I’m about to start a simple 2D networked game and have some questions.
The game is going to be based on an old Atari ST game. What are the copyright issues here? Other than trademarks I read that games are only protected by patents and that you can make a similar game (like all those Breakout and Tetris clones) without breaking the law. Is this true? Are they any guides on making clones?
I want 2 - 4 players to be able to play without anything running on the server. It’s a turn based game - how can I do this? As long as I have each players IP address can I send the data through sockets to each player after every turn?
I want to send and recieve data to my website through HTTP (for a global score board and so players can “wait” for other players to join). I know how to do this just by using post or get. Is there a better, more secure way?
Im goign to answer tyhis from the point of veiw of US lawe.
(1) IT IS ILLEGAL IN THE UNITED STATES FOR ANYONE NOT LICENSED AS AN ATTORNEY TO GIVE LEGAL ADVICE. Thats very important. I am not a lawyer. Everything I say from here on out is not to be considered legal advice. if you want an opinion you can in any way rely on to protect yourself, you should consult a proper IP attorney. The following is just the understanding of a studied amature.
(2) Having said that, there are a number of different issues.
The first and biggest is Copyright. Any original intellectual work fixed in a tangible medium is subejct to US copyright law in so far as the work IS original. SO, for instance, the image of a Space Invader is protected by Copyright. Soa re the sounds the game makes as it advances. Beyond that it gets into grey territory. The one clear place that is NOT protected is the abstract concept of gameplay. This has been specifically clarified by the copyright office. So a line of things marching back and forth down the screen at the player while he shoots is fair game, but not if they look or sound like space invaders.
There is a second kind of Copyright infringement called a “defivative work”. If a work can be sene to be derived froma copyrighted work, then it is at lpeast aprtially owned by the creator of the originalcopyrighted work. So you cant just chnage a few pixels on the space invader graphic and claim its your own. If it looks like a space invader to the average eye, your in violation.
Copyrights eventually expire. It used to be something like 75 years or the life of the Copyright holder +25 years. Thats why most classical music is out of Copyright by now. HOWEVER coproations threw a monkey-wrench into thsi as COpyroight hodlers since Corporations never die. Again it used to be that corporations were limtied to 100 years BUTin recent years some Corporatiosn that depend on Copyright (noitably Disney) have gotten that extended and extended…
Note that in the classical music case, while the music is no longer under Copyright protection, a given performance is stil lCopyright to that performaer and cannot be legally copied until the Copyright on that peformance expires.
In parctice, this means that you can take a piece of older music and put a performance you create in your game, but you can’t just lift one of a CD. A cheap dodge I’ve come up with is this:
(1) Copyright free musical work
(2) Public Domain MIDI score of the work
(3) MIDI rendering (either in game or ahead of time and saved to a music file)
Obviosuly it soudns like MIDI, but at least its free and clear legalities-wise.
(2) Patent law is the second way software is covered in the US. Patent Law however is a very bad mechanism in that there is NO way to protect yourself short of a full, expensive, patent search. I n copyright, ignorance is a defense-- if you come up with something that looks lieka Space Inavder but you can prove you never saw a space inavder (good luck in that particualr case) then you are safe. In Patent, ignorance of the Patent is NOT a defense. The only good news is that Patents expire fairly quickly. Thats of limited usefulness to those of us doing individual works Im afraid.
Big corporations handle this witha kind of “cold war”. Each keeps a large patent library and ASSUMES that they will infringe each others patents. Since they assume they are alrady in infringement, they wont sue the other for infringement.
Again thats of little help to the smal ldeveloper. Basically, today, small developers are screwed in the Patent front which is why its a bad law. You really just need to not purposefully infringe any patents you knwo of and otherwise just pray you are too small for the big patent holders to even ntoice or care about.
(3) Trademark. Trademark is MOSTLY a red herring. Most people do not udnerstand Trademarks at all and think theya re like COpyrights. They are not at a;ll like Copyrights. Trademarks are not about limiting the copying of artwork,ideas, etc. They are ONLY about an invidual’s or company’s right to identify itself unambiguosly to its customers.
