If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#11
|
|||
|
|||
I think nVidia is busy re-writing their n35 code path!
"Derek Wildstar" wrote in message news:Vd4fb.671954$uu5.109452@sccrnsc04... This is a serious matter, please spread this information to people you think can be of assistance. Ever have one of those weeks? This has just not been the best couple of days for me or for Valve. Yes, the source code that has been posted is the HL-2 source code. Here is what we know: 1) Starting around 9/11 of this year, someone other than me was accessing my email account. This has been determined by looking at traffic on our email server versus my travel schedule. 2) Shortly afterwards my machine started acting weird (right-clicking on executables would crash explorer). I was unable to find a virus or trojan on my machine, I reformatted my hard drive, and reinstalled. 3) For the next week, there appears to have been suspicious activity on my webmail account. 4) Around 9/19 someone made a copy of the HL-2 source tree. 5) At some point, keystroke recorders got installed on several machines at Valve. Our speculation is that these were done via a buffer overflow in Outlook's preview pane. This recorder is apparently a customized version of RemoteAnywhere created to infect Valve (at least it hasn't been seen anywhere else, and isn't detected by normal virus scanning tools). 6) Periodically for the last year we've been the subject of a variety of denial of service attacks targetted at our webservers and at Steam. We don't know if these are related or independent. Well, this sucks. What I'd appreciate is the assistance of the community in tracking this down. I have a special email address for people to send information to, . If you have information about the denial of service attacks or the infiltration of our network, please send the details. There are some pretty obvious places to start with the posts and records in IRC, so if you can point us in the right direction, that would be great. We at Valve have always thought of ourselves as being part of a community, and I can't imagine a better group of people to help us take care of these problems than this community. Gabe __________________ Gabe Newell |
#12
|
|||
|
|||
On Fri, 3 Oct 2003 08:10:12 -0400, "iggy" wrote:
You're the one, pardon my french, who needs to get a F...ing clue Mr. Wildstar (LOL) Spanked, and yet strangely unaware. I've always said the completely clueless have a much easier row to hoe. Life can be completely miserable, but they haven't the sense to realize it. |
#13
|
|||
|
|||
On Fri, 3 Oct 2003 12:50:00 +0100, Stoneskin wrote:
spamtrap@localhost left a note on my windscreen which said: Not saying it's definatly a hoax but I'm inclined to think it is. I think its the real deal, it would have been refuted by now if it wasn't, and it was quoted by Gabe himself on the halflife2.net forum. After I posted this I found the Gabe posting you mention. Certainly adds alot of validitidy to it, I agree. I find it pretty negligent and downright stupid to have critical stuff like this on an internet enabled PC. I agree. That was my first thought when I read about this. Valve is not a small, struggling software company. I'd think they'd be able to keep their code on a closed LAN with no access to the outside. |
#14
|
|||
|
|||
You might want to get out and read a bit here and there. This is the real
deal. It's not just HL2, but Team Fortress 2 as well. It's possible to compile this stuff to .exe's using Visual Studio .Net. All that's needed to play are the textures. I suggest going to http://www.warp2search.net/ and doing a search on this stuff. I can just imagine that when the game comes out someone can just upload the textures somewhere and it will be possible to play, although I suspect just copying the CD's will be easier... Chris Smith "Stoneskin" wrote in message t... Derek Wildstar left a note on my windscreen which said: This is a serious matter, please spread this information to people you think can be of assistance. Anything which says spread this info I'm suspicious of. It's the first smell of something not quite right. Ther is nothing about this on the Valve site. Why isn't this reported there? Not saying it's definatly a hoax but I'm inclined to think it is. -- Stoneskin [Insert sig here] |
#15
|
|||
|
|||
