Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Eve Online Client Source Code Leaked

ScuttleMonkey posted more than 6 years ago | from the shoot-first-ask-questions-later dept.

Security 368

An anonymous reader writes to tell us that the game client source code for the popular MMO, Eve Online, has been leaked via torrent. In addition to the source code the user also posted a lengthy chat transcript with someone from CCP customer support. While the end goal may have been to call attention to the continuing security issues within Eve (and ultimately themselves), there are probably better ways of getting through to support. Unfortunately, CCP seems to be responding with the usual knee-jerk reaction of banning everyone breathing a whisper of this incident. I wonder if any large MMO company will ever be brave enough to calmly address an issue rather than wielding the ban-hammer.

Sorry! There are no comments related to the filter you selected.

first (-1, Redundant)

flubba (1035146) | more than 6 years ago | (#23070390)

+1 first

Well... (4, Funny)

schmidt349 (690948) | more than 6 years ago | (#23070392)

I would worry that unscrupulous players will dig through the source code to find exploits, but it's reassuring to find something that will bring them back to the real world...

Re:Well... (2, Funny)

shentino (1139071) | more than 6 years ago | (#23071644)

You say flamebait, I say funny.

Don't download the source via the torrent (3, Informative)

ferat (971) | more than 6 years ago | (#23070406)

If you are an active EVE player, don't use the torrent links to download the source. CCP is monitoring the torrents and banning any accounts with matching IP addresses to any of the people using the torrent.

They obviously can't watch them all, but don't download the torrent from an IP that you use to play the game.

Re:Don't download the source via the torrent (3, Insightful)

Ungrounded Lightning (62228) | more than 6 years ago | (#23070524)

If you are an active EVE player, don't use the torrent links to download the source. CCP is monitoring the torrents and banning any accounts with matching IP addresses to any of the people using the torrent.

Well that will be great for any of their users who get a dynamic IP that was previously used to download the code.

I smell corporate suicide.

Re:Don't download the source via the torrent (4, Insightful)

NightRain (144349) | more than 6 years ago | (#23070632)

Well that will be great for any of their users who get a dynamic IP that was previously used to download the code.

That very fact is why I think the post you were replying to is likely full of it

Re:Don't download the source via the torrent (4, Interesting)

SiriusStarr (1196697) | more than 6 years ago | (#23071272)

I don't know... Remember the recent article RE: the FBI investigating any IP that accessed a false child pornography website that they set up? I think the powers that be have yet to realize that IPs are not exactly reliable means of identifying individuals.

Re:Don't download the source via the torrent (1)

Cassius Corodes (1084513) | more than 6 years ago | (#23071400)

If its combined with a time/date then it can, as they can query the ISP logs to see who was assigned that IP at that time.

Re:Don't download the source via the torrent (3, Insightful)

RalphSleigh (899929) | more than 6 years ago | (#23071448)

They don't even need to do that, all they need to do is compare the torrent and their game servers for the same IP at the same time.

Re:Don't download the source via the torrent (2, Interesting)

SiriusStarr (1196697) | more than 6 years ago | (#23071456)

And then it just sucks if you run a tor exit node... But besides that... We're talking about an MMORPG company here. I don't think they can subpoena the ISP logs.

Re:Don't download the source via the torrent (3, Insightful)

Tanktalus (794810) | more than 6 years ago | (#23071494)

I'm not sure that many ISPs would give up their logs to just anyone asking for it. Some, sure, but not many. At the very least, a subpoena of some sort would be required, and the logs could be pruned by then.

Re:Don't download the source via the torrent (4, Funny)

catxk (1086945) | more than 6 years ago | (#23071810)

Let's put our hopes to the anti piracy lobby. They've been working hard for years to loosen the knots around these kind of logs, and as is evident by the article, making logs containing private data readily available to economic interest groups/firms is useful for more than just pirate hunting. Kudos to the content mafia for increasing our security and well-being!

Re:Don't download the source via the torrent (1)

cheater512 (783349) | more than 6 years ago | (#23071686)

That would be illegal.
They dont have any right to do that.

Re:Don't download the source via the torrent (1)

cavemanf16 (303184) | more than 6 years ago | (#23071708)

True, IPs can't be used to definitively ID one particular user, but they are still useful for indefinitely banning known evil-doers from causing more havoc on a system. Sure the Feds are being stupid with their scheme, but I can see how this is advantageous for the time being to the EVE dbas... stop the hemorraghing fast, then worry about open-heart surgery once the patient is stabilized.

Re:Don't download the source via the torrent (4, Insightful)

RonnyJ (651856) | more than 6 years ago | (#23071580)

If they just banned every IP, yes, that'd have a high number of false positives, but they could track the following:

1. A user has previously logged onto Eve Online
2. The IP linked to that user's previous session downloads the code.
3. The user logs onto Eve Online again with the same IP (i.e. the same IP/username is maintained throughout).

Put those three events together, and it'd be easy to track/ban a lot of those downloading.

