Development studio Valve Software has seen the entire source code to Half-Life 2 – including source from some of the company’s middleware partners – leaked to the Internet following a breach in the company’s security.
The source code bundle includes none of the game’s artwork or levels; however, the entire source code for the game itself, its graphics engine and the Havok physics engine, Miles sound system and various other pieces of middleware is being distributed widely as a 30mb zip file.
Although Valve – and publishers Vivendi – will no doubt be relieved that none of the game’s crucial artwork assets are included in the leak, and thus it has little relevance from a piracy point of view, the repercussions elsewhere could potentially be quite serious.
The presence of all of Valve’s anti-cheat code and network security code in the source means that cheats for Half-Life 2 online play could appear before the game is even released, and may cause a further delay to the game’s release date by forcing them to rewrite sections of this code. However, the WON authentication code (and hence the private key used to generate CD keys for Half-Life products) isn’t present in the source code bundle as distributed online – although of course, this doesn’t mean for sure that it wasn’t in the bundle originally hacked out of the company’s servers.
Valve’s middleware partners are likely to be furious with the studio, as they’re now seeing their valuable source code – which they charge developers for access to – being freely distributed online. It remains to be seen whether any of them will take legal action against Valve over the leak. Similarly, Valve’s own plans to license its game engine to other developers will now suffer a setback, since the crown jewels of the engine are on display to anyone with a net connection.
According to Valve boss Gabe Newell, the leak came as a result of a concerted hacking effort on Valve’s servers over a period of a number of months. Although few developers have security that would stand up to the scrutiny of a really determined hacker, Newell’s account of how Valve’s security was breached suggests that the company’s network security measures were practically non-existent – with the initial breach coming through a Trojan virus caught by using the notoriously insecure preview pane in (the also notoriously insecure) Outlook email client.
The company is likely to be kicking itself this morning over its choice of name for the Half-Life 2 game engine, too. Wags on the Internet haven’t failed to notice the comedy value of the fact that the engine was dubbed the Source Engine by Valve when it was first unveiled at E3 in May.
- Data breach compromises 773 million records, 21 million passwords
- How to know if you’ve been hacked
- After fourth attack, hacker puts personal records of 26M people up for sale
- Free-to-play ‘Titanfall’ battle royale ‘Apex Legends’ reportedly launching soon
- 3 ways to protect yourself from home security camera hackers