Gen 2 NB 0.97 is up

[highstakespkmn]

get out gsc team and fight get out gsc team and fight get out gsc team and fight get out gsc team and fight get out gsc team and fight get out gsc team and fight get out gsc team and fight get out gsc team and fight

 

[kd24]

bob snapped me like a twig in rby but you know what i came pretty close in gsc and we didnt do a rse battle i think but we all know who would win that (me)

 

[highstakespkmn]

oh this one noob found my weak with 2 consecutive critical hits (he needed both)

it was my first loss in GSC in ages. I AM PISSED AND MUST TAKE ANGER OUT ON NEAREST NOOBATTLER.

 

[ABC-Trainer]

WHITE SMOKE

 

[obi]

WPA2 has nothing to do with netbattle, what in the world are you talking about?

We are changing the encryption method for alot of things anyways.

I was using that as an example of open encryption. Everyone who has the desire to learn how WPA2 works can. It's an open specification.

When the guys who came up with AES (Advanced Encryption Standard) were looking for the method of encryption to use, one of the requirements is that it not be a trade secret / closed source. The cipher chosen, Rijndael, has articles explaining absolutely everything in it.

Or, more topically, consider TLS (Transport Layer Security, formerly SSL, Secure Sockets Layer. This is what you're using when your browser says "https://..." instead of just "http://..."). It's a method of creating secure communication from endpoint to endpoint such that no one (not even your ISP) is able to view the contents of your message (unless one of the endpoints is compromised, for instance, with a virus).

Why does this matter?

http://en.wikipedia.org/wiki/Transport_Layer_Security#How_it_works

TLS is an open protocol. Why this is all relevant to my previous post is simple:

"A method of encryption that requires people to not understand it for it to work is a poor method of encryption."

In the Diamond Pearl patch that my team and I are making, all "security holes", (which were all just because of source code leaks) have been fixed.

You're relying on security through obscurity rather than security through secure mechanisms. This is the point I was making. A truly secure system isn't broken by source code leaks.

Why is there no way for NB to be garanteed secure?

There is no way for anything to be guaranteed secure. Security isn't a final product so much as an ongoing process. You don't put something out and say "This is secure!". You make things as secure as possible, and then fix flaws as they're found. It's like what Moltke the Elder said: "No battle plan survives contact with the enemy.".

There was a firewall made for netbattle a long time ago (by Wizard, don't know if you guys know/remember him), and we have a firewall that is built in, we are coding it to auto-block floods.

"DDoS" does not do anything to netbattle servers, the programs that "flood" are programs made almost specifically for netbattle. *Cough Jashdias' boah bots**Cough Connection-SpamBots*. They will flood your server anyways, therefore the build-in firewall will block and rendering it useless.

How do you identify a flood, though? So you block X number of concurrent connection attempts. They do a Distributed Denial of Service attack to go around any filtering by IP or SID by having the attack come from several computers all around the globe. So you implement some heuristic to determine spam (tons of people sending the same message is probably spam), so they write a better spam bot. You find a way to counter that and they abuse your method of establishing a connection to take down your server with the extra processor overhead associated with powerful spam-detection heuristics. It's a constant cat-and-mouse game, you can't just say "OK we've solved security.".

Why would a battle even last 1024 turns? Obviously we will patch this up but that is a horrible excuse to say it is not "Secure".

My idea of security isn't that it only works when people are doing what's expected. The point of a secure program is to take into account the fringe cases where people are stretching the program to its limits.

 

[green_flash]

they didn't fix in-game bugs, though =(

 

[White Base]

I was using that as an example of open encryption. Everyone who has the desire to learn how WPA2 works can. It's an open specification.

When the guys who came up with AES (Advanced Encryption Standard) were looking for the method of encryption to use, one of the requirements is that it not be a trade secret / closed source. The cipher chosen, Rijndael, has articles explaining absolutely everything in it.

