PD vs Hackers "Notice of Account Ban Measures"

  • Thread starter p3bucky
  • 470 comments
  • 26,728 views
It won't easily and quickly answer your questions, no. Certainly his "yes this is possible", "no that's not possible" answers are illuminating in themselves, but in order to understand "Why can't PD just check blah?" it seems to me you'd have to know a lot about what PD currently does check and how they check (not going to happen in here, if at all, ever) and a lot about how these guys are circumventing the checks, and what they have left to discover (also not happening in here).

Also just trying to make it clear to those who may not know our policy.
 
No, they wouldn't be within their rights to do that. Are they are public prosecutors now? And what law has been broken?

I never said that PD are public prosecutors, nor did I infer that.
In fact I commended PD for being firm but fair.

I stand by my comment "PD would be well within their legal rights to prosecute offenders, but they have not....."

Before you wrongfully decide that no law is broken, read the terms and conditions;
It is black and white and quite simply put, that if you illicitly modify the software, or intentionally and knowingly use this modified software, then you are contravening the terms and conditions.

Terms and conditions are a legal document/statement by a company for their products and services.
Contravene the Terms and conditions and you are committing an illegal act.

It is simple contract law.
 
There was plenty of hybriding in GT5, I'm sure if they did a little planning they could have used...
PDI did do a lot, I don't know why people keep saying they did not do anything. Everything is encrypted, even while running in memory, until the moment it is needed. Other games go nowhere near that length to prevent hacking.

According to the hybriders themselves, the current method doesn't work at all. They just do a copy and paste of another PSN ID and they are back in business.
That's fine for those that don't have any friends. Pain in the ass for those that do. If they don't take the warning seriously and keep to themselves I expect further action will be taken and that will unfortunately just hurt legit users.

OdeFinn below seems to think this would be a piece of cake. What do you think? Are we talking 30 seconds to get onto the track or adding a few milliseconds or what?
I think we are beating a dead horse with a speculation stick.

Imagine PD releases this....
I cut most of that for space reasons. In short I think you are implying it is just trial and error, some is but most is not.

Am I interpreting this correctly by saying that if I host a lobby and set a PP limit of say 500, combined with an HP limit of 600, you can still get around that with a hybrid? In other words you could get a 650HP car with 550PP into that lobby?
Yes.

I'll explain the basic concept but to implement it requires things I will not explain. I think it should be safe to say it here.
A basic understanding of how multiplayer games work is needed. Most of us have played in lobbies where there is someone lagging so their car looks like it is jumping all over the place, or been bumped into by someone that claims they didn't, or bumped into someone and they say no one bumped into them. This is because we send out data to the server that lets it know our X,Y,Z position, heading, pitch, bank, euclidean vector, and a bunch of other stuff. In return the server sends back all the same data for the other players so our copy of the game can place them in position. The game as client interpolates the movement of the other cars until the next packet of data comes in. It then corrects the other players positions and repeats the process. The rate that this occurs at is determined by the race quality you select when creating a lobby and the ping time of the players. Because of this what you see in the game is not 100% accurate to what others see happening. This is how all real time multiplayer games work (all that I am aware of).
So what does that have to do with getting 650hp car into a 600hp limited lobby? Simple (but not so simple to implement) send false info about the car you are using for the spec check (600hp) but actually drive the 650hp car. The position updates are sent from the higher HP car.
This has been done as a proof of concept type test but beyond that it is not in use. It also has no use other that ruining someone's lobby so the technique will not be revisited.
 
Terms and conditions are a legal document/statement by a company for their products and services.
Contravene the Terms and conditions and you are committing an illegal act.

A ToS is a legal document only in the sense that it is legal to make one, not that the contents are law. Contravene of the ToS is only an illegal act in the same way a move in chess that violates the rules is illegal, neither can be prosecuted in a court of law. Violation of a ToS can only result in the discontinuance of that service. A company may not discontinue service except as described in the ToS (usually a set amount of time notice must be given)

PD exercised their right to discontinue service by banning accounts from using their servers.
 
