This is a much better explanation. It was also posted way before Jason posted his tweets.
-
Ever wanted an RSS feed of all your favorite gaming news sites? Go check out our new Gaming Headlines feed! Read more about it here.
-
We have made minor adjustments to how the search bar works on ResetEra. You can read about the changes here.
Jason Schreier - Hackers found a security vulnerability in a patch for an older ND game and used it to leak TLOU 2
- Thread starter Deleted member 8196
- Start date
This is a much better explanation. It was also posted way before Jason posted his tweets.
I'm sure they had security on the network code. It just had loopholes.
The writer of the game Halley Gross has mentioned in the last preview round that the game is ~50% longer than the original, and that this is the largest game in ND's history.
The sad thing is that its not really anyone's fault. These vulnerabilities aren't things that people just notice or even spot, even when looking for them. 99% of the time this is just code and systems built to do a specific task, it takes people with malicious intent and the means and know-how to take what is otherwise "innocent" code and contort it. Only then does it become a "vulnerability".
smh....
User Banned (1 Week) - Conspiracy Theories
I'm back to conspiracy mode after reading this. Let me sail in my own pond, think me stupid and everything but I totally believe it was the alleged salary dispute once this points to being more likely that an ND or at least Sony affiliated employee might have done this. You need a devkit. Are there ways around that? Sure, but Occam's Razor says "unlikely" to me.
Yeah, but we've known for a while that rumor was not true, why still bringing it up or trying to give it any kind of validation? It doesn't make sense now. If there's something to criticize and is linked to this topic, is how stupid their cloud security solution apparently was if I'm understanding what I read right.
Also, regarding your point about them doing the bare minimum, while it'd be ideal if all companies did it, the reality is not that fair, several companies have fired employees or heavily cut income (which I'd prefer if it meant not mass firing anybody), others have transtitioned employes into a 3-6 month suspension without pay, and more. I have friends who, as of March, had jobs that seemed to be very secure for the long term, now they are unemployed, right now I actually feel very priviledged that my job is still secure, hasn't mentioned income cuts nor layoffs, so Sony isn't just doing the "bare minimum" as you stated. And no, I'm not licking anybody's boots here I'm just stating what I'm seeing from my own point of view.
It's brought up because the first page is littered with "all the people who said, X, bet they won't come in here" crap.
No. This isn't a common occurrence, loopholes exists regardless.
Why are they dumb and naive?
Well, my post from yesterday aged like wine:
And yet they keep trying to give any kind of validity to a rumor that wasn't true. Just read the post I'm quoting above. But that's it from in this topic anyway, this thread will surely not be as long as previous ones, for obvious reasons.
"You know, Neil, we really are the hacked of us."
I'm glad this news got out so quickly. The internet was going crazy.
I'm glad this news got out so quickly. The internet was going crazy.
You can buy a devkit on eBay. They aren't that hard to get if you've got the cash.
Game companies going out of business aren't exactly worried about their obligations to console manufacturers so they're totally willing to sell devkits if it means paying off their debt.
Facts are facts and none except the leakers or people at Naughty Dog aware of who they might be know. I get calling "those who act skeptical because they won't let go of the narrative" conspiracists makes sense but honestly whether you believe it or don't, you don't know either way.
So this had to have come from the last patch that Naughty Dog put out (Sept 2019) where they shut down the servers for Uncharted 2, 3 and TLOU and patched the PS4 versions of TLOU:R and U4/LL around the same time... that it wasn't found until January is a miracle.
Were they being used as a way to download stuff to the client? it's the only thing I can think of.
Regardless, this doesn't sound illegal. Asshol-ish to spoil the game, sure, but not illegal.
To be honest, I thought the entire game got leaked including all gameplay even the ending. I've been really careful avoiding spoilers. Naughty Dog said that this is their longest game ever so I am expecting a 25-30 game. It took me 15-20 hours to beat Uncharted 4 the first time.
And what? How is that related to this discussion? Yes there have no doubt been overreactions but just because of the COVID situation it doesn't mean people can't express their upset at being spoiled on potentially their most anticipated title that they've waited on for years and to have it spoiled so close to release.
Edit: I may or may not have misread the /s. Not sure if you were being ironic with it or not.
Last edited:
Nice! Hopefully I will be able to play it much closer to release this time around
Ok glad that's cleared up a bit. People love jumping to conclusions. Seems like a trend with anything to do with Playstation?
This/ BC debacle/ Change of Staff/ "Game must be shit because we havent seen hours of gameplay yet" (GOW) etc etc..
... More positivity, less negativity :)
Anyways, more on topic. So what does this hack mean? What did they get access to...? The whole game? Engine?
This/ BC debacle/ Change of Staff/ "Game must be shit because we havent seen hours of gameplay yet" (GOW) etc etc..
