Slashdot Mirror

← Back to Stories (view on slashdot.org)

Half-Life 2 Delayed Following Code Leak

Posted by CmdrTaco on from the sucks-for-the-gamers dept.

jhol writes "CNN is reporting that Half-Life 2 is delayed "by at least four months, that is to April 2004.", due to the code leak. VU Games has already suffered a 29% fall in revenue and an operating loss of $61.36 million this year. A Christmas release of Half-Life 2 would probably have been most welcomed." Update: 10/07 20:38 GMT by S : CNN Money are now reporting there's a newly public leak, allegedly involving a partially playable, Beta pre-release of the game.

6 of 750 comments (clear)

  1. Delayed anyways? by kneecarrot · · Score: 5, Interesting

    I just have to wonder if a serious delay was in the works anyway and the code theft gave Valve a publicly acceptable reason.

    --

    I always save my last mod point to mod up a good troll. You people are too serious.

    1. Re:Delayed anyways? by shird · · Score: 5, Interesting

      Yes I think this is the case. I have taken a look at the code, and I can say there is a hell of a lot of 'TODO:/BUG:' stuff in there. I'm no expert, but I would say it seemed a long way off being complete. Not to mention all the artwork, levels, scripts etc that may or may not exist in very complete form.

      As for ease for creating keygens, take a look at the code - it makes an external reference to a 'cdkeycheck()' function (cdkey.obj) in which there is even comments to the effect that they (valve) don't have the source code. In other words, they have outsourced the key verification algorithm, so it doesn't exist in the source tree. (either is the cdkey.obj file).

      --
      I.O.U One Sig.
  2. Re:Can't blame anyone but themselves... by Karhgath · · Score: 5, Interesting

    He wasn't that stupid. The email used a old buffer overflow bug in the preview pane of Outlook to install the program, Gabe just had to click(not even open) the email for it to install the trojan.

    However, it's mind-bending that their Outlook weren't patched(it's a very old exploit) and that he uses the preview pane in Outlook, on his work related computer. I know that they are backed by Microsoft, and thus probably gets all the MS toys, but they still forgot to patch them.

    A shame. Still, a custom written trojan made against Valve to target their system and get the code/data of the game isn't something you see everyday. Either this kind of thing doesn't happen often, or it happens often but it's never detected(or acknowledged). Think industrial espionnage. Either way, it's not an easy to spot/cure, not antivirus/firewall can detect it effectivly if it's custom written against you. They probably probed Valve to check what exploits would or wouldn't work, so it's not as easy as to say: they should have patched, because the hacker would probably have tried another way and with a little determination, would have still compromised their systems enough to get some data.

  3. Re:Still haven't learned their lessons by javatips · · Score: 3, Interesting
    This should not be a big problem as the VM is isolated from the host (it would take far more serious hacking, that what was done to get HL2 code, to get inside VMWare internals). One could always snif the physical ethernet card for packed, but having the VM connect through VPN to the "DEV" network would solve the problem. The host could be a barebone linux Install without any open ports. That would limit the risk of having the Host being hacked. Now you have a closed down host with two VM. One on a "private" network, and the other on "public" network.


    Having a seperate machine on a seperate physical network would be more secure, but would cost much more than the VMWare approach.

  4. Re:If you want anyone to blame by Sir+Haxalot · · Score: 3, Interesting

    Mod parent down. There is no evidence that supports that any member of myg0t was the hacker. They are just a bunch of assholes that will claim anything to get attention.
    Until the FBI knocks on someone's door, nobody truly knows who the hacker was.
    Hitman was in #halflife2 EFNet giving links to the source HOURS before anyone else had it. Enough evidence?

    --
    I have over 70 freaks, do you?
  5. Re:Wrong by johnnyb · · Score: 4, Interesting

    "there are cases where security through obscurity is the best method"

    PLEASE don't say this. I understand what you're trying to say, and that is correct, but your wording is completely horrid.

    Obscurity is just that - obscurity. Using obscurity for protection is actually a decent plan in many cases - it's just not the same thing as security. The problem with "security through obscurity" is not that people aren't protected enough, it's that they are _confusing_ security and obscurity - thinking they have security when they only have obscurity. Both offer protection, but with different expectations.

    There is NO SUCH THING as security through obscurity, and those who try show a complete misunderstanding of the issues. The can be _protection_ through obscurity, but security in relation to computers has a certain, specified meaning, and when people start throwing it around in connection with obscurity, it just makes the situation a lot more confusing than it needs to be.

    --
    Engineering and the Ultimate