It seems that you're using an outdated browser. Some things may not work as they should (or don't work at all).
We suggest you upgrade newer and better browser like: Chrome, Firefox, Internet Explorer or Opera

×
avatar
Breja: As I am a total layman in these matters, could someone bottom line what this really means for the game and CDPR?
Not much. Everybody believes that whatever codebase that comes out of their shop is pure gold.

Unless you are doing some next gen research, people wouldn't pay or would pay very little for most of it. They might pay for a final product, but what really has value are the intellectual property rights of the assembled codebase, not the code.

What would somebody really do with the GWENT code? Relabel it and sell it? You think that would fly?

A lot of larger companies have come to realise this, which is part of the reason the open-source movement has taken off in such a big way.
Most likely amounting to nothing, pure overreaction. But hey, crapping on CDP is the hottest trend in 2021. You guys must be YongYea's best friends.
avatar
Magnitus: What would somebody really do with the GWENT code? Relabel it and sell it? You think that would fly?
In an online-only game like this, having access to the source code is the wet dream for cheat/hack authors. Hell, eventually someone might even find vulnerabilities to attack all players at once with some form of malware or another.
avatar
Plokite_Wolf: In an online-only game like this, having access to the source code is the wet dream for cheat/hack authors. Hell, eventually someone might even find vulnerabilities to attack all players at once with some form of malware or another.
There are tools to reverse-engineer compiled codebases. Its more work, but if you are motivated, you can totally do it.

Though yes, technically, the internal details of the server-side are now exposed. The obfuscation is gone. The codebase probably wasn't that well protected to begin with (how many employees had access to that codebase? Were all of them really super happy and loyal?). Now we'll see how well coded that thing really is.
Post edited February 10, 2021 by Magnitus
avatar
Lord_Kane: will those leaked documents containing the "offenses" of CDPR will bring down CDPR and CDP and GOG as a whole.
avatar
WinterSnowfall: Notes of chaos and internal villainy in a company that grew a bit too fast? Why I'm sure nobody was expecting any of that!
hahaha
avatar
Wishmaster777: And not a single announcement has been made on Gog. "Hey, quite frankly we don't give a shit, as usual, but at least you can buy Hunniepop 2 on Gog." - CD Project Red. Epically pwned. Lol.
avatar
paladin181: Why would GOG make a statement? They are not CDPR.
I was waiting for a genius who would reply that. I don't care about bureaucratic mask if disguise. They should have made an announcement, just like they drop all sorts of recent events, happenings, updates and other stuff about Cyberpunk 2077. Strange how they care so much about a game that is not affiliated with them, according to you, huh?
avatar
paladin181: Why would GOG make a statement? They are not CDPR.
avatar
Wishmaster777: I was waiting for a genius who would reply that. I don't care about bureaucratic mask if disguise. They should have made an announcement, just like they drop all sorts of recent events, happenings, updates and other stuff about Cyberpunk 2077. Strange how they care so much about a game that is not affiliated with them, according to you, huh?
Of course they care about what happened at a company that they work closely with because they are part of the same umbrella company. That doesn't mean they need to make a press release about everything that happens with CDPR. "Hey we want you to buy this thing that our sister company is making because it will make us a shitload of cash too" yeah totally comparable situation there. But I'm the ironic genius.
avatar
Breja: Exactly. "Do not be alarmed, GOG has not been affected by the recent CDP hack" (if that is indeed the case) would also be a statement worth making. And if that is not the case, well then they definitely should let their users know rather than assume they all follow CDP on twitter/will find this thread.
avatar
paladin181: Would you honestly believe them if they did release a statement?
Had they released a statement regarding that thig they could have at least pretended that they care. But why should they. They are being very transparent about it - they do not give a fuck about us, their customers, nor our safety. They do, however, care about our money. And I am fine with that. Sure thing, they mind their money business. But then, knights in shiny armour like yourself come to save the poor princess Gog, who try to sell us little stories about how good the Gig is, and to teach us the legal regulations regarding the relation between Gog and CDPR. That is the bigger issue. Also, Gog has been pulling such genius moves recently, that we should totally trust them everything they say. Totally.
avatar
Plokite_Wolf: In an online-only game like this, having access to the source code is the wet dream for cheat/hack authors. Hell, eventually someone might even find vulnerabilities to attack all players at once with some form of malware or another.
avatar
Magnitus: There are tools to reverse-engineer compiled codebases. Its more work, but if you are motivated, you can totally do it.

