Re: [hlds_linux] Https for fastdl

[Cameron Munroe]

I'm talking about in transit. i.e. as it goes through the internet, not 
the fact that anyone can view it on your site.

On 10/7/2012 4:40 PM, Robert Paulson wrote:
All you need is www.fiddler2.com and anyone can get your fast download
url, even with https.
On Sun, Oct 7, 2012 at 2:46 PM, Cameron Munroe
<cmun...@cameronmunroe.com> wrote:
Well in my case it would be more along the lines of anonymizing the traffic
as the URL would be hidden, the only thing that would be there is the ip
address of where the web server is, therfore keep preying eyes out. I know
that they could probably just see the stream of data coming from the 27005
port, but its an idea to greater harden gaming server, IMO.

Thanks btw for the "answers."


On 10/7/2012 2:40 PM, Rudy Bleeker wrote:
Right, so it's possible.Thanks for testing this Mr. Invalid Protocol.

I have to side with Cameron on this one, so many replies arguing the
benefits and drawbacks of HTTPS which didn't answer his question,
where a simple "yes it works" or "no it's not supported" would have
sufficed. If someone wants to use something for whatever reason,
that's up to them. Please be nice and try to answer the question asked
or don't reply at all if you don't know. We're here to help eachother
after all.

Also, people who talk about the overhead or 'cost' of HTTPS over HTTP
don't know what they're talking about, since the overhead of SSL is so
minimal that modern day (less than 5 years old) hardware should barely
notice it. It does however offer an additional layer of security for
the user, for example to prevent tampering with the downloaded files
by a man-in-the-middle which could possibly crash the game client (as
Invalid Protocol points out the result would be), which is technically
a DoS type attack.


On Sat, Oct 6, 2012 at 12:51 AM, Invalid Protocol
<invalidprotocolvers...@gmail.com> wrote:
You can monitor whatever you want, there's no difference between HTTP and
HTTPS.

It is silly to use HTTPS for downloading maps/sounds and other custom
resources required for a game. You don't need any extra "privacy" and
does
not "protect our users". There's no advantage. You should protect your
fast
download against bandwidth stealing, but that's a different story and has
nothing to do with HTTP or HTTPS.

You don't "have to buy a 50+ license" to test this. Start a game server,
load a custom map and set sv_downloadurl to
"https://msp.f-secure.com/web-test/common/test.html?"; url (don't forget
the
last ? character, otherwise you'll get a 404 error). Then connect to
server
using a client that does not have the map and see if it tries to download
it. Have the console enabled to see the "downloading" messages (maybe
developer variable must be 1). Also check the my_custom_map.bsp
downloaded
file, should be a HTTP page.

Anyway, it seems that it works. At least in CS:GO, but then the client
crashes because the downloaded map is invalid (is a HTML page).

-----Original Message-----
From: hlds_linux-boun...@list.valvesoftware.com
[mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Cameron
Munroe
Sent: Saturday, October 06, 2012 11:53 PM
To: Half-Life dedicated Linux server mailing list
Subject: Re: [hlds_linux] Https for fastdl

The idea about HTTPS is that there is a growing push to monitor and harm
traffic on the internet. A fix for this is https, and as stated before:

      an extreme explanation might be: it could help against tampering ...

      if you have an ISP that do not wants you to play they could just

      corrupt

      each and every fast download tries... with https istead that could
be
      very hard (in both detecting the typo of file being downloaded and
      breaking into an ssl stream corrupting it)

      Nowadays, expecially in countries where "privacy" is just a word
on a
      dictionary, everything should be run within encrypted tunnels
This is something that modern day china, and other countries are pushing
towards. Im not trying to be illegal, but rather make it so that its
harder to track users downloading files off my fastdl.

We should all be pushing to increase https usage in this modern day
world to not only protect our users, but also to hide the traffics full
intent to outside eyes.

The main reason for my blow up below is the fact that I'm so tired of
responses that simply do not help the thread progress. Its common on
here, and it is bloody annoying. In any case I understand your point
about the extra cost and lowering of speed by switching to https, but I
simply want to know if it would be possible at all to do.

On 10/5/2012 2:45 PM, Bruno Garcia wrote:
I'm not trying to criticize your thread or your means to use the Fast
download functionality.
I'm simple stating that you would get a better result for less cost.

I'm sorry if it was mis intended in that way.

On Fri, Oct 5, 2012 at 6:36 PM, Cameron Munroe
<cmun...@cameronmunroe.com>wrote:
This is why I hate this thread, there is never any good answers just
criticism. The question is fully legitimate as since your an idiot and
don't understand that testing is sorta hard considering you have to buy
a
50+ license.


As I stated to the other guy, if you have nothing productive to say
don't
bloody fucking say it.


God how hard is that, to keep your mouth shut.





On 10/5/2012 2:31 PM, Ulrich Block wrote:

Am 05.10.2012 23:26, schrieb Cameron Munroe:

Maybe by your opinion. Now if you have nothing "productive" to state
on
whether it works or not then stop replying as I already understand
the
below and that it has a cost.

So much time and posts have past... During that period try and error
would have been much faster


______________________________**_________________
To unsubscribe, edit your list preferences, or view the list archives,
please visit:

https://list.valvesoftware.**com/cgi-bin/mailman/listinfo/**hlds_linux<https
://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux>
______________________________**_________________
To unsubscribe, edit your list preferences, or view the list archives,
please visit:

https://list.valvesoftware.**com/cgi-bin/mailman/listinfo/**hlds_linux<https
://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux>
_______________________________________________
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
_______________________________________________
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


_______________________________________________
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux



_______________________________________________
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
_______________________________________________
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


_______________________________________________
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux