Half Life 2 Source Code Leaked 1027
Pyroman[FO] writes "Gamers with Jobs is reporting that the Half Life 2 source code is floating around the net right now. It looks to be about a month old. There's no official word from Valve on the source code leak yet. Unfortunately those who want to use it to cheat already have it, we need to get the word to legitimate customers to educate them about the situation." Update: 10/02 21:51 GMT by S : Valve's Gabe Newell has an official statement, via ShackNews/HalfLife2.net, indicating "infiltration of our network" and appealing for information on the culprits.
HL2 Source (Score:-1, Informative)
Here's a link to the (Score:-1, Informative)
Full text of linked article (Score:5, Informative)
http://www.gamerswithjobs.com/modules.php?
Half-Life 2 Source Code Leaked, Seriously
Posted by: Pyroman[FO] on Thursday, October 02, 2003 - 11:02 AM EST
So I know what you're thinking. "Yeah right Pyro, it's really just more suprise gay porn" but its the real deal. The source code for Valve's Half-Life 2 has been leaked to the net. An anonymous GWJ reader has verified this is real.
I can confirm that this is indeed no fake
There's still no official word from Valve and I haven't seen any other sites pick it up. There isn't any word on who leaked it either and from what I have heard the source doesn't give it away. Hopefully when this gets out in the open Valve can work with its partners to figure out who did this. Let's also hope it doesn't delay Half-Life 2 any further.
One things for sure, this can't be ignored. Those in the know already have it and they're probably working on their first cheat right now. Legitimate customers are the ones who need to know about this as they are the ones that will get their machine potentially broken into when they go online. You can't warez with month old source code, all it's good for is exploiting others in multiplayer and allowing crackers to make better cracks. Customers need to know that there are cheaters out there right now with the full Half Life 2 source code, if this is true.
More info (Score:5, Informative)
There are also a few threads on steam [steampowered.com], PlanetHalfLife [forumplanet.com], and arstechnica [infopop.net].
HUGE BANDWIDTH LINK (Score:3, Informative)
Re:Thanks ATI! (Score:2, Informative)
Re:...and in other news... (Score:2, Informative)
I guess Valve are working on something, but it's certainly not finished yet.
With this new rush of "help" I think that Linux support might be a reality in the future.
Re:What?? (Score:1, Informative)
Bittorrent link (Score:1, Informative)
happy downloading
Re:One Word: (Score:5, Informative)
Now however, I have come to the conclusion that this IS an SDK, and not the full source of their engine.
Err, I take that back. Its the engine. Just found the occlusion system and the node management.
I feel for Valve about now. This sucks.
I'm deleting the source just out of respect.
Not always a problem (Score:5, Informative)
For instance, in Starsiege:Tribes, since the rendering engine has been successfully hacked, people have been able to write some clever and EXTREMELY extensive cheats -- you can customize the visibility of the terrain, of individual objects (like buildings -- make them partially transparent to see people around corners), remove fog from maps, have pointers to the person with the flag, and most infamously, change the model for the flag into a twenty-story-tall red and green stick figure with a gigantic smiley face. This cheat is known as 'Happy Flag', and it makes it pretty much impossible to confuse the enemy team as to the location of your flag.
Now, in any other game, with the graphics engine compromised to that extent, the game would be over. It would be trivial to write auto-aim functionality that centers your view on a particular model type and fires the weapon.
But thanks both to the use of actual projectiles instead of instant (or 'hitscan') weapons, as well as a server-client model that DOES NOT TRUST CLIENT EVENTS (which you might think would make the game much more apparently laggy, but which in reality makes the game much less stuttery and much smoother for those on slower connctions; you just have to predict your shots more. But, since you have to do that anyways by design . .
The stability of this system is such that even with one of the most rabid fanbases in gaming, the only cheats available are primarily informational in nature. A cheater can see mines better, can know where the flag is, can see people clearly that would be mostly obscured by fog otherwise.
But this gives him very little actual advantage. The only hitscan weapon in the game is not a one-hit kill even on the lightest armor, and it needs to recharge, and the method used in both Tribes 1 and the Torque engine of the server not trusting the player for jack shit is actually EASIER on the server, since it processes client actions essentially as it receives them. Moreover, thanks to 'skiing' and the jetpacks and the visibility of laser rifle attacks, any advantage is quickly whittled down to a simple nuisance.
Now, at the other end of the spectrum is Red Faction.
Re:One Word: (Score:5, Informative)
Re:IT COMPILES (Score:4, Informative)
I tried compiling the code, it won't work in Microsoft Visual Studio.NET 2003 (apparently it was developed in Visual Studio 6.0 and the version inconsistencies break the code. It's not exactly standard C++
Re:Look on the bright side (Score:5, Informative)
It's pretty complete, and weighs in at 100 megs unpacked, for this to be _not_ the source, I'd have to say it's a pretty damn good hoax.
