In a plotline reminiscent of Bandai's dot-hack, Slashdot games is tracking the fascinating story of a massively-multiplayer online game corruption. Last night, the servers on Shadowbane were thrown wide open - unholy and unfair acts perpetrated upon innocent newbies, the terror of angry, arbitrary game gods: "It involved more than just a guild taking Khar. This was teleporting people all over the world, teleporting hostile guards into the safe-holds, bringing in hordes of special event monster sand teleporting everyone to a city at the bottom of the sea." (Trol in the Shadowbane forums).
People are arguing over the bugginess of the game in the /. comments. Some believe this was not so much a hack, involving altered client software or server break-ins, instead they suspect people might have taken advantage of bugs in the game. Maybe there is not much of a difference.
Machine9 responds with some veteran Dungeons & Dragons glee: " I absolutely -adore- this, it's the kind of stuff my DM does to us ALL THE TIME! they should be clever about it, and turn all the offending player chars into NPC-evil-masterminds to be defeated after wreaking havoc on the entire continent... "
That's a creative solution, but these game worlds trade in part on stability and predictable experience for their paying subscribers. This could be a splash of cold water for people invested in virtual economies - the economy is fragile.
The official response of UbiSoft/WolfPack has been to invoke law enforcement. Perhaps they will restore the servers from backup, to present the world before it had seen the plagues and scourges. Some people have suggested that they send in Neo or Agent Smith, depending on their perspective - a hero to right the virtual world, set awry by an unprogrammed enemy.
I don't play Shadowbane, but I found this story to be wildly entertaining. The only thing that gets me are the people making comments such as "Wow, the programmers must be really bad or stupid to design something that allows for this to happen." Comments like that knock me off guard. Hackers are smart, determined, and generally willing to spend as much if not more time hacking a game rather than playing it. Not to mention the fact that most protection technologies I have seen used in online games are mostly aimed at delaying or trying to keep a hacker busy.
Every online game thus far has been open to hacking and that's not going to change either. Ultimately the programmers are to blame, yes, but I guess I'm saying I wouldn't be so hard on them because I think it's something that isn't going to go away. Instead, I would critize the company if they do poorly in the aftermath of an attack because that shows that they just were not ready for the online gaming world to me.
Aftermath includes things such as:
Company standpoint - What's their take on the hacking? What do they say they're going to do about it? Are they honest or do they try to blame shift?
Response time - How long before they close the servers? How long does it take to make a fix or even temporary fix? How long before they rollback servers and how far back do they rollback? (if they rollback further than should have been necessary it shows a flaw in their thinking on backup policy.) How long did it take before they began addressing the communities concerns?
Repeat occurance - Has this happened in the past? Even if pretending for a moment that there's a flaw so bad in the design that there's a hole that cannot be patched (which is ridiculous in and of itself), they should be able to detect it. A proper logging system and post-hack created detection system should allow for a reasonable reaction time to future occurances. So even in worst case scenerio, it shouldn't be as big of a problem as perhaps the first occurance.
Companies who create online games, protected or not, should address the issue of hacking aftermath.
Posted by: Draigon | 05/29/2003 at 06:12 AM
mp3 mp3 nokia nokia mp4 nec amr midi mid cect mmf lg tcl av
Posted by: hyhy | 08/28/2006 at 08:09 PM