Lockdown vs. the old system?

[Banana fanna fo fanna]

I've been out of it for a while; what are the major differences between lockdown and the ix86ver check system?

[Barabajagal]

Lockdown hashes memory values from the directx buffer as well as the original three values.  I think that's about it for the basics.

[iago]

Basically, it's completely different. The hash is done differently, and on different data (ddraw buffer + memory of the classic three programs, plus the CR .dll itself), and is seeded differently.

[Banana fanna fo fanna]

wait a second...you're saying that lockdown checks the state of the entire app? how is the server supposed to know that?

[warz]

wait a second...you're saying that lockdown checks the state of the entire app? how is the server supposed to know that?

yeah, it sure does. the server can know this because the checks it performs should always produce the same results, if there has been no tampering with the files in memory.

[Barabajagal]

The server stores a cache of a set amount of results (1000 for DRTL, DSHR, SSHR, 10000 for STAR, SEXP, JSTR, W2BN). It doesn't check the ENTIRE app, just the three hash files, the dll, and the buffer.

[iago]

wait a second...you're saying that lockdown checks the state of the entire app? how is the server supposed to know that?

Sorry, what I said was a bit unclear. It hashes a select part of the memory of the classic 3 hashfiles.

[Banana fanna fo fanna]

okay, but what about the ddraw buffer?

[Barabajagal]

just the three hash files, the dll, and the buffer.

[Banana fanna fo fanna]

i mean...it knows exactly what the screen looks like (in essence)?

[iago]

It uses a static chunk of screen data. The data will always be the same for the client, and I'm sure that Blizzard knows what the data is.

[Hdx]

Yes,  it knows the exact values for every pixle.
If you know where to look, take a look at how the games make screenshots. It uses the same functionality.
The reason it is the same at the time is because lockdown is executed at the same place every time, and it actually removes the cursor so that it wont get in the way.
~Hdx

[brew]

The server stores a cache of a set amount of results (1000 for DRTL, DSHR, SSHR, 10000 for STAR, SEXP, JSTR, W2BN). It doesn't check the ENTIRE app, just the three hash files, the dll, and the buffer.

20000* for STAR/SEXP. and by the way did anyone find the new number of checksum formulas for STAR? It's supposed to be 40-50k now, however I estimate there may be many more.

[warz]

well, it may not be too important to explain why the client is able to dump a data representation of the current screen state, as opposed to the fact that it just does. sure, hdx's explanation is basically true, but if you know where it looks, and the length, who cares why? all you need is to be is rested assured that your implementation works.

[Hdx]

0.o I just assumed they added it to:
Catch any ui editing hacks.
Make sure the game is running under normal circumstances. (Non-minimized)
(This is lockdown specific)
As for why it is able to dump the screen in the 1st place.. Screen shots are a good thing in games! Everybody loves screen shots.
As I said above, they use the same exact method in lockdown for getting the screen data as they do when you hit print screen. The only difference is that when you hit print screen, they convert/save the data to disk. In lockdown they just use the raw data.

I try and not define WHY Blizzard does what it does. Most of the crap it does makes no sense whatsoever >.<
~Hdx