FUNDAMENTALS OF GAME DESIGN, SECOND EDITION
USE A SECURE TELECOMMUNICATIONS PROTOCOL
It takes an extremely dedicated hacker to tamper with the data stream between the client software and the server, but it takes only one. If the stakes are high enough, someone will decide the reward is worth the time spent. To foil hackers, your software must use a secure telecommunications protocol. Designing such a thing is a programming problem and is beyond the scope of this book, but if you're designing an online game, you should be sure that the telecommunications protocol you use provides the following features.
■ First, all data should be encrypted to prevent users from understanding it outright. Each packet of data should be sent with suitable error-checking and error - correcting facilities, which will enable the software to detect whether the data has lost integrity in transmission. Even though Internet communications are far more reliable than the old modem-based systems were, it's always a good idea to verify that the arriving data is correct.
■ Second, you might want to consider a heartbeat mechanism. In this system, your client software sends a short packet to your server at regular intervals, even when the client doesn't need to transmit data, simply to tell the server that the client is still present. This enables you to detect disconnections. If the nature of the game allows the client to remain silent indefinitely, the server doesn't know if the client has disconnected or if the player is just thinking.
■ Each packet should include a unique serial number, to indicate the correct order of packets and to prevent spurious packets from being inserted by unauthorized means.
