Half Life 2 Source Code Leaked 1027
Pyroman[FO] writes "Gamers with Jobs is reporting that the Half Life 2 source code is floating around the net right now. It looks to be about a month old. There's no official word from Valve on the source code leak yet. Unfortunately those who want to use it to cheat already have it, we need to get the word to legitimate customers to educate them about the situation." Update: 10/02 21:51 GMT by S : Valve's Gabe Newell has an official statement, via ShackNews/HalfLife2.net, indicating "infiltration of our network" and appealing for information on the culprits.
One Word: (Score:4, Interesting)
That's quite a big deal to have leaked. Unfortunately the article is down to I can't RTFA, but is this just the SDK source code or the whole friggin thing?
If it's the whole thing think of how much jeopardy that puts them in with the people they've licensed technology from (such as the Havok physics engine, etc).
Again I say, Wow.
"use it to cheat?" (Score:3, Interesting)
Re:Pascal (Score:0, Interesting)
Re:One Word: (Score:5, Interesting)
Thread here [halflife2.net].
Be interesting to see what the verdict of the Slashdot code gurus is.
Does this guarantee a Linux port now? (Score:2, Interesting)
Re:Look on the bright side (Score:2, Interesting)
Re:Open Source now? (Score:5, Interesting)
The only problem is if the code contains third-party stuff like sound modules, physics engines etc.
Re:You know you're on Slashdot when... (Score:4, Interesting)
But source code and source code alone does not a great game make. There are models, textures, maps, config files and myriad other items that the finished product contains that the source archive will not.
You're not going to see people rolling their own pirate releases of HL2 just because of this code, but it could help people to rip off the full version, once it's available.
LK
License (Score:5, Interesting)
Sales of the engine may be hurt, or it may be helped. Certain companies may wind up "doing the wrong thing" and incorporating Valve code into their own, but no major player would be caught dead doing such a thing. I expect that snippets of that code may find its way into the wild due to overtasked programmers trying to make their game the best it can be, but such snippets wouldn't have equalled a sale, they simply mean fiercer competition. And with the increased visibility, companies can now know the quality of the code that their 500 grand will be buying. True, being released into the wild may reduce the perception of value, but with the availability of the code this may still lead to increased sales.
Modders are a different story. Without economic interests compelling them to buy a license, they might begin releasing compiled binaries of their work to the community without requiring a half-life 2 license, which would cripple Valve's sales numbers. But on the other hand with access to source, modders could create more extensive and more active modifications, creating original features instead of mere graphical facelifts. If these code modders require the original game to be playable, it could lead to a real renissance in modding and a tremendous boost in sales for Valve.
I can see how this may possibly turn out to be somewhat damaging to Valve, but I can't see how this is one of the four horsemen of their apocolypse. The head of the man who intentionally leaked the code should roll (if it truly was intentional), but it is way too soon to declare this the end of the company. Under closer analysis, it may even be a boon.
I doubt it. (Score:4, Interesting)
Contrary to SCO's opinion, unclean code doesn't help Linux at all. The best thing to do is just avoid that source like the plague. It would legally contaminate anyone who even had just had it much less looked at it.
Re:MaxClients (Score:3, Interesting)
> MaxClients set too high
Right, it starts swapping since more child processes are forked than can fit into memory. As other posters have suggested, Apache's MaxClients needs to be aligned with MySQL's max_connections configuration.
Re:You know you're on Slashdot when... (Score:3, Interesting)
I think Valv^E will be pretty poor after this.
Re:Does this guarantee a Linux port now? (Score:3, Interesting)
As for the legality. Well if the porters didn't steal the code and don't claim copyright on the port then it might even be legal.
After all translating a letter you found in the street is not illegal is it?
Ofcourse valve is not going to like people having a good look at their code but well they should just have taken better care. Loosing this is really really stupid. Of course if someone really stole this then they are in for a world of hurt.
Anyway it has happened, might as well make the best out of it. It is not like ID was ever hurt by their games being easily copied or releasing the code (granted years later but still)
After all this is just the code. NOT the game.
Re:Does this guarantee a Linux port now? (Score:3, Interesting)
This is BAD! (Score:2, Interesting)
Anyone wanna bet that Valve is going to delay the hell out of Half-life2 over this? Or that it was leaked because Valve didn't release the benchmark on the 30th?
Oh boy.
Finally (Score:3, Interesting)
we can determine the exponential rate at which the number of bugs in open source software decreases.
