Slashdot Mirror
Valve Announces Half-Life 2 Code Theft Arrests
Ant writes "GameSpot and other sources report arrests were made:
Developer of the much-anticipated and delayed shooter sequel reveals an international wave of arrests has been made.
The Half-Life 2 code theft saga entered a new chapter today when Valve Software announced a series of arrests had been made in the case. According to Valve, suspects in several countries had been taken into custody in relation to charges stemming from the theft of the Half-Life 2 code, distribution of the code, and breaking into Valve's network..."
Not too many "other sources" available. The Google News search only lists the GameSpot article.
Ba-dum - cha!
...Valve was waiting for the arrests before releasing the game.
tasks(723) drafts(105) languages(484) examples(29106)
Does that mean they can release it on time now? Oh wait...
My user number is prime. Is yours?
He comes and goes... he comes and goooooeeess...
The Half-Life 2 code theft saga entered a new chapter today when Valve Software announced a series of arrests had been made in the case. According to Valve, suspects in several countries had been taken into custody in relation to charges stemming from the theft of the Half-Life 2 code, distribution of the code, and breaking into Valve's network.
Valve CEO Gabe Newell credited gamers with providing the information that led to the arrests. "It was extraordinary to watch how quickly and how cleverly gamers were able to unravel what are traditionally unsolvable problems for law enforcement related to this kind of cyber-crime," he said in a statement. "Everyone here at Valve is once again reminded of how much we owe to the gaming community."
However, while Valve announced the arrests today, it was unclear when they actually occurred. Valve's statement on the matter--e-mailed to the press today--quoted Newell as saying, "within a few days of the announcement of the break-in, the online gaming community had tracked down those involved."
The FBI's Northwest Cyber Crime Task Force, the law-enforcement agency overseeing the code theft investigation, also divulged little information. When asked by GameSpot if it had made any arrests, media contact at the task force's Seattle, WA, headquarters said simply, "we did." However, when pressed for more information on the case--i.e. how many people in the US were arrested, where were they apprehended--the agent declined to say anything other than arrests had been made. "Beyond that we can not comment," he said.
News of the Half-Life 2 arrests comes after months of rumors about law-enforcement activity on the case. In January, a number of computer experts in the San Francisco area reported having their hardware seized by FBI agents on the grounds they were involved in the theft. Several weeks ago, unconfirmed reports from Germany said the author of the Phatbot Trojan worm was also involved in the theft. In both instances, neither Valve nor the authorities offered any comment.
GameSpot will have more details on this developing story as they become available.
Loading "Federal Pound-Me-In-The-Ass Prison Level" ......
Valve CEO Gabe Newell credited gamers with providing the information that led to the arrests. "It was extraordinary to watch how quickly and how cleverly gamers were able to unravel what are traditionally unsolvable problems for law enforcement related to this kind of cyber-crime," he said in a statement. "Everyone here at Valve is once again reminded of how much we owe to the gaming community."
Thanks Gabe, glad to be of service! How about a free copy of HL2 to make up for the debt you "owe" me. No? WTF?
i wonder how the punishment's will align themselves, across countries and across the different charges... surely the "code theft" charge will be handled a little different from kevin mitnick's? ;)
time to sit back and watch, i guess... should be interesting.
Send them to XEN.
The difference between stupidity and genius is that genius has its limits.
That those arrested would be released the same time Half Life 2 is. Personally I think thats a pretty harsh sentence!
1. Bad that people steal code.
2. Good for Half-Life 2 cause that means the fans really like it.
3. A possible sign that Valve should hire more people so they can release it sooner.
4. What moron allows an email to install a keyboard sniffer on his computer. Anti-virus and patches take care of a lot of that. Not to mention the network guys should have caught that one quick.
5. Fire the retarded programmer that lets sniffers get installed on his PC and fire the network guys that didn't stop it.
6. Release the game already
Police are reporting that one of the suspects, Douglas "Duke" Nukem, had, in his words, been trying to get his hands on some source code like this "FOREVER".
anything i tell you will cloud your opinion.
"But, your honor.... we were just trying to help Valve meet their release date!". :)
Remembered as the crew who created LessTiff, the Hungry Progammers were raided by the FBI in order to obtain evidence in the Half-Life 2 case. Details of the raid are a real eye-opener.
