Not that it matters because the admins at this site don't seem to care!

melvinbluestone
mbereobong wrote:

2 day old account already causing a ruckus. Interesting...

      Not only that, but check out his profile pic. He bears a striking resemblance to Burt Reynolds..........

btickler
Colby-Covington wrote:
btickler wrote:

Have you ever installed a chess engine and run it at the command line, sans UI?  If you have, then you fully realize that chess UIs and engines are usually completely decoupled, and with your vast coding knowledge you would then be able to dope out that writing a new UI for an engine that can play moves for you (i.e. a bot) is not hard at all...right?  

There's no hacking of "closed source code" on the chess.com servers required to cheat using an engine at bullet and blitz time controls.  I do suspect you are well aware of this, actually .

That's incorrect, because every move that is registered and linked by the app's UI is relayed to the server and authenticated via some kind of verification protocol to prevent such silly ideas. And in order to bypass that one must manipulate the closed source code, directly.

You don't get it.  There's no server verification/authentication involved at all.  It can all take place before anything is sent anywhere by the browser.  From the browser's perspective (and ergo the server-side's severely limited perspective), it cannot distinguish where input is coming from.  How exactly are you planning to "authenticate" whether a desktop mouse movement and click is "unassisted" by software or not without full access to the client's OS (and/or drivers, because you can burrow under the OS and manipulate keyboard and mouse input directly)?  You have to detect the behavior after the fact.

You can control your own app, or your own client software, but you can't do anything about desktops running browsers.  

You don't have to take my word for it...you can watch videos of bots playing bullet online.  Again, though, I suspect you are already aware of this phenom.

melvinbluestone
Zoot_Alorz wrote:

You are all a bunch of poopy heads.

   Language! Language, young man!

Colby-Covington
btickler wrote:

You don't get it.  There's no server verification/authentication involved at all.  It can all take place before anything is sent anywhere by the browser.  From the browser's perspective (and ergo the server-side's severely limited perspective), it cannot distinguish where input is coming from.  How exactly are you planning to "authenticate" whether a desktop mouse movement and click is "unassisted" by software or not without full access to the client's OS (and/or drivers, because you can burrow under the OS and manipulate keyboard and mouse input directly)? 

No, you don't get it.

Once a move is made, that information is captured by the appropriate listener and immediately transmitted to the server. The reason why one couldn't interfere with that information before it is relayed is because those packets are either encrypted or already carry the unique verification sequence which will allow the server to authenticate. One would have to bypass the verification process itself, merely intercepting UI data is insufficient. 

btickler
Colby-Covington wrote:

No, you don't get it.

Once a move is made, that information is captured by the appropriate listener and immediately transmitted to the server. The reason why one couldn't interfere with that information before it is relayed is because those packets are either encrypted or already carry the unique verification sequence which will allow the server to authenticate. One would have to bypass the verification process itself, merely intercepting UI data is insufficient. 

OMG.

Read your own statement:  "once a move is made".  Horse already out of the stable.  You are only authenticating the end result. not how the result is produced.  The listener doesn't know and cannot prove how the move was made.

You are speaking as if a listener didn't have half a dozen layers underneath it and was some absolute arbiter of end-to-end mouse activity from the physical mouse, cord, and motherboard and all the way logically through the driver, the OS, and then passed to the browser...the listener has no visibility on *any* of that.  The listener knows there was a mouseclick reported by the browser, and where the click was.

Colby-Covington
Botvinnikfan720 wrote:

 

😂😂😂It controls the game from the level of a human player.  It received the move as played by a mouse click. U get it? U understand that yet?

Yes, but the input data it generates is useless because it does not carry the verification sequence or isn't appropriately encrypted with the correct key.

You are always so quick to jump to conclusions, while lacking the most basic knowledge to even interpret the information given to you.😒

btickler
Colby-Covington wrote:
Botvinnikfan720 wrote:

 

😂😂😂It controls the game from the level of a human player.  It received the move as played by a mouse click. U get it? U understand that yet?

Yes, but the input data it generates is useless because it does not carry the verification sequence or isn't appropriately encrypted with the correct key.

