|
|
Post by eddiemonsta on May 19, 2015 14:39:04 GMT
|
|
|
|
Post by 13thGeneral on May 19, 2015 15:42:36 GMT
I saw that too. Very intriguing indeed. I would hope that Chillcore would at least let Apple know about it (maybe he did, but that's not how it reads). |
|
|
|
Post by Crumpy Six on May 19, 2015 15:49:29 GMT
I'm interested too but I don't follow what he could be talking about. He says: "The final straw to lose any trust in molyneux and co was when I reported a security hole in their backend (which they fixed quite rapidly) but instead of passing the message along to higher up (yes it was/is that big a hole) they just abused it and took advantage of what I disclosed to them." He reported a security problem. They fixed it. How could they abuse a security hole to their advantage? What "higher ups" does he mean - Apple and DeNA? Is he suggesting that the security hole somehow benefited 22Cans financially through fraudulent means, but they never disclosed it through appropriate channels? |
|
Lord Ba'al
Supreme Deity
Posts: 6,260
Pledge level: Half a Partner
I like: Cats; single malt Scotch; Stargate; Amiga; fried potatoes; retro gaming; cheese; snickers; sticky tape.
I don't like: Dimples in the bottom of scotch bottles; Facebook games masquerading as godgames.
Steam: stonelesscutter
GOG: stonelesscutter
|
Post by Lord Ba'al on May 19, 2015 16:58:21 GMT
It does read like they could have benefited from it.
|
|
|
|
Post by 13thGeneral on May 19, 2015 17:09:18 GMT
That's how I read it as well. Not to question his integrity, but before taking that too seriously we should at least try to establish Chillcore's credibility; look at his post history, see if we can identify the same individual in other gaming site forums and communities. I am almost certain he's a modder - so check out those sites like Nexus mods. Also, just send him a PM to connect and maybe get a clarification without prodding for too much definitive evidence (since he's stated he won't provide it, asking will just turn him off).
|
|
|
|
Post by hardly on May 19, 2015 19:24:54 GMT
Sounds a bit craycray to me but if it pans out it would be exciting.
|
|
|
|
Post by totallytim on May 19, 2015 20:43:58 GMT
|
|
Deleted
Deleted Member
Posts: 0
|
Post by Deleted on May 19, 2015 21:53:59 GMT
I think the bit about Chillcore should be in its own thread so that it can be better publicly addressed by 22cans, as those are some fairly serious accusations.
|
|
arryu
Senior Apprentice
Posts: 80 
|
Post by arryu on May 20, 2015 7:46:21 GMT
Could we invite him here to explain a little better? Obviously he won't tell us every thing, but I'm sure he can answer yes or no to "should we be worried about the security hole/whatever PM did?"
|
|
|
|
Post by eddiemonsta on May 20, 2015 8:33:59 GMT
It does read like they could have benefited from it. That's what I took it to mean. This could be confirmation bias on my part, however. |
|
zeruelb
Junior Apprentice
Posts: 63
|
Post by zeruelb on May 20, 2015 12:56:41 GMT
There is also this PS on his post which shows a clear direction:
"ps: Don't bother asking about the details of the hole ... I will not answer ... Just wanted to explain what this company (under guidance of molyneux and DeNA) is willing to do to cheat you out of your pennies.
I will only say this about it ... if I were Apple, Godus and everything DeNA would not even be available no more on iOS after that stunt ..."
And its still going on.
|
|
|
|
Post by 13thGeneral on May 20, 2015 14:02:48 GMT
He makes it sound like they were either siphoning miniscule amounts of money out of mobile players bank accounts (ala Office Space), or something just as heinous. It's also possible he's hinting that they are gathering personal information beyond just the usual (name/location/phone#/device/os/b-day/friends/etc.) not covered in the usage privacy policy (like SSN, Bank #, etc. ) and doing something very illegal with it - perhaps selling it.
