SFS2X Security question

Post here your questions about SFS2X. Here we discuss all server-side matters. For client API questions see the dedicated forums.

Moderators: Lapo, Bax

samfoxie
Posts: 2
Joined: 13 Jul 2021, 06:25

SFS2X Security question

Postby samfoxie » 30 Jul 2021, 04:13

Hi, I want to ask about the SFS2X Security.
If I don't use Protocol Cryptography as mentioned in this tutorial http://docs2x.smartfoxserver.com/GettingStarted/cryptography and assuming that both client device and server side is secure.
Is it possible that the data I send between server and client got attack by mid man?

Thanks in advance
User avatar
Lapo
Site Admin
Posts: 23008
Joined: 21 Mar 2005, 09:50
Location: Italy

Re: SFS2X Security question

Postby Lapo » 30 Jul 2021, 06:13

Hi,
yes in theory it is possible although it's not that simple.
If someone had access to the same local network where the player is connected it could be done, for instance.

Cheers
Lapo
--
gotoAndPlay()
...addicted to flash games
samfoxie
Posts: 2
Joined: 13 Jul 2021, 06:25

Re: SFS2X Security question

Postby samfoxie » 30 Jul 2021, 10:05

Hi Lapo, thank you for answer my question.
What if the client using only one internet connection. Let say the client is connected to mobile phone internet, which means the user only using it for itself.
It is still possible to get attack?
User avatar
Lapo
Site Admin
Posts: 23008
Joined: 21 Mar 2005, 09:50
Location: Italy

Re: SFS2X Security question

Postby Lapo » 30 Jul 2021, 14:04

The only way to answer this question is as follows: if you want guarantee that your internet traffic is not spied or tampered with you will need to use SSL encryption, just like you would for every other web application that transmits sensitive information.

If your game does not transmit sensitive data then you can evaluate whether or not encryption is necessary.

For your information SFS2X login passwords are always encrypted even when not using SSL.

Cheers
Lapo

--

gotoAndPlay()

...addicted to flash games

Return to “SFS2X Questions”

Who is online

Users browsing this forum: No registered users and 56 guests