"ho alexandre" wrote in message ... Derek Wildstar wrote: 5) At some point, keystroke recorders got installed on several machines at Valve. Our speculation is that these were done via a buffer overflow in Outlook's preview pane. This recorder is apparently a customized version of RemoteAnywhere created to infect Valve (at least it hasn't been seen anywhere else, and isn't detected by normal virus scanning tools). That's what happens when you live dangerously. They could have installed a firewall, they could have updated their antivirus's definitions, they could have patched Outlook, they could have not used Outlook too. They have enough work to do for a living, to add challenges like that. You might want to go read up on what happened before you type this crap because you have absolutely no idea what you are talking about. Everything was up to date. Somehow, they used vulnerabilities in Outlook to install keyboard recorders and such without anyone knowing it. This was custom stuff that no virus scanner was going to find. Whoever did this did a damn good job. Chris Smith |
#16
|
|||
|
|||
"who be dat?" wrote in message ... You might want to go read up on what happened before you type this crap because you have absolutely no idea what you are talking about. Everything was up to date. Somehow, they used vulnerabilities in Outlook to install keyboard recorders and such without anyone knowing it. This was custom stuff that no virus scanner was going to find. Whoever did this did a damn good job. Chris Smith No matter what, I can usually count on you to be up to date and informed Chris, unlike most of these readers...this was indeed a very sophisticated black-bag job. Without turning on the conspiracy amplifier, either this was an inside job, or the work of the best Corporate spies money can buy. |
#17
|
|||
|
|||
who be dat? wrote:
You might want to go read up on what happened before you type this crap because you have absolutely no idea what you are talking about. Everything was up to date. Somehow, they used vulnerabilities in Outlook to install keyboard recorders and such without anyone knowing it. This was custom stuff that no virus scanner was going to find. Whoever did this did a damn good job. Well in that case they shouldn't have used a software that has serious vulnerabilities. Moreover there are official patches that prevent attachments to be interpreted while using the preview pane. And it is possible to not interpret HTML in mails, even in Outlook. Moreover, once the keylogger is in the place, it still has to send the result back. A firewall can prevent those things from happening. I doubt the keylogger is only VBS ! -- XandreX /I'm that kind of people your parents warned you about/ |
#18
|
|||
|
|||
who be dat? wrote:
because you have absolutely no idea what you are talking about. Everything was up to date. How do you know that ? Who are you ? -- XandreX /I'm that kind of people your parents warned you about/ |
#19
|
|||
|
|||
ho alexandre wrote:
who be dat? wrote: because you have absolutely no idea what you are talking about. Everything was up to date. How do you know that ? Who are you ? Chris Smith admitted to being an ATI employee some months ago. But regardless if that entitles him to inside knowledge from valve or not, the claim from Newell is that everything was up to date. However, something smells. There isn't an IT department on earth that isn't aware of the dangers of keeping mission critical data or code on any internet enabled computer. There is no excuse for such sloppiness - especially when they say they've been DOS'd a few times and have experienced other attacks over the last few months. Either they are completely incompetent about their own security, or this is bull****. Perhaps someone from valve leaked a CD full of engine code at the last trade show. Perhaps Newell left a portable drive behind at the last European convention or at some interview. Perhaps anything. I would certainly think that crying "Hackers!" might take some attention away from whatever really might have happened. Someone is trying to avoid losing their job or maybe even being criminally prosecuted. It wouldn't be the first time in history that crying "Thief!" (or in this case, "Hacker Thief!") saved some incompetent fools' job. |
#20
|
|||
|
|||
"i'm_tired" wrote in message . net... It wouldn't be the first time in history that crying "Thief!" (or in this case, "Hacker Thief!") saved some incompetent fools' job. That's a wonderful theory, except it makes absolutely no sense: Gabe Newell himself is reporting the loss, and he has the most to lose. Why would he make this report, unless it was the truth? I assure you, they understand security, and how important their data is. Think more, type less. |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Nero recode faster then encode from original file source??? | Bun Mui | Cdr | 0 | September 12th 04 05:03 PM |
my new mobo o/c's great | rockerrock | Overclocking AMD Processors | 9 | June 30th 04 08:17 PM |
Source for IRDA module for A7N8X Please? | Pilcher | Asus Motherboards | 2 | February 27th 04 07:43 AM |
can't switch to ati capture driver as primary tv capture source in mmc 8.7 | manfred klotz | Ati Videocards | 0 | November 30th 03 05:55 PM |
Liteon LTR-48246S older firmware source? | FOR7b | Cdr | 10 | October 19th 03 01:18 PM |