A ToS is a legal document only in the sense that it is legal to make one, not that the contents are law. Contravene of the ToS is only an illegal act in the same way a move in chess that violates the rules is illegal, neither can be prosecuted in a court of law. Violation of a ToS can only result in the discontinuance of that service. A company may not discontinue service except as described in the ToS (usually a set amount of time notice must be given)

PD exercised their right to discontinue service by banning accounts from using their servers.

You may be correct about the Tos, but not the EULA. The EULA is a legally binding contract you agreed to when you purchased a license to use the software (GT6). No, you did not buy the software, you bought a license to use it in accordance with the EULA. I can guarantee you that the standard legal boilerplate about not modifying the code in any way, shape or form is in the EULA. If you modify the code, you have broken the law...period. You may want to brush up on your I.P. law.
 
You may be correct about the Tos, but not the EULA. The EULA is a legally binding contract you agreed to when you purchased a license to use the software (GT6). No, you did not buy the software, you bought a license to use it in accordance with the EULA. I can guarantee you that the standard legal boilerplate about not modifying the code in any way, shape or form is in the EULA. If you modify the code, you have broken the law...period. You may want to brush up on your I.P. law.

Do you know what a Red Herring is? You should as you just did a test book example of one. But for ***** and giggles I'll bite.

Where I live corporations are not allowed to make law, only my government is. The software industry here receives protection from unfair copying in the form that an opened software package is non-refundable, this same action invalidates all EULA that are not agreed upon before a product reaches a non-refundable state. Yes there are some software packages here that the agreement is made before the package is made non-refundable.
As far as modifying code goes, I am free to do so. In the case of GT6 any modification I make to enhance its use falls under fair use as long as I do not resell the modified version. I can even legally remove DMR if it inhibits my right to a backup copy.
This is probably why Sony lists the United States as separate from countries in North, Central and South America to avoid the laws that protect the people from corporations in those countries.
In the case of Sony's EULA you are required to give up your legal rights to take civil action against Sony for any of their products not just the one connected to the EULA. This is a gross misuse of the law making you are claiming corporations have in your country.
As far as I.P. law goes, none of this has anything to do with protecting IP. Are you just pulling words out of a hat or is that the next red herring?

As for software licensing goes, I think you have some misunderstanding there as well, but this is getting way off topic. Adding the your use of red herrings as a diversionary tactic in your discussion style who knows what we will be discussing next. Let's try to stay on topic or make a new one to discuss this in.
 
Wow, looks like they are starting to crack down on the modders/hackers. Sorry to hear that guys, but I guess you knew the risk and were willing to take the chance, uh? You live on the edge, sooner or later it always catches up to you.

Btw, no log-in problems here either...U.S. region, Eastern time zone.
The most smug thing I have EVER read :lol:
 
The most smug thing I have EVER read :lol:

No smug intentions, just speaking what was on my mind. 👍 I mean, I hacked cars in GT5 and knew the risk so I was taking the chance myself. If I would have gotten banned, I would not have been too upset because I knew the risk and consequences before I did it. That's all I was trying to say here. 👍
 
Do you know what a Red Herring is? You should as you just did a test book example of one. But for ***** and giggles I'll bite.

Where I live corporations are not allowed to make law, only my government is. The software industry here receives protection from unfair copying in the form that an opened software package is non-refundable, this same action invalidates all EULA that are not agreed upon before a product reaches a non-refundable state. Yes there are some software packages here that the agreement is made before the package is made non-refundable.
As far as modifying code goes, I am free to do so. In the case of GT6 any modification I make to enhance its use falls under fair use as long as I do not resell the modified version. I can even legally remove DMR if it inhibits my right to a backup copy.
This is probably why Sony lists the United States as separate from countries in North, Central and South America to avoid the laws that protect the people from corporations in those countries.
In the case of Sony's EULA you are required to give up your legal rights to take civil action against Sony for any of their products not just the one connected to the EULA. This is a gross misuse of the law making you are claiming corporations have in your country.
As far as I.P. law goes, none of this has anything to do with protecting IP. Are you just pulling words out of a hat or is that the next red herring?

As for software licensing goes, I think you have some misunderstanding there as well, but this is getting way off topic. Adding the your use of red herrings as a diversionary tactic in your discussion style who knows what we will be discussing next. Let's try to stay on topic or make a new one to discuss this in.