Re:Don't download the source via the torrent (2, Funny)

s0litaire (1205168) | more than 6 years ago | (#23071624)

Lucky for me I can "Borrow" my neighbours Wireless connection. (I really should tell him about the security Tab).... :) So I'm not worried, well I've not played EVE since I've changed ISP's. But you never know if they'll ban the IP it's been D/L on THEN the user uses that IP to play for the first time... If that happens, there lot's of players on Dynamic Addresses are gonna be very annoyed!! Lawyer Time!!!

Re:Don't download the source via the torrent (3, Interesting)

Eraslin (517849) | more than 6 years ago | (#23070556)

Makes you wonder what the implications are w.r.t. copyright and trade-secret if CCP is distributing the code themselves. Sure, by seeding they'll be able to snag IP addresses and ban users. But, for down the road, I wonder if they've just given up any ability to claim copyright infringement or some such on anyone (defense: ''CCP themselves were seeding it ,your honour. So, I got it from the copyright owner with their permission.'').

Re:Don't download the source via the torrent (2, Informative)

bky1701 (979071) | more than 6 years ago | (#23070688)

Well, they could, in theory, leach but not download (much, at least) and never upload. They would still be able to get peer IPs, but wouldn't have to contribute data (nor even have it).

This is different than when the RIAA does it, as they actually upload it to unknowing downloaders to get lawsuit fuel.

If CCP only wants to ban downloaders, they don't need any legal evidence to do so, at least as long as indiscriminate bans are covered in their TOS. Therefore, they don't need to go the RIAA road.

gotta love peer guardian (-1, Troll)

Anonymous Coward | more than 6 years ago | (#23070806)

you fear mongering fucktard

Re:Don't download the source via the torrent (0)

Anonymous Coward | more than 6 years ago | (#23071566)

As I don't play the game, I figured I was fairly safe to download it. And now it's on Freenet [freenetproject.org] .

CHK@XK2x8fV5IDqm7EjKVLrQWD9zKtL1-QXvCDsNKIhrAEw,VZWEF6rPba6~1MDUO1DIN0CQ9UuDnNaktMixAglKs2o,AAIC--8/pre51200sc.rar

P.S.: Did anyone else find that torrent horribly slow? At 2KB/s, it would have been faster to download it from Freenet, even on my slow net connection.

Re:Don't download the source via the torrent (0)

Anonymous Coward | more than 6 years ago | (#23071666)

Hmm, that's displaying weird. In case /. formatting screwed that up, here it is as a link [127.0.0.1] . (Won't work if you're not running Freenet.)

Re:Don't download the source via the torrent (3, Interesting)

Anonymous Coward | more than 6 years ago | (#23071738)

http://seashells.partyvan.fm/~januszeal/pre51200sc.rar

^ Direct link

irc.partyvan.fm

Warning! CCP Seeding, Banning Torrenters (5, Informative)

eldavojohn (898314) | more than 6 years ago | (#23070420)

Something that the summary missed but was reiterated twice in the actual article is that CCP is accused of seeding most of the torrents and then monitoring all IP addresses acquiring the source and then banning accounts associated with those IPs. So if you're going to get the code just to look at it, I suggest using your mom's house or an internet cafe!

I wonder if any large MMO company will ever be brave enough to calmly address an issue rather than wielding the ban-hammer.
This particular user used this code to point out a few things regarding security:

From all security i saw - were ROLE permissions for logins with priviliges higher than usual player, and some minor things in relation to prevent some remote service calls (some with potentially bad payload)
I'm not entirely sure if he's implying there's some exploitable permissions bug or if there are some user roles that are jacked up (you know, like a coder at CCP giving himself the keys to the game and claiming it was for debug when it was for his own account's gain). But whatever it is, CCP should fix that.

Frankly, downloading this would be a stupid thing to get banned over. This is CCP's bread and butter, I don't blame them for taking this action. In their eyes, they are trying to eliminate exploiting players in hopes of making the game better for non-exploiting players. This 'policing' action is usually desired by the community. Yeah, it's unfortunate that they're not taking advantage of the security and stability of an open source coding community ... but you have to admit it would be easy for someone to fork and go off and make their own client with. Maybe there's deep dark secrets they don't want out and since it's only a game and I don't really care for it I'm not too concerned.

Let's see if Linden Labs can make this OSS client thing work to their advantage. I sure hope so because it will give everyone else a reason to make the switch.

Re:Warning! CCP Seeding, Banning Torrenters (4, Funny)

Cro Magnon (467622) | more than 6 years ago | (#23070476)

So if you're going to get the code just to look at it, I suggest using your mom's house


Unless you live in your mom's basement. :-P

Re:Warning! CCP Seeding, Banning Torrenters (1, Insightful)

Anonymous Coward | more than 6 years ago | (#23070510)

Something that the summary missed but was reiterated twice in the actual article is that CCP is accused of seeding most of the torrents...
Does that mean they are distributing the source themselves? That might cause them legal problems in the future (as in limiting what claims they can make).