Or, more topically, consider TLS (Transport Layer Security, formerly SSL, Secure Sockets Layer. This is what you're using when your browser says "https://..." instead of just "http://..."). It's a method of creating secure communication from endpoint to endpoint such that no one (not even your ISP) is able to view the contents of your message (unless one of the endpoints is compromised, for instance, with a virus).

Why does this matter?

http://en.wikipedia.org/wiki/Transport_Layer_Security#How_it_works

TLS is an open protocol. Why this is all relevant to my previous post is simple:

Point taken.

"A method of encryption that requires people to not understand it for it to work is a poor method of encryption."

It doesn't have to be "non understandable", tbh I do not know why Ian did that. However due to some things I've seen people do whilist not even having the source, and just using WPE pro, a "non understandable" encryption method was the way to go.

Of course we can try an "understandable" ecryption method, but unfortunately this will lead people to be able to make their own source codes/patch up old encryptions from old codes, which is what we do not want in the update, because of old ordeals the past, and we want to keep it a closed source (once again)(or atleast till late stages).

You're relying on security through obscurity rather than security through secure mechanisms. This is the point I was making. A truly secure system isn't broken by source code leaks.

Before source code leaks, the only "security issue" was DoS (not DDoS) attacks (By programs made specifically for netbattle, not just any DoS or DDoS programs). Once Masamune gave the first source code leak to some people, thats when the first crash packets were discovered.

There is no way for anything to be guaranteed secure. Security isn't a final product so much as an ongoing process. You don't put something out and say "This is secure!". You make things as secure as possible, and then fix flaws as they're found. It's like what Moltke the Elder said: "No battle plan survives contact with the enemy.".

We are not claiming the update to be a 100% secure thing, crash packets/exploits will be almost always found and used.

How do you identify a flood, though? So you block X number of concurrent connection attempts. They do a Distributed Denial of Service attack to go around any filtering by IP or SID by having the attack come from several computers all around the globe. So you implement some heuristic to determine spam (tons of people sending the same message is probably spam), so they write a better spam bot. You find a way to counter that and they abuse your method of establishing a connection to take down your server with the extra processor overhead associated with powerful spam-detection heuristics. It's a constant cat-and-mouse game, you can't just say "OK we've solved security.".

Like I said, netbattle normally does NOT only get DDoSed, it is almost always just a DoS (1 person). Netbattle gets [D]DoSed by programs made specifically for netbattle, aka netbattle-spambots. If you load any DDoS tool (Lets say LOIC just as an example), it will do slim to nothing. The spambots only "crash" by connecting in miliseconds, clogging up the sockets, leaving people unable to connect and delivering horrible lag. They also don't spam the same socket, they go in a numerical-order from least to greatest. Only 1 person made a bot that spams the same connection, but he made that with the netbattle source code, and covering something that spams the same socket is not hard.

Anyways for a bot to do anything it atleast has to "spam" at a rate of under 100ms, and it has to be made specifically for netbattle, because netbattle uses packets, and a normal [D]DoS tool will not be able to spam the packets, just a connection at like 1 connection every 1-2 seconds.

12:19:03 PM - Connect request received
12:19:03 PM - Request connected on slot 6
12:19:04 PM - Connect request received
12:19:05 PM - Request connected on slot 7
12:19:05 PM - Connect request received
12:19:05 PM - Request connected on slot 8
12:19:06 PM - Connect request received
12:19:06 PM - Request connected on slot 4

A different DoS tool is being used here, LOIC just flat out fails

Besides the fact you can manually block the IP address (is it 1 d or 2 d's?), it takes a while before the bot actually rapes your server, granted you have a decent computer/connection.

My idea of security isn't that it only works when people are doing what's expected. The point of a secure program is to take into account the fringe cases where people are stretching the program to its limits.

