Full source code for the client for popular MMORPG Eve Online was made available recently via BitTorrent on The Pirate Bay. Along with the torrent, the user posts a chat transcript with a representative identified as [IA]Morpheus from Eve’s developer and publisher CCP. In the lengthy and scatological exchange, the poster of the source code attempts to get some answers about CCP’s much maligned security practices, particularly concerning the rife issue of bots and scripting in their flagship game. The conversation was a little less than professional.
[20:44] <Abuser> Could you certainly say me what your programmers did to secure clientside from exploiting Eve?
[20:44] <Abuser> what’s certainly
[20:45] <Abuser> I don’t have anything against content makers – their ideas are good, really good
[20:45] <Abuser> I have full eve sourcecode, so you know what’s did, and what’s not;)
[20:46] <Abuser> From all security i saw – were ROLE permissions for logins with priviliges higher than usual player, and some minor things in relation to prevent some remote service calls (some with potentially bad payload)
[20:46] <Abuser> nothing else
[20:47] <Abuser> is that called “programmers working on security”?
[20:47] <[IA]Morpheus> Are you cruising for a job or something?
[20:47] <Abuser> Nah
[20:47] <Abuser> neither job, neither anything else
[20:47] <Abuser> you may think of in such direction
[20:48] <Abuser> Digging the situation to uncover the truth
[20:49] <Abuser> You may compare me to fox mulder from x-files series
[20:49] <Abuser> it’s the best description of why i do this
[20:49] <[IA]Morpheus> Ah, well, nice to meet you Mr Mulder.
[20:50] <Abuser> So… would you like to answer what AWESOME ccp programmers did in relation to client/server security (at least for client?)
[20:51] <[IA]Morpheus> No, we won’t respond to blackmail. If you think we don’t care or aren’t working on improving security you are sadly mistaken
Buzz on forums surrounding the incident report that in reaction CCP is strictly censoring its online forum from references related to the code leak. In addition, reports are being posted that CCP is seeding most of the torrent themselves, then using the IP addresses of those who download the client’s source code to ban Eve Online accounts.
No public recognition of this source code leak has yet been offered from CCP.