Re:Warning! CCP Seeding, Banning Torrenters (2, Interesting)

hcmtnbiker (925661) | more than 6 years ago | (#23070522)

Something that the summary missed but was reiterated twice in the actual article is that CCP is accused of seeding most of the torrents and then monitoring all IP addresses acquiring the source and then banning accounts associated with those IPs.

If they're actually seeding it themselves then I expect to hear about a lawsuit. Since that would be purely legal to download from them. If CCP is effectively giving away their src what's wrong with accepting their offer?

Re:Warning! CCP Seeding, Banning Torrenters (2, Insightful)

moderatorrater (1095745) | more than 6 years ago | (#23070618)

If they're actually seeding it themselves then I expect to hear about a lawsuit
Only if they actually seed it. They could advertise as a seeder, connect and receive connections, then not give you anything.

Chris Hansen isn't a 13-year-old girl, either (1)

Theatetus (521747) | more than 6 years ago | (#23070644)

It's sort of like that, AFAICT

Re:Chris Hansen isn't a 13-year-old girl, either (1)

Mr. Beatdown (1221940) | more than 6 years ago | (#23071670)

It's sort of like that, AFAICT
Wish I had mod points. A truly insightful analogy, and it doesn't even involve cars!

Re:Warning! CCP Seeding, Banning Torrenters (1)

AvitarX (172628) | more than 6 years ago | (#23071256)

If someone sells me a print do I automatically have the right to re-distribute it willy-nilly?

Also, if a person or even a company makes free wifi available I am not allowed automatic access to it either. The law seems to require additional permission the way things have been shaking out lately.

Re:Warning! CCP Seeding, Banning Torrenters (4, Funny)

MarkByers (770551) | more than 6 years ago | (#23070640)

So if you're going to get the code just to look at it, I suggest using your mom's house or an internet cafe!
Or if you know an avid Eve Online player that you don't really like, you could hack into their wireless connection and download it that way. Not that I would condone it...

Re:Warning! CCP Seeding, Banning Torrenters (4, Informative)

Anonymous Coward | more than 6 years ago | (#23070938)

What they dont want is someone adding functionality to the client they avoided for a long time:

Fire all weapons on a single click. Automagically select the right ECM jammer for the target ship. And that's what came to my mind in an instant.

I bet there are many more possibilities which can unbalance tweaked clients and standard clients. It is like a free opportunity for wall hacks if other clients are allowed. It wouldnt be a problem for PvE games, but PvP needs the same client for all.

Re:Warning! CCP Seeding, Banning Torrenters (4, Insightful)

pthisis (27352) | more than 6 years ago | (#23071302)

It wouldnt be a problem for PvE games, but PvP needs the same client for all.

Or needs to do validation on the server-side of all game-balance-affecting stuff--which is really the only way to ensure fairness, since clients can always be hacked.

Re:Warning! CCP Seeding, Banning Torrenters (0)

Anonymous Coward | more than 6 years ago | (#23071134)

Good thing EVE is horribly boring! Now I can download the source code with no worries!

Re:Warning! CCP Seeding, Banning Torrenters (1)

Some_Llama (763766) | more than 6 years ago | (#23071728)

"Something that the summary missed but was reiterated twice in the actual article is that CCP is accused of seeding most of the torrents and then monitoring all IP addresses acquiring the source and then banning accounts associated with those IPs. So if you're going to get the code just to look at it, I suggest using your mom's house or an internet cafe!"

With a file size of 1.8MB why not just upload it to one of the 100's of free file hosting websites? One not located in the US? or grab the file from a "safe" location (or use the tor option in most torrent programs) and then reseed?

Re:Warning! CCP Seeding, Banning Torrenters (3, Funny)

Provocateur (133110) | more than 6 years ago | (#23071742)

I suggest using your mom's house or an internet cafe


You must be new here. For most of us, it's one and the same. Though the coffee's not $3 a cup.

this is going to be so great (3, Interesting)

JernejL (1092807) | more than 6 years ago | (#23070430)

I don't think anything major as this has happened before, and from a online game developer's perspective i will look closely to how this affects cheating and the development of the game further, as something like this is a great nightmare for any game developer, and i really want to see how this one ends.

Re:this is going to be so great (4, Insightful)

eldavojohn (898314) | more than 6 years ago | (#23070536)

I don't think anything major as this has happened before ...
Really? It was only the client code, they don't know how the server works (although they could reverse engineer the messaging potentially and mock a server after a lot of work and assumptions).

On a side note, I think this has happened before on a much more serious scale [slashdot.org] .

Re:this is going to be so great (1)

JernejL (1092807) | more than 6 years ago | (#23070586)

HL2 src was even complete, surely it was a large leak, but it didn't affect as much network security of the game, this however is a game which gone gold, and is played by a lot of people, a person can now just recompile his game with a bot or two in the game itself for a good measure, this can't be done with the old HL2 engine source code leak.

Re:this is going to be so great (4, Funny)

Oriumpor (446718) | more than 6 years ago | (#23070756)

The problem isn't so much that the code isn't fixable, or that the client side code will show something obviously exploitable (as this is most likely the case.) But really, it's about the fact that every developer writing code for this has been doing it under the assumption that nobody is going to look at it except their peers, now the world is staring at their dangling unmentionables. Imagine your rushed proprietary coding project was now instantly made open source against your wishes...

