Hi!
Pedro-NF > There are some ideas to dig you seem to have a good skill 
I agree Pedro > 3 - Come up with a new solution for player identification completely independent from PB.
But I say to All CLAN & MODDERS ==> It could be better to ALL USE THE SAME * NEW SYSTEM * !
Why ?
==> To prevent etkey problems
==> To be able to have a Global WET Stat System
Do not want?.. it is your choice For sure all free 
WET FOREVER ? => Work Together !
Not sure what is the problem here. Do you actually want to build an alternative etkey, so it stays compatible with the old, and maybe forever inactive mods ?
Or do you want to create a new guid generation scheme, so that more active mods can use this scheme for guid generation and adapt it to their mods, so that things like XPSAVE and an Admin System, which are now broken (partly, still works with old guids, but not for new players with new game installation). I do not understand actually.
To be able to have a Global WET Stat System
Do not understand either. A global WET Stat System ? You think sites like splatterladder are now broken, because players will not have a guid ? No, the only problem sites like this face is overcoming their own policy of not tracking servers, where cheat protection is disabled. Sites like sl, as said before, do track by name by the way, not by guid.
But I say to All CLAN & MODDERS ==> It could be better to ALL USE THE SAME * NEW SYSTEM * !
ā¦
Do not want?.. it is your choice For sure all free
WET FOREVER ? => Work Together !
If you want to have guids which are easily spoofable, then ok. Do it. But i think i will aim for not spoofable guids Much better imho, working on that. And then i would not replace the etkey, or search for a file like this, i would simply create my own guid, and then adapt it to my xpsave system or admin system. Gets things done actually.
Only thing left would be cheat-protection, but i do not want to make a life-time job out of this ā¦
[edit]
also problem with the guid generators you are now creating is you could potentially overwrite already existing etkeys. So you already broke integrity there. Correct me, if i am wrong.
[editĀ²]
Having an algorithm which ensures integrity and which generates guids locally, at the client, is probably the best solution. Even better when itās not spoofable. But that would already break compatibility with the old mods, who stay inactive because they do not care, or are occupied with other things.
Iām the one whoās not sure what youāre blabbering about. The objective is, as an emergency measure, to make it possible for new players to play by providing them with standard format etkeys, minimize the impact of the whole EvenBalance-dropping-PB-support problem for server admins and players, and in the long term, to try to find another solution for player identification which active mods would adopt. Is that clear enough for you or do you need a drawing?
Correcting you: the local PB server on the game server host generates the PB GUID based on a sequence of 39 random bytes in the etkey file. A byte (= 8 bits) can assume 256 different values, so with 39 bytes you have 256 ^ 39 (256 to the power of 39) possible unique combinations. Try to compute that number if you can. The PB GUID itself is formed by a sequence of 32 hex characters (0 to 9 plus A to F = 16 possible values), which allows for 16 ^ 32 unique combinations, another astronomic number. The probability of 2 equal GUIDās being generated is infinitesimal. As to GUID spoofing, the possibility of doing it with these custom generated GUIDās is the same as with the old GUIDās.
Now if you donāt mind, spare us from your clueless criticisms and leave the topic for the people who are trying to come up with constructive ideas.
[QUOTE=Pedro-NF;380934]Iām the one whoās not sure what youāre blabbering about. The objective is, as an emergency measure, to make it possible for new players to play by providing them with standard format etkeys, minimize the impact of the whole EvenBalance-dropping-PB-support problem for server admins and players, and in the long term, to try to find another solution for player identification which active mods would adopt. Is that clear enough for you or do you need a drawing?
Correcting you: the local PB server on the game server host generates the PB GUID based on a sequence of 39 random bytes in the etkey file. A byte (= 8 bits) can assume 256 different values, so with 39 bytes you have 256 ^ 39 (256 to the power of 39) possible unique combinations. Try to compute that number if you can. The PB GUID itself is formed by a sequence of 32 hex characters (0 to 9 plus A to F = 16 possible values), which allows for 16 ^ 32 unique combinations, another astronomic number. The probability of 2 equal GUIDās being generated is infinitesimal. As to GUID spoofing, the possibility of doing it with these custom generated GUIDās is the same as with the old GUIDās.
Now if you donāt mind, spare us from your clueless criticisms and leave the topic for the people who are trying to come up with constructive ideas.[/QUOTE]
Calm down please. No one is wanting to do a fight. If i sounded offending, i apologize.
Have a good night, i will go into my clueless sleeps now, and blabber away there. And maybe i will post a solution tomorrow, or not 
[QUOTE=Pedro-NF;380934]Iām the one whoās not sure what youāre blabbering about. The objective is, as an emergency measure, to make it possible for new players to play by providing them with standard format etkeys, minimize the impact of the whole EvenBalance-dropping-PB-support problem for server admins and players, and in the long term, to try to find another solution for player identification which active mods would adopt. Is that clear enough for you or do you need a drawing?
