Inactive [DEV] SpoutPlugin - Unleash the flow of endless possibilities [1.0-1.3.2]

Discussion in 'Inactive/Unsupported Plugins' started by SpoutDev, Aug 1, 2011.

Thread Status:
Not open for further replies.
  1. Offline

    SpoutDev

    In order to centralize support of our legacy projects, we will no longer be providing support on Bukkit. Please use www.spout.org for support with our projects going forward.
     
  2. Offline

    olloth

    I believe the server will CRC the addons on the client, and download the correct one if it is incorrect. There are ways to cheat this still, however this will cover 'basic' abuse. Beyond that, the only thing you can do is hope plugins are following proper security protocol and never trusting the client for anything.

    Also, there isn't any way to grab textures from vanilla/texture packs yet to my knowledge. This is on the to-do list and would make it considerably easier on you(and/or possible in the first place)

    EDIT by Moderator: merged posts, please use the edit button instead of double posting.
     
    Last edited by a moderator: Sep 9, 2018
  3. Offline

    Wulfspider

    Could what jar be downloaded upon login? We can't replace the whole minecraft.jar when they connect to a server. It's a completely different thing than downloading a zip file with textures in it.
     
  4. Offline

    Afforess

    Spout sends file that plugins ask it to send to the client. It creates a hash from the file size and name, and asks the client if they have a file matching that hash code. If the hash doesn't match, the server sends the file down. If it does, nothing happens. Changing the file will generate a new hash. There is nothing server admins or plugin developers should need to do to get new files to update.
     
  5. Offline

    ZerG

    -.- im finished sorry i wasted your time , maybe your not someone who is involved with a group of developers who made a plugin/client that automatically downloads its own updates and integrates client server interactions... if downloading a jar (or even checking) upon logging in to a multiplayer server is impossible or in-comprehendable to you im just finished ... enjoy your day sir.

    Aside from making it mandatory upon every login to a multiplayer server it doesnt matter if it SEEMS proper just replace and go every time, and the lord afforess giveth client security . there should be no option it should nuke and pave itself essentially , giving an untampered client i dont know how else to explain it...
    Minecraft has this massive problem wherein people cheat in a survival game its horrible really but i think spout/spoutcraft can solve this issue

    EDIT by Moderator: merged posts, please use the edit button instead of double posting.
     
    Last edited by a moderator: Nov 13, 2016
  6. Offline

    Chronx6

    Are you wanting it to be an option to force a update and redownload of the client on log in to a server? It seems thats what your getting at.
     
  7. Offline

    Wulfspider

    Apparently I misunderstood you if you are talking about addons. I didn't say it wasn't impossible to download or check a jar, but you are misunderstanding what I told you. I was trying to tell you that checking the minecraft.jar for integrity or modifications is trivial as there are always hacks to get around it. If you aren't talking about addons or the client itself, then you need to clarify yourself better.
     
  8. Offline

    ZerG

    if thats what it takes then yes spoutcraft can offer something mojang denys, client security. theres thousands of games that dont have the cheating issues that minecraft has and these guys have the skillset required to make this happen in minecraft . if spoutcraft is to be any better than minecraft it has to be a secure client that is what every admin looks for in server-client communication aside from making it cooler faster or prettier why not make it secure. Turn some heads :)
     
  9. Offline

    Afforess

    This is not going to solve security issues. You seem to be missing the basic fact of client side security:

    The client lies.

    If I try to tell the client to do X, it may ignore me. If I try to tell the client to download X, it may ignore. You can't make it secure by doing that.
     
    Wulfspider likes this.
  10. Offline

    ZerG

    How do all the other multiplayer games do it then afforess ? The way i see it its do-able and if you can come up with a secure multiplayer client for minecraft players you could charge $10 for server security , hell you could charge monthly if 10000 servers want that security ( im sure they do) thats 100k a month for your team do keep doing what they do best client/server interaction with a better client . What your saying is that every multiplayer game on the internet is not secure and can be modded freely without a server ever noticing...
    Im sure your capable of doing this as much as any other MP game has in the past Why not do some research into client security. I know your capable and i know its worth it :)
     
  11. Offline

    Afforess

    Valve's anticheat is not perfect. Any Team Fortress 2 player can attest to that. But there are ways to do client security, they would just take 2 months of my time (12 hours a day, every day, for 2 months) and would be complicated. I already layed out a possible solution a couple weeks back, but the problem is that I can't afford to put Spout on hold and code 72 hours a week. I have a life. Give me $100000 and I could do it for you.
     
    ZerG likes this.
  12. Offline

    narrowtux

    Usually, modding games requires A LOT more programming experience than just decompiling a .jar file.
    Because those games you speak of are usually written in C or C++. Even them get hacked but only a very few people can do that.
     