Re:this is going to be so great (2, Interesting)

Antique Geekmeister (740220) | more than 6 years ago | (#23070648)

There was the theft and publication of the Half-Life 2 source code a few years ago. That included the creation of an illicit version of the game, in Russia.

Re:this is going to be so great (5, Insightful)

the_humeister (922869) | more than 6 years ago | (#23071530)

The Second Life client is open source. If that can be done, why is the source code leak for this game such a bad thing?

Re:this is going to be so great (0)

Anonymous Coward | more than 6 years ago | (#23071706)

Because they probably have a lot of "security through obscurity" in their code, and now that obscurity is completely gone.

The Second Life client code was written knowing full-well it would be open, and so it has to be secure by design.

Re:this is going to be so great (-1, Troll)

shentino (1139071) | more than 6 years ago | (#23071756)

Because the Eve client code is not open source.

Because Eve is a greedy corporation that wants to strangle its users.

Because Eve has shitty security

Because Eve IS TRUSTING THE CLIENT TO DO THINGS THAT NEED TO BE SERVERSIDE TO BE SECURE.

Seriously though, what idiotic company would do ANYTHING clientside?

If Eve gets hacked for this, it would serve them right.

Hosting a booby-trapped torrent themselves is just being mean.

Cardinal rule of any server based game...NEVER TRUST THE CLIENT.

Now, if I'm mistaken, and Eve is merely asserting "proprietary software rights", then I might be able to pass.

From TFA... (4, Insightful)

Lisandro (799651) | more than 6 years ago | (#23070480)

In the lengthy and scatological exchange, the poster of the source code attempts to get some answers about CCPs much maligned security practices, particularly concerning the rife issue of bots and scripting in their flagship game. The conversation was a little less than professional.

Well, atleast on the tidbit shown on the article, the CCP representative sounds perfectly rational and professional. Am i missing something here?

And by the way, how does this guy ended up with the sourcecode on the first place?!

Re:From TFA... (4, Interesting)

vux984 (928602) | more than 6 years ago | (#23071498)

Well, atleast on the tidbit shown on the article, the CCP representative sounds perfectly rational and professional. Am i missing something here?

Well, the CCP rep did sound vaguely annoyed to me; I could see him rolling his eyes. But then I imagine they roll their eyes at most of the conversations they have. :)

And by the way, how does this guy ended up with the sourcecode on the first place?!

That's still unclear. Some say its just decompiled python that anyone could do themselves easily enough. But he almost alludes to having a source within ccp... so I'm not sure.

Its too bad he's apparently not an english speaker because that invites mockery. And obviously he's not being terrible mature which further damages his image, but at the end of the day what he is asking for is legitimate in my opinion:

All he wants is CCP to acknowledge there are specific issues and to demonstrate that there have been real fixes added. Because he is firmly convinced that people have been botting for years using known exploits and that CCP hasn't made even the slightest effort to curb them.

So he's basically saying if you've fixed it... prove it. "Show me an exploit that used to work that doesn't now. Show me something, ANYTHING, that you've actually fixed in the last year or so related to stopping botters."

"And Improve your processes, so that if we report exploits you acknowledge them, and fix them, instead of just handwaving that security improvements have been added, because I'm not seeing any."

"And if you don't, I'm releasing the source, so we can ALL see for ourselves what you've actually improved over the last year, because I'm tired of watching people bot for YEARS without having to so much as adapt to new anti-bot tactics."

If this guy is just blowing smoke, then CCP really should have no issue publishing some of the hundreds of botting related exploit scenarios that they claim to have fixed over the last several patches...and showing that they no longer worked.

That much they owe their customers. Frankly, I don't really blame CCP for not publicly acknowledging security issues and bringing additional attention to each exploit before its fixed... BUT... I -do- think that the playerbase deserves some honesty -after- the fact.

If they release an exploit fix, publish it, what used to work, and what no longer works. CCP lacks credibility, and this would go a long ways towards helping restore it.

After all we get a better level of security updates disclosure from microsoft. I think all this guy really wants is the same from CCP. And if CCP *hasn't* actually done anything in the last few years to address all the while claiming they have, well... I can see why a segment of the playerbase is boiling mad about it, and wants to blow this into the public eye where they can't sweep it under the rug anymore.

Potential exploit exposé? (2, Insightful)

ZackZero (1271592) | more than 6 years ago | (#23070482)

The major issue behind the source-code leak is the security surrounding the code. Now that it's out, there is the potential for "unscrupulous players" to find exploits. Anyone familiar with Python will be able to find at least something.

Also, since it is the client code that was released, an intrepid cheater can find ways not just to exploit functions in-game, but find ways to pull various bits of data from straight out of memory. This is a bit like third-party programs that utilize CCP's API code system, though it is a direct violation of the Terms of Service of said game, as it could provide access to information that would potentially give a select few an edge.