There is also the complete source to worldcraft in there.
Most interesting thing though, is the presence of a linux/, *gets his hopes up*
Re:Screenshots (Score:5, Informative)
Re:Contains GPL'd code ... (Score:1, Informative)
Things in ./utils directories normally isn't distributed. They're just dev-tools.
Re:Thanks ATI! (Score:3, Informative)
http://www.evem.org.au/evem/archives/games/doom_3
Apparently they are just really sloppy, ATI sent id a laptop with the Unreal Warfare engine it 3 months before they let this Doome3 build get out.
Re:License (Score:2, Informative)
Not quite right, at least historically. Because the original Half-Life was based on Quake1 technology licensed from id, Valve did not have the legal ability to license the engine they created to others. That is why you will never see a game that is not from Valve that uses the Half-Life engine. It's also why you didn't see Counter Strike or DoD released in boxed format until Valve struck deals with those development teams to publish under the Valve name (and in some cases, like with TeamFortress and I believe Counterstrike, brought those teams into the Valve company entirely). This may very well change with Half-Life 2, since I don't believe they're using someone else's licensed engine this time around, but I don't know enough about HL2's engine to say for sure.
Were Counter Strike or Day of Defeat merely "graphical facelifts"? Modding games from the big guys (Valve, id, Epic) has always been very powerful without requiring the engine's source code. Quake 1 mods ran the gamut from completely new multiplayer experiences (first CTF, then class-based CTF with TeamFortress, and then even TF evolved to allow for objective-based maps rather than just captuer the flag), to racing games (whee, QuakeRally!), flying games (AirQuake), side scrollers, Tetris, and more. Quake2 kept it going with the first RTS mod (Q2War), and so on. The Unreal engine's UnrealScript gave unprecedented control over the game world. Believe it or not, many of the earlier Unreal-based games (Deus Ex, Wheel of Time) were little more than new UnrealScript code in an only slightly modified (if modified at all!) Unreal engine. The point? If the developers design with modders in mind, you don't need the source code to make creative mods.
On the flip side, however, the release of the Quake1 source code resulted not in a bunch of interesting, technically impossible-through-modding games, but instead merely graphical facelifts like Tenebrae [sourceforge.net] (adds bump mapping, dynamic lighting, bunch of other stuff), that one that made everything look like a sketch but with a name I can't remember off-hand, etc. It makes sense that to do a graphical facelift, you'd need access to the engine's source code and not just a modification interface.
Re: yeah, right (Score:2, Informative)
Re:Contains GPL'd code ... (Score:5, Informative)
Re:GPL code found in source (Score:5, Informative)
havok license link (Score:3, Informative)
http://oldsite.havok.com/newsletter/050
Licensed Havoc physics engine (Score:5, Informative)
Official Word (Score:3, Informative)
Yes, the source code that has been posted is the HL-2 source code.
Here is what we know:
1) Starting around 9/11 of this year, someone other than me was accessing my email account. This has been determined by looking at traffic on our email server versus my travel schedule.
2) Shortly afterwards my machine started acting weird (right-clicking on executables would crash explorer). I was unable to find a virus or trojan on my machine, I reformatted my hard drive, and reinstalled.
3) For the next week, there appears to have been suspicious activity on my webmail account.
4) Around 9/19 someone made a copy of the HL-2 source tree.
5) At some point, keystroke recorders got installed on several machines at Valve. Our speculation is that these were done via a buffer overflow in Outlook's preview pane. This recorder is apparently a customized version of RemoteAnywhere created to infect Valve (at least it hasn't been seen anywhere else, and isn't detected by normal virus scanning tools).
6) Periodically for the last year we've been the subject of a variety of denial of service attacks targetted at our webservers and at Steam. We don't know if these are related or independent.
Well, this sucks.
What I'd appreciate is the assistance of the community in tracking this down. I have a special email address for people to send information to, helpvalve@valvesoftware.com. If you have information about the denial of service attacks or the infiltration of our network, please send the details. There are some pretty obvious places to start with the posts and records in IRC, so if you can point us in the right direction, that would be great.
We at Valve have always thought of ourselves as being part of a community, and I can't imagine a better group of people to help us take care of these problems than this community.
Gabe
http://www.halflife2.net/forums/showthread.php?
Re:IT COMPILES (Score:1, Informative)
Completely legit, response from Valve (Score:5, Informative)
From HalfLife2.net [halflife2.net] Ever have one of those weeks? This has just not been the best couple of days for me or for Valve.
Yes, the source code that has been posted is the HL-2 source code.
Here is what we know:1) Starting around 9/11 of this year, someone other than me was accessing my email account. This has been determined by looking at traffic on our email server versus my travel schedule.
2) Shortly afterwards my machine started acting weird (right-clicking on executables would crash explorer). I was unable to find a virus or trojan on my machine, I reformatted my hard drive, and reinstalled.
