Video Game Generation

RSS 2.0 News Feed

Add to My MSN!

Add to My Yahoo!

Add to Google

Nintendo Defense Force

As Featured on News Now

Valid XHTML 1.0 Transitional

Hack Job

By: Andrew Joy

Of all the hats I’ve worn, I’m sorry to say technophile is one that no longer fits. It was slow to sink in, at first, but even after shaving-down and oiling-up my head, I found I simply couldn’t stand the vice-like grip it had on my skull. Which is a shame, since it really goes with this shirt...but I digress. There was a time when it did, of course, but back then, HTML was still on the cutting edge and even having a dial-up connection could make you the envy of the neighborhood. However, all it took was a brief hiatus – one rather forced upon me after my family held me responsible for wiping the only computer in the house, and the PC itself, falling in with their vitriol, filed a restraining order – and I came back to a completely different world. In this strange new place, PHP is more than just a jumble of letters and I fear that at any second the Smithsonian is going to burst into my home and confiscate my 56K modem.

Book

Luckily, while its methods may have changed, the Internet is still used for roughly the same things it always was: Porn. But also, tracking down and committing to memory information of questionable accuracy, communicating at the speed of light with messages about as intelligible as a drunken Irishman convinced the world will end if he doesn’t replace every word with some form of anagram, acronym or abbreviation, and playing games for hours on end after you’ve specifically set away that time for school or work. And, to that last part, Exploiting Online Games: Cheating Massively Distributed Systems speaks. You see, having pretty much the same old Internet used by the same old people unfortunately also means that there are still people out there who will use it for evil, and any tool in the wrong hands can be a weapon.

In an age where, for as much as technology and security have improved, so have the hackers, people can’t so much as check their e-mail without taking the most basic precautions (something akin to having an armed courier physically deliver a printout of your inbox each month), Greg Hoglund and Gary McGraw set out to, quite literally, write the book on the subject. Or, at least, on the part of it that is relevant to the readers of this site: online gaming. If you’re wondering what sort of qualifications these two have, fear not, both have deep roots in the subjectt, having written a number of books and founded or played an important role in several Internet security companies. Strangely enough, it is that very background that also makes their motives a little more questionable (in the same way that it doesn’t make business sense for a pharmaceutical company to actually cure the common cold). I say, “a little more” because – apart from already having a somewhat suspicious title – I often felt as though Exploiting Online Games tended to detail things a little too explicitly.

While pointing out the weaknesses in our digital playgrounds is only to be expected when someone’s looking at how to fix them...Hoglund and McGraw hardly ever seems to get around to the actual “fixing” part. Instead, after pointing out said weaknesses, the two decide to tell you how hackers exploit them. One could, of course, chalk this up to understanding that even providing a fix is futile since where there’s a will, there’s a way (meaning even if you secure one area, a determined ne’er-do-well will still find a way in), but they may have taken it too far. Somewhere between the completely acceptable ideology of knowing your enemy and figuring out how to use their own weapons against them, the authors are also arming regular people with the same knowledge that makes hackers such a danger in the first place. Even though the two make it quite clear that they do not in any way condone that sort of activity (and maintain that the average hacker already likely knows much more than they reveal), I simply cannot agree with the methodology.

Book

On the other hand, you can be confident that the book is quite comprehensive. (That’s right, even in the midst of lambasting Exploiting Online Games, I can still manage to find a positive - but, hey, after you play enough lackluster games, grasping for silver linings is the only thing that keeps you from dangling from the end of your controller cord.) Anyway, whether you are a cautious gamer or a budding hacker, this book covers almost every aspect of what is going on, why it is happening and how to do it. As you delve deeper into the book, the techniques described get progressively more complex. When it starts out, you are merely discussing things such as the dreaded EULA and how to acquire games for free, and from there you move on to taking advantage of in-game bugs to actually hacking a game, including the use of bots, reverse engineering and mods. I can’t say for sure whether anything in the book could actually be put to practical use – after all, I’ve had no interest in hacking thus far and I don’t have any inclination to start now – but when the book is providing you with step-by-step instructions or even splashes of raw code, it seems to have no problem pointing you in the direction of people who can.

And there, as they say, is the rub. While it is not uncommon for a book of this sort to reference figures and illustrations or cite its sources (both of which are done quite a bit here), Exploiting Online Games takes particular glee in constantly providing you with various helpful web addresses...several times...on almost every page. Now don’t get me wrong, when I’m, say, reading through a Wikipedia article, I find it quite handy to be able to click on the various related articles and peruse them for a bit of extra insight into the matter at hand. However, Wikipedia is online and, unfortunately for the authors, this book is not. Now, being a gamer, I’ve seen my fleet fingers do some pretty amazing things from time to time, but no amount of pounding on the pages managed to open any of the links. I even tried pointing at it with my Wii Remote – which, as I’ve seen on the Internet (so it has to be true!) has successfully been adapted to control everything from a PC to a toaster to the populations of some third-world countries with way too much fluoride in the water – but to no avail; the book remained as non-interactive as ever, which makes it a bit inconvenient to anyone who ever intends to step away from their computer for more than a few minutes.

I, of course, realize that I am not the intended audience for this book. As I said before, the technophile hat simply doesn’t fit anymore, and I’ve never even tried on the black hat of a hacker. However, one of the biggest problems with this book is that the authors themselves seem to be a little bit confused as to at whom it is targeted at. They could surely feign innocence at the thought that the information inside could ever be used for anything but higher learning and creating an edge against hackers by knowing what to expect, but to think that some of the information in this book is completely harmless, whether it is provided up front or simply giving the location of where to get it, is nothing more than naïve. There may be times when its veil of simplicity slips and you are slapped in the face with something technical in such an off-hand way that it seems a miracle you can even turn on a PC, but that doesn’t happen nearly as much as when the authors drop the disguise that this book is meant for only well-intentioned people. Regardless, if you can wrap your head around it, Greg Hoglund and Gary McGraw’s Exploiting Online Games: Cheating Massively Distributed Systems remains a wellspring of knowledge, no matter your intentions.

Posted: 09/23/2007