Utilising private messages also gives us the ability to remove messages. With just the chat chain, how do they know if you actually received a message, or if it was a private message that you couldn't see? Every message you can see on your client will appear to Mojang as if it was sent in public chat. Mojang, however, forgot the one thing that got them in this mess in the first place, you can't trust the client. In order to keep the chain consistent for every player, Mojang added a new packet that sends only the signature of a message for any message a player cannot see. The workaround Gaslight uses is private messages. You can't remove messages anymore, because the last seen field would show messages that no longer exist, and you can't add messages because it would invalidate the signatures of messages surrounding it as it would not be included in the last seen field. ![]() Mojang's fix was to add a chat chain system, this is beyond the scope of a youtube/github description, but you can read in depth about it here, but the important part is that it stops you adding messages after the fact. Not long before their announcement banning all blockchain technologies from the game, Mojang themselves added a blockchain to the chat system, this clusterfuck of a system had us stumped, not because it fixed Gaslight, but because it doesn't make any sense. ![]() Gildfesh: of course! (working as of 1.19.2)ฤก.19.1-pre4/5 was a patch to the initial version of Gaslight. Which example is legitimate, which is from Gaslight? We will attach any correct cryptographic proof to the top of this readme, and probably look like idiots. We have included 3 example reports, containing all data sent to Mojang (although we redacted the server ip), at least one of them is legitimate, and at least one is produced via Gaslight. Mojang recently tweeted implying that Gaslight is detectable, while it is (currently) detectable in some cases, it is not detectable in all cases, and if you know what you are doing, generating indistinguishable reports is more than doable.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |