Senior Programmer Mitch Evans today made a post to address some of the misconceptions with the current base building systems and protections.

I've been reading some questions about bases and base security lately, and thought I would clear up a few things. Additionally, I'm going to put these items in their own thread, and get the information in one spot :)

Issue: “if you have a wall and gate around every portion of your foundation, you can't be noclipped” (and several other articles dealing with the same issue)

You can certainly be noclipped. We fight a constant battle against hackers; as we find their noclip exploits and cheats, they develop more. This is an area we work on every day. What the noclippers can’t do is destroy doors, structures, or non-vehicle placed items that are registered to that foundation until the gates / walls are breached.If the person creating the base has broken the chain of ownership between upper level structures in the base and the foundation, there is no way for the system to protect those structures. I see this a lot in innovative bases that place multiple structures to get a certain (often vertical) layout (or roofs), then destroy structures “in the middle”. This eliminates the ability for the code to follow the attachment chain back to the “owning” foundation from the now-floating base components, breaking the noclip protection. Finally, each available exterior socket must have a wall, a gate, or an overhanging structure covering it. Structures that come up right next to the edge of a foundation do not count as a wall. A wall must be placed outside the edges of these structures to seal the base.

 

Issue: "How did they get to my storage containers in this room." “there are failsafes in place that record who was in a room when the door closed and this will not allow the hackers to go in containers that are inside the bases”

If the doors are locked in a securable area, this is true, and works. This code has not been turned off, despite some players' perceptions. Additionally, noclippers cannot damage you inside a secured area that they do not have valid access to.

This system breaks down if:

• Group members open the door while a hacker is hiding nearby. There is a 1-2 second delay when the door closes that we have witnessed hackers using. They hide nearby, wait to hear the door open (or close) sound, and immediately noclip into the structure before the area is flagged as secured. This grants them access to the secured area. The delay is to allow the player opening or closing the door to get into or out of the room's contained volume before the physics queries are performed.

• The door loses its combination (not ownership). This was a subtle bug, and there is a recent fix for a case that we identified, but the fix has not yet made it to our live servers.

• We have also added additional container accounting, which is also not on our live servers, but should make it next patch. This will allow us to better track the hackers / stolen items.

When you report a breach of a base you believe is secure, please report it as soon as possible with the location, server, and time you believe the breach occurred. If you can, please include the /loc of the container that contained the missing items.

Several of us are focusing on base building and base security over the next month or two. It's vital that we get constructive feedback on bases and raiding, so that we can make as many improvements as possible. Including the server / location information, and reporting promptly will aid us greatly! We appreciate all of the time and effort you put into base building, and are doing our best to balance the sandbox-y nature of persistent player-made structures with the grim reality of maintaining performance and combating hackers.

Source