Slashdot Mirror
Half Life 2 Source Code Leaked
Pyroman[FO] writes "Gamers with Jobs is reporting that the Half Life 2 source code is floating around the net right now. It looks to be about a month old. There's no official word from Valve on the source code leak yet. Unfortunately those who want to use it to cheat already have it, we need to get the word to legitimate customers to educate them about the situation." Update: 10/02 21:51 GMT by S : Valve's Gabe Newell has an official statement, via ShackNews/HalfLife2.net, indicating "infiltration of our network" and appealing for information on the culprits.
Hopefully this will put to rest the controversy over Pascal. Now the world can see that you CAN write a production quality game in Pascal.
Valve Software are sueing Linux Kernel creator Linux Torvalds, on suspect that leaked Half-Life 2 source code is present in Linux operating system.
I knew ATI wouldn't let us down!
...it was FREED!!
"Ask not what your country can do for you." --John F. Kennedy
... cheating is considered the 'big threat' of a source code leak, rather than the huge impending theft of intellectual property ;-)
Great... The article is Slashdotted... But the leaked code is mirrored everywhere!
Full article from:o p=modlo ad&name=News&file=article&sid=665
... The thing is available as a torrent download on the net. I don't know how much action they will take against people downloading this. ... The last edits are from a month ago (in the files). If this is fake, it is a damn good one. It looks very coherent. Over 100 megs unpacked source
http://www.gamerswithjobs.com/modules.php?
Half-Life 2 Source Code Leaked, Seriously
Posted by: Pyroman[FO] on Thursday, October 02, 2003 - 11:02 AM EST
So I know what you're thinking. "Yeah right Pyro, it's really just more suprise gay porn" but its the real deal. The source code for Valve's Half-Life 2 has been leaked to the net. An anonymous GWJ reader has verified this is real.
I can confirm that this is indeed no fake
There's still no official word from Valve and I haven't seen any other sites pick it up. There isn't any word on who leaked it either and from what I have heard the source doesn't give it away. Hopefully when this gets out in the open Valve can work with its partners to figure out who did this. Let's also hope it doesn't delay Half-Life 2 any further.
One things for sure, this can't be ignored. Those in the know already have it and they're probably working on their first cheat right now. Legitimate customers are the ones who need to know about this as they are the ones that will get their machine potentially broken into when they go online. You can't warez with month old source code, all it's good for is exploiting others in multiplayer and allowing crackers to make better cracks. Customers need to know that there are cheaters out there right now with the full Half Life 2 source code, if this is true.
Lets just hope it does not end up in the Linux kernel.
Not with games, especially first-person shooters. It's a problem of distributing the workload with limited server resources and limited bandwidth / high latency between nodes. To make the game playable, the clients have to know things and be trusted to do calculations that from a security standpoint they should not.
This really is unfortunate. It means you really can't stop cheating with this sort of game. It's especially easy when the source code is available, though it's still possible otherwise.
Not a bad idea. By allowing other people to port the code to different OSes they could get some instant karma, save themselves some effort and get a bigger potential market all in one go. After all, people would still have to buy the game to get the datafiles.
The only problem is if the code contains third-party stuff like sound modules, physics engines etc.
"'I pass the test,' she said. 'I will diminish, and go into the West, and remain Galadriel.'"
- JRR Tolkien.
Yes, because afterall, there's absolutely no way to share binary files amongst a large group of people semi-anonymously around the Internet now is there? ;-)
Mod this man up, I wasn't talking about the latest OpenSSH release getting leaked, it's Half Life 2. The latency problems mean you can't really have secure netcode, however obscurity goes a long way to help.
The CDKey and Steam authentication systems are also supposedly included, so any security control they had before goes out the window, you can't trust the CD Keys or Steam anymore. Not that they were perfect before, but this is going from "wait a bit while the crackers figure out this new authentication system, then it's changed in a patch, repeat" to "here it is on a silver platter, before it's released"
Looks like there will be a linux port after all...
"The United States has no right, no desire, and no intention to impose our form of government on anyone else." - Bush 05
Looks like our best bet for a secure, low-cheat ridden version of Half-Life 2 multiplayer might be on the Xbox now...
Just a thought.
Go here for teh [sic] funny.
I wager the OS community finishes Half-Life 2 before Valve does. ;)
If this is legit, this all applies. If not, then obviously it's not worth anyone's time to debate.
:)
Valve will not lose any licenses due to the code being available. Nobody is going to not license the engine because they can get the source. You'd get your ass sued to oblivion to commit largescale copyright infringement on a major retail product. The first thing anyone asks when you're working on a game is "what engine are you using?". You can't hide your engine - knowledable people can easily tell what engine it is by running it.
The real risk is cheating, which could very well have a real impact on sales (why buy HL2 to play the new CS when the new CS has at least as many cheats as the old one?). Plus if cheating is rampant, it could scare away licensees.
So they could lose real sales and licensees, but only because of cheating, not because they don't need to pay for the source because they can get it for free
Jon (Slothy)
Programmer, S2 Games
Seems to me this should be posted on Gamers WITHOUT Jobs, as that's what will happen when the leak is traced.
