Law should not be confused with contract. The company does not write any laws, they write a contract: The Terms of Service. If you accept them you are legally bound by them and if you breach them it gives the other party the right to cancel the contract or sue for damages. <- Those rights are protected by law.
In theory, it could be argued that modding an online game impacts on the gameplay and as such causes damage to the product. Then it's up to the court to rule wether or not they agree on that.
Additionally, there are IP laws that says what you can and cannot do with other people's intellectual property. If you mod a game simply for your own use, then it's usually not a violation of IP law, but as soon as money becomes involved (wether you directly sell your mods or if you indirectly earn money from advertisment on the website where you publish your hacks, or if your hacks causes the IP owner to lose incomes in one way or another) it's a different case.
Thank you for agreeing with me.
I think you meant to reply to MustangManiac as he was the one stating the opposite. But please respect his wishes of not discussing it further.
That would be the most basic and lazy security. What they need to do is to implement hash checks. It would require PD to produce a hash for all combinations of legal parts for all cars, but once this is done it should be simple from there. When a user enters the track just compute their car hash against the hash table, its the hash is not found then the car is illegal. The hash computation would be done in real time using the real car data, no way to fake that and you could compare hashes with all other players so you can't fake the hash table either.
There does not seem to be any checking of the car data in a game save currently, the game just seems to trust it. That is ripe for exploitation.
I think you missed something about what was being discussed in the piece you quoted. It was about how would it be possible to put a car with 550 pp into a lobby with a 500 pp limit. The short answer is I would tell the server I am driving a stock Fiat 500 and tell the client I am driving a X1. The other players see the Fiat that passed the server test, but it would move like an X1 due to the client/server relation. This has been tested but is not something I would support in any way.
By not giving some trust to the client you would have to tell the server how much you pressed the accelerator, have the server calculate the change in acceleration, send it back to you and let the client respond to that. The lag would make the game completely unplayable even with the best of connections.
As for a hash check, I explained things before but did not give an example why this would not work.
There are somewhere between 500 and 1000 variables that make up the complete car data. Lets just look at the gear ratios and ignore the rest for now. Gear ratios are stored as a 16 bit value representing a floating point number. Since we are excluding all other variable data lets say that gears can be any value this data can represent. Fair trade off? There are 13 gears stored in the data. Reverse, 1 -10, and 2 final gear ratios. We can only use gears 1-8 for now so 9 and 10 are always 0.00 but the split final is active although it is not used. That takes us to 11 ratios. That is 176 bits of data just for the gear data with every combination being valid. This times the number of cars in the game is 1339*2^(176-1) possible hash codes or enough variance to use every 64 bit hash code 6,952,485,493,578,134,194,602,334,584,825,708,544 times over. That is a very high probability that every single 64 bit hash code would be valid. You could use a bigger hash code but keep in mind, this is the gear ratios only, and to store every combination of a 64 bit hash code (you would have much more with a bigger code) would take 8,388,608 TeraBytes of data space. For each bit of of hash code length you add you must square that value. Imagine searching through that much data! (I know it would be sorted)
This is why hash codes or checksums (same thing in this case) simply are not a solution because every hash code of usable length would be valid.
And there is checking of the game data, stop saying that! The reasons hybrids work is by exploiting what they don't check, as for why they don't check everything, read above and some of my past posts.