Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Quick Links
EVE Online: Client Source Code Leak Story
Szark
News ManagerMember Posts: 4,420
Slashdot is reporting that the game client source code for EVE Online has been leaked, prompting another round of concerns for CCP's handling of security issues. CCP, on the other hand, has issued a statement of their own in response, stating that the leaked code was not leaked from an employee, nor does it pose a security risk for players.
Here is the Slashdot article:
An anonymous reader writes to tell us that the game client source code for the popular MMO, Eve Online, has been leaked via torrent. In addition to the source code the user also posted a lengthy chat transcript with someone from CCP customer support. While the end goal may have been to call attention to the continuing security issues within Eve (and ultimately themselves), there are probably better ways of getting through to support. Unfortunately, CCP seems to be responding with the usual knee-jerk reaction of banning everyone breathing a whisper of this incident. I wonder if any large MMO company will ever be brave enough to calmly address an issue rather than wielding the ban-hammer.
CCP's Response can be found here:
We are aware that an individual claims to have access to the source code of the EVE client, but this access is not a security risk to CCP or our customers in any way. The Python scripting language that is used by the client can be easily decompiled to generate readable code, and we have designed our server-side systems with that understanding. Therefore, there is no reason to believe that the code was leaked by an employee and our internal investigations confirm that.
Access to the source code for the EVE client exposes no security vulnerabilities, has no privacy protection issues, and poses no threat to our customers billing information. The server-side interface used by the client is carefully protected to ensure that no abusive or unwanted information is transmitted to or from the EVE system.
Nothing the EVE client can do can affect the game state, a manipulated EVE client cannot affect the server, no advantageous or disadvantageous information can be transmitted to other EVE users by altering the EVE client. The EVE client is signed with a security certificate registered to CCP. Hashes are available on our web site for those who wish to ensure the integrity of EVE client download files they may have received from a source other than direct download from CCP’s web site.
Finally, there have been no mass bannings, as reported in some news articles, though we do remove all message board posts regarding violations of our EULA and Terms of Service as per standard policy and procedures. We consider any alterations of the client software, including decompilation, or discussions thereof, to represent such a violation.
Comments
I, in a brief moment of idiocy decided to have a look at said Source code...
It was just out of curiosity. Im not a coder or whatever i havent got a clue what to do with it i just wanted to see what it was...
But low and behold i was banned from Eve.
Countless months of work pissed away due to my stupidity.
But you know what they say "Curiosity killed the Eve character"
You Have been warned dont even look at it... dont even look at this thread dont even think about looking at this thread. and so on.
Ashamed and pretty pissed
/Psilo
I'm no fan of CCP, but, this is neither a feature or an editorial. Good un-biased news report.
And people don't think that MMO companies have too much control. Not only are innocent people being banned simply because they're curious, but other people are getting banned simply for asking if this is true or not.
Overreacting much CCP?
This is absolutely idiotic. People who did nothing wrong are getting banned, and the few people who want to look at the source code in order to find exploits in the game are simply downloading it from another location. The only people being banned are the ones who are just curious.
I was thinking about playing EVE, but not after this. This just proves that the people running the game are total idiots who don't deserve a cent of my money.
LOL, LOL, LOL, and LOL some more.
Hmm, not that I'm going to bother trying, but how did CCP know that you looked at the source code?
I call shenanigans on your story.
"True friends stab you in the front." | Oscar Wilde
"I need to finish" - Christian Wolff: The Accountant
Just trying to live long enough to play a new, released MMORPG, playing New Worlds atm
Fools find no pleasure in understanding but delight in airing their own opinions. Pvbs 18:2, NIV
Don't just play games, inhabit virtual worlds™
"This is the most intelligent, well qualified and articulate response to a post I have ever seen on these forums. It's a shame most people here won't have the attention span to read past the second line." - Anon
Hmm, not that I'm going to bother trying, but how did CCP know that you looked at the source code?
I call shenanigans on your story.
In the linked article inthe comments, people say CCP is whatching the IPs of people getting the torrent, and matching it to players accounts. And of course you can always "fake" IPs and all that, but you know some don't do that, get caught, and now they are where they are.
Anyway, the story has been updated! Check it out!
Cheers,
Jon Wood
Managing Editor
MMORPG.com
Anyway, the story has been updated! Check it out!
Its a torrent, anyone getting/sending a torrent can see all the other IPs connected to it.
Edit: although in this case it doesn't matter I guess :P
Anyway, the story has been updated! Check it out!
Jon, you may want to delete the second quote as the validity of it was under heavy scrutiny from what I read.
Still it's really interesting to read, especially the full chat log (though at some points it's hard to understand what the hacker is saying since his native language is Russian and not English).
Fair enough, but I honestly don't see CCP taking the time and energy to do that. It really doesn't make any sense from their point of view. What would that do other than enrage people?
Cheers,
Jon Wood
Managing Editor
MMORPG.com
I don't think it was CCP at all, just someone pretending to try and get a rise out of people.