Ok, my 30+ years in the industry, numerous degrees and certifications and I have a mis-understanding of it. I went through all this 🤬 when this started in GT5 and won't go through it again. You are free to believe whatever it is you want to believe.
 
Ok, my 30+ years in the industry, numerous degrees and certifications and I have a mis-understanding of it. I went through all this 🤬 when this started in GT5 and won't go through it again. You are free to believe whatever it is you want to believe.

LOL, now we are discussing credentials. The Red Herring strikes again!
I'm sorry but your previous statements do not even come close to your implied credentials. No one with those credentials would ever claim corporations can make international law at will.
Since your arguments have degraded to this I will respect your wishes and not drag you through it again. I apologise if I caused you any embarrassment, I only wished to correct misleading statements.
 
Ok, my 30+ years in the industry, numerous degrees and certifications and I have a mis-understanding of it. I went through all this 🤬 when this started in GT5 and won't go through it again. You are free to believe whatever it is you want to believe.
Keep in mind that you're dealing with individuals from all over the world here. IP laws are not the same everywhere; especially in Europe a EULA has very limited value.
 
Not worth debating/arguing with him. Don't drop to his level.

Drop to his level...are you kidding me? :rolleyes: Have you done any research on this guy at all? He has more knowledge about what he speaks about than probably most people here. This guy has done nothing but try to educate the community here and has done so in a most professional and respectful way. There is no sinking to his level as he seems to be head and shoulders above most people here regarding what he is talking about.
 
Drop to his level...are you kidding me? :rolleyes: Have you done any research on this guy at all? He has more knowledge about what he speaks about than probably most people here. This guy has done nothing but try to educate the community here and has done so in a most professional and respectful way. There is no sinking to his level as he seems to be head and shoulders above most people here regarding what he is talking about.
Just because he's the one who's allowed those tools to be available online doesn't justify anything...
 
Just because he's the one who's allowed those tools to be available online doesn't justify anything...

You obviously haven't done any research on him then if that is all you can come up with. That is not the reason at all as to why I said what I did. Go and do your research and come back when you have a better understanding as to what the guy is about. I'll know if you've done proper research because I already have. You have no reason at all to insult the guy just because you may not like what he says.
 
I'll explain the basic concept but to implement it requires things I will not explain. I think it should be safe to say it here.
A basic understanding of how multiplayer games work is needed. Most of us have played in lobbies where there is someone lagging so their car looks like it is jumping all over the place, or been bumped into by someone that claims they didn't, or bumped into someone and they say no one bumped into them. This is because we send out data to the server that lets it know our X,Y,Z position, heading, pitch, bank, euclidean vector, and a bunch of other stuff. In return the server sends back all the same data for the other players so our copy of the game can place them in position. The game as client interpolates the movement of the other cars until the next packet of data comes in. It then corrects the other players positions and repeats the process. The rate that this occurs at is determined by the race quality you select when creating a lobby and the ping time of the players. Because of this what you see in the game is not 100% accurate to what others see happening. This is how all real time multiplayer games work (all that I am aware of).
So what does that have to do with getting 650hp car into a 600hp limited lobby? Simple (but not so simple to implement) send false info about the car you are using for the spec check (600hp) but actually drive the 650hp car. The position updates are sent from the higher HP car.
This has been done as a proof of concept type test but beyond that it is not in use. It also has no use other that ruining someone's lobby so the technique will not be revisited.


That would be the most basic and lazy security. What they need to do is to implement hash checks. It would require PD to produce a hash for all combinations of legal parts for all cars, but once this is done it should be simple from there. When a user enters the track just compute their car hash against the hash table, its the hash is not found then the car is illegal. The hash computation would be done in real time using the real car data, no way to fake that and you could compare hashes with all other players so you can't fake the hash table either.

There does not seem to be any checking of the car data in a game save currently, the game just seems to trust it. That is ripe for exploitation.
 
This hybriding and stance stuff sounds awesome.

I haven't fired up GT6 for weeks, but browsing through this thread makes me want to get into it again.

