On.Security

Developing secure software is a challenge. Writing really secure software is a real challenge.
Here are the articles which touch different security aspects of software, from “what cipher suites are not to be used with TLS”, to certain more or less novel things under ‘Security Research’ subcategory

Bot Fighting 202. Time-Based Protection

January 23, 2018 by • “No Bugs” Bunny

Quote:

Whenever we detect that the time spent within a piece-of-non-blocking-code, is more than a few seconds – then, either the system is hopelessly swapping, or we're being debugged

Another Quote:

What if we send not just a challenge, but a “challenge which includes some piece of code to be executed on the Client-Side”?

Filed under: On.Security Fraud Prevention Book: D&D of MOGs 1st beta of Vol. VII-IX

Tagged With: C/C++Client multiplayer bot fighting crazy stuff

Bot Fighting 201. Part 4. Obfuscating Protocols. Versioning.

January 16, 2018 by • “No Bugs” Bunny

Quote:

we can handle several Client versions (each with its own obfuscation) with the very same Server.

Another Quote:

Then, if/when a zero-day bug is encountered in TLS – our obfuscation does provide additional protection even before the attacker can reach the code with that zero-day vulnerability

Filed under: On.Security Fraud Prevention Book: D&D of MOGs 1st beta of Vol. VII-IX Research

Tagged With: C/C++multiplayer Client IDL bot fighting crazy stuff