My eye's on GoonSwarm now; this might be their "big chance" to ruin the game they declared they would.

Not a leak (5, Informative)

Fweeky (41046) | more than 6 years ago | (#23070514)

It's not a leak, the .pyc's have just been decompiled and distributed. Here [crazy-compilers.com] - go do it yourself.

Re:Not a leak (3, Informative)

Fweeky (41046) | more than 6 years ago | (#23070562)

(Or indeed, Here [debian.org] , which really lets you do it yourself)

Re:Not a leak (1, Interesting)

Anonymous Coward | more than 6 years ago | (#23070590)

Yeah, it's pretty much a non-issue, because everyone who cared to could (& possibly has) done this before. It's just people who lack the knowledge to do anything who're in a huge tizzy. That said, the extra eyes and attention have determined that you can have some fun with local-zone javascript called by a specially crafted link passed to the victim in-game.

Re:Not a leak (1)

iAlta (1098077) | more than 6 years ago | (#23071132)

Wait a minute, EVE's written in python? Is it just the client or ...?

Re:Not a leak (2, Informative)

hobbesmaster (592205) | more than 6 years ago | (#23071204)

Both the server and the client make extensive use of python and stackless python. The graphics code is in cpp. This was all detailed in some dev blogs at some point.

Re:Not a leak (0)

Anonymous Coward | more than 6 years ago | (#23071258)

But there are comments in the Eve code. The decompilers in your link explicitly state that comments are not recovered, as compilers will always strip them out when compiling the code.

So either someone went through and added them in before distributing this code, or it's the original code.

Re:Not a leak (1, Informative)

Anonymous Coward | more than 6 years ago | (#23071310)

But there are comments in the Eve code. The decompilers in your link explicitly state that comments are not recovered, as compilers will always strip them out when compiling the code.

So either someone went through and added them in before distributing this code, or it's the original code.
It's not quite that simple. For one thing, part of what's included in a "compiled" Python file are doc strings. From a quick look over the torrent (I don't play EVE), that seems to be what's been included, not every comment in the file.

I think the "pyc_dis" and the relatively limited nature of the source code release to just what was part of the client in Python also points out to disassembly. I doubt anyone's hacked any servers over this.

Re:Not a leak (1)

alvieboy (61292) | more than 6 years ago | (#23071626)

Please mod this up high and high.

There's not a single line of useful code there - just reverse engineered (decompiled) py code, which by itself does absolutely nothing.

I don't even think they're bothering to log whoever gets this code (if they can do it in the first place). I did download it to check some "technical" issues and to see how they managed to do it - but it doesn't have a single line of code of the engine - just the usual scripting that one game client has. I'd prefer to look at Unreal Tournament VM (the one who executes UnrealScript) than to this piece of crap (crap cause it is not functional, and cause its not documented).

Al.

Calmly addressing issues (5, Insightful)

FooBarWidget (556006) | more than 6 years ago | (#23070546)

"I wonder if any large MMO company will ever be brave enough to calmly address an issue rather than wielding the ban-hammer."

I doubt it. But this is not without a good reason.

Many, many MMORPG players are 13 year old kids. Immature kids. These people are not adults. They do not behave like adults. If the company "calmly addresses the issues", then they'll be flooded by complainers, cheaters and opportunists within no time.

I've been involved in MMORPG for several years. The immaturity in MMORPG communities in general is just sad. There doesn't seem to be any good way to handle issues other than ruling with iron fist.

Re:Calmly addressing issues (5, Insightful)

brkello (642429) | more than 6 years ago | (#23071034)

I don't understand how the maturity level of the user base has anything to do with how a company reacts. Eve has always been heavy in to banning and suppressing information. Eve also claims to boast a more "mature" player base (which I find a bit laughable). In a game with such mature players, CCP bans more than any other company. I played Eve for awhile and didn't like it very much. The corruption from within the game company made me go from thinking they made a boring game with jerks as a player base to just flat out disliking the game. Don't get me wrong, Eve has its strong points...but fun isn't a part of that.

Eve banning people and deleting forum posts isn't ruling with an iron fist. It is a desperation move to hold on to customers who may not know what is going on. If they ruled with an iron fist they would actually come down on the people who cheated with the devs. That's the problem, the game should be as cut throat as possible in game...but CCP not only plays the game, but leaks inside knowledge of the game to organizations that are already overpowered. Maybe they are totally clean now (I doubt it) but the game will forever be tainted by the past.

The reason they ban is because they have too much to hide and would rather do that than address the issue and fix their game.

Re:Calmly addressing issues (1)

FooBarWidget (556006) | more than 6 years ago | (#23071154)

"I don't understand how the maturity level of the user base has anything to do with how a company reacts."

Because you can't trust the user base to handle appropriately even when you do the right thing. In other words: *not* banning those people makes the situation even worse.

Re:Calmly addressing issues (3, Insightful)

Morpeth (577066) | more than 6 years ago | (#23071040)

"Many, many MMORPG players are 13 year old kids. Immature kids. These people are not adults. They do not behave like adults..."