There are only very slim instances where the program is stretched to its limits, and these are being patched up (it is basically bots flooding connections and the battle's lasting 1024 turns, if you know any other thing like this please let me know

Also I remember AA had a log of all the netbattle bugs while the archive was still around, (of like ancient threads), but now that it is gone I don't know what the bugs are, besides stuff like Sub blocking spin when it isn't supposed to and Blaze kick burns fires, if you happen to have a bug-log that would be much appreciated.

Also if I misunderstood you in any way feel free to correct me.

 

[Lutra]

I'm not sure if Sand Veil works, it certainly doesn't on Dugtrio.

 

[obi]

Here is a list of NB bugs that I maintained for a while (although there are several others, I don't know what they are because we stopped using that thread when we stopped using NetBattle):

http://www.smogon.com/forums/showthread.php?t=11965

We are not claiming the update to be a 100% secure thing, crash packets/exploits will be almost always found and used.

"0.9.7 release notes:
- Servers can't be crashed any more;"



I personally can never trust the security of any program I am unable to audit.

 

[White Base]

"0.9.7 release notes:
- Servers can't be crashed any more;"

I personally can never trust the security of any program I am unable to audit.

This is a lie, since the source code was made public, if anyone has the time to crack the encryption then the same problem will occur.

Also thank you very, very, very much for the bug log.

 

[Life]

Thanks

 

[obi]

People have yet to crack Rijndael, and the fundamentals of that system have been known for hundreds of years. (AES winner = Rijndael)

"AES is the first publicly accessible and open cipher approved by the NSA for top secret information (see Security of AES, below)."

I said earlier that the specification is completely open: here is an implementation of Rijndael in C, C++, C# / .NET, Delphi, Erlang, Flash, Java, Javascript, LISP, Perl, and PHP. Take your pick of how like to see it written out and take a crack at it.

http://en.wikipedia.org/wiki/Advanced_Encryption_Standard#Implementations

If you don't like Rijndael, how about Blowfish, Twofish (the updated version of Blowfish), or Serpent? Serpent was the second-place cipher in the AES competition, and as such, is also public domain. Blowfish and Twofish are public domain as well (Twofish was yet another one of the five AES finalists). Serpent is actually thought to be more secure than Rijndael, but the difference in security is the difference in "takes the life of the Universe to crack" vs. "takes several lives of the Universe to crack", and Serpent is slower.

These are all good enough security for the U.S. government, and they are all open specification.

I disagree with your assumption that leaks in code are the cause of security flaws, unless the code itself has holes to be exploited. My point is that if the source is closed, no one can know that

a) there are no accidental flaws left behind (fewer eyes reading the source, and the people reading it are the people writing it, so they're more likely to look over the mistakes because they are the same people who made them), and

b) there are no back doors in the code.

Even if the program is written in a language I don't know (for instance, Ruby), if I so desired I could some day learn that language and then read the code myself to check for either of these security holes. Alternately, I could find a trusted friend who is familiar with the language and have them check it out for me. Either way, I don't have to trust every developer out there with my security. I don't know any of the NB programmers, so I have no particular reason to trust them; in fact, even if I did know the developers personally, I'd still want to be able to audit code.

There are many examples in which the most secure programs are the open programs. Firefox is more secure than IE, Linux is more secure than Windows, TrueCrypt is more secure than whatever alternatives there are to that. I actually cannot think of a single case in which closed programming has been more secure than open programming. Even in the case of closed-source programming, the actual security mechanisms are usually published.

(06:27:23 PM) Colin: all of the actual security algorithms those nonfree programs use are usually published
(06:27:28 PM) Colin: even Microsoft publishes its security algorithms
(06:27:45 PM) Colin: nonfree programs do tend to be less secure, but it's more because of coding errors and other oversights due to fewer people reviewing it
(06:28:04 PM) Colin: all big software companies publish papers on their security algorithms though
(06:28:09 PM) Colin: since they recognise the value of that
(06:28:52 PM) Colin: e.g. the Microsoft research journal