (edited) I don't get the complete picture with the 'injection' or 'hack'. So does it really not change any file on my client and are we sure that's only temporarely, means in memory and as soon as I restart the game it's gone? Edited April 24, 2013 by Winglet Share this post Link to post Share on other sites
maddogx 13 Posted April 24, 2013 I don't get the complete picture with the 'injection' or 'hack'. So does it change any file on my client or is that only temporarely, means in memory and as soon as I restart the game it's gone? No, it doesn't change or create any files. The hack simply overwrites one or more script functions in memory with malicious code, which then spreads itself to the server and all other active clients in an MP session once it is triggered during a mission. This is the reason why "infected" players can transfer it to other servers. It can't do any real damage to your game or operating system though, and restarting the game will get rid of it, so it isn't permanent in any way. Share this post Link to post Share on other sites
raggamafia 10 Posted April 24, 2013 Has anybody tried overwriting BIS_fnc_MP with BIS_fnc_MP = {}; in the init.sqf of his mission yet? Share this post Link to post Share on other sites
Hammerballz 10 Posted April 24, 2013 (edited) Has anybody tried overwriting BIS_fnc_MP with BIS_fnc_MP = {}; in the init.sqf of his mission yet? We are currently working on a small server-side Addon but we´ll need to test it with many players since we can´t obivously get the hack by ourselves. So everyone who wants to help out testing, just fill our ACRE Server. (Addon will be implemented for testing today, at about 2 PM GMT+1). Not sure how this will turn out though ! :D Any help is appreciated! You can find IP-Adress and Server name in my Signature! Best Regards Hammer Edited April 24, 2013 by Hammerballz Share this post Link to post Share on other sites
Dwarden 1125 Posted April 24, 2013 (edited) you can't stop them (for now, until we deploy additional updates), because there are dozens of ways how overwrite and execute scripts remotely ... it's not just this one function ... w/o low level access it 's lost fight by default Edited April 24, 2013 by Dwarden Share this post Link to post Share on other sites
moricky 211 Posted April 24, 2013 Hi, we're aware of the issue and working on a fix which should prevent "hijacking" a function (like BIS_fnc_MP) for hacking purposes. Share this post Link to post Share on other sites
rundll.exe 12 Posted April 24, 2013 And on top of that, setting BIS_fnc_MP with BIS_fnc_MP = {}; would break the mission, and make it prolly unplayable (depending on the mission complexity). Share this post Link to post Share on other sites
Hammerballz 10 Posted April 24, 2013 Atleast we start fighting against it now until BIS provides Security contents. Share this post Link to post Share on other sites