I keep hearing people saying this, where's the proof? People just make up stats on the fly and like to blame kids -- there's PLENTY of adult players who act like complete asshats.

Here's some actual stats --
"Also of note is the fact that the average age of the typical gamer is 33."

"...female gamers over the age of 18 make up 31 percent of all gamers, a larger percentage than that of male gamers under the age of 17 (20 percent), a group traditionally seen as the majority."

http://blog.wired.com/games/2008/03/38-percent-of-g.html [wired.com]

I will say I've seen my share of immature players in WoW - BUT that doesn't mean I actually know they're age. Also, WoW is also just ONE mmorpg, albeit the largest.

I've played mmorpgs for about 9 yrs starting with EQ. Currently, I play EQII as well as WoW -- and the maturity level is vastly different there. Played AO, DAoC, CoH, GW and generally had good experiences with the player base. Anonymity is really the big issue with mmorpgs, it let's some people (mainly adults) act like idiots without any real repercussions.

Most of my WoW guild is 30 and 40-somethings. One however is a 12 year old boy, and his online behavior is often much more mature/conservative than the adults.

Re:Calmly addressing issues (-1, Troll)

Anonymous Coward | more than 6 years ago | (#23071190)

Right, its not actual age, just that those who would choose to immerse themselves into a cybernetic fantasy world tend to be very socially stunted and emotionally undeveloped.

Re:Calmly addressing issues (0)

Anonymous Coward | more than 6 years ago | (#23071832)

Right, its not actual age, just that those who would choose to immerse themselves into a cybernetic fantasy world tend to be very socially stunted and emotionally undeveloped.

You make it sound like it's a bad thing, Oh Thrower of Big Mighty Words.

Re:Calmly addressing issues (1)

vertinox (846076) | more than 6 years ago | (#23071058)

If the company "calmly addresses the issues", then they'll be flooded by complainers, cheaters and opportunists within no time.

I understand the cheaters part, but being flooded with complainers is what a CSR is paid to handle. Simply banning all discussion hurts the community in the long run and if I was a shareholder of said company I would be upset that the customer relations department is damaging the image of the company by not putting up with things its paid to handle.

Re:Calmly addressing issues (3, Informative)

Xelios (822510) | more than 6 years ago | (#23071062)

Actually EVE is unique in that most of the player base is made up of adults. The average age of an EVE player in 2006 was 27, according to the article on Wikipedia [wikipedia.org] . And I believe it, having played the game for a few years until 2007 the vast majority of people I came across were in their late 20's or early 30's.

Re:Calmly addressing issues (1)

thrash242 (697169) | more than 6 years ago | (#23071194)

Except that the majority of Eve players are over the age of 20, many in their 30s.

I rarely meet anyone in Eve that's younger than 18 (that I know of).

Re:Calmly addressing issues (2, Informative)

brkello (642429) | more than 6 years ago | (#23071300)

Not that I disagree with your point or agree with the GP's...but age often has nothing to do with maturity. Particularly in Eve.

Re:Calmly addressing issues (1)

merreborn (853723) | more than 6 years ago | (#23071848)

"I wonder if any large MMO company will ever be brave enough to calmly address an issue rather than wielding the ban-hammer."

I doubt it. But this is not without a good reason.

Many, many MMORPG players are 13 year old kids. Immature kids. These people are not adults. They do not behave like adults. If the company "calmly addresses the issues", then they'll be flooded by complainers, cheaters and opportunists within no time.

I've been involved in MMORPG for several years. The immaturity in MMORPG communities in general is just sad. There doesn't seem to be any good way to handle issues other than ruling with iron fist.
Turbine, the developers of Asheron's Call (released around the same time as Everquest) publicly stated that their policy on exploiting was, "If we leave it in the game, it's our fault". If a bug caused enough trouble, they'd fix it ASAP. On a few rare occasions, they'd just roll the database back to a little before a game-breaking exploit was discovered (usually a day or less).

There was eventually a dupe bug discovered; exploiting it required crashing a small portion of the game world (called a "land block" -- the world was made up of thousands of these), which directly inconvenienced all other players in the area. They ended up amending the previous policy to something like: "If we leave it in the game, it's our fault. But if you do something that directly and immediately affects other players, you're gone".

They also allowed third party tools. As a result, AC had a vibrant 3rd party add-on community that still persists to some extent now, the better part of a decade later. Users were able to share client enhancements that made the game much more playable; many were later incorporated into the game. Several of the top 3rd party developers were hired by turbine.

I've always deeply respected Turbine for that, and I think they really understand how to embrace their community, rather than treat their users as an enemy to be battled with. Much like people frown on the RIAA for suing their customers, I've always disapproved of Blizzard for banning their customers tens of thousands at a time for taking advantage of flaws that Blizzard themselves are responsible for introducing.

Of course, while Turbine may have won a lot of respect from developers and players, they didn't really find massive commercial success. But then again, what's the point of running an MMO? Commercial success, or community building? Probably some of both.

but.... (1)

indy_Muad'Dib (869913) | more than 6 years ago | (#23070620)

if eve blocked all the bots all of BOB would stop playing.

