Yeah, something definitely changed between when I made my DM <-> Python system years back. I'm guessing we figured out the back and forth needed to make it work at some point and I just blew the details off in the meantime.

A few curious things I found though:

Recompiling the old dmb that worked, made it stop working. The back and forth has been changed since I created it, the reply sent from the Python script is no longer valid to move the process forward.

The process WAS: BYOND sends the packet to the remote server, the remote replies with its own packet that validates and tells the BYOND world it's acceptable, the socket is established and held. If the reply packet doesn't come in a timely manner or it's invalid, the socket is dropped.

I'm guessing at some point between then and now the reply packet needed to validate was changed or the overall process changed.

After a long chat with SP we came to the conclusion that it's probably best not to have the ability to disable the security between BYOND worlds, as it's there for a reason, but to expand on Export().

As it is now, Export() can take byond:// or http:// protocols, which dictate how Export() validates the remote server, http:// is obviously not secured and one-off.

What I suggested to SP to expand on their Feature Request with is a new protocol, that will dictate a new type of connection, it would be unsecure like http:// but allow for persistence like byond://.



Or something along those lines, I'm horrible at naming things.

Since the code already exists on BYOND's end for checking the protocol and differing functionality based on it, this would be the ideal route.

It would require world/Topic() be able to tell whether the incoming packet was from a BYOND world or not, as it stands the Addr argument doesn't include the protocol (never had a reason to), it could either be expanded to include that, or include something unique for non-BYOND packets, or add a new argument to Topic() outright that'd be true for non-BYOND packets.

Seems like that would be the route to take, it would be the easiest for Lummox to deal with, keep compatibility with old code, and provide the developers pure socket connections where they'd be responsible for security.

I should note, that tobba has already cracked the encryption byond uses, (at least, for client <-> server) and i remember them saying it wasn't hard.

Indeed. Its to noones real benefit if something so potentially important is released, BYOND isn't the most secure of platforms and this is one of the few things protecting it (security through obscurity isn't great but when you're a one man team its about all you can afford.)

Yeah, because forcing Lummox to focus on security in a panic that you're going to release things is really an upstanding thing to do.

At the same time you want work done on the engine features, that's a good way to not get that done ever.

It's not really relying on it being secret, it's relying on not having to worry about it urgently. Making the issues known is one thing, forcing Lummox to do something about it is just being an ass.

It's either spend a ton of time worrying about something that could potentially be an issue in the future, or spending that time developing the engine and worrying about the issue when it's not going to eat into time spent on other things. Lummox does have a list, forcing things to the top only forces other things to the bottom.

You're the only person here that's threatening to do any harm.

A new protocol like unsecured:// (maybe a shorter name? I dunno) sounds like the best solution here. +1 from me.

while adding a unsecured version of Export is useful, This FR really shows the need for a proper socket system accessible to the dev

Especially if we could read data in a binary way, or do things like read as int or read as float.

Nadrew wrote:

I'll get you a test project together next week to demonstrate it, if you haven't figured it out by then.

https://www.youtube.com/watch?v=ypot3CYECwE