IT COMPILES (Score:5, Interesting)
http://www.devils-children.com/hl2_1.jpg [devils-children.com]
It's being picked apart in #HL2-Source on irc.quakenet.org at the moment. Fun fun.
Please (Score:4, Interesting)
Don't forget the value to competitors (Score:4, Interesting)
And here's the first DOS attack from the source (Score:1, Interesting)
(Tracker/common/Socket.cpp) makes many
assumptions. Notice how they have incomplete
state for split packets:
if( *(int *)&buffer[0] == -2 )
{
int curPacket=0,offset=0;
SPLITPACKET *pak =reinterpret_cast<SPLITPACKET *>(&buffer[0]);
if(m_iTotalPackets==0)
{
m_iTotalPackets = (pak->packetID & 0x0f);
m_iSeqNo = pak->sequenceNumber;
m_iRetries=0;
m_iCurrentPackets=1;// packet numbers start at zero, total is the total number (i.e =2 for packet 0,1)
curPacket= (pak->packetID & 0xf0)>>4;
}
else if (m_iSeqNo == pak->sequenceNumber)
{
m_iCurrentPackets++;
curPacket= (pak->packetID & 0xf0)>>4;
}
else
{
m_iRetries++;
if(m_iRetries>MAX_RETRIES)
{
m_iTotalPackets=0;
}
return;
}
What faith in proper sequencing!
It would take a child 5 minutes to write a
netcat exploit for this. Why, here's a child
right here....
Remember: Many shifty eyes make all exploits
shallow.
Re:Any chance that... (Score:3, Interesting)
Company A makes a great game for Windows that people absolutely love. Linux community begs for a port, but A doesn't want to spend the time. Someone gets their hands on the source code to the game and widely distributes it, to the point where it's everywhere. It's not feasible for A to try to legally crush the people who have the source, since they're simply too many, and decide to cut their losses and support them. The company provides further support, helps to organize work, etc. using the open-source community to help build their Linux version. In the process, bugs are found and patches are released for the Windows version while the Linux port is being worked on.
Idealist? Of course, there'll be many arguments by GPL zealots and so forth. Still an interesting thought though.
Re:No it wouldn't (Score:3, Interesting)
Your analogy would only work if the programmer was playing the game/using the application, not looking at the source code.
It is NOT OK (Score:0, Interesting)
Contains GPL'd code ... (Score:5, Interesting)
files in these directories contain such code for example
It would take someone a little more clued up than I to verify that this code is actually used in a binary release.
Someone should take a closer look.
It's all over for STEAM, at least for some time. (Score:4, Interesting)
I guess Valve will have come come up with a new authentefication system...
Re:Any chance that... (Score:1, Interesting)
Re:Linux port (Score:2, Interesting)
Header:
#
# Half-life Makefile for x86 Linux
#
# Feb 2001 by Leon Hartwig (hartwig@valvesoftware.com)
#
Perhaps something good coming our way? Or maybe just a dropped endeavor... one can only hope.
Falcon 4.0's Leaked Source Code (Score:5, Interesting)
Nothing for several months. People went about playing Falcon 4.0 as they did before. Then a user posted a single screenshot to the combatsim.com fora. It showed the Falcon 4.0 options menu, except with some rather peculiar options-- 3dnow! support, 32 bit textures, object texture filtering, DirectX 7 support, and some others. Falcon 4.0 did not ship with support for said features, so either it was an edited screenshot or the user had modified the source code. Then the actual executable was released. It was real, the engine enhancements worked.
Development of the leaked source code exploded shortly after that. A team known as eTeam (the executable was called eFalcon) was created to work on it, devoted to closing the numerous memory leaks, and improving the overall realism and performance of the game. The improvements were incredible, bringing a game released in 1998 to a 2001 state, competitive (or far superior, which was most people's opinions) to simulations released that year. The game's publisher ignored this for a few years.
The game's publisher then put its foot down. It said that all development of the leaked source code had to be ceased. Quickly though the community reached an agreement. It managed to convince the publisher to allow continued development of the leaked source code, as long as the publisher maintained all rights to all of the community's work and was not required to compensate the actual contributors. The result was the Falcon 4.0 Unified Team [slashdot.org], composed of most of the eTeam members (not all though, some refused to join because of the constrictive agreement) as well as many from the Realism Patch group, a non-source code team focusing mostly on realism enhancements. The F4UT has succeeded in making hundreds if not thousands of changes to Falcon 4.0, ranging from technical (graphics engine, campaign engine, AI, sound engine, etc.) to gameplay (new flyable aircraft, dogfight AI improvements, numerous miscellaneous tweaks etc.) to other content (re-done textures, models, sound effects, completely new cockpit art, etc.). The F4UT finally brought Falcon 4.0 to what its original developers intended, not only simulation of F-16 combat, but a true military aviation experience taking place in a dynamic computer simulated war.