I wanna play Jon Johansen!
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
Please, editors, don't use words like 'theft' in the same way that the RIAA etc. use them. No-one was deprived of code in this incident and so it wasn't theft.
that there actually exists some code!?
I hope that Valve did not put all their efforts into just catching the people who did it. I admit that those people did break the law and need to be caught but Valve is a company that relies on it's products.
Seeing as this game has been delayed since before this incident I wonder exactly as to the calibur of the game. If they shifted too much focus off development they might have shot themselves in the foot when they release a sub-par game.
So if anyone from Valve is reading this or you know someone who works there just give them a gentle nudge and remind them that we care about the quality of their games and the promptness in which they are delivered. Not that Half Life 2 is vaporware or anything but people are losing interest just because of the delay.
Push harder towards Open Media/Content
..it or did they actually found the guilty one's?
however.. does a game developer house have any responsibility over LYING about the state of the game? to investors, to publishing partners, to customers doing pre-orders... when they had no realistical hope of meeting the deadline(a deadline that they should have set and met 2 fucking years ago anyways).
sure they might have been under pressure to do so but what the hell, they told that the game was basically ready just few weeks before the whole hacking shesbang, in which case the hacking would have been a very big deal obviously. however, pushing the delays reason on it is just.. well, it sucks. they suck. getting hacked makes them suck anyways(would make me think twice in investing).
I'm not intrested in them catching the guys who did the hacking.. I'm intrested in if VALVE can get the game out or not! so, what i'm really intrested in is that if they have or have not coded the revolutionary AI they said they had coded already a friggin year ago(must have really been a kick in the nuts to see that the whole world saw that the demos were scripted, when you said that they werent..).
oh well, I could always buy that strategy guide from amazon.
world was created 5 seconds before this post as it is.
They aren't saying anything more than "Yup we got somebody"
They aren't saying for sure it was the people that stole it.
They aren't saying how they got them.
They are't saying what they took from them.
They are only saying they got SOMEBODY but who knows if it's really the guys or someone that downloaded a copy of the game from some warez IRC site and just redistributed it.
Besides, until we get full details that the game is released/on schedule/delayed it really won't matter too much.
Wheel of Time: Book by Book and Sumview (summary review) Bigdady92 style: http://bigdady92.blogspot.com/
Etiquette is etiquette. He kills his mother but he can't wear grey trousers.
It's all part of the show.
The tutorial campaing in half life 2 will be the arrest, by swat, of 3 filty hackers living in some college dorm.
If you've been to an E3 then you know what people at the gaming industry are capable of... bunch of reviewer whores...
I wonder what this means for the people who got arrested. It sounds like these guys come from all around the world, is this a chance for the pirate community to unite? By publically chasing these guys, there will be someone who tries to support them, or try to top them. As an open source supporter, I can see some pirates trying to make themselves martyrs by saying they were pushing open source, but even as the supporter of open source that I am, I see reasons for games to be closed source, and sold. Are these guys going to be made poster children for punishing pirates? It seems like a really good time to get some PR in the "If you pirate, you get your ass kicked" department. I'll be interrested to see what happens.
--untwisted
Notice that M$ hasn't made similar announcements about their recent source code theft problems? Probably cause they realize that for every hacker who use it to try and exploit a vulnerability, another hacker will rewrite part of the code and make it better, more stable, and more secure. Heck with Microsoft source code out there, Windows could one day be a stable, secure platform for people to migrate to instead of from
...they went into Fry's to try to buy an ATI Radeon 99000 XT+ video card, Intel P5 1.2 THz processor, and a Terabyte of RAM. The arresting agent was overheard saying, "I knew they weren't using that much computing power to play Unreal Tournament"
If I'm not mistaken, it was not a 'retarded programmer' but Gabe himself that got keylogged
If you are targetted, virus scanners and patches won't stop a keylogger, perhaps a trojan scanner would have, but we don't know what keylogger was installed. After all if I go and code up a keylogger now, and install it on your PC, your virus scanners/ trojan scanners won't detect it.
but yes they should have released the game already
I'm a supporter of open source, but "forced open source" by cracking developers' computers and making their data public is just unethical. These people were real black hats; IIRC, they wrote cracking programs for their private use, specifically to crack Valve --- every sysadmin's worst nightmare. I hope crackdowns like this will get more prominent media attention in the future.
