It is already december (#15)
Next RELEASE is on Wednesday 28th of December 7PM CET
Hey all, the year soon comes to an end and it is already December so it is time for an update.
This year was a year that came with a lot of changes for me. The biggest of all is that I've quit my old job and started a new one. Over the last 4 years, I've slowly made my way from a developer to leading a tech team and being responsible for the future development of the product we have been working on there. But as the responsibilities grew and so did the project sizes this also came with a massive workload and I began to struggle with the balance between my private life and the responsibilities I had at work. Because of that, I came to the conclusion that it is time to move on. Changing to a new employer was exciting and scary at the same time for me, because it also led to some uncertainty but when I look back it was the right decision. With all the things that happened in the world this year, I have the feeling that life in general became more uncertain about the future.
Leading this over to hackero these are basically the reasons why I was not able to live up to the expectations I had at the beginning of the year for what I want to accomplish. However, in this update, I'd like to talk a little about the changes I've made and what is on the horizon
Technical Improvements
First of all, a lot of work under the hood was necessary as already mentioned in the last update. All of the frontend code is migrated to Vue3 which in general leads to much better performance. A lot of the data loading aspects are much more optimized now and the application windows do not load that much garbage data anymore they do not actually need. To explain this more in detail I'm already preparing a post that spotlights these things much deeper than I could in this update.
Next, a lot of refactorings were necessary for the backend. A game like hackero has a lot of mechanics which are strongly coupled. For example, the system responsible for handling all the filesystem logic is embedded into many different parts of the game such as bank accounts, processes, and the mailing system to just name a few.
I had the feeling I was on the right track there however the optimizations I've made slowly led to the point where implementing new features got insanely difficult. The problem I was running into more and more frequently is something called circle dependencies. (basically multiple dependencies with the dependency in the diagram below).
Long story short, Golang forbids such circle dependencies and I had to refactor all of the code again. 😅
I've refactored all of this to a different structure which simplifies development in the backend and prohibits circular dependencies that might evolve.
I will put more technical details on this refactoring and how it basically lead to the new features described below in a future post.
New Features
This leads over to the new features which made it into the new project.
First of all, I've streamlined a lot of the things that evolved other the years. For example, with the extension of the filesystem structure, the etc directory made it to the game and I wanted to use this more for configuration files. The shop application was one of the first ones to utilize this feature however it was really clunky to use and to the configuration structure up and running.
Process Configurations
In the future, a process will automatically create its configuration when it is first installed. This enables the game to generate better configuration files with comments and annotations, that better explain what a configuration flag actually does.
Example: firewall configuration
Installing a firewall now also creates its configuration in /etc/firewall/default.yaml.
And this is what the configuration looks like:
# This is the configuration of your firewall
# Enable this option to whitelist ip address (they do not get logged to the terminal)
# This option is available from version 2.0
# whitelist:
# - 1.2.3.4
The same applies to a few other processes as well.
Scriptable Viruses (and all the other types)
This is something that I announced nearly half a year ago and it is part of the vision since the beginning. In the next update, it is possible to create a scriptable virus that you can control by writing Lua scripts. I've tried a few different languages and environments and Lua was the one that was by far the simplest to integrate. To make scripting possible the whole backend had to be restructured because from now on, not just players are actors in the game but scripts can also interact with systems. this lead to some more abstractions on how actors are determined and therefore a script is not handled like the game server with full rights but faces the same limitations as the player.
Right now scripting is quite limited (there are only a few commands enabled and they are only run, once a virus is installed). It is still a powerful technique for advanced players to further optimize farming or to sell viruses with scripts on the ingame shops.
When it comes to balancing I'm really looking forward to your feedback on how to further improve scripting while maintaining the goal of it still being an extension of the gameplay and not a replacement which renders the game pretty much useless for unscripted players.
The ransomware virus I've started developing, however, I've not been satisfied with how it worked out. Therefore I've removed this for now and will rework it. the same applies to the reboot feature.
Linked Library and better binaries
This is one of the biggest changes that links a lot of the other features together. In the next update, a binary can be modified to get new functionality and features. In general, this means that once you have upgraded your Research Binary to version 2.0 it enables you to integrate features you can source from linked libraries (.ar files) into your binaries. how many you can link is limited and they cannot be removed. Which leads to multiple different tactics when it comes to optimizing binary versions. This feature is also used for enabling the development of scripted viruses because this functionality is actually enabled by a feature.