The way I see it, mod-ers and hybrid-ers put a lot of work into what they do, and they don't do it for money, but it makes the game a lot more interesting.

Can't they keep a section of online lobbies where anything goes? just to allow mod-ers to do their thing in their own area without letting people try to cheat in serious races?

Could someone steer me in the direction where I'd be most likely to see some freak mods and crazy stance cars?
 
LOL, now we are discussing credentials. The Red Herring strikes again!
I'm sorry but your previous statements do not even come close to your implied credentials. No one with those credentials would ever claim corporations can make international law at will.
Since your arguments have degraded to this I will respect your wishes and not drag you through it again. I apologise if I caused you any embarrassment, I only wished to correct misleading statements.

Law should not be confused with contract. The company does not write any laws, they write a contract: The Terms of Service. If you accept them you are legally bound by them and if you breach them it gives the other party the right to cancel the contract or sue for damages. <- Those rights are protected by law.

In theory, it could be argued that modding an online game impacts on the gameplay and as such causes damage to the product. Then it's up to the court to rule wether or not they agree on that.

Additionally, there are IP laws that says what you can and cannot do with other people's intellectual property. If you mod a game simply for your own use, then it's usually not a violation of IP law, but as soon as money becomes involved (wether you directly sell your mods or if you indirectly earn money from advertisment on the website where you publish your hacks, or if your hacks causes the IP owner to lose incomes in one way or another) it's a different case.
 
This hybriding and stance stuff sounds awesome.

I haven't fired up GT6 for weeks, but browsing through this thread makes me want to get into it again.

The way I see it, mod-ers and hybrid-ers put a lot of work into what they do, and they don't do it for money, but it makes the game a lot more interesting.

Can't they keep a section of online lobbies where anything goes? just to allow mod-ers to do their thing in their own area without letting people try to cheat in serious races?

Could someone steer me in the direction where I'd be most likely to see some freak mods and crazy stance cars?
You want PD/Sony to have an anything goes open lobby? Really? Sure great idea. As long as they allow modding to cars,people will cheat.
 
You want PD/Sony to have an anything goes open lobby? Really?
Sure, like almost EVERY game on the PC that is on the market today: you can join servers with anti-cheat measures (e.g. PunkBuster or other) enabled, which ensures no cheaters are in there (note: cheaters usually get kicked, NOT banned from these servers unless they are really messing with the anti-cheat measures themselves, which will result in a global ban). Alternatively, you can join servers that don't have them enabled, which means it's either private (play with friends the way you like) or it's a public cheat-fest.

But of course, PD is completely oblivious to the outside world, and decides to implement a crappy method themselves, which doesn't even work. :lol: Again, a problem that was solved quite adequately in the real world more than a decade (!) ago, is a huge problem for PD somehow...
 
Sure, like almost EVERY game on the PC that is on the market today: you can join servers with anti-cheat measures (e.g. PunkBuster or other) enabled, which ensures no cheaters are in there (note: cheaters usually get kicked, NOT banned from these servers unless they are really messing with the anti-cheat measures themselves, which will result in a global ban). Alternatively, you can join servers that don't have them enabled, which means it's either private (play with friends the way you like) or it's a public cheat-fest.

But of course, PD is completely oblivious to the outside world, and decides to implement a crappy method themselves, which doesn't even work. :lol: Again, a problem that was solved quite adequately in the real world more than a decade (!) ago, is a huge problem for PD somehow...
Thanks, you did say PC correct! Do you actually think PD/Sony want's to condone cheating/hacking/hybridding?
 
Sure, like almost EVERY game on the PC that is on the market today: you can join servers with anti-cheat measures (e.g. PunkBuster or other) enabled, which ensures no cheaters are in there (note: cheaters usually get kicked, NOT banned from these servers unless they are really messing with the anti-cheat measures themselves, which will result in a global ban). Alternatively, you can join servers that don't have them enabled, which means it's either private (play with friends the way you like) or it's a public cheat-fest.

But of course, PD is completely oblivious to the outside world, and decides to implement a crappy method themselves, which doesn't even work. :lol: Again, a problem that was solved quite adequately in the real world more than a decade (!) ago, is a huge problem for PD somehow...

