[TERA Console] Patch notes for the upcoming v85.01 Update are now available. Preview all of the changes coming on August 11 here: https://bit.ly/TERACon_v85
[TERA PC] Patch Notes are now available for TERA's 64-bit update (v97). Check out all the changes coming on August 11 here: https://bit.ly/tera64_patchnotes
[TERA PC & CONSOLE] One week left in Summerfest, Part 1: Festival of the Sun! Part 2: The Beach Bash kicks off August 11. Participate in Summerfest activities to earn tokens redeemable for costumes, consumables, mounts, and more! Details: https://bit.ly/tera_sf20

Security Patch Proposal for Fast Fire "Exploits"

A friend of mine that wants me to stop talking about the whole 3-rd party program thing about TERA asked me to post the following PGP signed message here, giving an informal security analysis of one "exploit" in TERA and how it could be fixed. They do not currently play TERA and currently does not have any interest in doing so.

You can find this gist also posted on their Github.

You can verify the integrity of this message by copying everything in the below code block into https://keybase.io/verify. If after clicking "Verify" it does not say "Signed by andesho91" with a link to my public PGP key hosted at https://keybase.io/andesho91, then the entire codeblock should be considered compromised as it will have been edited by some that is not the author of the message.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

To whom it may concern,

To the majority of the TERA community that I am addressing today, I am quite happy to accept that I will be seen as a nobody as I do not play TERA. I vaguely remember playing a character on Mount Tyrannas very briefly but that's about it. The reason I'm writing this to the TERA community is more to get one of my friends who plays off my back about recent "security" issues that the game has had, because they it won't shut up about it

Professionally, I work as a software programmer based in the UK, with the additional responsibilities as a Cryptography Researcher and an Information Security Researcher. Prior to my current employment, I completed two separate Masters Degrees in "Information Security" and "Mathematics of Cryptography and Communications" at Royal Holloway College, University of London, and a Bachelors in Mathematics at the University of Glasgow.

As I have been informed over the last year, there have been a variety of software that have been used by TERA players to "enhance", "equalise" and/or "improve" their gaming experience for whatever reason, with some of it unfortunately being malicious, causing 3 notable scandals in the process amongst the community.

As a clarification on wording before I begin, I will be using the word "Exploit" as it seems to be the term currently preferred by the publishers for the North America Regions of TERA, En Masse Entertainment, to refer to such software, though the term has negative connotations and others in the community refer to it in a positive manner.

I will be address one specific exploit here. If I come to understand the workings of other exploits, then I may provide further security analyses for them in the future.

====

What is the Exploit?: Usage of software to provide a "fast-fire" functionality to major DPS skills of the Archer, Gunner and Ninja Classes to simulate low ping environments.

- ----

Why is it being used?: The major DPS skills in question (Rapid Fire, Burning Heart and Burst Fire) are dependent on user input for each activation of the skill. where: "activation time of the skill" = "ping tax" + "skill animation time". As "skill animation time" is effectively constant, ping tax is the factor that influences how long these skills take to cast

    Comparing a player with 10ms and 110ms, which are both reasonable ping estimates to get for North American players to the North America TERA servers, if both players cast all 10 activations of Burning Heart at the same time, the 10ms ping player will finish their skill at least an entire second before the player with 110ms does. The other skills suffer from similar time differences.

    The incentive for the 110ms ping Burning Heart user to use the aforementioned exploit is that it removes the extra one second of ping tax it takes for them to cast all 10 activations of the skill when compared to the 10ms ping player.

- ----

Proposed Security Fix (Burning Heart): - One activation of this skill will now fire 5 animations of Burning Heart at the same speed at the same speed with 0 ping tax, irrespective of ping (similar to the Traverse Cut skill for Warriors).
    - One activation of this skill will now cost 500 Chi (similar to how Rampage costs the entire Rage meter of the Brawler).
    - The cooldown of this skill has been removed.

Proposed Security Fix (Rapid Fire): - One activation of the skill will now fire all 7 animations of Rapid Fire at the same speed with 0 ping tax, irrespective of ping (similar to the Traverse Cut skill for Warriors).
    - Each animation of the skill can be chained into Sequential Fire to prematurely end the skill if required (similar to how Blade Draw can be chained into from the second hit of Traverse Cut on Warriors to end the chain).
    - The first animation of the skill resets the cooldown of Sequential Fire.

