Highscore: Security

PreviousNext

Overview

The highscore data is locally stored unencrypted in the user's directory and is sent unencrypted to the server. To prevent abuse, the highscore is protected with a checksum. This method does not claim to be very secure, but it will keep off most users from trying to cheat.

Checksum

The checkum in the highscore's XML file is generated over all the attribute's values. The checksum for the string that is sent to the server is generated over all variable's values.

Use Custom Checksum

The current implementation for the checksum is very simple and uses just some bitshifting and xor of bits. You can use a custom checksum generator if you don't like the offered one. Simply create a class that inherits from EM_CHECKSUM_GENERATOR, redefine the feature generate_checksum, and use the feature set_checksum_generator from EM_HIGHSCORE to tell the highscore to use your custom checksum generator.