I suspect this is more the influence of the "walled garden" school of hardware / software ecosystem development. Think Apple, Microsoft, Sony etc. I happen to believe these "bans" are done merely for PR; they did the actual hard work in preventing it before the game released, and it bought them next-to-no time (as would be expected). I think the issue is that there is a massive image-projection problem when it comes to "legitimising" cheating in any way.

I'm with you, though, it should be segregated similarly to how you describe. Whether people in charge of "global branding", or whatever (showing my ignorance here), would agree is another matter.
 
I think all of this banning hackers is a bit too far yeah if there getting impossible lap times that no one can beat then yeah ban them but if there just racing in hybrids then have a lobby for hackers only I don't blame people for mixing things like suspension and engines it gives you more option why PD couldn't put stuff like engine and drivetrain changes I don't know???
 
Law should not be confused with contract. The company does not write any laws, they write a contract: The Terms of Service. If you accept them you are legally bound by them and if you breach them it gives the other party the right to cancel the contract or sue for damages. <- Those rights are protected by law.

In theory, it could be argued that modding an online game impacts on the gameplay and as such causes damage to the product. Then it's up to the court to rule wether or not they agree on that.

Additionally, there are IP laws that says what you can and cannot do with other people's intellectual property. If you mod a game simply for your own use, then it's usually not a violation of IP law, but as soon as money becomes involved (wether you directly sell your mods or if you indirectly earn money from advertisment on the website where you publish your hacks, or if your hacks causes the IP owner to lose incomes in one way or another) it's a different case.

Thank you for agreeing with me.

I think you meant to reply to MustangManiac as he was the one stating the opposite. But please respect his wishes of not discussing it further.

That would be the most basic and lazy security. What they need to do is to implement hash checks. It would require PD to produce a hash for all combinations of legal parts for all cars, but once this is done it should be simple from there. When a user enters the track just compute their car hash against the hash table, its the hash is not found then the car is illegal. The hash computation would be done in real time using the real car data, no way to fake that and you could compare hashes with all other players so you can't fake the hash table either.

There does not seem to be any checking of the car data in a game save currently, the game just seems to trust it. That is ripe for exploitation.

I think you missed something about what was being discussed in the piece you quoted. It was about how would it be possible to put a car with 550 pp into a lobby with a 500 pp limit. The short answer is I would tell the server I am driving a stock Fiat 500 and tell the client I am driving a X1. The other players see the Fiat that passed the server test, but it would move like an X1 due to the client/server relation. This has been tested but is not something I would support in any way.
By not giving some trust to the client you would have to tell the server how much you pressed the accelerator, have the server calculate the change in acceleration, send it back to you and let the client respond to that. The lag would make the game completely unplayable even with the best of connections.

As for a hash check, I explained things before but did not give an example why this would not work.
There are somewhere between 500 and 1000 variables that make up the complete car data. Lets just look at the gear ratios and ignore the rest for now. Gear ratios are stored as a 16 bit value representing a floating point number. Since we are excluding all other variable data lets say that gears can be any value this data can represent. Fair trade off? There are 13 gears stored in the data. Reverse, 1 -10, and 2 final gear ratios. We can only use gears 1-8 for now so 9 and 10 are always 0.00 but the split final is active although it is not used. That takes us to 11 ratios. That is 176 bits of data just for the gear data with every combination being valid. This times the number of cars in the game is 1339*2^(176-1) possible hash codes or enough variance to use every 64 bit hash code 6,952,485,493,578,134,194,602,334,584,825,708,544 times over. That is a very high probability that every single 64 bit hash code would be valid. You could use a bigger hash code but keep in mind, this is the gear ratios only, and to store every combination of a 64 bit hash code (you would have much more with a bigger code) would take 8,388,608 TeraBytes of data space. For each bit of of hash code length you add you must square that value. Imagine searching through that much data! (I know it would be sorted)
This is why hash codes or checksums (same thing in this case) simply are not a solution because every hash code of usable length would be valid.

And there is checking of the game data, stop saying that! The reasons hybrids work is by exploiting what they don't check, as for why they don't check everything, read above and some of my past posts.
 