Correcting you: the local PB server on the game server host generates the PB GUID based on a sequence of 39 random bytes in the etkey file. A byte (= 8 bits) can assume 256 different values, so with 39 bytes you have 256 ^ 39 (256 to the power of 39) possible unique combinations. Try to compute that number if you can. The PB GUID itself is formed by a sequence of 32 hex characters (0 to 9 plus A to F = 16 possible values), which allows for 16 ^ 32 unique combinations, another astronomic number. The probability of 2 equal GUIDās being generated is infinitesimal. As to GUID spoofing, the possibility of doing it with these custom generated GUIDās is the same as with the old GUIDās.
Now if you donāt mind, spare us from your clueless criticisms and leave the topic for the people who are trying to come up with constructive ideas.[/QUOTE]
Calm down please. No one is wanting to do a fight. If i sounded offending, i apologize.
Have a good night!
[QUOTE=Pedro-NF;380934]Iām the one whoās not sure what youāre blabbering about. The objective is, as an emergency measure, to make it possible for new players to play by providing them with standard format etkeys, minimize the impact of the whole EvenBalance-dropping-PB-support problem for server admins and players, and in the long term, to try to find another solution for player identification which active mods would adopt. Is that clear enough for you or do you need a drawing?
Correcting you: the local PB server on the game server host generates the PB GUID based on a sequence of 39 random bytes in the etkey file. A byte (= 8 bits) can assume 256 different values, so with 39 bytes you have 256 ^ 39 (256 to the power of 39) possible unique combinations. Try to compute that number if you can. The PB GUID itself is formed by a sequence of 32 hex characters (0 to 9 plus A to F = 16 possible values), which allows for 16 ^ 32 unique combinations, another astronomic number. The probability of 2 equal GUIDās being generated is infinitesimal. As to GUID spoofing, the possibility of doing it with these custom generated GUIDās is the same as with the old GUIDās.
Now if you donāt mind, spare us from your clueless criticisms and leave the topic for the people who are trying to come up with constructive ideas.[/QUOTE]
Calm down please. No one is wanting to do a fight. If i sounded offending, i apologize.
Have a good night!
I dont think Im alone with the question what it would cost to bring EB to the decission to continue the baseline support (to run at least the auth server).
Because IMO no actove development for ET took place within the last half year, the effort for EB shouldn`t be very big.
[QUOTE=schnoog;380945]I dont think Im alone with the question what it would cost to bring EB to the decission to continue the baseline support (to run at least the auth server).
Because IMO no actove development for ET took place within the last half year, the effort for EB shouldn`t be very big.[/QUOTE]
Donāt think that they would do that. Maybe you could ask them for the code / program for generating ETkeys, but even the chance of the giving you that is slim I think.
As for an alternative, can you catch /pb_cdkeyreg with lua? Or another command then just use lua to give a new key ingame?
Sorry, Yes I have not completely well explained some points
Yes new Different Global system [U]compatible Punkbuster but How ??
[/U]
The idea sound good but is that technically possible? we need all the necessary technical informationsā¦
Do you think Even Balance will provide technical advices regarding things with what they won their life ?
It is their company job you speak about You can dream if you think they will provide you the information.
Please ask you the question, if Even Balance will provide you some encryption they could already use for PunkBusterā¦
==> And PunkBuster etkeys have already been spoofed & fakedā¦ not really sure for security.
====> We can ask to cheaters but I think it is not a good idea !!!
*** BUT always the most important please read well ***
ā¦ is that possible to create a system that use ETKEY files exactly as PunkBuster ?
Do we have the enough technical information to do it ?
If we do not have all the technical informations it will not be possible to create a New Global compatible system from our own initiative that could KEEP the compatibility with the old etkey system!
And too do you want really use a system that already have some old securities issues ?
Yes it is finally better to create a new system. But it could be good if it could be Global for all WET MODs
It is not perfect but it is the best compromise to leave old etkey punkbuster system.
It is why I have suggested to Tomislav Zubcic the creator of TZAC to integrate in TZAC :
generates the PB GUID based on a sequence of 39 random bytes in the etkey file.
ā> the ET pb guid is calculated on the 18 bytes of data which start at offset 10 of the etkey file where are performed 2 md5 hashes first with the seed 0x00XXXXX and then with 0x000XXXX. <ā
I tried it with some etkeys and got the right pbguid (ofc. with the real values insted of XXXXX)
Furthermore its no problem to recalculate the etkey when at least the pbguid and the issue date of the etkey is knownā¦ in less then 10 seconds.
If only the issue year is known, not the exactly day, than the recalculation is done within a few hours.
We dont talking about a top secret army project, its ājustā ET and thats like the security messures work (don`t missunderstand me, the best game ever, ofcā¦ orā¦maybe topped from Giana Sisters 
)
[QUOTE=schnoog;380979]@Pedro-NF
ā> the ET pb guid is calculated on the 18 bytes of data which start at offset 10 of the etkey file where are performed 2 md5 hashes first with the seed 0x00XXXXX and then with 0x000XXXX. <ā
I tried it with some etkeys and got the right pbguid (ofc. with the real values insted of XXXXX)
Furthermore its no problem to recalculate the etkey when at least the pbguid and the issue date of the etkey is knownā¦ in less then 10 seconds.