3) For the next week, there appears to have been suspicious activity on my webmail account.
4) Around 9/19 someone made a copy of the HL-2 source tree.
5) At some point, keystroke recorders got installed on several machines at Valve. Our speculation is that these were done via a buffer overflow in Outlook's preview pane. This recorder is apparently a customized version of RemoteAnywhere created to infect Valve (at least it hasn't been seen anywhere else, and isn't detected by normal virus scanning tools).
6) Periodically for the last year we've been the subject of a variety of denial of service attacks targetted at our webservers and at Steam. We don't know if these are related or independent.
Well, this sucks.
What I'd appreciate is the assistance of the community in tracking this down. I have a special email address for people to send information to, helpvalve@valvesoftware.com. If you have information about the denial of service attacks or the infiltration of our network, please send the details. There are some pretty obvious places to start with the posts and records in IRC, so if you can point us in the right direction, that would be great.
We at Valve have always thought of ourselves as being part of a community, and I can't imagine a better group of people to help us take care of these problems than this community.
GabeRe:One Word: (Score:3, Informative)
In a copyright violation case, anyone who knowingly helped commit the offense is culpable. This includes not only the giver, but also the recipient (if he performed some affirmative action to get the files, not if they merely showed up in his email)
The MPAA so far has only sued distributors of their files, but they could go after leeches if they wished.
Since the estimated market value of the HL2 source code is almost one million dollars, anyone who has it could find himself the target of a dangerous lawsuit.
Re:Linux port (Score:3, Informative)
Gabe Newell responds - It's genuine (Score:2, Informative)
Re:No it wouldn't (Score:3, Informative)
You'd just have to look at the notes. You cannot trademark / copywrite "look and feel". Well, with IP, its getting that way, but as of right now, you cannot.
If I've looked at the source for opening a word document, but I do it differently, they have no case. If Word documents had a patent, then that would be different, but until they do, I don't believe they'd have a case.
Of course, if I signed a NDA, it might be different.
Who says it was? (Score:2, Informative)
Starting with the exploits in his outlook, they get information on which server holds the code, how their server scheme works, maybe even some addresses if they get really lucky. The keystroke logging programs help even more, because it gives passwords to those servers.
Now, we have an internal network address or name, a password, probably usernames, and maybe even a directory to look in.
So, now we move to the hack of the webmail server. Maybe they used keylogs for that, too, maybe it had an open port. Regardless. Slip inside there, and use those tasty server cycles to help portscan or maybe even legitimately access into the Source box, which is almost certainly required to be accessible over the internal network, unless you really want all your coders hamstrung.
Then, you pull that source file and either make it part of an email, or an attachment. Webmail server pops it to an account you have legal or illegal access to and can strip the mail out of without being traced...and whalah! You've just used the magic of the internet to steal from a machine that isn't connected to the internet.
Re:God I love the misinformed (Score:1, Informative)
The neophyte, when introduced to the idea of cheating with the source, thinks of things the other team can see, like making weapons more powerful or increasing accuracy. These examples are real eye-openers regarding what cheating can be.
Re:Hopefully this includes Steam... (Score:2, Informative)
The last I heard, Valve was planning on removing the internet connection requirement from steam, so that you can play single player and multiplayer lan games without having an internet connection. What I do know for sure is that you will be able to buy and play the single player game without using steam at all.
some things (Score:2, Informative)
if there really was a linux client, it would be using OpenGL and there are no references anywhere to OpenGL in the code.
2.I cant see anything in there that indicates Valve is violating open-source licences.
There are some LGPL libaries that they are able to use under the terms of the LGPL (I dont have the time to actually check if there are any "inhouse" mods for those) and one file thats GPL which looks like its only for internal tools and not for anything thats going to be public so they arent violating the GPL there.
3.I dont think anyone will actually use this source code (or bits thereof):
A.valve would pursue them if they did (for copyright violation)
and B.its going to be very out-of-date (missing a chunk of "crunch time" bugfixes) by the time the game itself actually comes out.
4.Its likely that (as happened with Half-Life 1) the bits of code pertaining to things like gameplay stuff will be released
and 5.I think there will be 5 different groups that will gain from this source code:
1.cheaters will see how to write better cheats (e.g. layout of internal game structures/classes etc)
2.modders will see how to make better mods (see how game engine works, see details of propriatory file formats, able to use interal utillities to generate maps, do BSP and stuff etc)
3.competitors (in fact anyone doing 3D coding) will be able to see how Valve does
4.users of other OS's will see details that will enable it to be made to run better on other OS's (for example Linux via WINE or ReactOS when it gets Direct3D going)
and 5.graphics card lovers/technical sites/etc will be able to see if HL2 really does favor one card over another
oh and BTW, I seriously doubt that this is any kind of "officially unofficial" leak (i.e. deliberatly leak code then deny it ever happened) since how would that benifit valve?