Last edited by a moderator:
Sure, like almost EVERY game on the PC that is on the market today: you can join servers with anti-cheat measures (e.g. PunkBuster or other) enabled, which ensures no cheaters are in there (note: cheaters usually get kicked, NOT banned from these servers unless they are really messing with the anti-cheat measures themselves, which will result in a global ban). Alternatively, you can join servers that don't have them enabled, which means it's either private (play with friends the way you like) or it's a public cheat-fest.

But of course, PD is completely oblivious to the outside world, and decides to implement a crappy method themselves, which doesn't even work. :lol: Again, a problem that was solved quite adequately in the real world more than a decade (!) ago, is a huge problem for PD somehow...
I know Call of Duty and Grand Theft Auto lobbies are certainly completely free of cheaters all the time.

*hunts for sarcasm smiley*

All public lobbies on pretty much any console game are cheatfests. It's not exactly an issue limited to PD.
 
Thank you for agreeing with me.

I think you meant to reply to MustangManiac as he was the one stating the opposite. But please respect his wishes of not discussing it further.

I was replying to you.

Violating the terms of service is a breach of contract, if they feel that you've caused them damage by doing so they have every right to sue you for it. It's not as if you can do whatever you like and the worst thing they can do is ban your account. A contract in itself is not law, but it's protected by law.

It's like cheating in chess - if you had signed a contract where it said that you wouldn't be cheating.

But that only cover the contract part. IP laws is an additional layer and depending on what kind of modding and hacking you do it might very well come into play, especially since it's an online game and unauthorized changes that you make to your copy of the game (or to your gamesave) may impact the game as a whole, causing damage to the owner of the property. I mean, is there such thing as personal use when your personal use have consequences for other people?
 
I can guarantee you that the standard legal boilerplate about not modifying the code in any way, shape or form is in the EULA. If you modify the code, you have broken the law...period. You may want to brush up on your I.P. law.
I could be wrong but I would think that what is being modified is the data file, namely the save game data and that the actual code is not modified in any way shape nor form so that would seem like a moot point to me.

I would agree though that if you modified the code it could be an issue, likely would only result in legal action if you the distributed the modified code. Modified code would also be extremely easy to detect and prevent online usage of. A simple checksum would do it.

btw I am in no way taking the side of hackers or those who use hacks online, they surely should be blocked from access to online lobbies.
 
Last edited:
All public lobbies on pretty much any console game are cheatfests. It's not exactly an issue limited to PD.
True, which, again, baffles me, especially because the games you mention have anti-cheat protection on the PC, but not (or limited) on the consoles. :confused:
 
So what measures to prevent hybriding did they incorporate into GT6. Source please.

How much revenue should they put into it? GT6 conservatively estimated sales would be north of $250 Million how much would you spend to protect that?

And it did take 4.5 months and here's why. The game was launched December 6, and it was known on day 1 the game would be hacked. If I were running the show, I'd have hired in the fall, a couple of well known hackers and said, "here's GT6, go nuts, tell us what you can do and show us how to prevent it".

And I'll ask this question again because I've never received an answer from anyone. Why can't it be built into the system that if you go online a "Spec Check" is done to determine if your car is within normal parameters before you enter the track? Why can't they do the same thing for TT's? Seems to me when I enter a Tuning Prohibited lobby I get an instantaneous spec check and it works every time. If I try to enter a TT with the wrong car, be it a single car TT or group of cars, I can't get in. If one parameter is changed I can't get onto the track.

Why can't this be built into the game permanently?
I think your giving the game to much credit. Tuning prohibited rooms probably just check to see if any tuning options have been used. (sport computer, checked or unchecked) As long as there are no check marks, the car gets in. I like your idea better. The minimum and maximum PP,hp,Torque and weight could be checked and if the car falls outside of those parameters it's kept out of use in that lobby.
 
I know Call of Duty and Grand Theft Auto lobbies are certainly completely free of cheaters all the time.

*hunts for sarcasm smiley*

All public lobbies on pretty much any console game are cheatfests. It's not exactly an issue limited to PD.

COD ghosts was already hacked before it's release date :P
 
Back