Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×
Games Entertainment

Half-Life 2 Delayed Following Code Leak 750

Posted by CmdrTaco from the sucks-for-the-gamers dept.
jhol writes "CNN is reporting that Half-Life 2 is delayed "by at least four months, that is to April 2004.", due to the code leak. VU Games has already suffered a 29% fall in revenue and an operating loss of $61.36 million this year. A Christmas release of Half-Life 2 would probably have been most welcomed." Update: 10/07 20:38 GMT by S : CNN Money are now reporting there's a newly public leak, allegedly involving a partially playable, Beta pre-release of the game.
This discussion has been archived. No new comments can be posted.

Half-Life 2 Delayed Following Code Leak More

Half-Life 2 Delayed Following Code Leak

Comments Filter:

  • Still haven't learned their lessons (Score:3, Insightful)

    by Alcimedes ( 398213 ) on Tuesday October 07, 2003 @10:25AM (#7153328)
    I have to wonder how long until people start to realize that for truly critical (read millions of dollars) work, you're best off having the production machines OFFLINE.

    It would be a pain in the ass only being able to code on one machine, but even something as simple as a KVM switch would make it tolerable.

    No internet, and none of this stuff is a problem. Not to mention you can keep working while various worms/viruses make their rounds.

    The 'net is just too insecure these days, especially if you're running some version of Windows.
    • One can use VMWare to do that. All VMs can have a virtual networks which will not be accessible from the host. No need for many computers and/or physical connection.

      The folks at the NSA use VMWare for this purpose (they do have a special version with additional security features)

      I bet that they will try to enforce that kind of separation (virtual or physical) anyway. By missing the Holiday season, they will loose a bundle on sales.

      • The folks at the NSA use VMWare for this purpose (they do have a special version with additional security features).

        How do you know this?

        It's known that the NSA uses VMWare, but they're very tight lipped about how. Also if a VMWare image is sitting on a disk, that's on an OS that's on the network. Doesn't that make the image just as vunerable? I guess one could encrypt it, but still I think the original idea of a KVM is far more secure. If it's not on the net, or a completely private net with no outsid

    • I would think though at this stage of the game when they're testing code against Steam which is on the internet it might have been hard not to be connected to the internet for testing purposes.

      Why they were running Outlook on these machines is beyond me though. You want to check mail? Have a cheapo seperate box setup. For a company the size of Valve I can't believe they couldn't afford a couple of extra $500 Dell PC's to do this with.
    • If not stuck coding on one machine, at least a closed network, with no internet access. How hard can it be to have a closed network for all coding purposes? Sure, it's a pain when it comes to email and other internet needs, but in a situation like this, I think it makes sense to keep all code off-line.

      However, I am not a security expert.
      • > How hard can it be to have a closed network for all coding purposes?

        Oddly enough, as obvious as this seems, people are actually quite resistant to it. I've worked at two software development houses, and while that's not a terribly accurate representation of the entire industry, they both had the exact same attitude: "No, we don't need the dev machines on a private network, we're fine like it is.".

        At one of them, I suggested it as a solution in response to a similar situation; source got into the wron

        • Re:Still haven't learned their lessons (Score:4, Insightful)

          by racermd ( 314140 ) on Tuesday October 07, 2003 @02:16PM (#7155701)
          Good point. The developers can, to a certain extent, make demands regarding their development environment. However, network security is totally in the hands of their IS/IT department, if they even have one. It's the responsibility of the IS/IT staff to maintain the computing environment everyone works in. That applies to developers, the CEO, marketing, even the secretary. The head of IS/IT must set balanced policies regarding access and security. Access should be granted on an as-needed basis, not on an as-wanted-by-CEO basis (like some companies I've worked for). [RANT]I've never understood the reasoning behind the CEO or other major department heads getting unrestricted access to everything. The people that are most visible in the company, and thus the biggest targets, are these department heads. Often, these are the same people that don't even understand the technology they've been given access to, which makes them just that more dangerous to the security and integrity of the network. I try to point out that they should have just as much access as they need to do their job, and that usually means less than their own secretary.[/RANT]

          If it were me, I would have mandated a separate firewalled subnet for the developers systems and done away with Exchange/Outlook company-wide in favor of a more stable mail server. It wouldn't be completely out of the question to maintain a second mail server just for the developers inside their subnet. An enterprise-grade network-enabled virus scanning package would have been installed at the primary switch on both networks. Accessibility from the outside, including from the other subnet used by the general office staff, would be restricted to what would be absolutly required. These connections, once enabled, would be monitored and restricted to certain times of day. I'd even go so far as to implement a one-time password system with rotating keys.

