The Montoya Herald, a weblog about Blueprint, jQuery, design, music and life, publishing on the web since September 2005. Written by Christian Montoya: developer, designer and entrepreneur.

Please try again

Posted on May 15, 2007.

Firebug users (and general ne'er do wells), please visit my Tunnel game again and try hacking it. I've rewritten the code with private variables and as far as I can tell, it's no longer possible to mess with the important data… but I won't know for sure until I get some feedback!

Get a trackback link

7 Comments

1. Miles on May 15, 2007

   Firebug users (and general ne’er do wells), please visit my Tunnel game again and try hacking it

   Happy to oblige! But I didn't use Firebug.

2. Christian Montoya on May 16, 2007

   Miles, care to tell what you did? That's part of security-testing.

3. Bandreus on May 16, 2007

   That's definitelly great!

   Why don't you write a more detailed post about the security related tuning you've worked out, it would be of great help for other developers! (for me too ^_^)

4. Christian Montoya on May 16, 2007

   Bandreus: I'll write something as soon as I get everything ironed out. There are still some holes which I hope I can fix…

5. Bandreus on May 16, 2007

   Tnx a lot, for the quick answer too T-T
   You'r blog's great, keep rollin'

6. Miles on May 16, 2007

   I played until I got on the high score list, peeked at the HTTP traffic, and resent the POST request with a higher score.

7. Christian Montoya on May 16, 2007

   Wow, that's hard… I'm not quite sure how to guard against that…