Send data from stand-alone over the Internet?

I’m looking for ideas on how to best approach this issue. I need to send data (player’s name, date and score) from a Window’s stand-alone to a website via an Internet connection. I need this to be fairly secure (so the player can’t easily cheat and send a false score) and it has to come from a stand-alone (a continuous internet connection won’t be available).

My first idea was to do it in a similar way to how the Unity Bug Reporter works. Can anyone explain how that is set up and how it works? Is there perhaps a better / easier way to go about this?

Many thanks and HAPPY NEW YEAR!!

Just use the regular high scores setup on the wiki, but cache the entry in the playerprefs until an internet connection is available. That’s rather easy.

As far as easily cheating, as it’s a standalone you’ll be very susceptible to memory edit hacks. Make sure you mask the actual value of your score with some bit manipulation, separate it from the obfuscated value that is displayed on the screen. There’s been a thread or two on this in the past couple months.

You’ll want to save the obfuscated value to the player pref cache, obviously.

Memory edit hacks are the far less common way to cheat over sending fake requests.

So ensure that you transfer encrypted checksums etc together with your high score entries and other things so its not a “click and go” cheat complexity in the online highscores.

I would disagree with that 100%. Artmoney and it’s ilk, there’s dozens of them available with a quick google and people use them. Whether it’s to get 20 lives instead of 3, or pick his own high score out of the air and brag to his friends, a 15 year old kid playing your game is far more likely to go that route than sending a fake request or packet manipulation.

An MD5 checksum is already part of the high score setup on the wiki.

Thanks Quietus, I didn’t even think to check the Wiki, that’ll help a lot.

As far as your suggestion to save to PlayerPrefs and then post the score when an internet connection becomes available, how do you recommend I do that? I was thinking that when the game was completed the app would check for an internet connection and then if it was available to post the data. But how do you check for an internet connection from a Windows stand-alone?

As far as security goes, for my particular application the player won’t have full access to the machine so probably won’t have time (or access) to hack the application. I just want to avoid super easy cheats that might be possibly by simply opening Regedit or Notepad.

Quietus: then thats the exception
Because creating fake highscore is something that takes a few minutes for someone able to use basic request analysis applications. MD5 is nice but not really a hurdle to take as anyone would test against MD5 pretty much directly as it is commonly used for low end security and password storage.

you are right for real cheats they would use memory hacks or application hacks but for morrons that just want to mess the highscore, thats normally more work than they want to invest.
also protection against them is out of your control to a large degree, because you are using a closed source technology. You can’t inject memory protection mechanisms.

It’s as simple as attempting to post the high scores and if the WWW class returns an error, proceed with your caching code.

It’s not a function of ‘hacking the application.’ If security is turned up on the OS and they can’t install new applications then you’re fine. But otherwise a memory editor is a super easy cheat. It goes like this…

  1. Run game and memory editor
  2. Get a particular score, say 1050, then pause the game (death, pause key, etc)
  3. Scan for 1050(int)
  4. Change score and pause again
  5. Repeat a few times until you’ve nailed down the memory location for the score
  6. Enter whatever score you want

That process takes no effort and literally less than a minute’s time. The only defense against it is obfuscation.