... More positivity, less negativity :)
Anyways, more on topic. So what does this hack mean? What did they get access to...? The whole game? Engine?
Occam's Razor tells me you have a hatchet to bury regarding something related to this topic.
I'm pretty sure what they did was illegal. They accessed a server that wasnt public and that they didnt own and took files from the server. It's like saying it's ok to steal from someone who accidentally gave you their car keys instead of yours and then you proceeded to take things from their car.
Would the configuration files from their games not have access? They check the server for any live updates upon connecting to multiplayer.
Depends whether access to the storage was intended, and it's just that the game was meant to be selective over what it took.
It would be really silly to have any of those keys public in any sort of way.
I mean, I don't know how else you could interpret an /s to be quite honest.
But yeah it's a dumb reason. What makes it even more ironic is that they do bother to reply to something so 'unimportant'.
It's Sony's fault just look at the PSN and Sony Pictures Hacks. /s
I don't know, I'd have to ask a game dev using AWS for their projects, if there's exchange of critical info like keys or passwords it should be encrypted, there's more... The guys that came up with the bug are really good.
For example where I work there's no way they could get enough info to access the buckets, there's too much security in place.
Damn, that is really unfortunate :/
people will still downplay these leak's severity as "iT's jUsT a ViDeOgAmE!"
people will still downplay these leak's severity as "iT's jUsT a ViDeOgAmE!"
I haven't been caught up in all this. Has the whole
game been leaked story wise? If so, hacking a private server is a pretty serious offense where I could see legal action being taken...
game been leaked story wise? If so, hacking a private server is a pretty serious offense where I could see legal action being taken...
Yeah sorry, i've been jumping the gun a lot recently so i think i need to be more calculated with my replies. It's just i've seen a lot of these kinds of responses on this topic and others and it's completely dismissive and adds nothing to the actual conversation. People are still allowed to be upset and frustrated at other things besides the pandemic - yes the world has stopped but people's nuanced lives still continue around them.
So if I accidentally walk into someone's house I can take things that arent mine?
Not sure what you mean by the game being selective over what you took.
they needed a dev kit to access this stuff. It shot like they stumbled upon it on psn or just happened to obtain a dev kit on Ebay and when they went to play a some last of us it brought them to last of us 2 media files instead. I'm pretty sure sony will be able to provide plenty of proof for the hackers intent to steal.
It's been a long time since I've even looked at it laws and not for those of countries outside the UK, but I think generally speaking even if you have access to data, that doesn't give you the legal right to do what you want with it. Just because you come across information doesn't give you the right to share it. This is why exceptions have to be written in to laws to protect whistleblowers who put themselves at risk sharing information on misdoings of companies or governments , and they definitely won't cover the people who did this.
This is a monumental fuck-up on Naughty Dog and/or Sony. You don't ship AWS bucket credentials in any product, ever. No end product should ever need full access to an AWS service, you always write services that clients communicate through. This is like that issue with Super Meat Boy way back in the day, where the game shipped with MySQL login credentials for it's high score server. Only worse: Instead of just having full access to a database, they got full access to an entire server.
And why the hell is development work living on a production server in the first place?
If I didn't know about the security practices (or lack thereof) of developers in the gaming space, I would have said this explanation is faker than the disgruntled contractor leaking stuff. But unfortunately this is not as surprising as it should be.
And why the hell is development work living on a production server in the first place?
If I didn't know about the security practices (or lack thereof) of developers in the gaming space, I would have said this explanation is faker than the disgruntled contractor leaking stuff. But unfortunately this is not as surprising as it should be.
Yeah, no worries, I totally get you man. We're on a gaming forum of all places and people still want to dismiss things as unimportant.
No. There is a group that hates ND be it for their games or success or being a Sony 1st party. Believe it or not, there are die hard xbox/Nintendo/PC fans here that hate anything Sony willing to buy anything to trash ND.
Crunch is bad. Real real bad no sane person would say otherwise. It's just properly built a narrative around it that everything ND do are evil.
User Bannes (2 Weeks) - Conspiracy Theories
I wouldn't be even suprised if Russia was behind this. Putin's government is very anti minority and anti women's rights, and TLoU 2 is apparently really pro minority and pro women. Their propaganda has targeted for example the latest Star Wars movies for the same reason, and I just checked their main propaganda site RT (Russia Today) and it had TWO articles about "how SJWs are ruining games/movies" and one of them was about this TLoU 2 leak.
I just find it really odd if any country would focus its propaganda towards some game leak, whereof most likely only hardcore gamers are aware of, unless the particular country was itself behind the leak. But it could just as well be some angry gamers.
I just find it really odd if any country would focus its propaganda towards some game leak, whereof most likely only hardcore gamers are aware of, unless the particular country was itself behind the leak. But it could just as well be some angry gamers.