Re:but.... (1)

vux984 (928602) | more than 6 years ago | (#23070744)

if eve blocked all the bots all of BOB would stop playing.

But would anyone really miss them? ;)

Re:but.... (1)

Broken scope (973885) | more than 6 years ago | (#23071198)

Things might get a little quieter where I live.

Some additional info on this (3, Funny)

Gossi (731861) | more than 6 years ago | (#23070642)

Okay, the torrent is here [thepiratebay.org] .

First things first - it's not the full source. In fact, it's not even 2mb big. It's not even a fraction of the source.

Secondly, from the IM conversation they had with support:

[20:18] I don\'t know HOW you work
[20:19] i see the RESULT of this work
[20:19] and UNDERPANTS of it

They see the UNDERPANTS of it. Hilarious.

Re:Some additional info on this (0)

Anonymous Coward | more than 6 years ago | (#23070936)

its an rar containing another 10mb of rar files.

I am not a programmer so i can't say whether its complete or if it would even compile. But in EVE most things are done server side.

And agreed the im convo is hi-larious.

Calmly address theft of the crown jewels? (3, Insightful)

EWAdams (953502) | more than 6 years ago | (#23070712)

What planet are you on? Gosh, I wonder how Microsoft would respond to someone putting the code for Office online? Banning would be the least of it. Open source is a good thing; software patents are bad; but EVERY company is legitimately entitled to its trade secrets.

Re:Calmly address theft of the crown jewels? (0)

Anonymous Coward | more than 6 years ago | (#23070794)

Although this code can be somehow useful for macrominers and exploits, the really good stuff is in the server side and I don't think we get a peek on that.

You can't do much with this stuff, you'll have to figure out how to tie this to the graphics engine, good luck with that.

How long until some D&D geek hacks a console Eve client?

Re:Calmly address theft of the crown jewels? (3, Interesting)

}{avoc (90632) | more than 6 years ago | (#23071128)

I wonder how Microsoft would respond to someone putting the code for Office online?

Well, that kind of happened. [slashdot.org]

Re:Calmly address theft of the crown jewels? (1)

k8to (9046) | more than 6 years ago | (#23071650)

Is that really true? are companies *entitled* (in the vernacular sense) to their trade secrets?

I thought they were simply in possession of them.

That sucks... (0)

brkello (642429) | more than 6 years ago | (#23070736)

But maybe someone can pull it down and improve their horrible UI!

Re:That sucks... (1)

dmitriy88 (1096195) | more than 6 years ago | (#23071802)

We can only hope.

Me (0)

Anonymous Coward | more than 6 years ago | (#23070748)

Get s shell account and download it to there, that way CCP won't be able to get your home IP.
Problem solved.

1st exploit found, don't usethe IGB (1)

karmicthreat (637309) | more than 6 years ago | (#23070804)

There is already a code exploit that has been found in the code. The IGB allows the execution of files on the machine via click able links in the in game web browser. Potentially a very serious hole that could cause quite a few problems.

April 14th Update Release Notes: (1)

Aero77 (1242364) | more than 6 years ago | (#23070808)

"EXPLOIT FIXES * Several exploit issues have been fixed, making EVE a better world to live in for us all. "

Wait a minute... (3, Interesting)

jeffbax (905041) | more than 6 years ago | (#23071032)

Does this mean that someone will finally make a proper Mac and Linux build without the Transgaming garbage ;)

Into the Fire (1)

Derosian (943622) | more than 6 years ago | (#23071186)

Seems to me like he told them about the exploits waited a bit of time, and then started seeding this as a means of putting the heat on for them to get this fixed. If they hadn't started banning anyone who downloaded it, then this certainly would have pushed for a huge inrush of exploiters, forcing them to fix the problems.... Instead they found a loophole.

lil peek... (0)

Anonymous Coward | more than 6 years ago | (#23071294)

I'm messing around building with an MMO client. Would I be a dick if I took a peek at the source to see what their net code looks like? Not that I'd copy it, but the learning experience would be awesome.

Re:lil peek... (1)

19thNervousBreakdown (768619) | more than 6 years ago | (#23071446)

If you look at their netcode, you may be maimed for life.

Seriously, it's fucking awful. 8MB packets, and that is all I'll say.

What's Been Found So Far (5, Insightful)

rsmith-mac (639075) | more than 6 years ago | (#23071490)

For those of you asking "what's the big deal about this?" here are what people have found so far digging through the code.

  • 1) Since the client logic is in Python, introducing new logic is a matter of injecting new Python code in to the game. It turns out this is very easy to do right now, there are several ways, including using the telnet server the client runs so that CCP can upload code to the client computer when it connects
  • 2) The big concern is bots, EVE can be botted and this is a problem like any MMO
  • 3) The other big concern is that the EVE client knows far more than it shows, a problem for a PvP game. It is possible to hack the client to the point where it will tell you exactly who and what entered a system you are in, and where they are at at all times.
  • 4) It's also possible to disable the client's "anti-addiction" code required to meet China's MMO laws. Apparently the server isn't actually booting players, it's telling the client to disconnect. The Chinese government is going to love that one
  • 5) Finally, the game has a custom made built-in web browser (the In Game Browser) that's extremely cruddy and isn't used very much. It's also so cruddy that it's holier than the Pope himself; it's possible to craft links to induce it to execute external applications and web browsers. Basically with a little social engineering you can be trick people in to letting you compromise their machine.