Jory
Ok... It's real. It looks very incomplete, pretty old, but real nonetheless. There's functional code for things that never existed in HL1. (I assume to be functional at least, obviously I can't compile it but if this is a joke played by someone who just wrote a bunch of code to try to make it look real then they spent a LOT of time doing it.)
:(
Now however, I have come to the conclusion that this IS an SDK, and not the full source of their engine.
Err, I take that back. Its the engine. Just found the occlusion system and the node management.
I feel for Valve about now. This sucks.
I'm deleting the source just out of respect.
I am a leaf on the wind. Watch how I soar.
Just a thought but maybe Valve knew about the leak and then pushed back the release date to fix code which could have been comprimised !
... so valve can probaly go though see who checked out the whole build ... or just certain parts and figure out who leaked it. (most managemnet tools use 128 bit encryption and a key) Its very easy to track these things.
So lets just say thanks to whom ever leaked the code and we can all blame them for the delay of the release date !
I hope they also know that NDA's are a big part of the game industry today so that either means your loosing your job, your company, or you getting sued.
Each file contains a date, what was modified and when for the most part depending on what code managemnt tool they use
- MOSKIE
A lot of that has to do with the particular game, as well as the design of the prediction in that game.
.).
:D I'm not much of a cheater normally, but the most fun I have ever had was back in the day before everyone was cheating, when the careful task was to cleverly design cheats that are almost undetectable -- like a specially powerful jump to get you out of difficult situations, etc. The most fun I had was giving my player ninjalike abilities by modifying the scripts myself, and reducing my fall damage, and limiting myself to the pistol. It's all about the mobility, baby!
For instance, in Starsiege:Tribes, since the rendering engine has been successfully hacked, people have been able to write some clever and EXTREMELY extensive cheats -- you can customize the visibility of the terrain, of individual objects (like buildings -- make them partially transparent to see people around corners), remove fog from maps, have pointers to the person with the flag, and most infamously, change the model for the flag into a twenty-story-tall red and green stick figure with a gigantic smiley face. This cheat is known as 'Happy Flag', and it makes it pretty much impossible to confuse the enemy team as to the location of your flag.
Now, in any other game, with the graphics engine compromised to that extent, the game would be over. It would be trivial to write auto-aim functionality that centers your view on a particular model type and fires the weapon.
But thanks both to the use of actual projectiles instead of instant (or 'hitscan') weapons, as well as a server-client model that DOES NOT TRUST CLIENT EVENTS (which you might think would make the game much more apparently laggy, but which in reality makes the game much less stuttery and much smoother for those on slower connctions; you just have to predict your shots more. But, since you have to do that anyways by design . .
The stability of this system is such that even with one of the most rabid fanbases in gaming, the only cheats available are primarily informational in nature. A cheater can see mines better, can know where the flag is, can see people clearly that would be mostly obscured by fog otherwise.
But this gives him very little actual advantage. The only hitscan weapon in the game is not a one-hit kill even on the lightest armor, and it needs to recharge, and the method used in both Tribes 1 and the Torque engine of the server not trusting the player for jack shit is actually EASIER on the server, since it processes client actions essentially as it receives them. Moreover, thanks to 'skiing' and the jetpacks and the visibility of laser rifle attacks, any advantage is quickly whittled down to a simple nuisance.
Now, at the other end of the spectrum is Red Faction.
In the dlls directory is pretty much all of the equivalant stuff thats in the HL1 SDK. I thought it was fake at first after looking in there, then I started to look through all the physics code. All of the ragdoll type stuff that there's no way is in HL1 and the code isn't faked. Then I checked out the engine directory. Like I said in a post futher down, the full occlusion system and node management is all there, I didn't have time to check for the actual rendering code because I had to get back to work. But I'm thoroughly convinced that it's real. I even feel bad for downloading it now because I know if someone stole my code I'd be way more than pissed about it. Let em steal a binary all day, but when they have the code it's a whole new level. This is corporate espionage at its finest.
I am a leaf on the wind. Watch how I soar.
If ATI Pays++
- then ATI_Card_Peformance++
else if NVIDIA Pays++- then NVIDA_Card_Perferomance++
else- BSOD
{http://www.kubuntu.org/
I have downloaded the code and taken a quick peek, It does indeed seem to be legitimate. More disturbing though is , a simple grep through the code tree reveals that this leaked source tree contains gpl'd code .
./ivp/havana/havok/hk_math/ ./utils/vmpi/mysql/include/
files in these directories contain such code for example
It would take someone a little more clued up than I to verify that this code is actually used in a binary release.
Someone should take a closer look.
Electronic Music Made Using Linux http://soundcloud.com/polyp
Intellectual Property, like flying pigs, cannot be found in nature.
Falcon 4.0, a landmark achievement in consumer flight simulation technology had its full source code leaked several years ago. What happened aftewards?
