• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

CD Projekt RED Hacked, Attacker Claims to Have "Cyberpunk 2077" and "The Witcher 3" Source Code

Joined
May 2, 2017
Messages
3,791 (2.63/day)
Location
Norwegian, currently in Lund, Sweden
Processor AMD Ryzen 5 1600X
Motherboard Biostar X370GTN
Cooling Custom CPU+GPU water loop
Memory 16GB G.Skill TridentZ DDR4-3200 C16
Video Card(s) AMD R9 Fury X
Storage 500GB 960 Evo (OS ++), 500GB 850 Evo (Games)
Display(s) Dell U2711
Case NZXT H200i
Power Supply EVGA Supernova G2 750W
Mouse Logitech G602
Keyboard Lenovo Compact Keyboard with Trackpoint
Software Windows 10 Pro
Have you seen the Chinese knock-offs? It's an opportunity lost in some markets, because now they can take stolen code, redress it, and sell it to a customer base that doesn't know any better.

I'm sure plenty are aware of the myriad of private mmo game servers out there... while a few are legitimately extending the life of an EOL product, the vast majority are profiting off work not their own by injecting micro transactions and cosmetic packages and letting people play at no charge. Who knows what potential malicious code could have been compiled into the released client binaries also...
That sounds ... unlikely. As @Dredi said above they could do the same with modding tools if that was what someone wanted. As for private MMO game servers ... all the games in question are single-player. So ... yeah. Oh, not Gwent, of course. But ... it's Gwent. Who cares? If you need to steal code to make a fantasy card battling game, you won't be able to skin one based on stolen source code either.
 
Last edited:
Joined
Oct 1, 2014
Messages
1,100 (0.46/day)
Location
Modesto, California
System Name The Captain (2.0)
Processor Ryzen 5 3600
Motherboard ASRock B550 PG Velocita
Cooling CPU: DeepCool GAMMAXX GT; Case: 5x 120mm fans (front, top, rear)
Memory 16 GB (3200Mhz) G.Skill Trident Z Royal (Silver)
Video Card(s) MSI Gaming X GTX 1660 Super
Storage 1x Crucial MX500 500GB SSD; 1x Crucial MX500 500GB M.2 SSD; 1x WD Blue 7200 RPM HDD
Display(s) Aorus CV27F 27" 1080p 165Hz
Case Phanteks Eclipse P360X
Power Supply Seasonic FOCUS+ Platinum 750W
Mouse HyperX Pulsefire Surge
Keyboard HyperX Alloy Origins Core
All your code are belong to us! :roll: :roll:
 
Joined
Feb 26, 2016
Messages
414 (0.22/day)
Location
Texas
System Name O-Clock
Processor Intel Core i7-3770K @ 4.5 GHz
Motherboard ASUS Z77 Sabertooth
Cooling Enermax Liqmax II 240 push/pull w/ ICD thermal compound
Memory Mushkin Blackline 16GB (4x4GB) @1600 MHz CL9
Video Card(s) EVGA GTX 980 SC @1415 MHz/2000 MHz (core/memory)
Storage PNY CS1311 128GB 2.5" SSD, Samsung 860 QVO 1TB 2.5" SSD
Display(s) Acer G247HYL
Case Corsair SPEC-02 (modded)
Audio Device(s) HyperX Cloud II
Power Supply EVGA 1200 P2
Mouse Logitech G403
Keyboard Logitech G910 Stickerbombed
Software Windows 10 Pro 64 bit
The title is misleading. It should say CD Projekt RED "epically pwned". Ok seriously though, I hope the damages are minimal.
 
Joined
Jul 13, 2010
Messages
56 (0.01/day)
Location
Slovakia
System Name Pap1er
Processor AMD Ryzen 5 2600 @ 4000 MHz
Motherboard MSI B450 GAMING PRO CARBON AC
Cooling ARCTIC Freezer 33 eSport One - Red
Memory Kingston HyperX Predator DDR4 3333MHz CL16
Video Card(s) Sapphire PULSE RX VEGA 56
Storage WD Blue SN500 NVMe 250GB / WD20EURS @ 2TB
Display(s) LG 29UC88 Curved UltraWide Monitor
Case Corsair 230T Graphite Series - Orange
Audio Device(s) OnBoard
Power Supply Corsair CX750M
Mouse Creative Sound BlasterX Siege M04 Gaming mouse
Software Windows 10 Pro x64
Joined
Feb 23, 2019
Messages
2,331 (2.99/day)
Location
Poland
Processor Ryzen 7 3700X
Motherboard Gigabyte X570 Aorus Elite
Cooling BeQuiet Dark Rock 4
Memory 2x8 GB Crucial Ballistix Sport LT 3200 CL16 @ 3600 CL16
Video Card(s) EVGA 1060 6GB SSC
Storage SX8200 Pro 1 TB, Plextor M6Pro 256 GB, WD Blue 2TB
Display(s) Acer XB273GP
Case SilverStone Primera PM01 RGB
Power Supply SeaSonic Focus Plus Gold 750W
Mouse SteelSeries Rival 300
Keyboard MK Typist (Kailh Box White)
Wonder what an extradition to Poland will be like. Poland contributed some 8million into CDPR, didn't they?
Sorry but world doesn't work like that. Especially in Poland.
 