          With just these simple policies in place, connectivity to the outside from within is maintained, virii and trojans are dealt with (mitigated to reasonable extent, anyway), and the biggest external threats are those with the "absolutly required" access to the developer subnet from outside. It wouldn't have been totally secured against outside traffic, obviously, but the traffic that would come through should be easier to manage and detect. If it were an inside job, as some have speculated on due to lack of faith in the accounting of events Gabe provided, this would have been easier to detect, as well. Covering one's tracks is much more difficult to do if everything is separated and monitored more closely than the general traffic. Sneakernet is the only method that I have not addressed, and I can't see any reason to do anything about it. The developers would be the only staff that have regular physical access to the project's systems, so "outsiders" accessibility would be almost out of the question, assuming that the building has adequate access controls (i.e. card keys active for only certain times of day). And securing it any further would be tipping the balance of security/accessibility too far.

          Also note that I'm not saying that what happened at Valve could have been prevented. A determined individual could still bypass the security measures outlined above with enough time and resources, but it would be much harder to do so. As an IS/IT manager, the focus is more on balancing security with accessibility. If the code were completely secured to outside access, development time and costs increase to the point where, possibly, it would make no business sense to even develop the game.
    • As best as I can tell, somebody either emailed themselves a few source code files or something similar, and that's how they got compromised. There's no accounting for users being lax with system security - I just don't see how you can completely prevent stuff like this in a software development shop.

      Do you propose making software developers do their work without access to the internet? From my experience the loss in productivity would be substantial. Or maybe make them run into a "clean room" whenever

    • I have to wonder how long until people start to realize that for truly critical (read millions of dollars) work, you're best off having the production machines OFFLINE.

      I have to wonder how long until people start to realize that for truly critical work, they are still using Windows?

      Seriously, the Internet is what makes many folks productive especially if they need to collaborate with others. our servers have proven invaluable for collaboration with folks from around the world so that they can write manu
    • I have to wonder how long until people start to realize that for truly critical (read millions of dollars) work, you're best off having the production machines OFFLINE.

      Well, before you start blasting Valve, why don't you actually read up on the hack? It was a buffer overflow in the Outlook preview pane that allowed the hacker to install custom versions of RemoteAnywhere. Password sniffers and other keyloggers were installed on various machines to grab passwords and so forth.

      The machine with the code wa

      • Re:Uninformed (Score:3, Insightful)

        by Oddly_Drac ( 625066 )
        "Well, before you start blasting Valve, why don't you actually read up on the hack? It was a buffer overflow in the Outlook preview pane that allowed the hacker to install custom versions of RemoteAnywhere."

        Alledgedly.

        And when was that exploit patched in Outlook Express?

        I think it's perfectly justifiable to have a giggle at Valve because that's the kind of schoolboy error that companies are not supposed to fall victim to, especially software companies.

    • Re:Still haven't learned their lessons (Score:4, Insightful)

      by badasscat ( 563442 ) <basscadet75@@@yahoo...com> on Tuesday October 07, 2003 @11:18AM (#7153871)
      I have to wonder how long until people start to realize that for truly critical (read millions of dollars) work, you're best off having the production machines OFFLINE.

      It would be a pain in the ass only being able to code on one machine, but even something as simple as a KVM switch would make it tolerable.

      Pain in the ass?? Try impossible. How do you think game programming works, anyway? One guy sitting there plugging away on his work machine from 9-5? Bzzzzt. Sorry, try again. I say this as someone who works in the industry for a fairly large publisher who will remain nameless.

      HL2 is a large, big-budget game with a lot of code, a lot of staff, and a tight production schedule. Some people seem to live in this fantasy-land where PC games are still coded by individual hackers locked away in their basement. Well, welcome to the real world, where dozens of people need to work on the same code in near real-time, and where work continues even while coders are out of the office or in fact out of the country.

      I don't know that all of this code needed to be on one machine that was net accessible. There's probably something that could have been done to segment it among separate machines on separate VPN's, which then could have been combined to compile and run whenever a build was needed. So yes, Valve could have probably taken better precautions. But the answer is not to put all of the code on a single, closed machine - that simply doesn't work in real life. The code - at least some of it at a time - needs to be net accessible for a company in the business of making games to function these days.