Though yes, technically, the internal details of the server-side are now exposed. The obfuscation is gone. The codebase probably wasn't that well protected to begin with (how many employees had access to that codebase? Were all of them really super happy and loyal?). Now we'll see how well coded that thing really is.
whatever else comes from this, source code for the Witcher and Cyberpunk getting taken and hopefully released is a complete and total win. Talented coders might even make cyberpunk into something worth playing with an engine conversion or something. That would be amazing.
avatar
Magnitus: That's an idealised circumstance. Sure, in some cases, you can do that, but in most use-cases where users have expectations of timely interaction with their data, this isn't really an option.

You can start from a state where the system was built only using local copies of all the dependencies you require, but ultimately, it will need to be accessible via the internet in some way.

Btw, keeping/managing a local copy of every dependencies you have is small fries in larger companies, but for smaller operations, its a non-trivial time investment. Everybody would like to do this. Not everybody can.
Well, it largely depends on the majorly underlying system if the dependencies will be so dependent on an online presence. I can imagine Linux dependencies laughing it off easily.*
low rated
avatar
Wishmaster777: I was waiting for a genius who would reply that. I don't care about bureaucratic mask if disguise. They should have made an announcement, just like they drop all sorts of recent events, happenings, updates and other stuff about Cyberpunk 2077. Strange how they care so much about a game that is not affiliated with them, according to you, huh?
avatar
paladin181: Of course they care about what happened at a company that they work closely with because they are part of the same umbrella company. That doesn't mean they need to make a press release about everything that happens with CDPR. "Hey we want you to buy this thing that our sister company is making because it will make us a shitload of cash too" yeah totally comparable situation there. But I'm the ironic genius.
Sure. They should make presses when it suits them fine, and totally avoid addressing the problems. Nice logic, totally. I see no fallacy here at all. Totally.

*EDIT* There were some server issues. I was unable to post a comment, I have done it repeatedly, hoping it would get published. I have also received a reply, but I was unable to access it. Sure, I bet we are so safe after that hacker's attack. Who knows what is going on now with these issues at hand even now.
Post edited February 10, 2021 by Wishmaster777
avatar
paladin181: Would you honestly believe them if they did release a statement?
avatar
Wishmaster777: Had they released a statement regarding that thig they could have at least pretended that they care. But why should they. They are being very transparent about it - they do not give a fuck about us, their customers, nor our safety. They do, however, care about our money. And I am fine with that. Sure thing, they mind their money business. But then, knights in shiny armour like yourself come to save the poor princess Gog, who try to sell us little stories about how good the Gig is, and to teach us the legal regulations regarding the relation between Gog and CDPR. That is the bigger issue. Also, Gog has been pulling such genius moves recently, that we should totally trust them everything they say. Totally.
I think you have confused me with someone else. I don't white knight GOG or anything. In fact, I've been a pretty straight forward naysayer of theirs for years. I dislike how they handle things, how bad their web coding is, how incompetent the support team are at times, and how completely mired in stupidity the forum software is, and they're too incompetent to fix it because the guy who cobbled it together in 1997 left and now trying to unfuck their site without a complete rewrite of everything is not feasible.