Joined
Sep 17, 2014
Messages
14,700 (6.13/day)
Location
The Washing Machine
Processor i7 8700k 4.6Ghz @ 1.24V
Motherboard AsRock Fatal1ty K6 Z370
Cooling beQuiet! Dark Rock Pro 3
Memory 16GB Corsair Vengeance LPX 3200/C16
Video Card(s) MSI GTX 1080 Gaming X @ 2100/5500
Storage Samsung 850 EVO 1TB + Samsung 830 256GB + Crucial BX100 250GB + Toshiba 1TB HDD
Display(s) Gigabyte G34QWC (3440x1440)
Case Fractal Design Define C TG
Audio Device(s) Situational :)
Power Supply EVGA G2 750W
Mouse Logitech G502 Protheus Spectrum
Keyboard Lenovo Thinkpad Trackpoint II (Best K/B ever... <3)
Software W10 x64
Have you seen the Chinese knock-offs? It's an opportunity lost in some markets, because now they can take stolen code, redress it, and sell it to a customer base that doesn't know any better.

I'm sure plenty are aware of the myriad of private mmo game servers out there... while a few are legitimately extending the life of an EOL product, the vast majority are profiting off work not their own by injecting micro transactions and cosmetic packages and letting people play at no charge. Who knows what potential malicious code could have been compiled into the released client binaries also...

Ofcourse, but that was always possible with or without 'source' code. Get a game copy and you're done, copying some assets does happen everywhere just like people snagging stock photos of the net and using them. Copyright infringement, really, more than it is theft?

And eh... is it really a loss to a triple A company to have some weird knockoffs of absolute gutter trash in the market?

Its an illusion you can control data like that, despite what many love to believe. We think that by having a metric ton of rules we can prevent stuff from happening. Lol. Right. If anything we should know better by now... not a single company, system or group of people has shown to be immune to all things human. The best thing you can strive for is 'mitigation'. Data management is like Covid in that sense, good luck getting to zero incidents, and there is a point at which rules take a major toll on usability of (a system) society, creating rebellious users that are more keen to not stick to them (and create leaks); or some event happens making people unhappy and willing to break rules explicitly.

This is why transparency of data can be such a powerful tool, and why it is in some ways inevitable. If you have to spend more money than you can make off the data to secure it, what's the point? That's herd immunity, right there: expose the data, and its no longer valuable.
 
Last edited:
Joined
Feb 18, 2013
Messages
1,919 (0.65/day)
Location
KL, Malaysia
Processor Intel Core i5-7600K
Motherboard ASUS PRIME H270M-PLUS
Cooling Corsair H55 AIO Liquid Cooler + HD120 RGB (3) + SP120 RGB PRO (3) + Commander PRO
Memory Corsair Vengeance LPX 16GB (2 x 8GB) 2400MHz D4
Video Card(s) Zotac RTX2060 Twin Fan 6GB GDDR6 (stock)
Storage Samsung 960 EVO 250GB M.2 PCIe SSD + Kingston A400 480GB 2.5in SSD
Display(s) LG 29WK600-W Ultrawide 1080p IPS + Dell U2417H 1080p IPS (set to Portrait orientation)
Case Corsair iCUE 220T RGB Airflow (White) w/Lighting Node CORE + Lighting Node PRO RGB LED Strips (4).
Audio Device(s) ASUS XONAR DX PCIe Sound Card
Power Supply Corsair RM750x 750W 80 Plus Gold Fully Modular
Mouse Corsair M65 RGB FPS Gaming (White)
Keyboard Corsair STRAFE RGB Mechanical Keyboard (MX Red RGB)
Software Windows 10 Professional x64 (Update Build 20H2)
aside from the "punishment" CDPR deserves of getting, it would have been a whole lot worst if whoever that hacked their vault and stole sensitive data really did get away with it.
 
Joined
Jun 10, 2014
Messages
2,405 (0.96/day)
It's bad they got hacked but +1 to CDPR for actually having functional offline backups and not paying a ransom. If everyone did this, this dumb Bitcoin ransomware problem would be solved already.
While everyone should obviously have good backup routines*, following basic security practices would also effectively block practically all such attacks;
- Keeping systems up to date (especially servers, firewalls etc.)
- Not running Windows for servers
- Restricting access to resources on a per user basis (not common universal passwords for everyone), this also allows revoking access easily when someone leaves.
- Have segmented networks, firewalls or VPNs controlling how and which computers can access each other.
And most importantly, you do security in layers. Sooner or later, one layer may be compromised, so detection and damage control is essential. Far too many companies operate in a way where just a virus or a bad actor on any computer can steal or damage everything. Many companies with thousands of employees have been hurt by a single compromised computer, if basic security practices were followed, this wouldn't be possible.

But often, the damage from accidents or incompetence can probably be even worse. I know of a concrete case where a sysadmin at one company typed rm in the wrong folder on their main source repository server! Oops, hundreds of projects gone. Luckily they had daily backups, but still, there were a lot of work lost for thousands of engineers.

*)
Some things may be hard to have up to date backups of, or loss of even a few hours of work can sometimes be very costly.


Maybe the hackers can fix CP2077.
Just give them 10.000 man hours, and then maybe…
The flaws of this game is severe to be fixed by a few tweaks.

Is stolen code really something that actually matters? I mean, do people compile their own games? I kind of doubt that. And if it allows hackers to crack things ... so what? They always find a way. Just patch it. Given that the game is sold DRM-free on GOG it's not like piracy is much of a concern for CDPR. So ... what, exactly, do they stand to lose from people having access to a bunch of source code?
I think this fear is mostly old thinking that source code is incredibly valuable and thinking that competitors would "steal" it and use it for competing products.

But source code isn't something that so is easily adapted to other projects. Even if your project have a super smart algorithm that I want, chances are that it will be harder for me to integrate yours than to write my own. And I would argue, the bigger the source, the harder it is to adapt it to your own purpose. In software engineering there is a lot of specific knowledge known only those who have written the source. If someone get their hands on a completed game engine, it would take them years to get familiar with the code base and redesign it to fit their own needs. By that time, does it really matter that much?
(Leaking an unfinished product is different though)
Major source code leaks has happened for years, both for games, Windows itself and even hardware designs (from Nintendo). I haven't seen the immediate emergence of cloned/derived software from any of these.

I hope we can get to a point where it's more common that game source code is available (but not necessarily free). It can still be protected by copyright, so if another company uses it without permission they can still sue. And if some random guy uses it, who cares, really? Companies have a lot to gain from embracing their enthusiast bases, they can provide a lot of cool additions or improvements to a product, for free.
 
Joined
Feb 1, 2013
Messages
938 (0.31/day)
System Name Gentoo64 /w Cold Coffee
Processor 9900K 5.2GHz 1.304v Raystorm Pro
Motherboard GAZ390MG
Cooling GTX360 + MCR120-XP, EK-XRES
Memory 2x16GB TridentZ 3700-C15-2T 1.5v
Video Card(s) RTX 3080 Bykski Eagle
Storage Samsung 970 EVO 500GB, 860 QVO 2TB
Display(s) CU34G2X 3440x1440 144Hz
Case FT03-T mATX
Audio Device(s) SBz
Power Supply SS-850KM3
Mouse G502
Keyboard G710+
Software Gentoo/Windows 10
Benchmark Scores Always only ever very fast
Major source code leaks has happened for years, both for games, Windows itself and even hardware designs (from Nintendo). I haven't seen the immediate emergence of cloned/derived software from any of these.
You have but to look at the knockoffs in China and third world countries. They're riddled with microtransactions and possibly malware, running on "private" servers behind vpns. Some of these markets are big enough that it's a great opportunity lost, even if selling at a fraction of the cost in more wealthy markets.
 
Joined
Sep 17, 2014
Messages
14,700 (6.13/day)
Location
The Washing Machine
Processor i7 8700k 4.6Ghz @ 1.24V
Motherboard AsRock Fatal1ty K6 Z370
Cooling beQuiet! Dark Rock Pro 3
Memory 16GB Corsair Vengeance LPX 3200/C16
Video Card(s) MSI GTX 1080 Gaming X @ 2100/5500
Storage Samsung 850 EVO 1TB + Samsung 830 256GB + Crucial BX100 250GB + Toshiba 1TB HDD
Display(s) Gigabyte G34QWC (3440x1440)
Case Fractal Design Define C TG
Audio Device(s) Situational :)
Power Supply EVGA G2 750W
Mouse Logitech G502 Protheus Spectrum
Keyboard Lenovo Thinkpad Trackpoint II (Best K/B ever... <3)
Software W10 x64
But source code isn't something that so is easily adapted to other projects. Even if your project have a super smart algorithm that I want, chances are that it will be harder for me to integrate yours than to write my own. And I would argue, the bigger the source, the harder it is to adapt it to your own purpose. In software engineering there is a lot of specific knowledge known only those who have written the source. If someone get their hands on a completed game engine, it would take them years to get familiar with the code base and redesign it to fit their own needs. By that time, does it really matter that much?
(Leaking an unfinished product is different though)
Major source code leaks has happened for years, both for games, Windows itself and even hardware designs (from Nintendo). I haven't seen the immediate emergence of cloned/derived software from any of these.

