Member of the EVE Tweet Fleet

Saturday, April 9, 2011

CCP Blunders Again

  You may have logged in the last couple of days and found an ad...a very colorful one at that...for the new forums CCP is proud about. My corp kept thinking one of us hacked CCP, since we have such a love for ponies and that ad was right up our alley. Anywho, news has gotten out about why exactly the forums were suddenly taken down.

  Turns out CCP fails yet again and has punished those who pointed it out. A player simply wanted to change his signature, found that he could post as anyone in Eve which included developers and then got banned for making that knowledge public. Supposedly he did petition it, but only expected anything to happen when he went public. They will ban someone for something like this so easily, yet they seem to have trouble doing the same for real issues like botters. The fact that CCP has been yapping about these features for so long and haven't taken the time to make sure it's all secure is rather disturbing.

  And so the roller coaster continues in my faith, trust, and opinion of CCP's executions. It's really not much of an issue to me since I never intended to use them. I don't use the EveO forums now and hardly ever look at them. I already belong to two or three different forums so I'm a bit busy.

  Fun times, eh?


Shandir said...

It's pretty obvious he didn't give them long to fix it before making the hack public.
What's more - how he found out was not by accident - his own post on SCH says he was screwing with it, looking for vulnerabilities.
That's kind of illegal.

I'm actually completely in agreement with CCP, he did not *just* report it, he reported it, mildly abused it (although did not - according to himself - seriously abuse it) and then made the security flaw public (although again with some restraint - no details) so that others had a good idea what to look for.

I expect he's looking at a well deserved temp-ban, and although he says himself he doesn't really care to come back, he will be given the option in future.

Memoocan said...

Aye, I certainly agree with the ban as well. His common sense is suspect when he posts to SHC with it, as well as "mildly abusing" it himself.

My issue is more that CCP didn't even see it before they launched the forums. You should be bug testing and double checking everything before it goes live. Makes me worry about other things that might be exploitable in Eve..