EVE is a fine game, but the code is a joke. This is very likely going to lead to a lot of problems for CCP for some time to come. If they're lucky they'll only get a flood of bots, if they're not then the game may very well turn in to a wild west of hacking players looking for an edge.

Re:What's Been Found So Far (0, Flamebait)

antiphoton (821735) | more than 6 years ago | (#23071778)

Funny. All of those problems listed are also issues in World of Warcraft. A company protects its copyright, and because they have a few issues that a lot of mmorpg's experience it's 'okay' for people to steal and distribute the source code. And when they retaliate you have a problem with this? I want what you're on.

Re:What's Been Found So Far (0)

Anonymous Coward | more than 6 years ago | (#23071854)

#4 isn't actually a big deal for the most part, unless you are under 18. see the answer to the 3rd question here:

http://www.1up.com/do/newsStory?cId=3167188

"After three hours, any reward you get from the game (experience, gold, etc.) is cut in half; after four hours it's cut by 75%, and after five hours you don't get any rewards. At each time mark, the game flashes a message telling you how long you have played. You can keep playing all you want, you just won't get any rewards. The big fact that is never reported is that this rule is only for gamers under 18. Adults are free to play all they want with 100% of the reward."

It's not that special really (5, Informative)

Hachima (718971) | more than 6 years ago | (#23071586)

Back in the day the EVE/script folder had the decompiled python in it in plain text. People did stuff like modify it to create merchant bots that would auto buy/sell stuff on the markets and whatever else they wanted to modify. Then CCP changed it to one 'compiled.code' file instead of all the uncompiled python files, which is easier to manage and check for people making changes. So you can still just take that 'compiled.code' file and decompile it to readable code. Which is what got 'leaked' It's nothing special at all really, and is only a portion of the client code. Anyone that was interested in messing with it has already seen the Python, especially people that played when it wasn't even pre-compiled. Next thing you know right clicking a web page to 'view source' will be considered leaking source code too?

I recompiled it (1)

justgosh (957799) | more than 6 years ago | (#23071674)

I recompiled it and I still had to download the latest patch :(

They'll be fine until... (1)

spacefiddle (620205) | more than 6 years ago | (#23071688)

...players start spawning their own Eye of God ships.

If you get THAT reference, come join me here in ex-space-MMOer's hell. *pats seat*

Here's something not to do: make the Dev's personal ships explode for a billion jillion points of system-wide damage, to discourage people firing on devs.

Then do nothing about players finding ways to spawn EoG ships in enemy systems and detonating them on purpose...

Mankind, that was the name of it. Now, I can't picture CCP letting that go on for more than 5 minutes - but i do recall them being more than a little touchy about any kind of dissent or confrontation.

It's ironic - EvE devs have never flinched from throwing players into hard situations and seeing how the playerbase coped. This incident may have them on the receiving end - auditing and fixing glaring holes that otherwise may not have been addressed any time soon...

Their GMs and such widely varied. Some had almost inhuman patience, some never lost their cool and had serious style, quite a few joined in with the players in keeping things as IC (or at least tongue-in-cheek IC) as possible... and others were, now and then, sad to say, useless flaming wrecks. It happens. TBH i hope to reactivate my EvE account again one day when i have the time. It's a unique experience.

In keeping with the spirit of Slashdot... (2, Funny)

Provocateur (133110) | more than 6 years ago | (#23071702)

Could we rephrase it to say

EVE Online Client Open Sourced

but not by choice?

Motivation? (1)

Hemogoblin (982564) | more than 6 years ago | (#23071748)

I read the chat-log, but I'm having a hard time understanding "Abused's" position; what is his motivation for releasing the source code? Why is he so interested in forcing the EVE developer to make a news release confirming that some security exploites have existed "for years"? The code isn't open source, so releasing detailed descriptions of what security holes exist would only allow them to be exploited easier. Is that what he wants?

Yum. (0)

Anonymous Coward | more than 6 years ago | (#23071762)

Having looked through the source, there are some obvious -- I mean reeealy obvious -- places to "work" this code nicely. My Eve addiction just increased.

Headline article correction for ./ (4, Funny)

British (51765) | more than 6 years ago | (#23071768)

Old: Eve Online Client Source Code Leaked
Revised: Eve Online Client now open source!

Not a leak (0)

Anonymous Coward | more than 6 years ago | (#23071804)

It is just a disassembly of the Python object code. Although this means something that looks a lot like source code, it's not an actual leak: there's no comments and the C++ part of the client is missing. (This "leak" is also out of date.) It is possible for anyone who has downloaded the EVE client to extract this.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?