Deathspike........ -1 reply

Please wait...

eezstreet

Lord of the .DCC files

50 XP

16th June 2008

0 Uploads

2,662 Posts

0 Threads

#1 11 years ago

So I tried installing SAC (Simple Anti Cheat) to JA, but AVG says it's a trojan horse :rolleyes: Any thoughts on this?




Raz0r

Worse than most terrible

50 XP

27th September 2006

0 Uploads

6,737 Posts

0 Threads

#2 11 years ago

It's the way SAC was programmed. There's no way around it. It's all clear.

Some anti-viruses can't figure out what the hell it is (Due to being packed to prevent disassembling which would lead to vulnerabilities and therefore more cheats being made) so they flag it as infected without having any proof.

It also has to monitor the way JA is acting and see if there's anything hooked/changed. Behaviour like this is similar to rootkits/trojans/etc so some anti-viruses will flag it based on this.

SAC, however, is not a virus.




Sato

I just changed my sig 0.0

50 XP

16th December 2008

0 Uploads

389 Posts

0 Threads

#3 11 years ago

Are we 100% on that?

Lol jk




MaceCrusherMadunusus

Movie Battles II Mapper

50 XP

12th January 2005

0 Uploads

323 Posts

0 Threads

#4 11 years ago

Sato13;5178427Are we 100% on that?

Lol jk

Well, as of thus far, running it through MBII beta being a primary tester, and then through release... and for some months at that, I have been fine thus far :P




NAB622

EAT ME!

50 XP

8th October 2005

0 Uploads

6,921 Posts

0 Threads

#5 11 years ago

Sato13;5178427Are we 100% on that?[/QUOTE] I'll say it for serious.

For all you know, you could be giving Deathspike complete control over your computer and letting him create his own botnet. Now, I highly doubt that is the case, but where's the proof?

From what I've heard, Deathspike has the source code to many of the major JA mods, but won't give out the code to SAC to anyone at all. Yes, I realize that leaking the code to everyone is a major mistake - that's not what I'm saying to do. All I'm saying is, how do we know this supposed anti-cheat program is safe? If I am mistaken, please inform me, because I am very interested in SAC.

[QUOTE=MaceCrusherMadunusus;5178545]Well, as of thus far, running it through MBII beta being a primary tester, and then through release... and for some months at that, I have been fine thus far :P

That's no reason to assume safety...ever. Viruses and such run completely silent nowadays, and may not activate until a remote command is passed. And even then, they still run silent - all you would ever notice is that your internet will occasionally have some activity on it.

This reminds me of KOTF, when Tim swore that there were no trojans in the mod, but the uninstaller was loaded with 13 confirmed ones. After something like that, everyone should be on their guard even more. Yet we all just blindly download any old utility just because it's said to make the game more fair to everyone and all the major mods are including it.

Proofs. I wants them. Present them for Christmas. :3




Raz0r

Worse than most terrible

50 XP

27th September 2006

0 Uploads

6,737 Posts

0 Threads

#6 11 years ago

NAB622;5178561For all you know, you could be giving Deathspike complete control over your computer and letting him create his own botnet. Now, I highly doubt that is the case, but where's the proof?[/QUOTE]Okay, do you realise using Ultra Utility, any lightweight minimiser, etc runs the exact same risks?

So what, Deathspike is a hacker. A damned good hacker. I respect him in ways I doubt I am able to respect anyone here.

NAB622;5178561From what I've heard, Deathspike has the source code to many of the major JA mods, but won't give out the code to SAC to anyone at all. Yes, I realize that leaking the code to everyone is a major mistake - that's not what I'm saying to do. All I'm saying is, how do we know this supposed anti-cheat program is safe? If I am mistaken, please inform me, because I am very interested in SAC.

You are mistaken. Fact is, even if the source was to be released, no one would know what the hell it does. It's written in ASM. Pure machine code. I know maybe 3 people who could attempt to read it. Deathspike, BobaFett, and someone else. Hackers. Deathspike is not the only one with the source anyway.

[QUOTE=NAB622;5178561]That's no reason to assume safety...ever.

There's no reason to assume harm. Unless, you know, you're willing to say Ultra Utility and every single third-party program made for JA is a virus.

I'm going to lock this now. I've seen enough people getting skeptical over this. I won't have it happen here. Get your damn facts straight people, I'm sick of people accusing innocent people who have provided you with an anti-cheat.

:lock:




UU_BobaFett

JKG Lead coder

50 XP

18th July 2006

0 Uploads

202 Posts

0 Threads

#7 11 years ago

There's one reason, and one reason alone, that anti-virus scanners are acting up cuz of SAC. That reason is the packing software used to protect SAC from being cracked (easilly).

While packing software is very useful in protecting software against crackers, it has also been abused to hide virusses, as such, many virus scanners automatically flag packed software as a precaution, since it's unable to scan the actual contents of the file. So whether or not the actual program is a virus, the mere fact its using packing software is enough to make the virus scanner say it's a virus, even though that may be a false positive.

As far as SAC is concerned, I for one have seen the source code for it, and i know it does not contain anything malicious. Furthermore, i've also ran an unpacked compile of SAC through about 30 anti-virus scanners, every single one saying it was clean.

So SAC is perfectly safe to use, the only reason your AV is getting a false positive is due to the packing software used. In fact, if you check out the name of the 'virus' it identified, it's very likely it's either called a packer, or the name of the packing software in question. So try googling the name of it.




bruceleet

I don't spend enough time here

50 XP

14th July 2009

0 Uploads

22 Posts

0 Threads

#8 11 years ago

I can't see this seeing much use, although I'm all for making the game more balanced the fact that it is being flagged as a virus will deter people from using it.

I think a unpacked one would be much more appropriate and user friendly.

Just to claify, I completley understand why it was packed and as a person who would want to play without people cheating I agree with your methods. but from a realistic perspective I don't want to turn off my virus protection just to play.

(I don't actually have jka or sac install, never tried sac, however I thought I would just throw my 2 cents in)




Raz0r

Worse than most terrible

50 XP

27th September 2006

0 Uploads

6,737 Posts

0 Threads

#9 11 years ago

SAC is only used for 3 mods that focus on gunner combat. (You know, where wallhacks and aimbots actually make a difference)

bruceleetI think a unpacked one would be much more appropriate and user friendly.

I think an unpacked one would expose vulnerabilities and provide an onslaught of cheats :\ Without packing the binaries, the protection would be rendered useless in minutes, so that's a no-go. People should just understand the issue and make an appropriate decision. If you don't want to trust anyone, then have fun with no anti-cheat protection. :/




bruceleet

I don't spend enough time here

50 XP

14th July 2009

0 Uploads

22 Posts

0 Threads

#10 11 years ago

I have no problem trusting deathspike, he has a very good reputation in jk2 and I've never had a problem with his mods.

I just felt it was needed to point that out.