      It was revealed today that a third of the code was stolen, so maybe Valve actually was taking some sorts of precautions - maybe it was separated into three segments on three different machines. But that probably was not enough.

      You can look at Valve's security as a whole, and maybe you will find holes that should have been plugged, but simply saying "the code should not have been net accessible!" is just not realistic.

      • Re:Still haven't learned their lessons (Score:4, Insightful)

        by gorfie ( 700458 ) on Tuesday October 07, 2003 @11:57AM (#7154320)
        I agree that Valve should not be blamed for allowing the code to reside on a machine connected to the Net. Having the code reside on a local machine (or local network of machines) that does not have Internet access is an impractical idea.

        However, I think Valve shares some of the responsibility on other aspects. The unpatched Outlook (perhaps even the use of Outlook) is definitely a problem area for such a high profile organization. If they neglected to patch Outlook, what other basic security issues were neglected by Valve? Perhaps it was something as simple as Gabe using his home computer which he left unpatched, but that's something that network admins should be aware of IMO.

        I also think Valve's staff is vulnerable to social engineering. Take a quick peek at myg0t.com [myg0t.com] (skip the intro and turn off the music) and read about the various chats that were had with Valve personnel. Really simple stuff that worked.

        My point: Valve should be aware that they are high profile and they should have at least taken measures to make themselves secure against basic hacking methods.
      • Ummm... I don't think he was suggesting that you take the machines off a network, just the internet. You could quite easily have an internal network with machines/servers/other devices for development of the game by a multitude of people and a external network for machines that have internet access.

        I setup all my test networks that way, Valve could certainly do the same. Sure it can be a pain, but it's the only way to go when you *really* want something secure.
      • There IS such a thing as an intranet that is physically separated from the internet.. internal servers completely inaccessable from the commercial 'net.. KVM switches so all machines are accessable from one workstation.. completely internal secure shell, telnet, ftp, whatever. A setup like that is totally realistic and desirable for a production and/or testbed environment.

        Of course, this eliminates the ability of a coder to work from home or do things like surf the internet and check e-mail from the sam
      • You know, it is possible to have a network not connected to the Internet.

        Now, if you want to allow the programmers to work from home, etc, then you do end up re-opening the system, but there's no driving business reason that it must be that way - especially since the result of a screwup can be this drastic!

        I'm a closed beta tester for a game that shall remain anonymous. I was discussing the Valve situation with one of the devs in the test server, and he explained their strict "no source on net-accessible
    • A KVM is a recipe for screw-ups. Take a hint from the military. Have one open network and one closed network. The closed networks have no CD-R/RW, floppy, or other removable media. The closed network is clearly marked as closed. The closed boxen are then physicaly seperated from the public network.

      Having a KVM would only be acceptable if the login script set your desktop background to a bright orange/red bitmap and a one-minute screensaver. You never know when some tool will forget what machine he is

  • Delayed anyways? (Score:5, Interesting)

    by kneecarrot ( 646291 ) on Tuesday October 07, 2003 @10:26AM (#7153331)
    I just have to wonder if a serious delay was in the works anyway and the code theft gave Valve a publicly acceptable reason.
    • Yup. About sums it up.
    • probably.

      the code leak shouldn't affect the consumer experience in too many ways(hell, maybe just bad online play) anyways, since it's (for me) a primarily a single player experience. and as it was 'supposed' to be in stores by now i take it as a ~6 month delay more like, which makes you wonder what the f were they thinking 2 months ago thinking they could release it by now? now there is going to be doom3 around before them by the looks of it, heck, if they pull it again then to migrate to doom3 engine the

    • Re:Delayed anyways? (Score:5, Interesting)

      by shird ( 566377 ) on Tuesday October 07, 2003 @10:38AM (#7153451) Homepage Journal
      Yes I think this is the case. I have taken a look at the code, and I can say there is a hell of a lot of 'TODO:/BUG:' stuff in there. I'm no expert, but I would say it seemed a long way off being complete. Not to mention all the artwork, levels, scripts etc that may or may not exist in very complete form.

      As for ease for creating keygens, take a look at the code - it makes an external reference to a 'cdkeycheck()' function (cdkey.obj) in which there is even comments to the effect that they (valve) don't have the source code. In other words, they have outsourced the key verification algorithm, so it doesn't exist in the source tree. (either is the cdkey.obj file).