I hope we can get to a point where it's more common that game source code is available (but not necessarily free). It can still be protected by copyright, so if another company uses it without permission they can still sue. And if some random guy uses it, who cares, really? Companies have a lot to gain from embracing their enthusiast bases, they can provide a lot of cool additions or improvements to a product, for free.
Exactly right, what else can you make easily with that other than... the game that's already there, but without the latest updates.

Or you can make Geralt pr0n with it. Well yay and well hello modding scene what did you do all these years

You have but to look at the knockoffs in China and third world countries. They're riddled with microtransactions and possibly malware, running on "private" servers behind vpns. Some of these markets are big enough that it's a great opportunity lost, even if selling at a fraction of the cost in more wealthy markets.
Those markets are perfectly capable of imploding on their own. Gaming is like a learning curve, people get new systems to chew on, new mechanics, and they fall for all the psychological trickery involved, then get wiser. We all did. We all played our share of MMOs and grindy games with well managed dopamine shots and flashy bars filling up. We all raced for those high scores. The leaderboards in the arcade. The first guy to finish in a race.

Many of those concepts have been given more depth or are otherwise filled with new takes on those dopamine shots and how to manage them more effectively, fooling us once again ;) I recall a lootbox, MTX, skins, seasonal content, chapter-based releases, dailies, weeklies, monthlies, seasonal events, etc etc etc ad infinitum. That is also why those older concepts also work so well on the mobile space. Lots of new, gullible gamers. And the worst thing of it is, many of them have never known how glorious and worry/money free gaming could actually be. 'Pay 10 bucks to reset a timer that you're going to see a few hundreed more times' - and people do it.

The unfortunate thing is, it seems a lot of people also don't get much wiser. Is that an opportunity lost? The best way to combat that style of games is by bringing a real game. Its disturbingly easy and its part of the reason of CDPRs success. They did what few others were still doing and showed everyone there was still serious money in serious games. And not just them of course, but you get me.
 
Last edited:
Joined
Dec 30, 2010
Messages
1,211 (0.32/day)
definitely an inside job. Not to say it's not a surprise but I don't think anyone outside of the company would do this for free or has the know-how of where the sensitive files are located.

Sigh.

What about a company having their security not in check? Never leave source-codes on a machine thats hooked to the internet.
 
Joined
Mar 20, 2019
Messages
206 (0.27/day)
Just give them 10.000 man hours, and then maybe…
The flaws of this game is severe to be fixed by a few tweaks.
A graphical glitch here and there is not such a severe problem. I'm not really counting consoles because why would you even want to play such a game on a console? It's not a casual "party shooter". I'm 50 hours into a second play through (around 300 hours total), and am yet to find a game-breaking bug which couldn't be fixed by reloading an auto save from 5 minutes earlier. I think it was the 1.06 patch which fixed most quest progression bugs, now there are just occasional graphical glitches. Some of which are quite funny actually, like all NPCs having a mohawk for a few seconds.

As for the attack: First of all, damn script kiddies. Looks like another wannabee hacker - script kiddie using Cobalt Strike. Kudos to CDPR for having a robust enough infrastructure to not care, sysadmins should get a hefty raise. Second, losing source code isn't such a huge deal as some seem to think. No one is going to create and sell copies of the games and no sane company is going to use stolen data in their products. Some top-tier modders might use the leaked REDEngine files in their work, but that's about it. Leaked HR/administration data can lead to targeted attacks and/or things like identity theft, but no more than someone digging up your electricity bill from the trash - which actually happens, so at least use a permanent market to cover your data. Seriously.
 
Joined
Oct 1, 2014
Messages
1,100 (0.46/day)
Location
Modesto, California
System Name The Captain (2.0)
Processor Ryzen 5 3600
Motherboard ASRock B550 PG Velocita
Cooling CPU: DeepCool GAMMAXX GT; Case: 5x 120mm fans (front, top, rear)
Memory 16 GB (3200Mhz) G.Skill Trident Z Royal (Silver)
Video Card(s) MSI Gaming X GTX 1660 Super
Storage 1x Crucial MX500 500GB SSD; 1x Crucial MX500 500GB M.2 SSD; 1x WD Blue 7200 RPM HDD
Display(s) Aorus CV27F 27" 1080p 165Hz
Case Phanteks Eclipse P360X
Power Supply Seasonic FOCUS+ Platinum 750W
Mouse HyperX Pulsefire Surge
Keyboard HyperX Alloy Origins Core
A graphical glitch here and there is not such a severe problem. I'm not really counting consoles because why would you even want to play such a game on a console? It's not a casual "party shooter".

