Exploiting Online Games: Cheating Massively Distributed Systems 1st Edition

Read this book and enjoyed every minute,It is technical but also full of details for anyone who is not technical.

Eager to try out the Kindle application for the iPhone--as well as recently kicking a World of Warcraft addiction--I thought this would be a fun read. While the substance of the book itself is worthy of a separate review, I'd like to focus on the Kindle experience of this text.The text features numerous sidebars: gray-background side topics tangentially related to the main text. However, on the Kindle for iPhone, the majority of these sidebars are truncated.That is, their ends are chopped off.For such an expensive ebook, I'd expect to get the complete text. Not so here.

Online games are, as the term implies, video games played over the Internet. Many of them have associated online communities that reach well beyond the closed world of traditional single-player home games. The most popular, World of Warcraft, boasts more than 10 million players worldwide.While the world of online gaming is built to entertain, its creators and players fight the same IT threats as business-oriented networks. Today's 12-year old who is hacking World of Warcraft simply to cheat at the game could, in a couple years, be targeting corporate networks to more nefarious ends.While the game attackers' goals are different, this book demonstrates the lengths to which they are willing to go to access a system. Those tactics are likely forerunners of software and network security challenges to come in other online arenas.In Exploiting Online Games: Cheating Massively Distributed Systems, authors Greg Hoglund and Gary McGraw offer a look at those threats. The book's 10 chapters provide a comprehensive overview of everything from game hacking 101 to reverse engineering.The authors explain in depth why and how online games are a harbinger of software security issues to come, and manifest some that already exist. They describe how gamers have created billion-dollar virual econ-omies, how to build a bot to play a game for you, why players cheat, and even how game companies invade players' personal privacy.Most important, the authors describe how game creators overcome a security issue only to have it defeated by the hackers. Sound familiar? This never ending "Spy vs. Spy" scenario is obviously frustrating to the game creators and underscores the critical importance of building effective application security into the fabric of the game.Both Hoglund and McGraw have written extensively on the importance of software security. The sooner you and your software developers read their most recent book, the better off your software infrastructure will be. Your software is critical to your organization; protect it as well as the gamers do.

This book is a peek into the future and an amazing recruiting tool all rolled into one.If you already understand the kinds of security problems today's software creates, then the book gives a view into the kinds of security problems tomorrow's software is going to create. Here's a hint: Time and State. Massive distributed systems can fail in the same ways that centralized systems can fail, but they're also likely to run trouble as they try to coordinate critical data between nodes. There is a lot of money flowing through modern games, and so any sort of defect fuels the fight between the game companies and people who seek to profit from them.But if you just think games are cool and want to know more about what your options are for getting ahead, or if you're trying to figure out why your arch-nemesis from the next dorm building seems to have such good aim with his Crossbow of Ultimate Peril, this book has all sorts of tricks, hacks, code examples, and step-by-step information on how to get inside the mother of all massive multiplayer online games: World of Warcraft (WoW).When I was in college, there was a whole subculture of people who learned to program so that they could extend and improve Multi-User Dungeons (MUDs), an early forerunner of WoW. This book is going to be the gateway to programming for the WoW generation. And, if everything goes as I'm sure Hoglund and McGraw have planned, those kids won't even know its possible to program without thinking about security.

As someone who doesn't play online games, I approached this book with more curiosity than a practical need. It's an worthwhile read, although having a background with game terminology would certainly have made it easier to understand. Technical readers will want to skip straight to chapter 5 and read the second half of the book, which includes many detailed explanations of how to manipulate games to your advantage.The focus of the book is on manipulating the client side of the game, with relatively little on server vulnerabilities. There's also not very much guidance to game designers on how to avoid the problems covered in the book.I was pleased that the book covers not only the security issues, but also related topics such as privacy, and the ethical issues for both providers of online games and the hackers who play and subvert the games.Many of the lessons are applicable to any distributed system with thick clients, including not only game software but also business systems. As such, it's worthwhile reading for developers of nearly any distributed system, as it will give a reasonably accurate picture of the lengths that attackers are willing to go to in compromising a distributed system, and the abilities they have to manipulate software without designs or source code.