Advertisement

Create player accounts on custom server (for steam users)

Started by August 18, 2016 09:52 PM
12 comments, last by Lewa 8 years, 1 month ago

As i said, my intention is to make sure that even if someone manages to break into the server (by hacking or somehow getting my admin password for backend access), no critical user data gets compromised


This is, fundamentally, impossible. What you can do is make it harder for someone to do this, and collect less data that can be leaked.
However, whatever goes into your server (user scoring, IP addresses, etc) will be observable by a sufficiently motivated attacker, assuming the attacker can get access to your system.
(Or to your backups ...)

If you don't want to collect user identifiable information, then the best thing to do is probably:

1) Generate a strong cryptographically random string of 50 characters on the client
2) Make the client call the server and say "this is my string, and please keep my data under this name"
3) Store the string in a preferences file on the client machine
4) Have a button that displays the string, and lets the user copy it. Perhaps also opens a web browser with the string as part of the URL, to let the user move this "credential" to other places.
5) Have the ability to enter a pre-existing string into the program if you want to support playing from another computer or re-installing the game

It is now up to the player to actually save the URL in their bookmarks, or whatever other backup mechanism they want to use.
There is still some user-identifiable data (like the IP address used,) but no password, no email address, no real name.
And it's almost totally automatic.
enum Bool { True, False, FileNotFound };
This is, fundamentally, impossible. What you can do is make it harder for someone to do this, and collect less data that can be leaked.

There is still some user-identifiable data (like the IP address used,) but no password, no email address, no real name.

Is there any kind of critical user-data that is stored on the server (behind the scenes) of which i'm not aware of?

Is the serversoftware (as an example Apache) storing the IPs of incoming traffic somewhere on the system? (Well, i suppose that the server will at least temporarely store the IP somewhere to process requests. Otherwise this wouldn't make any sense.)

(I'm not storing the ip-address of the users in the database. Only the steam-id to identify the player which on its own can't really be used to attack anyone or compromise it's personal data.)

If you don't want to collect user identifiable information, then the best thing to do is probably: 1) Generate a strong cryptographically random string of 50 characters on the client 2) Make the client call the server and say "this is my string, and please keep my data under this name" 3) Store the string in a preferences file on the client machine 4) Have a button that displays the string, and lets the user copy it. Perhaps also opens a web browser with the string as part of the URL, to let the user move this "credential" to other places. 5) Have the ability to enter a pre-existing string into the program if you want to support playing from another computer or re-installing the game It is now up to the player to actually save the URL in their bookmarks, or whatever other backup mechanism they want to use. There is still some user-identifiable data (like the IP address used,) but no password, no email address, no real name. And it's almost totally automatic.

This is also a possible solution. Although the question is what to do if A) the player (somehow) loses his URL or B) someone gets hold of this URL and then uses it to login into this account. (This can't really be solved without proper email account registration... A possible solution would be to allow users to optionally register an email on this account if they agree that they are aware of potential security risks... Oh well...)

Advertisement

Is there any kind of critical user-data that is stored on the server (behind the scenes) of which i'm not aware of?


I can't read your mind, so I don't know what you're aware of :-)

Is the serversoftware (as an example Apache) storing the IPs of incoming traffic somewhere on the system?


This typically goes into access.log. There may be other Apache logging, too, such as Referer headers. Finally, once you scale the system, you will start getting logging from your proxies and firewalls as well.
That being said, a list of IP addresses without email addresses or names is not particularly sensitive for most use cases (especially for games.)

what to do if A) the player (somehow) loses his URL or B) someone gets hold of this URL


There is no solution that solves for all of the things you want at once. Engineering is all about making the correct trade-offs for the problem at hand!
enum Bool { True, False, FileNotFound };

I can't read your mind, so I don't know what you're aware of :-)

True that. Will be more precise the next time. :)

This typically goes into access.log. There may be other Apache logging, too, such as Referer headers. Finally, once you scale the system, you will start getting logging from your proxies and firewalls as well. That being said, a list of IP addresses without email addresses or names is not particularly sensitive for most use cases (especially for games.)

Good to know. Wasn't aware of that.

There is no solution that solves for all of the things you want at once. Engineering is all about making the correct trade-offs for the problem at hand!

Finding the right balance of those trade offs is the hard part for me. :/

But thank you for your insight. I'll look into the solution you suggested (with the URL) and see if the implementation meets all the checkboxes. :)

This topic is closed to new replies.

Advertisement