Proposed Security Fix (Burst Fire): - One activation of the skill fire all the animations of the skill at the same speed with 0 ping tax, irrespective of ping (similar to the Traverse Cut skill for Warriors).
    - Each animation of the skill can be interrupted by any Gunner skill. If it is not possible to make all skills interrupt an animation of Burst Fire, one candidate for a suitable skill to do this is Blast, as it can be used to "animation cancel" many Gunner skills (similar to how Blade Draw can be chained into from the second hit of Traverse Cut on Warriors to end the chain).

- ----

Proposed Outcome of the Proposed Security Fixes: By implementing the above changes, the activation time of the skill becomes solely dependent on the animation of the skill, regardless of the players ping.
    No Ping Dependence = No Incentive to use fast-fire Exploits.
    No Incentive to use fast-fire Exploits = One Less Exploit in the Game.

====

I hope that this informal security analysis like this, for issues that the players seem to ba having in TERA, is the beginning of a fruitful series of discussions that will both hopefully reduce the number of exploits in the game and improve the TERA experience for the players of TERA as a whole.

Yours Faithfully,

Andes Ho

PS: The Proposed Security Fixes have been submitted to EME as Support Ticket #090517-000284 and will also posted on the current EME forums by forum user clfarron4 on behalf of myself. It will also emailed to contact[at]enmasse.com/community[at]enmasse.com, and posted to the EME Official Discord Server by myself, Andes Ho ([email protected]).

PPS: This is a PGP signed message which can be verified by copy-pasting everything in the code block into https://keybase.io/verify. If after clicking "Verify" it does not say "Signed by andesho91" with a link to my public PGP key hosted at https://keybase.io/andesho91, then the entire codeblock should be considered compromised as it will have been edited by some that is not the author of the message.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJZrxqcAAoJEG/mmDGyLPKlCYkP/04DsfC+kwDdOmDYn+0xYRIh
5jtcj8rCjARSf9Uy9aMDQUYTR8YO5aQ8gDtTc88oPBI45YsKEOV3w8m+IZnETadY
wCBfq/uFeML+iNx320NrUrx8oachXWrlhCzmCtnzF8OB1mCAhZbLiK7K7sopF6oJ
picy2BH1w5EZaqo+bBUpGZ+/oxvjXjbwOvEfqoRctAm7kcgztC4sT1TDQriZ+QA7
uUf9vXYsunCEXjAoV8/PIesNK3V+1R/BPB3qEROpiK9STkYkUkajYghl/m4F6AVr
zvYjELK/G9cjNHyYu692oiMm2vZ5SGidPeofQhZEmsqYF7oOYvboJhXrzqxPB4mm
2K82UsP/8HbnJGPM4hoNTKKzVXugPJ1e6k8ajPbnRLuGuDymx+JHEqOl9HwDXyC/
83CMxxUPSJbnP8BfwLBepsZYA2JazPJzfszLlCW/egztd6h0NHqYKqmxba+jmfxG
cX3vk80LBn86SWN3wH+NOC1OuKyxXABqKhXnZevJMJQMGh71b/d+TCzpuBlzD6TD
xXh9zc24raXVzxwuZ4r2EIAgzlzDvWl+YIjvBjl9KZ2Gf0NY9fCo5IKJN3pkPs7g
aN9XvTqgxK45zqiGcI5irFq+2AplQMnlDAYYUwUuzRoJGa9F1Balt+el36c8B3c6
vIT1r8RQSIz5zgz0bAxQ
=31PQ
-----END PGP SIGNATURE-----

Comments

  • SeikilosSeikilos ✭✭✭
    edited September 2017
    First of all, EME can't do anything. They don't have the power to alter the code. This has to be done by BHS. So the first impediment in the whole story is to get this chunk of information to BHS. The second would be to persuade them that this is needed.

    You see BHS doesn't care about other regions. Only for korea. As long as the other regions are profitable and bring the money, no matter the state of the game, they are good. Koreans though are in a different state than the other regions. Small country (with, probably, better infrastructure) means low ping for koreans, so they don't get these problems. They also have the talent system which gives extra bonuses to skills, that we don't have. So why would they bother. BHS is not Blizzard. It's a small company. They probably don't want to waste any work hour on other regions.

    Very noble intentions there from you and your friend. Now look at your suggestion sinking in oblivion...

    P.S.: Tera code is a mess. What i mean by a mess. Think of a bowl of pasta that you have left in the fridge for 5 years while you randomly removed and added more pasta. To make things even worse, almost all the old team, both on BHS and EME has jump ship (or is otherwise occupied, *ahem* google is your friend). So i don't think that there's someone on either side that willingly would like to get more involved than already needed.
Sign In or Register to comment.