Alright, so by now you're aware that Diablo 3 has been designed with a new type of client/server security system and with methods of exploit detection.
I've also updated the Unrealized Reality of Diablo 3 post with an example showing what happens to areas that haven't been randomly generated yet, and how model editing (for the purposes of world crafting exploitation) is not possible in Diablo 3. Well.. there is sort of a way to still do it, but it's rather annoying and relies on a certain measure of random generation by the server. Plus, Diablo's Warden system will be checking for file modifications.
Anyways, F&F beta players are discovering that the client is doing a lot of little combat tricks in order to keep the flow of combat and mask latency issues. Unlike WOW, which is more turn based in hit and damage calculations, Diablo 3 seems to be taking some liberties with client side damage calculations. Maybe this is just part of the beta test and things will change when it goes live? Who knows.
There are more details here that help explain.
F&F sources have it that Blizzard are using a new method of client/server communication that provides a secure and tamper-proof method of using the local client to handle its own calculations, while sending the data to the server for verification.This is really good news for hackers.. it's something different, interesting, and a new challenge with some hefty financial rewards. :)
Even during bad latency, combat damage and related calculations are still being calculated on the client end so combat action and fighting appears seamless (and enemies can die) even with terrible latency.
This means that there's a client element involved, and if there is, it can be manipulated or exploited. For example, injecting swing count or damage numbers in the packet stream to increase DPS.
If I was designing the game, the approach that I would use would be a "forward thinking algorithm" where all of your combat damage is already pre-calculated several steps ahead by the server. This could be very easily done in all MMOs to reduce latency, and it's the approach I would take to improve client speed and response time (it's actually more of an illusionary effect) while simultaneously retaining security of data.
For example, you know how the D3 server streams map data to the client as territory is explored? Well, it could also be streaming (pre)randomly generated combat damage data to the client in preparation for all upcoming damage. Say, for example, 100 hits in advance of the actual combat. Even if your connection is experiencing heavy lag, both the client and server knows what damage and identical outcomes to all future combat will be. This way, the data can't be manipulated locally else it will fail security checks.
If this is true, it might also mean that drops are randomly calculated in advance too. :)
It's very clever, but it opens up some new challenges for Blizzard. For one, it means that future hit data would be pre-cached somewhere in memory (so players could essentially determine future damage and make adjustments to exploit it). Knowing future rolls would also allow a player to "reset" the stream to get better loot, but I doubt they would allow this.
That's if "future data" is actually streamed; no one has investigated this yet to confirm. However, if damage IS calculated by the client without a simultaneous server check (maybe there's one within a set period of time?), then latency hacks to adjust DPS will definitely be possible.
Can't wait until someone digs deeper into the client server packet stream. Maybe that D3 Emulator team might discover the truth during their investigation. :)
Blizzard has just announced that PayPal is their third party vendor for managing the Diablo 3 payment service.
We're pleased to announce that in most regions, PayPal will be our payment-service partner for the Diablo III auction house, allowing players who trade with real-world currency the ability to cash out the spoils of their battle-torn adventures via a PayPal account.Let me put on my shocked face.
PayPal will also soon be added in several regions as a payment option on Battle.net, providing another convenient and secure payment method for digital purchases of Blizzard products and services.
We’ll share region-related specifics, as well as further details on everything mentioned above, in the near future. Stay tuned!
I had thought it was pretty obvious when the two got into bed together to put other PayPal gold sellers and potential Blizzard competitors out of business. Now you why PayPal was so eager to help out Blizzard.. they must have been in negotiations. :)
This also means that PayPal might be unintentionally engaging in potentially illegal gambling once the Real Money Auction House is live. Should be interesting if the FBI launches a probe like they did in Second Life. I would love to see the matter finally settled on gambling within virtual worlds and Activision Blizzard is just the type of company to create the legal precedent.
I guess this also means that the RMAH will have at minimum 4 cuts now: the Listing Fee cut, the Transaction Fee, the Cash Out cut, and the PayPal Cash Out cut and other miscellaneous fees. There's also the government's cut. All I know is that when the Auction House fees are announced, there are going to be a lot of pissed off users. I suspect that $1 in revenue is quickly going to become a 50 cent profit.
If you are fortunate enough to receive a Diablo 3 beta invite, make sure you support Blizzard as much as possible.
Read quests and lore thoroughly for any spelling mistakes, investigate bugged items or quests, test out all features of the client, try out different drivers and different settings, and simply test everything you can think of.
When you submit reports, keep them clear, concise, and polite.
Providing excellent support now will increase your chances of being invited back for future beta tests. So, be extremely helpful and supportive of Blizzard and don't abuse the privilege of being selected as a beta tester.
Funny how people are completely convinced that since World of Warcraft has been around for 7 years, that there isn't anything left to exploit and all of the holes have been plugged. :)
What's even scarier, though, are the people who believe that "hacks" and "duping" have never happened in WOW. I see these arguments on forums all the time.. and it's very depressing each and very time. (Duping is still a common problem in WOW, and it's going to happen in Diablo 3 too.)
Anyways.. apparently, MMR exploits in World of Warcraft are still around. I don't really follow WOW anymore and I just learned about this by accident. I thought it was worth mentioning..
In fact, I can't remember a time when there HASN'T been a Match Making exploit available in WOW. These types of exploits have been around since Arenas were first launched. More details here on Reddit, and here's a link to the exploit. Users are trying to get as many people to know about the exploit as possible, so that Blizzard will do something about it.
The GCD hack was always my favorite though.