This part of your comment is what I reacted to with "sad". Why would you even want to play such a game on a console?, you ask? I'm gonna go out on a limb and say maybe it's because some people LIKE to play on console, or don't have money/time/skill to build a PC just to play the game "the way it's meant to be played"? Seriously, what makes console gamers and their gaming experience worth less in the eyes of some PC gamers? I've never understood the mindset of some in the "PC Master Race". :rolleyes:
 

hat

Enthusiast
Joined
Nov 20, 2006
Messages
21,413 (4.07/day)
Location
Ohio
System Name Starlifter :: Dragonfly
Processor i7 2600k 4.4GHz :: Athlon II x4 630 3.5GHz
Motherboard ASUS P8P67 Pro :: GIgabyte GA-770T-USB3
Cooling Corsair H70 :: Thermaltake Big Typhoon
Memory 2x4GB DDR3 1866 :: 2x1GB DDR3 1333
Video Card(s) 2x PNY GTX1070 :: none
Storage Plextor M5s 128GB, WDC Black 500GB :: Mushkin Enhanced 60GB SSD, WD RE3 1TB
Display(s) Acer P216HL HDMI :: None
Case Antec SOHO 1030B :: Old White Full Tower
Audio Device(s) Creative X-Fi Titanium Fatal1ty Pro - iLive IT153B Soundbar (optical) :: None
Power Supply FSP Hydro GE 550w :: something
Software Windows 10 Pro - Plex Server on Dragonfly
Benchmark Scores >9000
This part of your comment is what I reacted to with "sad". Why would you even want to play such a game on a console?, you ask? I'm gonna go out on a limb and say maybe it's because some people LIKE to play on console, or don't have money/time/skill to build a PC just to play the game "the way it's meant to be played"? Seriously, what makes console gamers and their gaming experience worth less in the eyes of some PC gamers? I've never understood the mindset of some in the "PC Master Race". :rolleyes:
The console gaming experience is just objectively worse than PC gaming can be. Yes, it takes more time, skill, and certainly in today's climate, money, to build a capable PC, but you do get better visuals, better performance and better gameplay out of it. And you can do a lot more with you PC than you can with your console.

That said, that's just my take on it. There's no hatred in my heart for the 'console peasants', I just enjoy what I do and hopefully everybody else does, too.
 
Joined
Mar 20, 2019
Messages
206 (0.27/day)
This part of your comment is what I reacted to with "sad". Why would you even want to play such a game on a console?, you ask? I'm gonna go out on a limb and say maybe it's because some people LIKE to play on console, or don't have money/time/skill to build a PC just to play the game "the way it's meant to be played"? Seriously, what makes console gamers and their gaming experience worth less in the eyes of some PC gamers? I've never understood the mindset of some in the "PC Master Race". :rolleyes:
My personal opinion is that using a platform where you need aggressive auto aim, degraded graphics and comically simplified controls to be even able to play a game is just vastly less enjoyable and better suited to simple, casual games than more complex ones.
I'm not looking down on "console peasants", and I most certainly had some clashes with the elitist "PCMR" types. Everyone uses what they want or can and there is no place for any feelings of superioity or inferiority in that. That being said, playing a complex game like Cyberpunk 2077 on a console is like taking an old, rusty bike to a hard single track - you absolutely can, but your experience will be far from optimal and you need to understand that you will contend with a lot of problems.
 
Last edited:
Joined
May 2, 2017
Messages
3,791 (2.63/day)
Location
Norwegian, currently in Lund, Sweden
Processor AMD Ryzen 5 1600X
Motherboard Biostar X370GTN
Cooling Custom CPU+GPU water loop
Memory 16GB G.Skill TridentZ DDR4-3200 C16
Video Card(s) AMD R9 Fury X
Storage 500GB 960 Evo (OS ++), 500GB 850 Evo (Games)
Display(s) Dell U2711
Case NZXT H200i
Power Supply EVGA Supernova G2 750W
Mouse Logitech G602
Keyboard Lenovo Compact Keyboard with Trackpoint
Software Windows 10 Pro
The console gaming experience is just objectively worse than PC gaming can be. Yes, it takes more time, skill, and certainly in today's climate, money, to build a capable PC, but you do get better visuals, better performance and better gameplay out of it. And you can do a lot more with you PC than you can with your console.

That said, that's just my take on it. There's no hatred in my heart for the 'console peasants', I just enjoy what I do and hopefully everybody else does, too.
Oh man, "objectively worse", statements like that make me chuckle every single time. I mean, the amount of fundamentally subjective criteria involved in saying a PC gaming is "objectively better" is downright staggering. For example, what constitutes "better gameplay"? Isn't that extremely dependent on the type of game and the preferences of the player? Aren't there games and play situations where the difference between, say, 720p30 and 4k60 or 1080p240 would be essentially imperceptible? Of course there are. And those games are just as valid benchmarks for what constitutes "better gameplay" as types of games that highlight these differences more clearly. And doesn't access play a part, along the lines of the saying that "the best camera is the one you have with you"? I.e. couldn't it be argued just as "objectively" that the best gaming experience is the one you're actually able to have in the highly subjective context of your specific life? I would certainly think so.