A trademark is infringed is and only if it is used in a way that would confuse an average consumer as to the origin of a product or service.
What does this mean? This means I can’t call my game “Space Invaders” as that might confuse the customwr into thinking I am Atari. but I CAN call my game “Space Hunter: A Space Invaders Clone” becaus eits celar that thsi is NOT the original Space Invaders and I am not claimign to be its originator.
See?
Your biggest issu here is consumer foirewalls. As logn as you don’t have firewalls inj the aqy, your fine and can do whatever you want between the two players
You cannot do UDP (what java.net calles DtagramSocket) between two firewalled players without a sever to help. SImialrly, you generally cannot accept an incoming TCPIP connection (what java.net calls a "ServerSocket’) through a consumer firewall without doing something called “port mapping.” This is a configuration thing one player (the “host”) needs to do on their firewall.
So your chocies really are:
(a) TCPIP (java.ne.socket and java.net .ServerSocket) and potentially make the hsot map a TCPIP port to make it work
OR
(b) a server of some kind
Thats really all you can do.
For a turn based game (or for UDP punch-through too, I suppsoe), you could write a Servlet that operates as a server and try to find somplace to host that…
HTTPS is prety secure as a pipe. Is that what youa re asking about? or do you have other security concerns?
I understand what you’re saying about things such as graphics and sound (i.e. tangible things) being bound by copyright. That means I should be okay with this game as I’ll be doing all the sound and graphics myself. It’s only the idea I’m basing on (the grey area of gameplay!) so I’m happy to go ahead with it.
Regarding the network protocol I had written off UDP. Since there is not much data to transmit, only a maximum of four clients and the accuracy of the data is paramount I’d taken it as a given that it would be TCP over UDP. I’ve never really done Java network programming before but I have been programming in PHP for the last 3 years so I have limited understanding on the matter but would this work? (see below)
Fundamentally, the game can be represented as a serialised 2D array of about 12 by 12 and data only needs to be sent from 1 client to a maximum of four other clients after is turn is made. So, very little data needs to be exchanged between the clients. Can I exchange data by sending the serialised variable as HTTP post or get? Would this eliminate the worry of getting through a firewall and having to code a server application? I could default it to port 80 and then let the user change it if their setup is different - would this work?
Finally, HTTPS is not enabled on my server unfortunately. I suppose it doesn’t matter too much if I send it unencrpyted…
Yes, you could be just about positive that the sender could initate a conenctio nthrough their firewall, either directly or indriectly through a proxy.
But no, it doesnt solve the problem of receievinbg that incoming HTTP request. AN HTTP request is really a TCP connection and the same issues apply. In order tor eceieve the HTTP request you need to open a ServerSocket and wait for connection on a well known port BUT the firewall has to allow (actually foward) connections to that port in order for you to receieve them. So your still stuck with having to map a port on the host.
I thin kIanswered this above My answer was assuming port 80. if your nopt on port 80 or 8080 then you likely wont be able to go through proxies on really tight networks, even to get the request out to begin with,.
(Most home users networks arent this tight-- they allow all outgoing TCP. Thsi is really an issue just in business/corporate environments that may have higher security.)
Not entirely sure what you mean here. do you HAVE a web server already? If so see my suggestion of doing your game server as a servlet.
But you can do HTTPS from client to client directly, it just means that the “host” client ahs to act like a tiny web server.
My point is though if the clients are all exchanging data by HTTP get or post through the HTTP port as far as firewalls are concerned isn’t each client just acting as a browser sending data by HTTP and thus allowed through any firewall that allows HTTP?
I don’t have my own web server, I pay for hosting on a shared server and the package doesn’t include HTTPS.
