While I know this isn’t directly related to The Sims, but what I feel is probably the worst cybercrime in gaming history took place this week, the theft (and release) of the Half Life 2 source code.
As some of you might know, Half Life 2 is the follow-up to Valve softwares Half Life game, which remains to be one of the most popular titles (next to The Sims) since 1998. HL2 was a breakthrough in graphics technology that they had been working on for the last few years. If anyone has seen any screenshots or E3 movies, this thing is the cats meow. Realistic renderings, real-time lighting, etc. that should change the way you look at gaming this December.
Having the source code (and we’re talking about the full code here guys, enough to build any part of the game) is the heart of a game. Imagine if the full source for The Sims was released before it came out? For first-person shooters, it’s an even bigger problem because these guys license their engine so others can make games. Half Life (the original) itself was based on the Quake II engine. Licenses for these engines run in the hundreds of thousands of dollars because frankly they can fetch hundreds of thousands of dollars in return for someone with an idea, some resources, and lots of creativity.
I don’t know what kind of effect this may or may not have on the gaming industry as a whole, the release of the game, and other things. Commercial companies obviously won’t touch the code to release a game (unless they might license it normally). Independants won’t build it into any kind of GPL software for fear of “Hey, that’s from HL2!”. However from a learning perspective, you can now see how what’s known as a “AAA” engine does what it does. It’s also a big thing from the cheating perspective because people studying the code can now build cheat systems that would defeat what they didn’t know before, how the system worked internally.
From a Sims perspective if this had happened to Maxis before the release of The Sims, would it have been as popular as it was? Would we have had hundreds of tools instead of a handful? What do you think would be the impact on The Sims 2 if this happens?
Anyways, I thought it was worth spreading the news so here’s a note from Gabe Newell, the founder of Valve software, describing the theft.
Ever have one of those weeks? This has just not been the best couple of days for me or for Valve.
Yes, the source code that has been posted is the HL-2 source code.
Here is what we know:
1) Starting around 9/11 of this year, someone other than me was accessing my email account. This has been determined by looking at traffic on our email server versus my travel schedule.
2) Shortly afterwards my machine started acting weird (right-clicking on executables would crash explorer). I was unable to find a virus or trojan on my machine, I reformatted my hard drive, and reinstalled.
3) For the next week, there appears to have been suspicious activity on my webmail account.
4) Around 9/19 someone made a copy of the HL-2 source tree.
5) At some point, keystroke recorders got installed on several machines at Valve. Our speculation is that these were done via a buffer overflow in Outlook’s preview pane. This recorder is apparently a customized version of RemoteAnywhere created to infect Valve (at least it hasn’t been seen anywhere else, and isn’t detected by normal virus scanning tools).
6) Periodically for the last year we’ve been the subject of a variety of denial of service attacks targetted at our webservers and at Steam. We don’t know if these are related or independent.
Well, this sucks.
What I’d appreciate is the assistance of the community in tracking this down. I have a special email address for people to send information to, firstname.lastname@example.org. If you have information about the denial of service attacks or the infiltration of our network, please send the details. There are some pretty obvious places to start with the posts and records in IRC, so if you can point us in the right direction, that would be great.
We at Valve have always thought of ourselves as being part of a community, and I can’t imagine a better group of people to help us take care of these problems than this community.
UPDATE. There are some more details on the recent Half-Life 2 source leak from Gabe Newell. This was verified that this is legit (thanks to Shacknews). Here’s the latest:
1) We’ve taken our network connection down to pretty much a minimum. We’re still finding machines internally that have been compromised.
2) The suite of tools that the attacker was using included the modified version of RemotelyAnywhere (basically a Remote Desktop-style remote admin tool), Haxker Defender (a process, registry key and file hiding tool), the key logger, and various networking utilities that allowed them to transfer files (compressors, NetCat, and FTP). We also are pretty sure they were sniffing our network to gather passwords and other information. Haxker Defender includes a file system driver that allows an attacker to have stuff on your machine that is invisible, unless you do something like mount the drive under another OS that has NTFS support.
We have determined one way of detecting some infected machines, which is using a connection viewer to detect connections to anomalous hosts external to our network.
We still don’t know their entry method.
3) In general, the community has been remarkably swift at tracking down the sources of the leak. What would be most helpful now are IP addresses of the people who were responsible for the intrusion or for the denial of service attacks.
4) Also, please continue to send in URLs of websites hosting the source code. We’ve been contacting people and asking them to take it down.
5) There’s anecdotal evidence that other game developers have been targeted by whoever attacked us. This hasn’t been confirmed. We’ve been providing other game developers with more detailed information about the exploits and evidence of infiltration.
6) We’re running a little bit blind with our network shut down, but it seems like some of the press has picked up the story. I’ve been fielding calls from the mainstream non-games, non-technical press.all day. Hopefully they will get to report shortly what a mistake it is to piss off a whole bunch of gamers and get them hunting you around the Internet.
For any information related to this, please send it to email@example.com, or you can always send to firstname.lastname@example.org as well.