I dont know... maybe I am just a little backwords in my thinking, but Valve could have used this to an advantage. Think about it. If they open source the engine but not the content, wouldn't that allow everyone to make a better engine (hence, easier patching, more features) but not have the content unless they bought it? To me, that looks like the way to go anyway. I can find a bunch of sourceforge projects that do just that. You need the content, not the engine. Valve should sell the content, not the engine. Stealing the code was wrong, and the theives should be punished, but sometimes a business needs to find an advantage to these things.
"Everyone here at Valve is once again reminded of how much we owe to the gaming community."
As a show of appreciation, how about taking the not so difficult step of porting HL2 to the Linux platform? I could understand if the game was written completely in DirectX, but it supports OpenGL which is fairly portable from one OS to another. Oh well... wishful thinking...
-------
"In times of universal deceit, telling the truth becomes a revolutionary act."
-- George Orwell
(standard mythical man-month rant elided)
Bottom line: more people at this stage == bad idea.
3... yeah, throw more people into the project who have to take considerable time learning the system. good idea!
5... developers shouldn't admin their own systems. game developers are not admin, admin are not game developers.
A game and an operating system are not the same thing.
The hackers can use the stolen hl2-code to make aimbots and wallhacks, which will be bad for all the online gamers!
And lets face it, the multiplayer part is by far the most important for HL2. I'm sure the game itself will be good, but once you have played it, it's not interesting anymore.
Online gaming just goes on and on and on, like counterstrike has done with half-life 1.
Hackers make cheats for free, and someone will probably have to pay in order to patch those hacks.
"Look Lois, the two symbols of the Republican Party: an elephant, and a fat white guy who is threatened by change."
Valve should license the engine and sell the game. At least if they want to make any money.
They have a great piece of technology here. They are likely to make as much money (possibly more) licensing the engine to third parties as they are selling HL2
This is how fisrt person shooters have always worked. There are really only three or four good engines licensed underneath a ton of games.
-Adam
Here's a BBC story about a raid in SF... and here's a blog post about a geek in SF getting raided and having his gear taken by the FBI...
Just having read about the fbi raid, I can't help but think that everyone should keep a few hundred small and/or dead hard drives around. Gotta keep them busy finding your 'stash'. They'd have to use a ream of paper to document all the computer equipment I have at this location.
Of course, I didn't do anything illegal.
-Adam
Considering that a large portion of the money they will make from all of this will be the licensing of the underlying engine, no. Turning it into OSS would not only destroy their chances to make some *real* money off of the engine, it would also mean throwing years of work and untold sums of R&D money to the wind.
Besides, there's no reason for a company like Valve to give away what is obviously worth a (perhaps not so) small fortune on its own. Now, maybe if their R&D work on the engine had come for free, *then* they could justify open sourcing it all. But, until the cost of developing such an engine approaches $0, don't expect anything like that to come any time soon.
That green slime had it coming.
Anything taken, copied, downloaded and such without the owners permission is taking something you have no right to. That is Theft, plain and simple.
"I use a Mac because I'm just better than you are."
After reading the Valve blurb on HL2 I panned down the page and was shocked to see DNF mentioned
:-)
Half way down on the right side
DNF to be released in 2005? Wouldn't that be a shock. Personally I would be curious to see if it's any good compared to HL2 or Doom III. I may purchase it.. then again maybe not. The excitement isn't what it used to be for DNF
Has Comcast disconnected your Internet account? Same here. You can read about it at http://comcastissue.blogspot.com
http://bash.org/?104052
<NES> lol
<NES> I download something from Napster
<NES> And the same guy I downloaded it from starts downloading it from me when I'm done
<NES> I message him and say "What are you doing? I just got that from you"
<NES> "getting my song back fucker"
The current business model is that when the first game for the new game engine comes out, the mod tools to go with that engine ship as part of the game package. Anybody who has bought the game can create new levels or whole new game concepts.
Once you have a good mod thrown together, you can release it however you want... but in order for your mod content to be playable your users are going to need a licensed copy of the game engine and that for the most part will mean purchasing the original game.
If mods are really good, they can enter the retail channel by striking a deal with the original game writers. At that point, the original game content is replaced with the mods and sent into retail stores as its own box. Profit for all involved.