[quote=“Jeff,post:2,topic:24344”]
I was thinking about this recently, and I thing you can use UPnP to auto-config the firewall in some cases to map the port. I was going to look into this further but didn’t find any good (something that wasn’t as cryptic as your typical IETF RFC). My next attempt was going to look at the source for Azureus (the Java bittorrent client) to see how they do it.
It depends on whether there is any Network Address Translation (NAT) going on. Most corporate nets use this to save on the number of public IP addresses they need. Cable & DSL routers for connecting multiple home computers to a single broadband connection also use it.
NAT exposes only a single IP address to the internet. You may wonder what happens if more then one computer behind the NAT-router puts out a request from the same port to a server on the internet. How does the remote server send data back and ensure it is routed to the correct computer behind the router? This is achieved by a process called port mapping. When a computer sends a packet out through the NAT router, the senders IP address is replaced with that of the NAT router. The senders port number is replaced with an unused port number on the NAT router. The router places this mapping in a table and will maintain it in that table for an unspecified but large number of minutes. Meanwhile the packet goes to the server, which processes it & then sends it back to the exact IP:port that it came from. The NAT-router receives it, looks up the mapping in it’s routing table and replaced the ‘to’ IP:port combo with that from the table. It can then forward the packet to the computer than originally sent the request.
That is how an HTTP request originating behind a NAT router gets to a webserver & how the reply gets back to the sending computer. Note that it is only the webserver that receives requests on port 80. The client uses any port above 1024 for the outgoing request & this in turn is modified by the router.
The key thing about this protocol is that for data to get from the internet to a particular computer behind the NAT-router, there must be an entry in the routing table. An entry can only get there if:
i) The interchange was initiated by the client (as discussed above)
ii) The user has manually made a permanent entry in the table. This is called port forwarding.
iii) The application running on the client makes an entry in the routing table. This uses Universal Plug and Play (UPnP)
This means that if you have two clients, each behind a NAT-router then they cannot directly initiate communications. This is why a NAT-router functions as a basic firewall. It protects the computers behind it from unsolicited connections. However this really breaks the peer-peer (client to client) communication model. There are four basic solutions:
i) You can run all communication through a server which isn’t behind a NAT router (or if it is, use port forwarding to force an entry in the routing table). For turn based games, you could run this on a webserver using PHP & mySQL, clients would have to poll the server regularly (say once a second) to see if it was their turn yet. A dedicated server would allow custom server software which could maintain a continuous connection, which is more flexible, but costs more. NB. Real time games need a higher polling rate, which means the PHP/mySQL combo is not a realistic option. You might also look at java servlets. These are mostly used as a backend to serving webpages, but you might be able to do more with them. Cost is more than PHP, but less than a dedicated server.
ii) You can run peer-peer using UDP packets (TCP doesn’t work with this) by implementing a simple server which just keeps a list of IP addresses, port numbers for each client & sends the list to any other client that requests it. This is called UDP punchthrough. The key thing with this simple server (called an Introducer) is that it must also listen using UDP. Thus you cannot use a normal webserver to run this service. That potentially puts the cost up of the implementation as you need a dedicated server.
iii) The client uses UPnP to automatically configure the NAT-router to do port forwarding. However this is a very complex protocol to implement and most routers have it switched off anyway as it is a security risk. If a virus got onto your computer, it could use uPnP to open a port on your NAT-router to allow incoming connections, making it useless as a firewall. This is therefore a non-starter.
iv) Accept that your program doesn’t work with clients behind routers. You can ask the user to do manual port forwarding on his or her router (if they have one), to get round the problem.
If you want your application to “just work” it really comes down to option i) or ii).
If you are running a business with a permanently on internet connection, then these are easily possible (especially i) ). However if this is a home project, then to keep costs down, you either need to implement a server using PHP/mySQL and use polling to get game state (only suitable for turn based games) or you need a dedicated server (either to do i) or ii) ). A cheap (but not 100% reliable) solution to getting a dedicated server is to run it on your own broadband connection at home. However you have to watch the bandwidth usage. If there is only a small amount of client-client data communication then the client-server architecture works well and allows you to implement game logic in a central location as well. However if there is a lot of client-client communication, routing it through your server is slower & uses a lot of your bandwidth, in which case peer-peer using UDP Punchthrough is more attractive.
