Full Disclosure mailing list archives
RE: Half-Life 2 source code stolen through IE exploit
From: "Trey Mujakporue/UK/Tesco" <trey.mujakporue () uk tesco com>
Date: Mon, 6 Oct 2003 09:25:26 +0100
The point here is, not to go about bashing Valve. They messed up and they know they did. I'd be surprised if after going public with this, they wouldn't do the due dilligence thing and do a full code audit. There really isnt much point in coming up with mad theories and "what if" scenarios, Its happened already!. *Get over it* Our time would be better put to use either helping them to track down the perps or at least lobbying MS into sorting out their security issues. -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of nick () virus-l demon co uk Sent: 03 October 2003 18:59 To: full-disclosure () lists netsys com Subject: RE: [Full-disclosure] Half-Life 2 source code stolen through IE exploit "Brown, Rodrick" <rbrown () doitt nyc gov> wrote:
This is really sad there development network under all circumstances should not be connected to the internet. This is just lapse security on Valves part. Most big development shops have too workstations on separate networks just for this reason one network will be used for development only and the other for email/internet etc..
Indeed. How much worse that instead of stealing the source and publicly posting it, the attacker had simply inserted a few backdoors into the code and checked that into the CVS? Given that Valve is as careless about security as to alow the theft to happen, have you any confidence they would detect such a change anytime soon? -- Nick FitzGerald Computer Virus Consulting Ltd. Ph/FAX: +64 3 3529854 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html -------------------Warning------------------------ This e-mail is from outside Tesco - check that it is genuine. Tesco may monitor and record all e-mails. ---- Disclaimer ---- This is a confidential email. Tesco may monitor and record all emails. The views expressed in this email are those of the sender and not Tesco. Tesco Stores Limited, Tesco House, Delamare Road, Cheshunt, Herts, EN8 9SL: company number 519500. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Half-Life 2 source code stolen through IE exploit Trey Mujakporue/UK/Tesco (Oct 06)
- <Possible follow-ups>
- RE: Half-Life 2 source code stolen through IE exploit Brown, Rodrick (Oct 06)
- Re: Half-Life 2 source code stolen through IE exploit Valdis . Kletnieks (Oct 09)
- RE: Half-Life 2 source code stolen through IE exploit Schmehl, Paul L (Oct 06)