It'd be nice if there was an OSS gaming engine of record to make the commercial game engines obsolete, but let's face it... those things are not easy to come up with. Furthermore, I'm not sure a "fair" multiplayer environment can ever be done with open source code... what would there to be to block people who have hacked the engine code to give them an autopilot shooter?
1. Bad that people steal code.
Right, because good people never get arrested.
3. A possible sign that Valve should hire more people so they can release it sooner.
It don't work that way, son.
autopr0n is like, down and stuff.
There's really no way they could sit on a game for nine months reworking the code to break compatibility with potential cracks for the leaked code. It's neither that long of a project, nor an justifiable use of man-hours.
After all, you have inside knowledge that people working on the project would have, and you just happen to know how long reworking all of Steam from scratch due to its leak would take, not to mention redoing Half-Life 2's network code.
Seeing as how Counterstrike is such a bastion of non-cheating, there's no way Valve is taking a long time making sure the net-based Steam client is up to snuff after a source code leak on the Internet!
Thanks for enlightening us, Miss Cleo.
They probably just rounded up people who happened to have the source code on their machines (ratted out by friends/enemies, etc.) and asked them where they got it. If they couldn't name names, they were further scrutinized. If they can't name names (practical joke gone awry?) have the "capacity to commit the crime" (ie, they're techies) they get charged. Follow the names that were named. Repeat until the number of people you've arrested sounds impressive.
This makes great headlines and eases the PHB's nerves, but doesn't really solve anything. The original perpetrator may get away with it scott free, even.
Just inventing details...
I didn't realize you could be arrested for "theft of vapor"...
After all, illegally downloading someone else's intellectual property from their hacked server and downloading someone else's intellectual property from a random stranger are two totally different things!
I can see a reason for a lengthy delay here. Say they were almost done coding the entire thing. Now, they get cracked, someone takes their source, and distributes a few copies.
Can this code be deemed secure without a full audit of all the code? Could the crackers have reasonably included a backdoor in the program?
If they were able to include some malicious code in HL2, and Valve were to distribute it without checking every last line, that would not only be a PR nightmare, but a rather serious security risk for their customers.
Now, this may not be difficult, they could go to their last backup (if they have a recent one). They'd still have to rewrite quite a bit of code, which also takes more time.
Not to mention the time it takes to lock down what appears to be a fairly insecure network before continuing (so it doesn't happen again during development).
I can see how something like this could knock back the project a month or two easily. If they're already behind schedule, this just makes things worse.
To interpret "guy in the street" (or "pedestrian") word meaning, we must compare with commonly accepted uses of the word.
Here are two sentences that are widely acceptable uses of "steal" regarding intellectual property:
- "He stole my invention"
In both cases, it is implied that something similar has happened: the victim was working on a project, and was spied on by another person, who went on to publish that idea and claim it as his/her own (preventing the actual author from getting credit for the work). "He/she stole my $INTELLECTUAL_PROPERTY" is an accusation of plagiarism, not theft."She stole my song"
And the Half-Life 2 incident never included any attempt to claim authorship of that code.
comes down to "taking stuff without paying".
And then you get into what "taking" means. Ask a pedestrian if something has really been "taken" if the victim still has it... no, that's not "taking". It's more "taking a copy", or even just "seeing".
So it becomes "seeing without paying". And the street guy will think "Oh, I see stuff on TV all the time, and never pay"
The debate would be improved if people argued with the *message* of what was being said, not the *wording*.
It's the MPAA/RIAA/BSA that causes that problem by using by basing their argument on that wording: "Stealing is obviously wrong. Copyright infringement is actually stealing. So copyright infringement is wrong too".
Reminds me of the logic of a certain US president... "Terrorists are obviously evil. You guys are actually terrorists. So you are evil too"
The ocean parts and the meteors come down
Laid out in amber, baby.
I find it funny that they had "all of a sudden" their source code stolen a bit after the date when they were suppose to release it (late september IIRC). I thought back then "ok this is just an excuse so they can finish the game".
In winter time, the news about half life 2 ceased completely (nothing on planethalflife, etc.) and then we heard about the X800 & GF6800 cards. BOOM all ofa sudden, for the E3 (perfect moment), Half life 2 appears in full strenght! Now, in the month where half life 2 is suppose to come out, they say they finall caught those guys.