Note that in this case you lack a central server, which means all the game logic has to be in the clients. This can be a problem in some sorts of games. Also note that if you do multiplayer peer-peer, the bandwidth required by the client rises more quickly as more players are added, compared to a client-server architecture. Shouldn’t be a problem with one-on-one type games though.
As you noted, UDP is not a reliable protocol. Thus if you use UDP punchthrough & need reliable transfer, you need to write your own layer on top to do the queuing and retries.
For a simple turn based game, you are probably best off with option i) above. A dedicated server would be easiest, but you might be able to do something using PHP/mySQL (or a servlet) by having each client poll at a given rate (not to fast) to get current game state.
The game is only something I’m doing as a learning experience (I’ve programmed in Java but not done any network programming) but at the same time I’d like to make it my first proper game, play it with my friends and put it on my website for people to download and play if they wish to.
Real-time is really not an issue; even it it took several seconds to update each player’s board it would not be the end of the world. As much I as I understand how I could store the data in MySQL and serve the data to the clients that way I’m trying not to do it this way because I’d like to try something new! I’m not too bothered about the games “just working” - if the user needs to do a little configuration themselves then so be it. Since this is my first venture in Java network programming I think it would be a little too ambitious to attempt option three.
So, let’s go with option four. Does this mean that clients that aren’t going through a router just need to make sure that their firewall will let the connection through on whatever port I use? And if they are behind a router they must manually set up port forwarding?
How are turn-based games usually implemented? Do you usually have a server? Do realtime games generally use UDP?
Thanks again for your replies and for helping out a newbie - it is appreciated!
Yes, although you’ve still got the problem of matching players (and their IP addresses). If you’re testing it with friends you can manually provide the data while in IRC chat, email or even over the phone. Otherwise you need some sort of web based player matching system.
TCP with a server would be a good choice, as the server can control who’s turn it is next. TCP/IP gives reliable transfer, which is needed otherwise commands can get lost resulting in the game hanging. Also you only need to store the game state in one place.
Usually. In realtime you care more about timely arrival of data rather than reliable transfer.
Doesnt have tobe web based. A simple matchmaking server is pretty easy to whip up in straight Java code.
As mentioned above, you need a way to find each other. Sometiems thi is done with matchmaking, sometiems other ways. (Ive seen turn based games that actually do all their communication through email!)
You have a lot of options since latency isnt a factor for you.
[quote][quote]
Do realtime games generally use UDP?
[/quote]
Usually. In realtime you care more about timely arrival of data rather than reliable transfer.
[/quote]
There is a lot of debate over how much of this is really technical necssity and how much of this is just prejudice and misunderstanding.
Back at TEN we got great DukeNukem3D play over pure TCP on 14.4 modems!
TCP is mreo compelx then UDP and requires you to udnertsnad mroe abotu the ent to tune it, which is oen of the reasons why game develoerps have often shied away from it.
UDP is definitely faster for unreliable communciation. Once you start needing to communicate reliably though there are strong arguments that TCP and/or TCP/UDP hybrids are goign to perform better the n tryign to reinvent TCP over UDP.
If the virus code is already running on your computer, what is left to lose?
I think disabling UPnP is a little paranoid. If you have a virus scanner that works disabling the UPnP feature isn’t going to offer you much in the way of additional protection. These days it is much more risky to simply launch Internet Explorer or Outlook Express… and if you aren’t running Windows - What virus? :-).
A maleficient program that cannot contact its creator is not a security risk. One that can, is.
One that can take incoming contact can also become a paltform for the launching of attacks on other systems. If you really want the FBI confusicating your computer that was used as a jump-point to attack a bank’s system fine. I dont.
All these are reasons why ZoneALarm has been so successful.