You are always so quick to jump to conclusions, while lacking the most basic knowledge to even interpret the information given to you.😒

You would be great casino owner for the next Ocean's movie.  

"But, but...the security guards put the money bags in the armored car and locked them up and drove them to the bank.  They followed every protocol and signed off on every step once they took possession of the bags.  How could there be Monopoly money in the bags?!?  It's inconceivable..."

melvinbluestone
Zoot_Alorz wrote:

A moderator needs to pull ze plug on thees pile of merde.

  Language! Language, monsieur!

btickler
Botvinnikfan720 wrote:

See Colby? See how you act like you're so smart, and then type more stupid comments? By all means, keep showing us how retarded you are. 👍

This seems a tad excessive wink.png.  Personally, I just don't like to see people spouting nonsense that confirms the extremely commonly held and mistaken belief that bullet and blitz are free from cheating.  I'm not here to kick anyone while they are down, just to refute them while they are still standing on their soapbox...

Colby-Covington
Botvinnikfan720 wrote:

SMH. 🤦🤦🤦 A listener can't tell who is making the move.  It only knows the ip address, the browser, the type of computer, the SSL keys, and the type of request.  It has no idea who made the request. It just knows "this computer" made this request. Sure they can detect if someone is using a code to read the screen because of that request, but if everything is on the user side and doesn't rely on manipulating code, just sending the moves... It's impossible to really know.  Only way to know is to monitor the games for perfect computer moves. That's it. 

I understand that you believe one can simply access and falsify listener detection directly at a hardware initialization level while an application is capturing, but that again just demonstrates how utterly uninformed you really are.

It's pointless to argue with someone who is obviously below the level of an average layman and I won't waste any further energy on you.

You are simply obstinate, unwilling to accept anything but your own misguided views.

 

 

Colby-Covington
btickler wrote:

This seems a tad excessive .  Personally, I just don't like to see people spouting nonsense that confirms the extremely commonly held and mistaken belief that bullet and blitz are free from cheating. 

It's mostly low rated players who accuse others of cheating, especially in Blitz and Bullet, as they are simply unable to conceive both their own lack of skill and the various levels of advanced players.

You don't typically see this at the top at all, because these people understand what's possible.

btickler
Colby-Covington wrote:
btickler wrote:

This seems a tad excessive .  Personally, I just don't like to see people spouting nonsense that confirms the extremely commonly held and mistaken belief that bullet and blitz are free from cheating. 

It's mostly low rated players who accuse others of cheating, especially in Blitz and Bullet, as they are simply unable to conceive both their own lack of skill and the various levels of advanced players.

You don't typically see this at the top at all, because these people understand what's possible.

None of which invalidates my point wink.png.

Colby-Covington

It absolutely does, because this "extremely commonly held and mistaken belief", as you so eloquently put it, is predominately held by low rated beginners.

dmxn2k

I do believe if someone wanted to make a bot that played for them on say Chrome, they could make a bot that analyzed the chess board using a program from the outside that moved the mouse on a Windows level to move the piece. 

But, I don't believe many people, especially those rated 2200 and below, are doing that.

I do agree that the lower rated the player, the more accusations they make about cheaters. But the higher rated, and better a chess player, one becomes, the more silly they will realize it is to think someone rated 1500 (for example) is cheating

VintagePawn

Since this discussion has specifically deteriorated into a cheating discussion, locking.

 

Discussions of cheating, potential cheating or cheat detection are not allowed on the general forums. If you would like to have that discussion, join the following group.

 

https://www.chess.com/club/cheating-forum

 

Chess.com takes cheating very seriously:

 

https://www.chess.com/article/view/chess-com-fair-play-and-cheat-detection

 

https://support.chess.com/article/648-what-do-i-need-to-know-about-fair-play-on-chess-com

 

To report a suspected cheater to the Support team, please select Report Abuse under the Help menu, click the report link on the player's profile, or use this link: https://support.chess.com/article/346-contact-us. All reports are investigated, even if there is no immediate visible action.

This forum topic has been locked