LOL! "There were no mass bannings." That is funny and open ended a bit I'd say. Banning people for looking at the code or mentioning to the GMs they have seen the code is very harsh and another reason why CCP is on my "Do not buy from" list. This is like the forth time in the past two years this company has really screwed over their community. IMHO, it is time for someone to take a class action lawsuit against them. They a bit too power hunger. If the EU can fine M$ for anti-competive practicies, I'm sure they can sue CCP for client abuses regardless of the EULA.
Fear not fanbois, we are not trolls, let's take off your tin foil hat and learn what VAPORWARE is:
http://en.wikipedia.org/wiki/Vaporware
"Vaporware is a term used to describe a software or hardware product that is announced by a developer well in advance of release, but which then fails to emerge after having well exceeded the period of development time that was initially claimed or would normally be expected for the development cycle of a similar product."
You would be surprised what some people's jobs are.
Playing: Everthing
Played: DAoC,AC2,EvE,SWG,WAR,MXO,CoX,EQ2,L2,LOTRO,SB,UO,WoW.
I have played every MMO that has ever come out.
what client abuse. you pay for the privalege of accessing a service they provide. They can at any time for any reason take away that privalege.
Hmmm....And I thought that pretty fresh listing filed under the Misc category at a quite prominent bittorrent tracker site which shall remain unnamed was just a fast one? But then again if:-
"Access to the source code for the EVE client exposes no security vulnerabilities, has no privacy protection issues, and poses no threat to our customers billing information. The server-side interface used by the client is carefully protected to ensure that no abusive or unwanted information is transmitted to or from the EVE system.
Nothing the EVE client can do can affect the game state, a manipulated EVE client cannot affect the server, no advantageous or disadvantageous information can be transmitted to other EVE users by altering the EVE client."
..so no harm done....yet...right???
According to www.massively.com ...
"As they brace to control the impact of the theft, CCP has stocked up on turret ammunition and kicked in the afterburners. They are reportedly seeding the stolen source code in an attempt to ban anyone downloading the file who also maintains an EVE account."
Also...
"In addition to this, users on the EVE forums who even mention the torrent are having their posts edited and locked or simply deleted. Bans are flying around the forums and EVE players are warned to do their best to avoid a collision."
The client code is not the source code. This is not a story, but a bad attempt of something trying to pass off as something else all together. The first clue was that it was posted by anonymous and not a creditable source. As for what CCP is doing, bah, it is in the EULA not to do that stuff. If your curious, and you get baned then you did it to yourself. Quit your complaining and move on with your life.
As for Slashdot, they should not of allowed that story to post by an anonymous. That was a big mistake on their part. Nothing creditable there. Bad Slashdot, no biscuit!
Yeah, they would totally do this, because ya know, they just don’t need customers.
^sarcasm.
----------
"Anyone posting on this forum is not an average user, and there for any opinions about the game are going to be overly critical compared to an average users opinions." - Me
"No, your wrong.." - Random user #123
"Hello person posting on a site specifically for MMO's in a thread on a sub forum specifically for a particular game talking about meta features and making comparisons to other titles in the genre, and their meta features.
How are you?" -Me
I disagree. Despite whatever implications the leak has, CCP is going overboard, even so far as entrapment by seeding the torrent themselves!? Dag yo.
Btw, ever heard of "Deep Throat," Watergate, President Nixon? Anonymity is a protection, not incompetence.
And as regards CCP's statement that this poses no threat to other players, they are correct, in the security sense. However, it does pose the threat of someone manipulating the client very heavily: macros, server overload, game control manipulation... the list goes on. It does pose a threat to the gameplay itself, allowing jerks to exploit all they want.
Bottomline: This is no good for CCP or Eve. Unfortunate, it's an amazing game.
Cinori Aluben - CSM6 2011
Fix The Little Things First!
www.littlethingsfirst.com
EVE-Online
This does not impact me. I will continue to play EVE regardless of this attempt to cause more grief by someone who's holding a grudge agasint CCP.
Interesting read none the less.
This game still rocks regardless of some ass hat trying to blackmail the developers. And people, there's no defense for curiosity through theft. That's downright ignorant.
If you're sincerly "curious" use a proxy.
I'm confused. What advantage could someone get by looking at the CLIENT source code?
AFAIK the first rule of MMO programming is to not trust the client. If you trust the client data implicitly then you will have hacks of all sort and description.
I just don't understand what could be gained. If all data is checked for validity by the server (as I assume it is given there aren't any real "hacks" in EVE that I'm casually aware of) then decompiling the client gets you what? Graphical data? Communications code?
EVE (and CCP) is such a drama magnet.
success does that.
----------
"Anyone posting on this forum is not an average user, and there for any opinions about the game are going to be overly critical compared to an average users opinions." - Me
"No, your wrong.." - Random user #123
"Hello person posting on a site specifically for MMO's in a thread on a sub forum specifically for a particular game talking about meta features and making comparisons to other titles in the genre, and their meta features.
How are you?" -Me
"Memories are meant to fade. They're designed that way for a reason."