Thats good for 3-5 percent of the computing world. I wouldnt want to limit my marekt that much.
But that has nothing to do with enabling UPnP. Once the code is running on your PC nothing is going to stop it from phoning home to port 80 on some server with an HTTP request.
Disabling UPnP is a paranoid way to pretend you are reducing risk, after the fact.
A valid point, but again addressing already compromised systems. Run a virus scanner and avoid the initial problem in the first place - I know they aren’t perfect, but combined with good surfing practices that is really the ONLY thing that will save you. The second malicious code gets to run on your machine it is usually too late to protect your security. You might stop your machine from being a zombie to attack others.
A good firewall can, depending on how you configure it.
I will grant you that many users don’t have that good a firewall, which is a crime since Zonealarm is free.
Sorry I dont agree. Disabling UPNP reduces risks by limiting what a program can do
Enabling UPNP remvoes ANY outbound proitection. And every securiy expert Ive ever talked to agrees.
A valid point, but again addressing already compromised systems. Run a virus scanner and avoid the initial problem in the first place - I know they aren’t perfect,
They are far from perfect. If you hecvnt tried the experiment in a while I suggest you put a virus scanner on an average user’s system and count the minutes til you see your first infection. I gave up and moved my wife to LInux to solve the problem as it was the only solution I ever found that worked for any lenght of time.
And again, with UPNP disabled once you have that virus it can (and has in the past) be used to launch DOS attacks on arbitrary systems at arbitrary ports. WIth UPNP disabled, the worst it can do is attack web servers.
Ok, I agree diabling UPnP reduces “risks” by some amount. I’m only arguing that the risks that it reduces are very insignifcant relatively speaking, since it is offering protection to a system that already has malicous code running on it and so the BIG risk has already happened. Your system is screwed, your data is already lost or stolen and now you are locking doors after knowing that the burgler is already inside.
That might buy you something, but at that point I’m already mad and can’t get much madder :-).
They are far from perfect. If you hecvnt tried the experiment in a while I suggest you put a virus scanner on an average user’s system and count the minutes til you see your first infection.
[/quote]
Sure, but disabling UPnP isn’t going to help you not get that virus.
Key words “once you have that virus” - i.e. it is useful AFTER a succesful attack to possibly limit damage to other systems. I could be altruistic and say I want to protect every other system in the world, while causing a pain in the butt for myself by disabling a useful feature… but I dont’ care that much about the other systems they have their own protection.
Also UPnP, at least on my system and using the default config of the firewalls that I have used, is not going to prevent OUTGOING connections. That’s already allowed. Only incoming connections are blocked by default. So the worst case is that a zombie can use UPnP to open a port to allow incoming connections to the zombie can receive instructions. The problem being of course, that the Zombie could easily get instructions by polling some other server with outgoing requests, so you are simply locking the back door while leaving the front door wide open.
I still believe that in the grand scheme of things disabling UPnP isn’t helpful. Virus scanners that catch email attachments and scan downloads are certainly not perfect, but much more likely to protect your system from an actual threat than disabling UPnP.
The only good protection is a careful user. How many times have you downloaded a game from these forums and fired it up? Unless you ran it in the Web Start sandbox* each one could easily have installed a virus or deleted your files. Your only real protection would be to disassemble it and check what it really does.
*another great reason to use Web Start and one that Sun should be promoting to end users more.
I fall into the leaving uPNP off camp, since it stops your computer being configured as an open smtp relay. I agree that a virus can poll for instructions, but this location to poll must be hardcoded in the virus & hence can be shutdown once the virus is discovered.
However, more importantly, routers are usually configured with uPnP off by default, so you can’t assume it’s available for publicly distributed applications, which is really where it would be most useful. Asking the user to configure uPNP on their router is likely the flumux the majority of joe public. The minority who can, probably won’t want to for security reasons.
My answer was assuming port 80. if your nopt on port 80 or 8080 then you likely wont be able to go through proxies on really tight networks, even to get the request out to begin with,.