All just wild speculation since he's being extremely guarded about it - while still dangling it like a poison carrot - so we may never know if it is valid or complete bullocks;we don't even know if Chillcore is credible or just making up crazy allegations.
|
|
|
|
Post by distraction on May 20, 2015 14:44:02 GMT
wow i wuld love to know what thats alabout
|
|
|
|
Post by earlparvisjam on May 22, 2015 6:12:22 GMT
He makes it sound like they were either siphoning miniscule amounts of money out of mobile players bank accounts (ala Office Space), or something just as heinous. It's also possible he's hinting that they are gathering personal information beyond just the usual (name/location/phone#/device/os/b-day/friends/etc.) not covered in the usage privacy policy (like SSN, Bank #, etc. ) and doing something very illegal with it - perhaps selling it. All just wild speculation since he's being extremely guarded about it - while still dangling it like a poison carrot - so we may never know if it is valid or complete bullocks;we don't even know if Chillcore is credible or just making up crazy allegations. Maybe they are using cell phones to mine Bitcoins or something like that. I've heard crazier stories but the vagueness makes it hard to put too much stock in it... |
|
|
|
Post by hardly on May 22, 2015 8:09:21 GMT
He makes it sound like they were either siphoning miniscule amounts of money out of mobile players bank accounts (ala Office Space), or something just as heinous. It's also possible he's hinting that they are gathering personal information beyond just the usual (name/location/phone#/device/os/b-day/friends/etc.) not covered in the usage privacy policy (like SSN, Bank #, etc. ) and doing something very illegal with it - perhaps selling it. All just wild speculation since he's being extremely guarded about it - while still dangling it like a poison carrot - so we may never know if it is valid or complete bullocks;we don't even know if Chillcore is credible or just making up crazy allegations. Maybe they are using cell phones to mine Bitcoins or something like that. I've heard crazier stories but the vagueness makes it hard to put too much stock in it... That is an interesting thought. What if we create a game that encourages people to play it for long periods of time and even leave it running in the background. What if we make it appear that the game requires internet communication when it doesn't. What if we use a relatively small amount of the computers capacity to mine bit coins in the background?
I don't actually think this is happening but given how GODUS plays it would actually be quite good for hiding bit coining mining algorithms in.
|
|
Lord Ba'al
Supreme Deity
Posts: 6,260
Pledge level: Half a Partner
I like: Cats; single malt Scotch; Stargate; Amiga; fried potatoes; retro gaming; cheese; snickers; sticky tape.
I don't like: Dimples in the bottom of scotch bottles; Facebook games masquerading as godgames.
Steam: stonelesscutter
GOG: stonelesscutter
|
Post by Lord Ba'al on May 22, 2015 9:54:04 GMT
I don't understand what that is about. What are bitcoins and why do they have to be mined? What good are they?
|
|
|
|
Post by morsealworth on May 22, 2015 12:02:14 GMT
From what was said, I gathered he found a backdoor in their server. Turned out it wasn't a backdoor specific to their server and they abused it against other companies.
|
|
|
|
Post by Deth on May 22, 2015 12:22:36 GMT
I don't understand what that is about. What are bitcoins and why do they have to be mined? What good are they? Bitcoin in an internet currency. You can buy bitcoins and then use them at internet stores. I have never used it myself but it is a fairly big thing from what I understand.
|
|
|
|
Post by 13thGeneral on May 22, 2015 12:38:50 GMT
I may have some insight into it, and will share what I can when I get home.
NOTE: In the meantime, do some research on "Apple app store publishing approval loophole"
Just a hunch it is related to something like that; I might be way off, since I didn't have time to invest into it this morning.
|
|
|
|
Post by 13thGeneral on May 23, 2015 14:56:43 GMT
Ok, from what I gather here's what allegedly was the issue; The reported problem was apparently an exploit that could be taken advantage of, that would allow multiple duplications of the game on a single device across multiple servers, and somehow 22Cans possibly/likely knew of and could have potentially used this to their advantage... somehow. Not sure how this would be advantageous to them, but that's what I was told. It's possible it was fixed when they integrated Facebook, but not certain if Apple is aware of it or fixed it because they haven't acknowledged either way.
Sorry it's vague, but that's basically what I got. And I hope I relayed the information properly, as my understanding of this is limited and I was trying to parse the info while paraphrasing it to protect the source.
|
|