Statements like these also ignore the quite large amount of training and conditioning required just to actually perceive high-performance gaming as better. I'm not disputing whether "people can actually see more than 60Hz" or other nonsense like that (human perception can rarely be reduced to a single number, and is extremely dynamic and context-dependent, and also generally friggin amazing), but there's a distinct difference between being able to vaguely perceive that something is slightly different - such as motion being smoother - and being able to actually pinpoint why that is, whether and how it affects gameplay, and whether it is actually to the better. That requires training. Outside of "hardcore gamers" and hardware enthusiasts, it's likely that the average person would be able to perceive some sort of difference between, say, playing a fast-paced game at 60Hz or 120Hz, but the more important question is: would they care? Most likely not. And if you don't care, then the difference is rendered moot.

PC gamers and hardware enthusiasts have been in a decades-long cycle of conditioning into the belief that higher performance is always better (both by the community and importantly by marketing departments of PC, component and peripheral brands), which is strongly tied into the types of games that are presented as "real games" and the types of people seen as "real gamers". It's all a question of perception, identity and gatekeeping. Depending on the game there are obviously situations where higher performance can give an advantage, or where too low performance can make a game unplayable, but extrapolating this into an "objective truth" that PC gaming is universally superior is just pure, unadulterated nonsense. PC gaming discourse loves to present itself as if we have somehow gained access to a set of universal objective truths that other people simply don't know about, which just illustrates that the original irony of the term "PC master race" has long since been abandoned. The preference for high-performance gaming is just that: a preference. Taste. And taste is what? Subjective.

Now, this rant did come slightly out of the blue, and I'm by no means trying to "get" you in any way, nor trying to somehow say you're disingenuous in what you're saying - this is directed towards everyone and no-one, and certainly not you in particular, your statement just got me going down this path. But I think we all stand to gain from deluding ourselves less, and this is a case where that's pretty simple. There is no "objective truth" to the superiority of PC gaming. Humans do not engage with the world in non-subjective ways. It's a matter of preference. And having preferences is, in case it wasn't obvious, not just perfectly fine, but a core condition of being human. But presenting our preferences as if they were objective truths is a rhetorical and intellectual bad-faith tactic that serves no other purpose than to elevate "us" above "them". And that's a dangerous path to go down.

/rant
 
Last edited:
Joined
Jun 10, 2014
Messages
2,405 (0.96/day)
A graphical glitch here and there is not such a severe problem.
I'm referring to the countless examples of objects flying around, falling through floors etc. These glitches are not graphical glitches at all, these are fundamental flaws in the game simulation, and isn't easily solved with a workaround or small change here and there.

As for the attack: First of all, damn script kiddies. Looks like another wannabee hacker - script kiddie using Cobalt Strike. Kudos to CDPR for having a robust enough infrastructure to not care, sysadmins should get a hefty raise.
It's either a fundamental lack of security, or an inside job (or both). Basic common security practices would have prevented the scale of this. Whoever was in charge of their security should probably be fired.

We hear a lot about massive conspiracies from government sponsored hackers using zero-day vulnerabilities or creative techniques to communicate with air-gapped devices, or techniques that can read your data through electromagnetic noise etc., but in reality, in 99.9% of cases people just fail the well-known basics.
 
Last edited:
Joined
Feb 20, 2020
Messages
1,686 (4.04/day)
Location
Texas
System Name Ghetto Rigs x299 & z490 & Q9550 Old timer
Processor 9940x with optimus sigV2 & 10900k with optimus foundation & Q9550 with EK Evo
Motherboard X299 Rampage VI Apex & z490 Maximus XII Apex & Acer WG43M
Cooling D5 combo/280 GTX/ VRM water block copper/280 GTX/ D5 Top/Optimus sigV2/TitanXp/Mora 360x2
Memory Trident-Z 3600C16 4x8gb & Trident-Z 3600c16 2x8gb & 4x2gb crucial
Video Card(s) Titan Xp & 1080ti ftw3 & evga 980ti gaming
Storage 970 evo plus 500gb & 970 evo 500gb many 2.5" ssd's and WD BLK hdd's
Display(s) 1-AOC G2460PG 24"G-Sync 144Hz/ 2nd 1-ASUS VG248QE 24"/ 3rd LG 43" series
Case D450 second floor for 2nd rad x2/ Cherry Entertainment center
Audio Device(s) Built in Realtek x2 with Insignia 2.0 sound bars & 1-LG sound bar
Power Supply evga 1200P2 & 1000P2 with APC AX1500 & 850P2 & CyberPower-GX1325U
Mouse Redragon Perdition x3
Keyboard G910 & G710+x2
Software Win-7 pro x3 and Linux Cinnamon 20.1x2 & win-10 pro x3
Hi,
Big question is did twitter ban said hacker lol
 
Joined
Mar 20, 2019
Messages
206 (0.27/day)
I'm referring to the countless examples of objects flying around, falling through floors etc. These glitches are not graphical glitches at all, these are fundamental flaws in the game simulation, and isn't easily solved with a workaround or small change here and there.