How does this relate to Half-Life 2's source code being leaked? Well, sometimes leaked source code can lead to greater things. After the Falcon 4.0 source code happenings, the full source code, including the graphics engine, network code etc. of a few simulations (Enemy Engaged Comanche Vs. Hokum, MiG Alley, maybe some others) have been released to the public. Maybe this practice could spread to other game genres.
Steam included? (Score:2, Interesting)
I've had a look at the source, and although I'm far from an expert C++ coder, it doesn't seem to me that the Steam code is included. There is, however, a 'steam.lib' file in there.
If I understand the workings of Steam correctly, it handles authentication, and also includes mechanisms for controlling the integrity of game files. Ie there's no way you could use a hacked version of the engine for your cheats, and still authenticate through Steam.
<tinfoilhat reinforced with lead>
Maybe they intentionally leaked a (mangled?) version of the source just to prove that Steam has its virtues when it comes to dealing with hacked executables?
</tinfoilhat etc>
GPL code found in source (Score:3, Interesting)
Here's the beginning comment from "hl2_src\src_main\ivp\havana\havok\hk_math\odesol
Re:Contains GPL'd code ... (Score:1, Interesting)
Assuming Michael Alexander Ewert [google.com] is the author who LGPLed it in the first place.
The weird thing is that if it's LGPL it should be "out there", right? But a search for his name with the addition 'odesolve [google.com]' give zero hits.
You're probably right, but it's worth digging until there's certainty. I haven't been able to find any public source matching the one GPL'ed. Not that there must be one, but...
Re:IT COMPILES (Score:1, Interesting)
(yeah, there's BitchX and XChat ports, but mIRC wins on functionality.)
If this is the HL2 source... (Score:2, Interesting)
This is horrible ... (Score:5, Interesting)
As for you GPL programmers, there is already a lot of interesting code out there to play around with. I cannot express in words how thankful I am to different companies letting me play with their products such as Quake2 by id. I think they deserve making money on their hard work and heavy risktaking. GPLing such code is giving me a present I could never make up for.
As I'm quite fond of snowboarding, I ended up working on the Soul Ride snowboard game engine [sourceforge.net]. It would take me years to reproduce the same code on my own. Even if noone ever uses my changes, I really enjoy working on it and it's fun showing my changes to (geek)friends.
Open source is fun to play with. Stolen code just isn't. The whole idea of open source code is built on honesty and solidarity.
Anyway, good luck Valve, I'll buy the game when it comes out. Also, I will enjoy working on the real source you may GPL in 5-10 years, not this leaked one.
(I'm sure some slashdotters won't like what I write, but I've got karma to spend...)
Re:If this is the HL2 source... (Score:3, Interesting)
latest rumours(?) on leak (Score:2, Interesting)
Re:Completely legit, response from Valve (Score:4, Interesting)
"Uh, what?"
Right. "Hi, I'd like to return this game, it doesn't run on my computer."
Outlook !== BAD *if* you have good sysadmins and keep up on your patches. The buffer exploits in the preview pane have been patched for some time. Thanks for the typical Slashdot attitude, though. MS fucks up plenty, but don't blame them when the fix is readily available.
Security thru obscurity ppl are missing the point (Score:3, Interesting)
But none of that applies here.
First of all, you are actually not trying to protect the server. The client is actually allowed to send all the data that a hacked/aimbot/etc client sends. The limitation is supposed to be that the client is operated by human skill instead of a program. So what you are really trying to protect is the client. (Yes, some things like looking one way and firing another, too rapid/accurate turns and shots can be detected server side, but for the purpose of detecting a hacked client. Again, it's about securing the client.)
Now the problem with this is, that it's impossible. The client is in the hands of the enemy. By definition all your security is through obscurity, since the client can be disassembled, its memory can be watched as it runs, etc. There is no other kind of security on the client besides obscurity, short of some Palladium-like thing.
If you have a better idea, don't waste it on a game, because it's worth around a billion dollars to the right people these days.
So I wish all the knee-jerk posters would lay off smugly saying that there's no security through obscurity so they get what they deserve. You need to put down the pipe and think it through.