I've also reworked and migrated a few binaries to now be a feature instead of a separate binary. E.g. the oniontracer, and the viruspacker are now features that must be integrated. if you want to see the complete list checkout the roadmap to 0.25.x
Additionally some binaries are now limited to a maximum version they can be upgraded to, which will make it more important to think about what binary to upgrade.
Encrypted files
There's a new file type for encrypted files that allows a player to encrypt any file, let it be a binary, simple text, code, or zip folder. When a file is encrypted a password is generated as well to decrypt the file again.
It can be used to transfer and store files more safely. For encrypting and decrypting there's a new binary that delivers that functionality.
If you lose your password you can always crack the encryption. ;)
I originally developed this feature for the ransomware virus, however, as mentioned earlier, I was never satisfied with how it worked so for that one I have to go back to the drawing board.
UI & UX Improvements
I've put again a lot of work into improving the UI & UX of multiple aspects of the game. The first one to mention is the terminal which has an improved autocomplete in that now respects the syntax of a command and does not just autocomplete a path. This makes typing terminal commands much faster and more convenient
Additionally, jobs (like downloads and uploads) are now directly resolved in the terminal and they better present their state. The old behavior of scheduling a background job still exists and can be used by specifying the -b flag.
This is what the new job handling in the terminal:
The browser and passsafe also got an upgrade, the feature that was wished for most is the option to autocomplete credentials in the browser that are safe to passage. That's now a thing:
Generation of logs & reports
Systems create more logs & reports and the logs about different events or jobs.
Nearly all jobs now generate a detailed log on what it did (or why it failed) which can be used to retrieve important information in the role of an attacker and as the system owner. For naming differentiations, the kind of logging that existed already is still named log while the new logs of jobs are called reports.
This is what reports look like:
Analysis Report (Shared Object)
Analyzed File: test.so
------------------------------------------
Identified Components:
--- Component 0 ---
Component Type: Object Analyzer
Usage: When embeddeded into a research Application it allows to analyze Shared Object (.so) Files
------------------------------------------
Malicious component scan:
./.
----- No malicious components found -----
./.
(This report consists of ? pages) -- Please forward this document only as a whole.
Every report type is unqiue and must be interpreted differently.
Safenet and the FBI
This update also introduces safety measures that monitor entities for suspicious actions (like large transactions, many logins, or an unauthorized login). These incidents will be reported and provided to the public by SafeNet and the FBI. Once you are on this list, make sure to hide because your IP might be publicly known.
This is still pretty basic, but I'm looking forward to more ideas and feedback!
Speedruns
It was requested multiple times, and I've decided to implement a (temporary) solution for speed runs. Once a user resets their account (or logs in the first time) the timer starts and the ultimate goal is to log into the fbi.gov system.
At the moment the player logs in the time are recorded and put on the speedrun leaderboard.
When will all of this go live?
I'm still in the process of implementing the last small things and testing and doing QA, but I plan on releasing this update in December.
This will also mark the last version in closed-alpha and therefore the end of an era that took 3 years. What this means is that everyone who is still on the list gets their invitation! Yes, this is real! The last keys will be sent out in batches (just like with the last few updates). In between, I will fix the bugs you are reporting.
The goal of this phase is to identify critical bugs and the everything stable enough for a wider audience. Once everything is tested and no critical bugs occur anymore, signup is widened to the public world.
You can read more on this on the roadmap and join the community on discord.
Final words
Last but not least I'm doing all of this currently in my free time while maintaining a social life and having a full-time job. There costs for servers, and domains, and just like with everything right now they are rising. If you would like to support me check out my patreon which is the simplest way of supporting hackero and making sure that it can last.
Supporters come and go, in the last months, more people left than joined. This is completely normal since there were not many updates. I'd still like to thank everyone who supported me. But at this point, I'd like to point out two special people in the community that support me from the beginning up to this day.
Cazfro and Palette who are Parteons since February 2021.
And these last words are just you. Thank you for your trust and support!