I'm not sure what I should believe anymore but all I know is, they better not postpone the game again cause they're killing us!
Anybody else here who thinks or thought like me on some points?
The blog link is not referring to the Half Life raid. If I remember correctly, this blog post was made for a /. story posted a couple months ago about a different matter.
"I filter at +6, and have yet to miss out on an important comment." (#822545)
How is it different?
Valve still has the code, the music companies still have their audio.
How on earth is there a distinction? Because one needed another illegal means to get the files, while other it just downloading?
If you call one theft, you have to call the other theft.
Human nature is the same everywhere; the modes only are different. -- Earl of Chesterfield
Sure, copyright infringement is wrong, but that still doesn't make it theft! That's like saying rape and murder are the same thing, because they're both immoral too. Or like saying that Black Panthers and Neo-Nazis are the same because they're both militant racists. Or like saying apples and oranges are the same because they're both fruits! Or.... [continue ad nauseum]
They're both wrong. They're both perhaps equally wrong.
BUT THEY'RE STILL NOT THE SAME THING!!!
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
Several weeks ago, unconfirmed reports from Germany said the author of the Phatbot Trojan worm was also involved in the theft.
Wow, a trojan worm?! I gotta re-take history class...
It is pitch black. You are likely to be eaten by a grue.
7. What moron thinks there's such a thing as 100% security?
8. What moron thinks you can ship software faster just by hiring more people?
9. Maybe the 'retarded' programmer was actually trying to do his job and get the work done as soon as possible, and not reading bugtraq all the live long day or modelling attack trees so he wouldn't get owned.
10. Cut Valve some slack. They are the victims here, despite what some might think.
If arrests were made outside of the US then it makes you wonder if some sort of terrorist type approach was used. I sympathize with Valve because someone hacked into their network and created problems for their product however at the same time it's uncomfortable to see the US's arm of the law go overseas, especially if the US turned this issue into an act of terrorism.
They stole a game prior to release. They can rot in prison till Duke Nukem Forever comes out.
IANAL, but actually it is different. If they broke in and stole a disk, then Valve has one less disk and a broken window. Many anti-RIAA slashdotters have repeatedly claimed that music copying isn't stealing because they didn't actually take or deprive someone of anything, they just copied it, which to me seems like what happened here.
I'd have to say that copying (and subsequently distributing) the source code was a copyright violation just like downloading an unlicensed mp3. The network intrusion is also a crime. There are probably also laws which might consider unreleased source code to have "trade secrets", which would be yet another crime. Therefore the entire operation is far more serious than sharing a copied music file, but the root event is probably similar.
This is not the greatest sig in the world, this is just a tribute.
valves code wasn't published, and to get it they had to hack (well trick) valve to get it.
I would be the charges laid on the hackers would not be theft, corporate espionage, hacking, copyright violations, and such.
Downloading music is much diffrence as its published, someone is offering you a copy (witch is why downloaders are kinda safe and uploaders are not)
Also the money lost by each act is diffrent, vavle has taken a BIG hit in the $$ department because of the "theft", how much (if any) money the RIAA and co lose when a song is copied is debatable and might be a gain.
That is why poeple get all up in arms about P2P being called tehft, but when it comes to valve and sounce code theft they tolerate and join in in calling it theft, its much more like theft and it did cause damage to valve in many ways, unlike P2P.
and it STILL isn't theft, it is a multitude of other crimes, but NOT theft at all.
if this was theft, there would be no such charge as corporate espionage. because all corporate espionage is is "stealing" information and ideas.
Neither is theft. One is copyright violations, the other is corporate espionage/hacking/copyright.
Big difference.
Mp3's are already ready for public consumption. The public already has access to the song, be it on the radio, a cd in a store, in a friend's car, whatever. By downloading that song you are getting a copy of the finished product that many others already have.
Source code, however, is definitely not in a form for public consumption. Nobody should have the source code unless they're part of the project.
Stealing the source code would be analogous to stealing the band that makes the music, not the finished product.
band:mp3::souce code:binary
Normally when the FBI or other agency busts a piracy ring, they're proud as hell about it. They talk about how many people they arrested, in however many countries they made the arrests, how many dollars in stolen software the pirates were responsible for, and so on, and so forth. Even when the FBI went after Skylarov at Adobe's request, the FBI was very proud of what they did, bringing such an eeeeeevul pirate to justice.