      • TODO HACKHACKHACK (Score:4, Informative)

        by Leffe ( 686621 ) on Tuesday October 07, 2003 @11:34AM (#7154031)
        There are a lot of TODOs and HACKHACKs in all Quake-derived code, even the Quake 'SDK' probably has a couple of them left. It's some kind of design style I think. At least it's not a bad one as it highlights the areas that are not really finished(not that anyone will ever fix it though, they are more like - I want this, someone do it for me?).

        If you grep through the official Half-Life SDK you'll find at least 50 TODOs and HACKHACKs. (Much more than that probably, but I'm playing safe.)

    • Well, the scheduled 31. September release was of course way to early. Medium November was far more likely as release date.

      Valve is known for not managing to meet the deadlines. All of the Counterstrike versions from 1.3 came 2-6 months later than the official schedule. (dig around at csnation for proof)

      So Half-Life 2 with a real release date somewhere between 30. November and 30. March was (IMO) far more likely.

    • Makes sense. There is really no reason to release the game as early as last month or even December. They really have no competition (next-gen FPS) other than Doom3, which won't show up until late next year. On top of that, they are just slightly too advanced for the current hardware out there. I mean, it appears that top-of-line hardware is required to even play the game at an acceptable rate. $400 dollars vid cards should never be *required* for a game. And don't think nVidia isn't heavily involved,

  • B.S. (Score:2, Insightful)

    by Anonymous Coward
    This is complete B.S. Why would having their code leaked force them to rewrite the game. Some people may say that it's due to cheat prevention... but c'mon. Security through obscurity is no security at all, if that's what they were relying on.

    This is nothing more than them using this as an excuse for delaying the game - something that would have happened anyway. Also, by saying this, if they find the people that hacked their systems, they can sue for large monetary damages.
    • Of course there is no security by obscurity, but the war against cheaters is not one you can actually win.
      It's a constant arms race, and obscurity at least gives you a head start.

    • Wrong (Score:3, Interesting)

      by Overly Critical Guy ( 663429 )
      Ever heard of a little thing called Steam? All mention of CD authentication and so forth aside, Steam was supposed to be the big thing to stop cheating.

      Now it's all exposed. People were going to give their credit card numbers to this thing. Now it's open for all to see and anyone can exploit/spoof it.

      Yes--contrary to the Slashbot idealist mindset--there are cases where security through obscurity is the best method. You have to look at each situation inviduallly and logically (instead of covering every

      • Re:Wrong (Score:3, Interesting)

        by Synn ( 6288 )
        Yes--contrary to the Slashbot idealist mindset--there are cases where security through obscurity is the best method. You have to look at each situation inviduallly and logically (instead of covering everything with a veil of ideology).

        If security through obscurity was the best method here, then what would've happened if the source was leaked after the game had hit the stores?

        They would've been totally screwed.

        That's why security through obscurity is never the best method.

      • Re:Wrong (Score:5, Interesting)

        by johnnyb ( 4816 ) <jonathan@bartlettpublishing.com> on Tuesday October 07, 2003 @11:16AM (#7153851) Homepage
        "there are cases where security through obscurity is the best method"

        PLEASE don't say this. I understand what you're trying to say, and that is correct, but your wording is completely horrid.

        Obscurity is just that - obscurity. Using obscurity for protection is actually a decent plan in many cases - it's just not the same thing as security. The problem with "security through obscurity" is not that people aren't protected enough, it's that they are _confusing_ security and obscurity - thinking they have security when they only have obscurity. Both offer protection, but with different expectations.

        There is NO SUCH THING as security through obscurity, and those who try show a complete misunderstanding of the issues. The can be _protection_ through obscurity, but security in relation to computers has a certain, specified meaning, and when people start throwing it around in connection with obscurity, it just makes the situation a lot more confusing than it needs to be.
  • Why exactly should this delay the game? If it was close to being ready, and according to their release date(s) they should have been pretty close, why are we expected to believe a delay until April?
      1. To prevent people who have the copied source from being able to cheat when the final game comes out, thanks to knowing its internal workings well
      2. Because of all the bug reports, RFEs, patches and stuff that have come in since it went "open-source" ;)

  • Well.. (Score:3, Funny)

    by sonoluminescence ( 709395 ) on Tuesday October 07, 2003 @10:27AM (#7153340)
    ...maybe the Valve version has been delayed.