  13. Offline

    ZerG

    c++ client wrapper anyone ? and now that youve stated that it is possible i shake my tongue at you :p
    I understand its a huge undertaking but how long have you worked on spout at this point ? With your work you can make the game secure (or even 3rd party security theres a few companies), you could make a career of securing java based games, or you could just make a better minecraft client that notch has nightmares about. whatever your choice im glad you see that it is possible now out of the millions of people involved with minecraft why hasnt this discussion been played out thus far ? If your not willing to do it you could have just said that in the first place instead of saying its not do-able but you have created a client that seems better than mojangs why not go the extra mile to secure your time investment , Im sorry if i seemed to pry but is it not worth it ? If your going to be the best at something dont let yourself be underminded
    Please consider some means of anticheat for your client that way every server (that is properly ran) will be spoutcraft mandatory :) i have to hand out candy with the misses hah happy halloween guys !
     
  14. Offline

    olloth

    No it is not worth the time investment, we don't have the time nor manpower.
     
  15. Offline

    Wulfspider

    It's actually been talked about numerous times over the past few months in quite a bit of detail, but clearly you have missed every part of it. It's been stated that it is possible every time, but typically not worth spending a months developing something only to have it hacked as soon as you release it. It would be a constant battle at securing it that we really aren't wanting to do right now as the team is focusing on the API.
     
  16. Offline

    narrowtux

    @ZerG We have better stuff to do, such as:

    Rewrite ALL the screens!
     
  17. Offline

    BioRage

    Will we see pre-release 5 support? Or until bukkit has a legit RB for it? :p
     
  18. Offline

    Wulfspider

    No, there is no way we can since MCP doesn't update to pre-releases. We wouldn't anyways as it involves too much without having source access like Bukkit does.
     
  19. Offline

    Marcos Cosmos

    Wow.... You are a true testament to the importance of grammer.

    I'm just gunna off what other people said and assume you mean spout should force update on every login, regardless of whether the version is the same.

    Ontop of the obvious facts:
    • That hacked clients can trick the server into thinking it has forced update when it, in fact hasn't
    • That it would hold up other really useful and entertaining features to the point where no one would play spout because it seems as though the project has been deserted.
    I don't know how much money you have, or whether your server has speeds nearing a GB a second, but re-downloading every file on log-in would be incredibly resource intensive:
    • Is likely to crash spout's file hosting server and every single mirror within 30 minutes of the change.
    • Make it impossible for anyone without high-speed internet to play even if spout's server's survived, you might have 100GB a month at 100MB a second but down here in Australia, we're still using copper networks and although it's being upgraded, it's largely considered unimportant. Most people don't even have speeds of 100kb a second.
    What this all comes down to is the fact that what makes Minecraft, Bukkit and Spout so great is that they are flexible, moddable and give as much control to users as they can. In order to truly make Minecraft secure once and for all Notch would have to prevent modding, or severely restrict it, and not only is that physically impossible but the mere attempt would eradicate Bukkit and Spout, and no one wants that.

    Even Valve, who run Steam, which is well known as being highly secure and generally convenient, hasn't found a way to make Minecraft secure and keep the modding available. I remember Notch mentioning it on his blog, in response to requests to add Minecraft to Steam.

    It's not impossible to provide perfect security, but's it's not worth the effort.
     
  20. Offline

    ZerG

    not worth the time not worth the manpower and you have better stuff to do... youve spent how many months developing an api and a client now ? but you have to rewrite ALL the screens... that just seems ironic to me, thanks for your time gentlemen. and if you dont want the "constant battle" of securing your client dont bother making it, any jackass can make a secured version called spoutcraftplus download from your sources to keep it up to date and make bank from your efforts simply by securing YOUR time investments ! I hope you talk amongst yourselves about this a little more in depth as you offer something better than mojang does, the differences are that they make millions from their time and manpower and you work out of a free forum , they dont give a crap about what they release and you strive for excellence :eek:

    your not an intelligent man are you... and i have a few premium users from australia.. i feel bad for them
    im " gunna" look the other way for the rest of your comment :)

    EDIT by Moderator: merged posts, please use the edit button instead of double posting.
     
    Last edited by a moderator: Nov 13, 2016
  21. Offline

    Marcos Cosmos

    @ZerG Mojang hasn't found a way to do it, Bukkit hasn't found a way to do it, Spout is under no obligation to one-up it's foundations.

    Following your logic, Minecraft shouldn't exist? But you bought a server to host Minecraft on, and your here, on Bukkit, suggesting how awesome Spout is, then straight up insulting it, where's the intelligence in that? :p

    And how is rewriting the screens ironic? Do you know anything about software development what-so-ever? It's not by any stretch of the imagination unheard of.

    You have no idea what your talking about, if any jackass could do it, it would have been done.