If only the issue year is known, not the exactly day, than the recalculation is done within a few hours.[/quote]
Confirmed it here, changes to the values in the last 39-byte sequence wonāt change the generated PB GUID. I didnāt look into the code that computes the GUID from the etkey file data, just compared a few etkeys and since they all had this random 39 bytes at the end, I assumed that EvenBalanceās code used those to generate the PB GUID. The little damn things are even more spoofable than I thought then. Anyway, I think youāll agree that GUIDās computed from our custom generated etkey files arenāt more spoofable than the ones generated from their files.
Did you get to look at the code (or run tests) to see if they only take into consideration the least significant nibble of the bytes that make up the date and time? If the code doesnāt do an AND $0F on those bytes, we can make the GUIDās stronger by using all 8 bits of all 18 bytes that are used for the calculation. I saw that your etkey files only use values from 0 to 9 for those bytes. Well, Iām gonna test it right away.
Double heresy. ET is a top secret universal project, and instead of Giana Sisters, Armalyte FTW (it you meant the C64 game, not the arcade version).
Tested it here and they use all 8 bits from those 18 bytes to compute the GUIDās. Iām updating my etkey generator to write 8-bit wide random values for the whole 18-byte block. This should make the new GUIDās far harder to clone and much more unique.
If you need to update PB from any version to the latest version released for ET, download the file with the updaters for all OSās from one of my sites below and copy the pb folder contained in it over the pb folder in the gameās installation directory. The updates and the PB services installation will happen automatically the first time you connect to a PB enabled server:
I can build a New ET Execuatable with a built in ETKey Generator
http://www.2shared.com/file/zUoPCq3g/ETGold273.html
Here is ETGold273 with one already built in, not sure how stable, but works fine for me
It uses Md5.c
Dunno, never tried it, i does not work with nq129, as it checks the ET Executable size
Here is the changeLog
ET Gold 2.71
Improved the Rendering Engine
Faster PK3 Loading
Added Mouse Acceleration ( Enable with cl_mouseAccel )
Fixed Sound Looping
Added HD Resolutions ( r_mode "11" = 720HD , r_mode "12" = 1080HD)
also added cvar "listmodes" to view the list of r_modes
Increase Default com_hunkmegs to 96MB
Small Fix with Alpha Textures
Changed r_customwidth and r_customheight to "r_width" and "r_height"
Added a New cvar called "which" Command from ioquake3
Removed GL_Extensions and Pk3 Loading Spam from the Console, the Console should be easier to navigate
Removed old quake3 BOT Cvars from the Console
Fixed a Bug with skyboxes with ATI Cards
Increased the Limit of cl_maxpackets to "125"
ET Gold 2.72
Unlocked BSP Versioning, Quake 3 Maps will work with ET
Fixed "Power of 2 Scaled" Bug, Images no longer need to be power of 2
Cap the maximum snaps a client can request at the server framerate
If Server is "sv_fps 20" then clients can only send "20" snaps at the time.(ioquake3)
compensated sv_fps for timescale value.
Fix flashing connect screen
Fix Remotely exploitable Infostring Crash (Luigi Auriemma)
Fix hanging client when map_restart executed on the server while client is still loading the map (ioquake)
Fix commands sent to client when disconnected (ioquake)
Fix a bug with command/cvar autocompletion
ET Gold 2.73
Improvements to the Console
Code Alignments
Fix to an obo bug in the console history recall code
Fix to (static!) buffer overflow in renderer (from Thilo Schulz)
Fix the Mouse Getting Stuck in ET when Minimizing or using the Task Manager
Fix The engine does not truncate oversize servercommands. trap_SendServerCommand() to a client of over 1022 bytes will crash the client.
Fix typo in the engine RTCW and W:ET engine source at \win32\qgl.c
Fix wwwdl overflow exploit
Fix confusion of cgame and renderer entity array bounds (Tr3B)
Optimise VectorNormalize functions
[QUOTE=Gir;381085]I can build a New ET Execuatable with a built in ETKey Generator
http://www.2shared.com/file/zUoPCq3g/ETGold273.html
Here is ETGold273 with one already built in, not sure how stable, but works fine for me
It uses Md5.c[/QUOTE]
First Thanks to all for all initiatives
Yeah nice idea But does you speak about to keep GUID/etkey PunkBuster compatible ?
Because if I am not wrong it exist already something proprietary regarding ET-Goldā¦
http://www.splashdamage.com/forums/showthread.php/24891-ETGold-2.71
*The more simple is the best for players, because NOT all players are pro in computing !
Atm, there is no proper way how to get new etkey. You can make your own etkey in your own way (its just text file) because there is nobody who would verify that new etkey. But this is not proper way how to get etkey. It would be complete mess if everyone start to making his own etkey as he wants. Lets hope, this is just time limited situation.
I believe PB etkey authorization server could be replaced by few (no more than few!) trusted community servers.
(EDIT: I mean I believe there is way how to do it technically)
I made a little pk3 which informs new player about the (temporary) PB Key issue:
It`s not very nice, but IMO useful
