<

Nocom

"No comment" ("nocom") was a group project that I spent a lot of time on, from March 2020 to July 2021.

Perhaps the best quick explanation can be found in the comments of a Hacker News post about this, where I answered lots of questions. It ended up almost like a FAQ. The best in-depth explanation is FitMC's YouTube video.

Regardless, nocom was a system that tracked player movement and actions on a particular Minecraft server. The server of choice was 2b2t, a so-called "anarchy" server. It's by far the largest and most popular server of that variety, in which players are not banned for any reason, not even hacking/modding their game client, or griefing other players. The name of the game is using any and all means, whether technological or otherwise, to get an edge over other players.

In March 2020, I was told about a flaw in the server software, and challenged to create a machine learning system to exploit it. The exploit was that the server could be made to reveal, upon request, whether or not any coordinate in the map was currently loaded into memory (meaning, very close to a currently online player). I created an adaptive tracking system, using techniques such as a Monte Carlo particle filter to follow players as they moved around, as efficiently as possible (requiring a minimal number of requests per second).

Additionally, the exploit packet would cause the server to reveal which Minecraft block was placed at the coordinate we asked about. We used this to create a system that remotely downloaded practically every build on the server.

This system collected 1.8 terabytes of data, in a Postgres database that ended up with 14 billion rows. Hundreds of thousands of players were tracked at 1-second intervals. Tens of thousands of bases were downloaded, totaling over ten billion logged block events. It's a fascinating slice of life, essentially a year of history of thousands of anarchy Minecraft bases, updated at 15 minute intervals. Here's an example of a timelapse made from that data, for one such base. Here's another and another and another :)

Eventually, another group discovered the same exploit packet, one thing led to another, it got out, and the exploit was patched.


More resources: