I’m curious about that, I was read some answers about switching worlds like gameworld & menuworld. And that makes me hopeful about saving the world when game window “lost focus” And at this time, if i can reference the world as a new world variable & check for differences between real world and referenced world while game is not focused to check any CheatEngine effect? Is that possible?
Or am i have to check my important variables one by one? (with Data class, because of it’s own encyription)
Idk if this have any relevance ,but i once tried to use cheat engine on a flash game ,it was called Knightmare Tower.
It was funny, i couldnt cheat the to get more money, and on top of that it appeared a text in game that told me not to cheat.
So yeah its possible 
Actually i know making an anti-cheat system is possible. But i’m asking for ways to do it easily 
I wouldn’t bother, personally! The hackers on sites like arcadeprehacks are professionals and will crack whatever protection scheme you spend hours creating in minutes.
I say, if the kids wanna cheat, let 'em cheat. As long as they don’t remove your ads/sponsor branding (arcadeprehacks and similar don’t, and in fact will get you a LOT of plays!), let 'em have their fun 
cheating is a real experiment itself xD, but, i’m bothering because of submitting highscores 
and the highscore system is something really important for my gameplay
Yeah, that right, i just wanna block “basic” softwares like “cheatEngine”… no more… that’s a game anyway… but cheatEngine really bores players… i don’t wanna hacked by kids… pro hackers are fine 
nope
ACTUALLY, the main idea…
anybody can download and decompile and do whatever else my game, but i just don’t wanna they hack it while playing as logged-in within kongregate page
You might be able to check a variables previous value (from the last frame) and compare it to this frames value. Then, if it has increased more than is possible in the game, (say you could only collect 1 coin per frame, and each coin is worth 10 points. So, if newVal - oldVal > 10…) then the person has changed it using cheat-engine or similar?
Just a thought.
Also consider storing your variables ‘offsetted’. For example if you store a high score, add 12345 to it and subtract that just before submission. You could also use an MD5 hash or something like that to make sure they haven’t tampered with it (store a few copies as regular unmodified numbers, then generate MD5 hashes of those. Compare all of them to your ‘offsetted’ number after converting it back to regular’s MD5 - any mismatches, they’re a cheater).
that’s what i was thoght first but isn’t that effects on game performance because of i need to check lots of variables? Why lots of variables, that’s because anything in game can let you cheat, like changing an enemy’s x position with cheatEngine, that can make you beat the level, because the game is also a puzzle game.
that’s a cool idea too, but, storing highscore is not enough like i said in my reply to Daemonr, i’ve to store many things, yeah, maybe MD5 good for this too. But, i need to ask another question, isn’t Data class encyripting data when saving Data to a File? Isn’t that secure enough?
And one more thing, is that cheatEngine or something similar can change data in embedded XML’s? if that’s possible, i’m going to give up forcing that secure stuff too much
CheatEngine actually modifies your variables while they’re in memory. That’s why I suggested multiple variables holding the same values, offsetted variables etc. You can also use encrypted variables (base64 or simple xor/NOT/rot-13 encryption would do). CheatEngine won’t do anything with your saved scores, it’ll actually edit them in memory while your game is running, tricking it into thinking that the player actually gained that score by directly editing your variables.
I don’t know of anything that can change data in embedded XMLs really apart from a decompiler. I suppose a determined cheater could download your SWF (or grab it from their temp files), decompile, edit your XML (say, to make the levels really easy), recompile, upload to their own server and play. But for that to work you’d need to be using a centralised leaderboard system which isn’t site-specific (mochi or whatever). The workaround here is probably just to use a ‘sitelocking’ type bit of code to disable high scores on any sites where they’re not expected; eg the big name sites like newgrounds, kong, your primary sponsor site, your own site etc. However, it’s far more likely they’ll just try to use cheat engine to force your score variable to be lots of 9’s, in which case offsetted, mirrored and simply encrypted variables with some MD5 checks would probably ward off 95% of these script kiddies.
Bear in mind that any kind of anti-cheat/encryption is a system of diminishing returns. The more time you spend implementing, the less return of investment you get in terms of stopping hackers. Just doing a simple offset of variable values for important variables will send away 80% of hackers. Encrypting those variables with a simple rot-13 will up that to 90%. MD5 hash checking? 95%. Mirrored variables, base64 and sitelocking stuff? 96%. Hours and hours and hours of complex encryption schemes, hard work, blood, sweat and tears? Maybe 96.5% etc etc
Oh man, i’m not interested in decompilation or something can be done offline… My problem is online as you said. Also, i’m not going to upload it anywhere else except kongregate. No need real encyriptions, i’m just going to send away %80 of hackers no more but using things like “offset” makes my source code complicated for me. I don’t wanna complicate my source code for making an anti-cheat xD so now, i’m just going to use Data class save load function for checking differences… Thanks to all of you guys, discussion is over xD that’s enouıgh
I’ll just throw one last thing in; you can do all this stuff in a centralised place such as a ‘SecureNumber’ class, then do all your weird encryption/abstraction stuff in that class. Then it just becomes a matter of using SecureNumber instead of Number for your scores, high scores and other protected variables. Yay object oriented programming!
Ahah, that’s something i may use. Sounds great!
But i’m not sure i need that. Because… I’m going to sum x and y positons and armors & multiply damages of enemy units and make some other calculations with player’s current stats and score & time etc stuff and things similar to create an unique integer like a cd-key. And gonna save it. Then load it and make the same calculation again to match with saved integer. Isn’t that a secure number too? Also it makes me secure everything with single unique integer value.
So, am i need to use “secure number class with that key integer” to send away +%80 of hackers?
Googling around I’ve found this lib: https://code.google.com/p/flash-anticheat-engine/ (which basically wraps AS3 primitive types with a Secure counterpart).
Haven’t tested it so cannot say it’s reliable or not. Guess the best way to figure out is to use it and try to hack your game with CheatEngine-like software.
That sounds like a good idea. You could also try the solution azrafe found!
public function set value(data:int):void
{
// check if fake wasnt modified externaly
if (fake!=secureData.objectValue)
{
CheatManager.getInstance().detectCheat(secureData.name,fake,secureData.objectValue);
}
secureData.objectValue = data;
fake = data;
}
easy stuff… i’m going to do similar system… but not for all variable types and not for in-game variable changes, so, no need to use that library… really thank you guys, i’m not looking for ideas about that anymore xD
if i use that system, i’m going to need to move every entity within this secure stuff… you know i wish to keep entity positions too(because of puzzle levels) and everything, so, i’m gonna use a keycode for whole world state… i can’t check everything everyframe, that affects game performance… i’m just going to encyript gamestate with focusLost, and check cheats with focusGained
When we post these suggestions they’re not just for you to use, we like to add them in case someone else stumbles upon this topic in future, so if you don’t want to use any further suggestions we make then that’s no problem at all, don’t worry about it But we might continue to put stuff in the topic for the benefit of future posters/lurkers!