Quote Originally Posted by Naunet View Post
Yeah, I really worry about this. It's what happened with the Glamour system overall. I don't understand why they seem allergic to looking at what works in other MMOs and implementing it.
Because what works in other MMO's works in OTHER MMO's.

FFXIV favors speed and safety, have you heard of any widespread crashes and rollbacks? Now go look at pretty much all freemium RPG's. It's a regular thing because that's how "dupe bugs" work in other games. The game server has one copy, and the filesystem has another and doesn't write to it for long periods of time. So if the bots and hackers want to dupe items, they just load up their bots to do whatever activity will crash the server, and when the server reboots, they now have duplicate items.

Here's how "dupe" bugs work, please note that this is generalized but based on how at least one game worked:
1. You select the item you want to duplicate
2. Find a buddy who will hold onto your item
3. Go into a dungeon or some part of the game that you know can be crashed
4. As the crashing begins (usually no other users can login) trade the item to your buddy and then have them log out. Meanwhile you stay logged in so that when the data rolls back you will still have the item, but since your buddy logged out, their copy of the item has already been written to disk.
5. Upon login, both users have the same item.

A variation of above is the "hold item" dupe bug, where you simply remove an item from a pocket of inventory space, when the server reboots you will still be holding the item, AND the item will still be in the pocket.

Now the obvious way around that is to have a hash generated for every item so that when the server starts up, it deletes items that have hash collisions from players, pets, containers, banks, retainers, etc. But you can't "hash" quantity items. So maybe you don't need to dupe that ilevel 275 item, you can instead dupe a stack of 99 resources that sell for a large amount. It also takes a huge amount of time to do hash checks. This is partly why you can only sell stacks of items, and not individual items from a stack. If you could sell individual items from a stack, the game has to sync every time an item is sold from the stack, not just when the stack is sold.

The other intended side effect that allows dupe bugs in the first place is that it also creates a lot more work for GM's in re-creating items that are lost during crashes.

Hence that high speed syncing benefits SE bottom line by not having to constantly replace items in the game that destroyed in roll backs. For every 'dupe bug' there is also a way to lose gear.

Glamour logs can abuse such things because they are the very example of having one item represented by another. If the game rolls back it needs to tell the server that the character is wearing X, not Y, but the database will show them wearing Y until the glamour replacement is found. If the game crashes, you may lose the original item, the glamour and any gear that which the glamour is applied. But it's also in theory possible to duplicate gear through the "try on" feature, because the try-on feature is just the glamour feature applied to your point of view.

In another game, it was a common thing for players to hack the game data and swap the id's of some items, usually to give them access to gear that wasn't actually available. Everyone else sees the player naked or wearing something ridiculous, but because that player hacked the item, that means the server knows what id is being sent, and if it doesn't do anything about it, it may inadvertently write that to disk without checking that it's valid. Then every time someone sees that character, their game client crashes because that asset is incorrect. While I'm mentioning this, similar bugs enable "using" items that have quantity stacks in that game too. So you could in theory swap revive feathers with another consumable, and all other players see "using revive" while the player themselves sees themselves using some food item. There were so many bugs in that game involving inventory that the hackers always had the upper hand in everything. Part of the reason I quit playing that game.

The fact that bots are still randomly teleporting through floors tells me that Square-Enix hasn't taken game client hacking seriously yet, and as such until they can be sure it won't result in extra work for the support staff, it's likely not a high priority.