It's either a fundamental lack of security, or an inside job (or both). Basic common security practices would have prevented the scale of this. Whoever was in charge of their security should probably be fired.

We hear a lot about massive conspiracies from government sponsored hackers using zero-day vulnerabilities or creative techniques to communicate with air-gapped devices, or techniques that can read your data through electromagnetic noise etc., but in reality, in 99.9% of cases people just fail the well-known basics.
Of the errors you mentioned I only saw boxes floating after dumping NPC bodies into containers, and I hardly think it can be called a fundamental flaw. A quest line being bugged in a game-breaking way is a fundamental flaw, as is savegame corruption. Both happened to this game and both were fixed a while ago. Also, what you mention is just a collision detection or physics engine not properly zeroing forces on item spawning problem. Both can be tricky to fix, but are not really fundamental. Unless, of course, you are one of the people who just need to be outraged all the time. I knew a guy like that, he truly believed that Bioshock is a horrible game and 2K Games should refund everyone for this blatant theft. Why, you might ask? Because he found a low resolution texture on a plant somewhere. Really, that was his only argument. Needless to say, it was the last time we spoke. The biggest annoyance I encounter in this game are broken item hitboxes. Just try picking up this new shiny gun laying next to a body. Nope.

"It's either a fundamental lack of security, or an inside job (or both). Basic common security practices would have prevented the scale of this. Whoever was in charge of their security should probably be fired."
You probably never worked in a corporate environment. The scale of such infrastructure simply requires some degree of simplification - you can harden anything to the point of being anything-proof, but then your employees will spend more time doing security checklists than working. And I can guarantee there will be some mid-level douchebag manager with a superiority complex who will write down all his passwords on a piece of paper he tapes to the screen and a cleaning lady who will take this card and sell the passwords. For tools like Cobalt Strike that's enough. Get a foothold, elevate from there. It may take some time and effort, but once you're in, you're in.
This happens to every company at some point, it's how they deal with the problem that shows their quality. Many big corporations actually prefer to pay and keep it quiet to avoid bad PR.
 

hat

Enthusiast
Joined
Nov 20, 2006
Messages
21,413 (4.07/day)
Location
Ohio
System Name Starlifter :: Dragonfly
Processor i7 2600k 4.4GHz :: Athlon II x4 630 3.5GHz
Motherboard ASUS P8P67 Pro :: GIgabyte GA-770T-USB3
Cooling Corsair H70 :: Thermaltake Big Typhoon
Memory 2x4GB DDR3 1866 :: 2x1GB DDR3 1333
Video Card(s) 2x PNY GTX1070 :: none
Storage Plextor M5s 128GB, WDC Black 500GB :: Mushkin Enhanced 60GB SSD, WD RE3 1TB
Display(s) Acer P216HL HDMI :: None
Case Antec SOHO 1030B :: Old White Full Tower
Audio Device(s) Creative X-Fi Titanium Fatal1ty Pro - iLive IT153B Soundbar (optical) :: None
Power Supply FSP Hydro GE 550w :: something
Software Windows 10 Pro - Plex Server on Dragonfly
Benchmark Scores >9000
Yikes. I understand your rant wasn't directed at me, but all I'm saying is, the experience on a PC is objectively better than on a console. As I said, you get better visuals, better performance, and better gameplay. Sure, it comes at a price. Sure, availability is shit right now. We all feel that pain right now, console gamers and PC gamers alike. There's no we're better than you" mentality coming from me there.
 
Joined
Jun 10, 2014
Messages
2,405 (0.96/day)
Of the errors you mentioned I only saw boxes floating after dumping NPC bodies into containers, and I hardly think it can be called a fundamental flaw.
Just search on YouTube, and you'll find plenty of videos of flying cars, characters shaking etc. These are not graphical glitches, these are fundamentally flawed physics simulations.

"It's either a fundamental lack of security, or an inside job (or both). Basic common security practices would have prevented the scale of this. Whoever was in charge of their security should probably be fired."
You probably never worked in a corporate environment. The scale of such infrastructure simply requires some degree of simplification - you can harden anything to the point of being anything-proof, but then your employees will spend more time doing security checklists than working.
I think you missed the point. Those of us who have worked for various companies of thousands of employees knows security breaches are "inevitable", which is why skilled IT professionals knows to do security in layers. Sooner or later someone's Windows install will get a virus, some laptop or phone will get stolen, someone's password get compromised, some critical zero-day bug is discovered etc. This is why the servers and network infrastructure needs to be up to date, networks should be segmented in some way with firewalls, VPNs etc. Access to resources such as file shares, source repositories, databases etc. should be granted on a per user basis, and passwords should be different from their computer passwords. Any of these steps themselves will make anything 100% bullet-proof, but it's where you start. And if you do this in a sensible way, it's usually enough to stop catastrophic damage before you can intervene. This should be enough to prevent an intruder from getting all your corporate data or to destroy all your data, because the chances of someone breaking through multiple security barriers is fairly slim.