  • Confused (Score:2, Insightful)

    by M.C. Hampster ( 541262 )

    Was the code that was stolen then deleted by the thief? Why would this cause any sort of delay? This sounds like a fairly lame excuse for shipping late.

    It only makes sense that code that would generate millions of dollars in revenue for Valve would be backed up quite reguarly offsite.

    • The delay makes perfect sense. First of all if the hackers got to the code and were able to check it out, they probably also were able to change some code. Who wants to be the first to run HL2 special BackOrifice edition? Also released with the code was the code to their new Stream DRM system. It's been noted that in the past month (even before the code was released online, but after it was stolen) there have been a half dozen Stream updates. Finally they probably are going to do their best to make sur

    • Re:Confused (Score:3, Funny)

      by PunchSix ( 251493 )
      Was the code that was stolen then deleted by the thief?

      That would be awful! The stolen code would be distributed to millions and Valve would have no way of getting that widely distributed code back!!!

    • Re:Confused (Score:5, Insightful)

      by Auckerman ( 223266 ) on Tuesday October 07, 2003 @10:53AM (#7153558)
      "Why would this cause any sort of delay?"

      One possible explaination is that the network code will need to be made incompatible to prevent cheaters. APIs may need to me moved around and renamed to prevent see though wall cheaters. Stuff in the code may need to be hidden to make it harder for cheaters to mod the dlls.

      Just a guess....

  • If you want anyone to blame (Score:3, Informative)

    by Sir Haxalot ( 693401 ) on Tuesday October 07, 2003 @10:29AM (#7153365)
    It was Myg0t [counter-hack.net] that got it, and Hitman, an ex-member of Myg0t, that released it.

  • Noooooooooo! (Score:5, Funny)

    by Control-Z ( 321144 ) on Tuesday October 07, 2003 @10:30AM (#7153372)
    Ok, it's not that bad but I'm modarately disappointed. But some of these fanboys I've been reading posts from on USENET might just kill themselves. Maybe someone should set up a crisis counciling center?
  • Why, indeed, does the code need to be rewritten? What are people going to do, mod it so they can beat the single-player game more easily? And hadn't they delayed the game before the code leak was announced?

  • Other news: beta leaked, apparently... (Score:5, Informative)

    by Tyreth ( 523822 ) on Tuesday October 07, 2003 @10:32AM (#7153392)
    There's a buzz at the moment on irc.quakenet.org #hl2-source and other places about the beta being leaked.

    I would submit it as a story, but someone else probably has, and I've never had a story accepted yet :)

    The NFO was on nforce.nl for a short time, but has since been removed. The leak has been confirmed here [homelan.com], and a few claim to have it (but they could be lying).

    I've also seen a screenshot of the folders with all the map files in it, and the names look very much like what one would expect the long gameplay demo to be made from.

    Not good news for valve :( I am disappointed that the game had to be delayed - and for all of you who have taken the source or download the beta, I hope you remember your duty to purchase the game when it does come out.

  • Valve spends years developing Half-Life 2. What seem at least like countless delays.

    Finally, they demo it. After hearing the critics rave, Valve decides to DELAY the game again and REWRITE portions of it. They cite the release of a small portion of the source code, rather than any bugs or incompleteness in the game itself.

    While some companies would keep or accelerate a release if they were worried about piracy, valve has deceided to take the opposite approach. Delay yet again.

    And the story continues...

  • Sounds fishy (Score:3, Insightful)

    by Fnkmaster ( 89084 ) on Tuesday October 07, 2003 @10:36AM (#7153427)
    I'm assuming the only reason the lifting of some portion of source code would lead to a delay is if it contained their copy protection code. Otherwise, so what if somebody obtained 1/3rd of the source code? What would they do with that, other than perhaps guide them a bit in disassembling the finished executable, assuming they could figure out what was what. If their copy protection system was sufficiently robust, they should be able to get around a compromise of that with a few changes - it shouldn't require months. But then again, if you assume even a moderate number of changes need to be made, the re-testing and repeat QA work required could take a fair amount of time.


    Still, it sounds more like this is a convenient excuse for late delivery to me. I'm sure this guys email really was compromised, and hey, it sounds good to the uninitiated - "our code was 'stolen', we have to go rewrite a lot of it, we'll be delayed by a few months".