Nothing for several months. People went about playing Falcon 4.0 as they did before. Then a user posted a single screenshot to the combatsim.com fora. It showed the Falcon 4.0 options menu, except with some rather peculiar options-- 3dnow! support, 32 bit textures, object texture filtering, DirectX 7 support, and some others. Falcon 4.0 did not ship with support for said features, so either it was an edited screenshot or the user had modified the source code. Then the actual executable was released. It was real, the engine enhancements worked.
Development of the leaked source code exploded shortly after that. A team known as eTeam (the executable was called eFalcon) was created to work on it, devoted to closing the numerous memory leaks, and improving the overall realism and performance of the game. The improvements were incredible, bringing a game released in 1998 to a 2001 state, competitive (or far superior, which was most people's opinions) to simulations released that year. The game's publisher ignored this for a few years.
The game's publisher then put its foot down. It said that all development of the leaked source code had to be ceased. Quickly though the community reached an agreement. It managed to convince the publisher to allow continued development of the leaked source code, as long as the publisher maintained all rights to all of the community's work and was not required to compensate the actual contributors. The result was the Falcon 4.0 Unified Team, composed of most of the eTeam members (not all though, some refused to join because of the constrictive agreement) as well as many from the Realism Patch group, a non-source code team focusing mostly on realism enhancements. The F4UT has succeeded in making hundreds if not thousands of changes to Falcon 4.0, ranging from technical (graphics engine, campaign engine, AI, sound engine, etc.) to gameplay (new flyable aircraft, dogfight AI improvements, numerous miscellaneous tweaks etc.) to other content (re-done textures, models, sound effects, completely new cockpit art, etc.). The F4UT finally brought Falcon 4.0 to what its original developers intended, not only simulation of F-16 combat, but a true military aviation experience taking place in a dynamic computer simulated war.
How does this relate to Half-Life 2's source code being leaked? Well, sometimes leaked source code can lead to greater things. After the Falcon 4.0 source code happenings, the full source code, including the graphics engine, network code etc. of a few simulations (Enemy Engaged Comanche Vs. Hokum, MiG Alley, maybe some others) have been released to the public. Maybe this practice could spread to other game genres.
That's LGPL, not GPL. There's a difference. LGPL is legal to use like this.
From HalfLife2.net Ever have one of those weeks? This has just not been the best couple of days for me or for Valve.
Yes, the source code that has been posted is the HL-2 source code.
Here is what we know:1) Starting around 9/11 of this year, someone other than me was accessing my email account. This has been determined by looking at traffic on our email server versus my travel schedule.
2) Shortly afterwards my machine started acting weird (right-clicking on executables would crash explorer). I was unable to find a virus or trojan on my machine, I reformatted my hard drive, and reinstalled.
3) For the next week, there appears to have been suspicious activity on my webmail account.
4) Around 9/19 someone made a copy of the HL-2 source tree.
5) At some point, keystroke recorders got installed on several machines at Valve. Our speculation is that these were done via a buffer overflow in Outlook's preview pane. This recorder is apparently a customized version of RemoteAnywhere created to infect Valve (at least it hasn't been seen anywhere else, and isn't detected by normal virus scanning tools).
6) Periodically for the last year we've been the subject of a variety of denial of service attacks targetted at our webservers and at Steam. We don't know if these are related or independent.
Well, this sucks.
What I'd appreciate is the assistance of the community in tracking this down. I have a special email address for people to send information to, helpvalve@valvesoftware.com. If you have information about the denial of service attacks or the infiltration of our network, please send the details. There are some pretty obvious places to start with the posts and records in IRC, so if you can point us in the right direction, that would be great.
We at Valve have always thought of ourselves as being part of a community, and I can't imagine a better group of people to help us take care of these problems than this community.
GabeNow however, I have come to the conclusion that this IS an SDK, and not the full source of their engine.
Err, I take that back. Its the engine. Just found the occlusion system and the node management.
What is your address? I am sending you a keyboard with a "Backspace" key for Christmas.
No matter how much I love open source programming, I can't help feeling really sad for Valve. The gaming market is such a competitive place and this is really the worst thing immaginable. It must be absolutely horrible for Valve to see man-years of work fly out the window. Recent posts have talked about different risks, but I think the potential rumors on "HalfLife2 sources are leaked, so there will be too many cheaters" are a lot worse from a marketing and reputation perspective.
As for you GPL programmers, there is already a lot of interesting code out there to play around with. I cannot express in words how thankful I am to different companies letting me play with their products such as Quake2 by id. I think they deserve making money on their hard work and heavy risktaking. GPLing such code is giving me a present I could never make up for.
As I'm quite fond of snowboarding, I ended up working on the Soul Ride snowboard game engine. It would take me years to reproduce the same code on my own. Even if noone ever uses my changes, I really enjoy working on it and it's fun showing my changes to (geek)friends.
Open source is fun to play with. Stolen code just isn't. The whole idea of open source code is built on honesty and solidarity.
Anyway, good luck Valve, I'll buy the game when it comes out. Also, I will enjoy working on the real source you may GPL in 5-10 years, not this leaked one.
(I'm sure some slashdotters won't like what I write, but I've got karma to spend...)