But once you got the basics right, you can consider further steps, including some kind of intrusion detection, honeypots, etc. But as you mentioned, taking things too far might result in wasted resources or even people finding ways around the system. This is why it's important to get the fundamentals right first, instead of focusing on a niche problem. And doing an overall balanced approach with good security isn't that hard.
 
Joined
Mar 20, 2019
Messages
206 (0.27/day)
Just search on YouTube, and you'll find plenty of videos of flying cars, characters shaking etc. These are not graphical glitches, these are fundamentally flawed physics simulations.
If a problem occurs for one in a thousand players, you're still going to have thousands of loudmouth YouTube kids screaming about it like someone took their lollipop. This is low-brow, primitive attention economy at it's worst. Filter it like this: If something works as expected, people don't really care to tell others about it. You only hear about the edge cases, so if millions upon millions of copies were sold and you hear a few hundred, maybe a few thousand people grumbling, it's not really that bad.

As for the rest - I really hope you are not responsible for any kind of security system. Just read about privilege escalation as an elementary basics. You can sandbox users or segment your network to your heart's content. If someone gets a foothold, starts snooping around and escalating horizontally and vertically, the only limiting factor is the attacker's skill. And we live in times when the tools you can get for free, buy or even rent are sophisticated to the point where such attacks don't really require years of learning. Hence my "damn script kiddies" remark, as everything points to a medium-skill, open source tool being used in this attack.
 
Joined
May 2, 2017
Messages
3,791 (2.63/day)
Location
Norwegian, currently in Lund, Sweden
Processor AMD Ryzen 5 1600X
Motherboard Biostar X370GTN
Cooling Custom CPU+GPU water loop
Memory 16GB G.Skill TridentZ DDR4-3200 C16
Video Card(s) AMD R9 Fury X
Storage 500GB 960 Evo (OS ++), 500GB 850 Evo (Games)
Display(s) Dell U2711
Case NZXT H200i
Power Supply EVGA Supernova G2 750W
Mouse Logitech G602
Keyboard Lenovo Compact Keyboard with Trackpoint
Software Windows 10 Pro
Yikes. I understand your rant wasn't directed at me, but all I'm saying is, the experience on a PC is objectively better than on a console. As I said, you get better visuals, better performance, and better gameplay. Sure, it comes at a price. Sure, availability is shit right now. We all feel that pain right now, console gamers and PC gamers alike. There's no we're better than you" mentality coming from me there.
You apparently took that it wasn't directed at you a bit too far and didn't actually read: the key point is that what constitutes "a better play experience" is fundamentally subjective, and attempting to describe whatever criteria one has chosen to prefer as "objectively better" is a delusion. Period. Higher resolution is higher resolution. Faster framerates are faster framerates. Performance is performance (though what constitutes performance is itself quite complex). Neither are in any way objective criteria of better gameplay, as there cannot possibly exist any objective standard for such a thing - it's a culturally determined phenomenon, after all. Objectivity does not apply. If something was to be an objective criterion for gameplay, that would mean that it has a fundamentally determining effect on the quality of gameplay, and, well, a crap game at 250fps with fancy graphics, a boring gameworld, nothing interesting to do or see etc.? That's still a crap game. One can be of the opinion that these factors are the chief determinants of the quality of gameplay, and there are some arguments for thinking so (though there are also very good arguments for other factors being at least as important if not more), but that doesn't invalidate arguments for focusing on other aspects of the gameplay experience, nor does it take away from the fact that someone not thinking so likely won't actually care - so it's extremely unlikely that this will constitute better gameplay for them, even if it does so for you.

And I'm not saying that you're consciously expressing any kind of derogatory attitude either, nor do I have any basis whatsoever to comment on your opinions or ideals, but it's a rather simple fact that saying (whether to someone directly or nobody in particular) that "your choice of how to perform [activity A] is fine, but mine is better due to the criteria I and my peers have chosen to constitute "better performance of [activity A]" is an inherently derogatory statement, and that this discourse in PC gaming is fundamentally derogatory. That's just facts. And again, there are good arguments for why aspects of PC gaming are better, but choosing to focus on these aspects is a choice, and is thus subjective. The very claim of "my opinion is objectively true" (especially, but not exclusively when it actually isn't) is itself derogatory. I also think PC gaming is generally better than console gaming, but that's my tastes and my opinion, and no amount of arguments as for why I have that opinion will make it anything but an opinion. The derogatory part comes built in when one starts assuming that one's opinions are somehow objective facts, because that also necessitates the belief that the opinions of others are factually wrong. Which, again, you can think that they are, but that's another opinion. It's opinions all the way down.
 
Last edited:
Top