  • Parts that will need rewriting (Score:3, Informative)

    by Builder ( 103701 ) on Tuesday October 07, 2003 @10:36AM (#7153436)
    There are a lot of posts asking why the delay and why does it need rewriting. I would guess that the majority of the game WON'T need to be recoded, but certain things like CD key auth code will, certain networking code, etc.
  • Four months to rewrite what exactly? Apart from possible Steam issues, for which I can't see four months solving any more than two weeks, there is (allegedly) nothing in the actual game source worth changing. Let's outline what will probably be done, to what should really NEED to be done:

    * A week or so to fiddle with Steam and break compatibility enough to prevent the leaked source being of any use. Although, as it is supposibly a secure content distribution system, I do not see how the source floating ar
  • Why exactly does a source code leak push the project back 4 months? Are they trying to punish the gaming community? Did they need to push back the release, and this is a good excuse?
  • This is a great example of how important a highly competent IT staff is to a business. The end of year figures for their finances is going to look horrible, probably in part because they viewed 'cheap guy that happens to have a MCSE' as suitable IT versus seasoned, yet experienced IT experts.

    In the face of this, the 15-20k a year extra per IT staffer can be seen as a reasonable insurance rate when this much is at stake. What kind of infrastructure do they have there? Obvious that the development worksta
  • I am dubious of this claim. The loss of the HL2 code was not actually as damaging as they claim. The cheats will be out there no matter what.

    What game companies should be doing -- only they do not have the smarts to understand why it would be a good idea -- is pursuing open-source development right from the sort. Let any fan who wants to see the status of the completed project log-in and see the code at any time. Hell, let them send in their own code and save you the work.

    What would a company lose?
  • DRM Rewrite? The code that was copied was the game's engine. Not the levels or graphics files. Nothing would be spoiled by this, because the player interaction part wasn't copied. A delay of a little while would make sense just to make sure the game itself wasn't trojaned, but an additional four months? I don't buy it.

    This has to be DRM vulernability concerns. They will lose millions from not selling over the holidays, and nothing with the engine itself would justify this.

    After all the engine is fairly ea
  • omfg... even if they work with 600 programmers, that's still a whopping $100.000 per programmer in one single year

    HL2 better be damd good for such an insane amount of cash. Considering that they've been working on it for what, 5 years ? They've drained a staggering $300.000.000 or so. At 40$ per copy, they'd need to sell 7.5million copies of the game to get break even. And that's not counting money spent on advertising, distribution, and the cost of setting up a central network server that can handle 7.5
  • This whole story smells IMHO. If the game was to be released to market for X-Mas then it would be going to the printers now if not already being shipped to warehouses to be on the shelves by Thanksgiving day. A code leak while anoying is no worse then the program appearing on Kazza and 500,000 warez sites within hours of it hitting the shelves.

    I would think that game makers would be targets of hacker/cracker all the time so one would think that they would have pretty good security. I've read comments a
  • Doom3 to beat Half-Life 2 to market

    Now isn't this a scary messed up thought

  • This is why there could be a delay (Score:5, Insightful)

    by Pvt_Waldo ( 459439 ) on Tuesday October 07, 2003 @10:48AM (#7153530)
    It's not because the game leaked, but because the underlying systems that ensure that players can't easily cheat, warez the game, or access the personal information of other players.

    Part of what was compromised was probably the code that handles CD key authentication, user online authentication, etc. So clearly warez and such for this game could be hugely rampant.

    Part of what was compromized was probably the code that handles Valve's anti cheat system. So clearly the cheats that override that system could be hugely rampant.

    Part of what was compromized was probably the code that is the game's engine. So clearly there could be cheat authors easily creating wall hacks, aim bots, and any number of other cheats.

    Part of what was compromized was probably the code that handles purchasing the game over Steam. So clearly there could be some risk of credit card and online commerce fraud, personal information leaks, etc.

    Look at it this way. The blueprints and plans for the bank got stolen. Thieves are studying them now. The bank is going over the blueprints with a fine toothed comb to fix the obvious (and not so obvious) weaknesses which are more clear when you have the plans.

    • Yeah, cos no one ever decompiles anything. Please. If your lovely CD key checking system is vulnerable to a source code release, then it's just plain broken.

    • bullshit. (Score:4, Insightful)

      by twitter ( 104583 ) on Tuesday October 07, 2003 @02:30PM (#7155816) Homepage Journal
      It's not because the game leaked, but because the underlying systems that ensure that players can't easily cheat, warez the game, or access the personal information of other players.