However, I don't needlessly bash them either. These are two different companies that dont share resources or employees. So make it seem like its one company with two fronts all you like, but that is an incorrect assessment. There is no need for GOG to respond to something CDPR did than there is for the shipping department to respond to people over what accounts payable did.

avatar
paladin181: Of course they care about what happened at a company that they work closely with because they are part of the same umbrella company. That doesn't mean they need to make a press release about everything that happens with CDPR. "Hey we want you to buy this thing that our sister company is making because it will make us a shitload of cash too" yeah totally comparable situation there. But I'm the ironic genius.
avatar
Wishmaster777: Sure. They should make presses when it suits them fine, and totally avoid addressing the problems. Nice logic, totally. I see no fallacy here at all. Totally.
I'll only respond to this once, instead of thrice. Go ahead. What logical fallacy did I employ? They will promote an item they want to promote, and not items they don't They weren't attacked, why would they need to reassure you that they weren't? By the way, I wasn't hit by a car today. Someone near me was, but not me. Makes total sense to report on events that didn't happen.
Post edited February 10, 2021 by paladin181
low rated
avatar
Wishmaster777: Had they released a statement regarding that thig they could have at least pretended that they care. But why should they. They are being very transparent about it - they do not give a fuck about us, their customers, nor our safety. They do, however, care about our money. And I am fine with that. Sure thing, they mind their money business. But then, knights in shiny armour like yourself come to save the poor princess Gog, who try to sell us little stories about how good the Gig is, and to teach us the legal regulations regarding the relation between Gog and CDPR. That is the bigger issue. Also, Gog has been pulling such genius moves recently, that we should totally trust them everything they say. Totally.
avatar
paladin181: I think you have confused me with someone else. I don't white knight GOG or anything. In fact, I've been a pretty straight forward naysayer of theirs for years. I dislike how they handle things, how bad their web coding is, how incompetent the support team are at times, and how completely mired in stupidity the forum software is, and they're too incompetent to fix it because the guy who cobbled it together in 1997 left and now trying to unfuck their site without a complete rewrite of everything is not feasible.

However, I don't needlessly bash them either. These are two different companies that dont share resources or employees. So make it seem like its one company with two fronts all you like, but that is an incorrect assessment. There is no need for GOG to respond to something CDPR did than there is for the shipping department to respond to people over what accounts payable did.

avatar
Wishmaster777: Sure. They should make presses when it suits them fine, and totally avoid addressing the problems. Nice logic, totally. I see no fallacy here at all. Totally.
avatar
paladin181: I'll only respond to this once, instead of thrice. Go ahead. What logical fallacy did I employ? They will promote an item they want to promote, and not items they don't They weren't attacked, why would they need to reassure you that they weren't? By the way, I wasn't hit by a car today. Someone near me was, but not me. Makes total sense to report on events that didn't happen.
Read my edit above, please.
avatar
Breja: As I am a total layman in these matters, could someone bottom line what this really means for the game and CDPR?
It doesn't mean much per se.

The only issue would be if the published code of the GWENT servers had a critical remote-exploitable flaw and somebody found it. Even then it is still debatable how much harm they could do. Worst case, they could intercept communication, inject code, or make the server deliver malicious updates.

However, the chances of that actually happening are low.
avatar
Breja: As I am a total layman in these matters, could someone bottom line what this really means for the game and CDPR?
avatar
Nervensaegen: It doesn't mean much per se.

The only issue would be if the published code of the GWENT servers had a critical remote-exploitable flaw and somebody found it. Even then it is still debatable how much harm they could do. Worst case, they could intercept communication, inject code, or make the server deliver malicious updates.

However, the chances of that actually happening are low.
Isnt the most obvious threat for somebody to make a rogue server? If players use rogue server/s and pay nothing (or the rogue server makers) then this invalidates the whole GWENT business model. With their current bad rep the number of goodwill players is going to be lower than before too.
(And it would be ironical if it would be Chinese who would make such a rogue server...)
(And this may also be why GWENT source code was leaked first.)
Post edited February 11, 2021 by Zrevnur