In this case, it's Valve, the company that did something very stupid that allowed their code to get stolen, and not an actual law-enforcement agency, that's releasing all the vague details of the arrests, whereas all the FBI has to say is that "Yes, we made some arrests." No details on who, or where.
That's very unusual. What's up with that?
One point worth clearing up is that the break-in and release of the source code is NOT why we didn't make the original September 30, 2003 release date, nor is it responsible for the fact that we haven't shipped yet. There were some significant costs associated with the break-in (not the least of which was the fact that everybody here was completely freaked-out and bummed), but the main reason we haven't shipped yet is that we have more work to do than we thought and it has taken longer to do than we thought. Gabe gaben@valvesoftware.com
Actually, I really think they meant HL1 was based on a highly modified quake 1 engine, just like they said. The site you link to even says Quake, not quake 2.r view.shtm
Valve added a ton of stuff on the q1 engine, such as 16 and 24 bit rendering and mmx support as well as a skeletal animation system.
If you want more info, check out http://www.planethalflife.com/half-life/guide/ove
What moron allows an email to install a keyboard sniffer on his computer. Anti-virus and patches take care of a lot of that. Not to mention the network guys should have caught that one quick.
What?? A/V patches wouldn't do anything if it was custom written. And how the heck are network admins going to catch a few tiny URL posts (assuming the logger sent packets via port 8000) in all the traffic a big corporation generates.
I mean, seriously... the moron may not even have had a good email client that let him know something was running-- and that is ignoring the various overflow bugs that could have been exploited.
You quitting proves that the karma kap worked. The most annoying of the whores shut up. --CmdrTaco
About the leak: some german guy (the same guy who created phatbot, let's call him Hans) hacked into Valve computers. Hans then proceeded to brag about it and give some information about it to some friend of his (let's call him randomdude) over an IRC server operated by some members from a group I will call Entity. Members of entity intercepted the conversation and used the info in it to plant their own trojans on valve's computers, they then proceeded to leak the source and maybe some other stuff. Hans decided that he wouldn't let them have the credit for this and proceeded to release other stuff. Fast forward a few months. Hand emails Gabe and explains that he never meant to leak anything, that he just wanted to take a look at how a game was developped and that he was an amateur game developper himself as well as an expert on network security. He's a big fan of valve, blah blah blah. He explains how he broke into valve's computers and implies that he would like to get a job at valve as a network security asministrator. Follows a long exchange of emails in which he tells them about vulnerabilities still existing in their network and reveals he is german. He then agrees to a phone interview as Valve's people bait him into thinking they are considering hiring him and ends up arrested. I read most of the emails he exchanged with Valve before the arrest and Hans pretty much threw prudence and common sense out the window when dealing with valve. He must be kicking himself now.
This isn't a proper analogy. Stealing the source to the game is more like stealing the master tapes for a music track. A closer comparison for downloading an mp3 (a finished product) would be downloading the game (a finished product.) The fact that the source code included copy protection measures only compounds the problem.
harmonious design
I swear this isn't flamebait!
How come in Slashdot discussions about music/film piracy, we get hundreds of posts from people arguing that piracy isn't theft, it's "sharing". But in this thread, everyone's talking about how the source code was "stolen".
Someone either broke physically into their building, broke electronically into their servers, or illegally duplicated a legal copy (which is defined by law as theft)
1) There was never any legal copy. There was one original held by Valve, and lots of illegal copies made.
2) Even though the result of stealing a CD and pirating a CD is pretty much the same (less the cost of packaging), they go under different laws.
Pirating is illegal. Stealing is illegal. That does not imply that pirating is stealing. This reminds me of a play by Ludvig Holberg (1684-1754): "A stone can not fly. 'Mor Nille' can not fly. Thus, 'Mor Nille' is a stone."
IP is a nonsense concept, because it doesn't say if it's copyright, patent, trademark or otherwise. Likewise IP theft has no meaning in any legal sense, it's a buzzword for the media. It's trying to ascribe attributes to copyright violations that simply aren't real.
Kjella
Live today, because you never know what tomorrow brings