You can’t analyze their clients. And everything the server sends to clients can be used to them. So x-ray is in fact totally legit. Hmm, Maybe we could make a plugin that disguise ores with stone when their isn’t air attached to the current block. But ya that consumes server resources of course. Also counts for other things that can be exploit.
Disguising ores will affect those users that doesn’t have x-ray installed?
Not really, they can’t see these blocks :). For them I would just send the correct block the moment they start digging the stone block next to it.
Oh, that would be a really great idea then. I wonder if there is already a Bukkit plugin that offers this functionality.
Same here! First multiplayer server I went on, was in like 2012 or 2011. People helped me get zombe’s fly mod, which was really cool. Now, even talking about fly mods can get you banned on some servers. It’s rediculous but sort of understandable for some servers.
Having forms of x-ray mods on the client can be useful for admining purposes, like when you are copy/cut and pasting (moving) stuff around on the server, it can allow you to see if you got everything in the copy by allowing you to look for the players underground structures.
I started my server back in 2010 and had very loose rules when it came to flying on the server, as long as they didn’t set like 4-5x plus speed on it I was generally ok with it.
As for the rules that I have on my server, I usually allow flying on it, for my vip players(The more long term / trusted players on my server.). They can use either zombe or classic style flying by either classic mode or the /fly command for flight. I’d prefer them to use classic style flying over zombe though. However I wouldn’t really want them to use ore finding x-ray on the server.
I can still see how some server’s wouldn’t want their players to use fly on their servers, as it can lag their servers if they set a very high fly speed on their client, it’s possible to set a fly speed so high on zombe that you can fly 100 units in about 1-2 seconds flat, at least you can limit that speed by using classic style flying on the server. Also pregenerating the world on the server can help with lag if they happen to use fly in an area that otherwise wouldn’t have been generated.
2 Likes
I was under the impression that Spigot already had the functionality to disguise ores. In the spigot settings, there is settings for it, and from what I’ve seen on my server, seems to work decently enough. If I’m not mistaken, it only disguises the ores when the chunk data is initially sent and when it’s reloaded. If you alter a block and insert an ore without reloading the chunk after, x-ray can still see it.
I’d be willing to say that the guys from Spigot working on Sponge may want to re-implement that feature again at some point, although maybe not immediately.
I think he meant that, per certain server rules, x-ray mods are illegal. In other words, some servers have rules against x-ray mods and it would be nice if those servers could choose to analyze a client’s installed mods for such mods. The bukkit approach was a number of server mods which fought x-raying… such as Orbfuscator.
This idea could be extrapolated to other types of mods as well though if a server wanted to ban other types of mods.
I don’t like the idea personally, but this is what he’s getting at I think.
It has the bukkit plugin Orbfuscator built-in and optimized.
1 Like
Does the server send the client the world chunk by chunk or block by block?
If it’s by block why not just not send any ores until a block beside them is updated?
I think ore obfuscaters generally work that way, and I think chunk by chunk. It likely loops through the blocks in a chunk and replaces the data for ore blocks with stone blocks unless there’s air/water/lava next to it.
That is where the inefficiencies come from, if it’s doing possessing by chunk then stopping to check each block adds a lot of time to the posses. I just figured if it was possessing each block anyway it might actually speed things to skip some, but it doesn’t do it by block, so my point was moot. (or is moot, IDK, I can’t grammar, I can barley English)
I feel like it does it once, then caches or saves it off some where, then only changes a chunk if some is doing something in that chunk. I could be wrong im just infering from what would make sense, to me at least…
That would make sense as well. I’m not sure if the client repeatedly requests for chunk data though, but seems a bit unnecessary to some extent. I just know that I can set a block under ground to an ore with WorldEdit, and Spigot’s ore obfuscator will show it until I unload and reload the chunk (which means it probably wouldn’t be cached or it’d reload the chunk with the ore visible in it). That’s about the only evidence I have as to how it works though.
From doing client analyzing with punkbuster back for the game America’s Army, it not only is a pain, but it’s very difficult. PunkBuster (PB) had to act like a rootkit to watch for .dll’s and .exe’s being hooked by the cheat clients. Cheats then got around this by doing things to avoid the checks, so then PB started taking screenshots of the client and sending them to the server. PB would then cause problems for normal users when a file was corrupt, or using non-cheating overlays.
tl;dr Client analyzing is more hassle than it’s worth.
Summer 2011, same here, my first server’s owner showed me how to get zombe 
Zombe’s modpack was all the rage back then.
1 Like
Why don’t they do something like how forge does it? When a player connects to a forge server with mods, it gets a list sent from the client, so why not have a feature that allows you to ban a certain mod ID that is contained in that list when a player connects?
If Sponge has access to fetching that list from Forge, then someone will likely write a plugin for that.
And has Sponge acceess to that data?