      Next you will tell me that XP is so full of holes because someone "stole" it's source code before M$ sold it to China and the former KGB. That's almost as good as them swearing that revealing the source code to Windoze would be a national security disaster. Give me a break, will you?

      Warez only needs to hack a binary copy.

      Cheats only need to watch their traffic.

      None of this makes a difference if the system is well made to begin with. This is why OpenSSH is a secure system despite open publication of it's source code.

      This is just more anti-open and anti-free FUD. Shame on VU for using Outlook and M$ for anything they wanted to keep to themselves. Shame on them for blaming software and the philosophy behind it for their own failures and shame on them for not being able to get their shit together. ID games rules, VU drools under Bill Gates thumb.

  • Bad because it will make it tight for them financially. Bad because of all the whiners (see posts below mine) and conspiracy theorists who have nothing better to do with their lives except assume that whenever something happens its always the company trying to hide something. Bad because we will all have to keep hearing the whiners complain over and over again about a GAME! Bad for hardware makers because there are tons of people waiting for this game before they upgrade their machines or buy new compute

  • hello, outlook (Score:5, Informative)

    by Stinking Pig ( 45860 ) on Tuesday October 07, 2003 @10:54AM (#7153564) Homepage
    See the story at The Register. They link to Valve's forum, where the general manager details how the code was leaked: in short, his own account information was stolen via Outlook, then several other employees were hit with a Outlook preview-pane virus that installed a keylogger.

    Of course, this is no reason to think that Outlook isn't a perfectly good solution for email. Outlook is great. There's no reason to consider any alternatives. No matter how much money you lose to Outlook virii, simply look at the silly dancing monkey!

  • Please, shut up (Score:4, Insightful)

    by brkello ( 642429 ) on Tuesday October 07, 2003 @10:54AM (#7153572)
    How many whiny posts do there need to be on: "Why did they have to delay it? This is BS". Well, here is a reason. If your company just got hacked in to and important information was stolen and leaked, instead of working on the product, you have to find what the vulnerability was, how to do damage control, how to re-structure how you do business so it doesn't happen again (i.e. redesign the network and create new security policies), and then have to get back to work on finishing the product while trying to make sure that anything cheaters would have gained from the source is fixed. I would say that is pretty large amount to do in a few months. Don't you think they would love to get it out so they can make money? Just use some freaking common sense here. If you are surprised by these delays, then you didn't think very hard. If you are upset by the delays, join the crowd, hunt the hackers, whatever. Just relax, it's a game, go buy a different one. It's not the end of the world.

  • Delay not confirmed (Score:5, Informative)

    by bios10h ( 323061 ) <.moc.zeranib. .ta. .s.> on Tuesday October 07, 2003 @10:59AM (#7153617) Homepage
    Vivendi Universal Says Delay Not Confirmed
    Tuesday, October 7, 2003
    According to a news article posted today on a UK press release, there is a Half-Life 2 delay. We already know that Valve does is not mentioning a delay.

    We received an email from Mike Thompson who says he works for Vivendi Universal and writes:

    quote: "delay is not confirmed..."

    Here we go around and around... again...

    From Half-Life Source Dot Com [halflifesource.com]

  • This is not good (Score:3, Interesting)

    by failedlogic ( 627314 ) on Tuesday October 07, 2003 @11:44AM (#7154147)
    Valve is legitimately trying to protect their IP and if takes them until April to recode some parts of it then so be it. Gabe said its taken at least 30 people 5 years to code the game. Hopefully, Valve doesn't go broke because of this.

    To have a trojaned e-mail sent to Gabe's computer is somewhat to be expected. I'm sure script kiddies have also tried similar things on Microsoft computers, etc. It was stupid to actually have any of the computer(s) with the source code connected on the Internet. If they have the budget to run w/o release for 5 years they have the money to buy a few extra computers for Internet use ONLY.

    I think its kind of ironic though. Valve is acceptably asking that everyone respect their IP and remove links to and delete stolen source code. Everyone but the script kiddies and hax0rs will comply. But if you try and take credit for a script kiddies' work they'll whine and complain to no end.

Slashdot Top Deals

"Being against torture ought to be sort of a multipartisan thing." -- Karl Lehenbauer, as amended by Jeff Daiell, a Libertarian

Close