    I'm not sure why you fear every little wrong-doer so much, but I'll tell you something, they target people afraid of them, it's more fun that way :3

    I know! To prove your point, you should do it, and see how it turns out.

    Do keep us updated :3
     
    Wulfspider likes this.
  22. Offline

    insanejoeperson

    No, I don't know, bu I assume they're not. I can't even log into servers without Spout, though.
     
  23. Offline

    registered

    Last version of spoutcraft freeze each time that loads texture
     
  24. Offline

    Wulfspider

    Which build of Spout and Spoutcraft? "Last version" is not a version and tells us nothing.

    Are you able to connect to our test server fine? test.getspout.org
    Also, what do you mean you can't connect to servers without Spout?

    EDIT by Moderator: merged posts, please use the edit button instead of double posting.
     
    Last edited by a moderator: Nov 13, 2016
  25. Offline

    registered

    I use spoutcraft client build 718. with old version work fine ,but now it's impossible to use.​
    I've tried to change various video settings,restore all files,but nothing​
    It's offline screenshot:​
    [​IMG]
    sorry,for my bad english​
     
  26. Offline

    narrowtux

    Do you use a texture pack?
     
  27. Offline

    registered

    no,it's a spoutcraft just installed
     
  28. Offline

    Wulfspider

    Well, it looks like you are somehow missing the default texture pack. I'd say try reinstalling after checking in your texture pack folder to see if it's even there.
     
  29. Offline

    registered

    my texture pack folder is empty,but i think the original pack is included in bin/minecraft.jar?
    however i tried with different texture pack,but nothing changes :

    www.sphx.it/Images/crash2.png

    Spoutcraft log:
    Code:
    [11:17:42] [INFO]    Spoutcraft Launcher is starting....
    [11:17:42] [INFO]    Spoutcraft Launcher Build: 194
    [11:17:46] [INFO]    17 achievements
    [11:17:46] [INFO]    161 recipes
    [11:17:46] [INFO]    Tile Size: 16
    [11:17:46] [INFO]    Setting user: Ivanpro, 3976523730917459911
    [11:17:47] [INFO]    Reading Configuration
    [11:17:47] [INFO]    Finished Reading Configuration
    [11:17:47] [INFO]    Launching Spoutcraft 718
    [11:17:48] [INFO]    WARNING: Found unknown Windows version: Windows 7
    [11:17:48] [INFO]    Attempting to use default windows plug-in.
    [11:17:48] [INFO]    Loading: net.java.games.input.DirectAndRawInputEnvironmentPlugin
    [11:17:48] [INFO]    Starting up SoundSystem...
    [11:17:48] [INFO]    Initializing LWJGL OpenAL
    [11:17:48] [INFO]        (The LWJGL binding of OpenAL.  For more information, see http://www.lwjgl.org)
    [11:17:48] [INFO]    OpenAL initialized.
    [11:17:59] [INFO]    Tile Size: 32
    [11:18:17] [INFO]    Cleared Data
    [11:18:18] [INFO]    Changed World: rv@ebaf12
    [11:18:18] [INFO]    New max size: 484
    [11:18:18] [INFO]    New max size: 784
    [11:18:22] [INFO]    New max size: 1444
    [11:18:22] [INFO]    New max size: 4096
    [11:18:22] [INFO]    New max size: 4356
    [11:18:22] [INFO]    Placed stronghold in INVALID biome at (-24, -59)
    [11:18:22] [INFO]    Placed stronghold in INVALID biome at (52, 7)
    [11:18:27] [INFO]    Ran Once, Multiplayer: false
     
  30. Offline

    Wulfspider

    You are correct, I wasn't thinking. Did you try a reinstall to see if that would fix it? Other than that, I'm not sure what it would be. @Afforess may have some other ideas.

    Did you add any other client mods such as a minimap?
     
  31. Offline

    NinjaZidane

    I wanted to come by and say the new server browser (present in dev builds) has been simply amazing! I love how my server InspireNXE is easily accessible from it (including my logo).

    Even with the RB and its lack of an improved server browser, the traffic on our server has went up over 100x. We are still considered small-time but when we had over 600 UNIQUE (multiinv and citizens slammed me with files) people visit the server within 48hrs between the 29th-30th, that was truly something special.

    So from all of us at InspireNXE, thanks a bunch Spout :D.

    @olloth
    I thought about it a bit and I could go about it in two ways.

    1. Have Random Mobs be pulled from the texturepack (no clue how to do so and with your comment not possible XD)
    2. Simply have the server admin list out urls for mobs in a config file and well...they can pull in as many textures for mobs as they want and isn't texture pack controlled. Eventhough this puts more work on the server admin, I like this solution better as you can have more and more and more skins.
     
Thread Status:
Not open for further replies.

Share This Page