Frustrated Gamer Showed Titanfall Devs How to Fix the Game
A frustrated Polish gamer reverse-engineered Titanfall's code, which enabled him to analyze the mistakes commited by Respawn Entertainment. He published his comments online with the hope that they will help the developers fix the problems with the servers.
In early July, Apex Legends and Titanfall 2 were attacked by hackers who wanted to draw Respawn Entertainment's attention to the dire situation of the first Titanfall. It seemed that we shouldn't expect a quick improvement, because the effort to rescue the series is handled by 1-2 people. Meanwhile, a frustrated Polish player known as p0358 reverse-engineered the game's source code, which enabled him to analyze the developers' mistakes and point out several things that need fixing.
As p0358 noted, now Respawn Entertainment will have no excuse, because all the information is given to the devs on a plate. He jokingly admitted that he would fix everything himself in a few days if the studio hired him. He also added that in order for Titanfall to become relatively safe, all solutions described by him should be implemented. A brief description of some of them can be found below (for more details, please refer to the aforementioned source). We have to admit that at first glance they really seem quite simple.
To fix Titanfall you'd need to, among other things:
- Fix too long names (?64), verify names with Origin if possible;
- Do not leak player IP addresses in “player_connect” game event;
- Re-enable the built-in Source’s protection against DoS for connectionless packets, excluding the net data block packet types from rate limiting;
- Be aggressive about players who don’t send their Origin auth token (which is done on one of the earlier connection phases) or are stuck connecting for just too long (>~3 minutes?), IP ban them temporarily on the particular server;
- Do not allow more than one connecting client from a single IP on a server at once.;
- Ignore player DLC choices before they’re fully connected.;
- Implement a quota for string commands, a value of 40 per second is more than fine and gives enough safe room;
- Only allow the party leader to run “LeaveMatchWithParty”, not any random person;
- Spin up more servers, the current amount is way too little.
If you wonder whether posting such information on the web will not help hackers who can use it to carry out even more effective attacks, p0358 reassures, writing that the problems he described have been known for a long time. The netizen assured that everything, which in his opinion is not known to the attackers, will be sent directly to Respawn Entertainment.