aw dangit! :(
TF2 and CS:GO's source code got leaked
posted in
TF2 General Discussion
what i struggle to understand is why these tf2 players just want so see the world burn, after being kicked from a group for being racist and transphobic (that already reveals low IQ) the genius decided to leak code that could cause massive problems to a multi billion dollar company
what is wrong with these kids ? are their hats too tight causing low blood flow in their brains ?
what i struggle to understand is why these tf2 players just want so see the world burn, after being kicked from a group for being racist and transphobic (that already reveals low IQ) the genius decided to leak code that could cause massive problems to a multi billion dollar company
what is wrong with these kids ? are their hats too tight causing low blood flow in their brains ?
what is wrong with these kids ? are their hats too tight causing low blood flow in their brains ?
I'm not sure why it's claimed that it's only client code. The game server, GC, econ code is in there, at least partially.
I'm not sure why it's claimed that it's only client code. The game server, GC, econ code is in there, at least partially.
mastercomsI'm not sure why it's claimed that it's only client code. The game server, GC, econ code is in there, at least partially.
are you saying we can make ref worth less than oil?
[quote=mastercoms]I'm not sure why it's claimed that it's only client code. The game server, GC, econ code is in there, at least partially.[/quote]
are you saying we can make ref worth less than oil?
are you saying we can make ref worth less than oil?
i don't think it's the GC, just the code used for interacting with the GC
i don't think it's the GC, just the code used for interacting with the GC
toads_tfi don't think it's the GC, just the code used for interacting with the GC
There's literally GC/GC_DLL code in there, which is accessing a SQL database. This is dangerous stuff.
[quote=toads_tf]i don't think it's the GC, just the code used for interacting with the GC[/quote]
There's literally GC/GC_DLL code in there, which is accessing a SQL database. This is dangerous stuff.
There's literally GC/GC_DLL code in there, which is accessing a SQL database. This is dangerous stuff.
https://www.pcgamer.com/team-fortress-2-and-csgo-source-code-leak-raises-security-fears/
So basically as of now its fucking nothing.
https://www.pcgamer.com/team-fortress-2-and-csgo-source-code-leak-raises-security-fears/
So basically as of now its fucking nothing.
So basically as of now its fucking nothing.
[PSA] Its very likely safe to play TF2 right now. An RCE existing is extremely unlikely.
First of all, the source code being leaked doesnt mean much when it has been known by hackers for ages, which was the source of the lag/crash bots. If an RCE exploit existed, it would've been used a long time ago, or would've been reported to valve for a couple thousand dollars.
Interesting links:
A take from a professional, who has earned a lot of money finding 0-day exploits in programs such as Filezilla
Teamwork.tf's opinion on the situation
However, it is not unwise to just wait out an official response from the TF2 team, much like we did with the official CS:GO twitter account.
Also for those unaware, it has been proven that the images that were shown here a while back where a pop-up saying that cathook was getting into your account were fake.
Also this: Apparently the leaked code isn't strictly TF2 source code, but just code shared by TF2 and csgo -> Posted by a Steam community forum mod
[b][PSA] Its very likely safe to play TF2 right now. An RCE existing is extremely unlikely.[/b]
First of all, the source code being leaked doesnt mean much when it has been known by hackers for ages, which was the source of the lag/crash bots. If an RCE exploit existed, it would've been used a long time ago, or would've been reported to valve for a couple thousand dollars.
Interesting links:
[url=https://soatok.blog/2020/04/22/source-code-leak-is-effectively-meaningless-to-endpoint-security/amp/]A take from a professional[/url], [url=https://hackerone.com/soatok]who has earned a lot of money finding 0-day exploits in programs such as Filezilla[/url]
[url=https://twitter.com/TF2teamwork/status/1253075601575104513]Teamwork.tf's opinion on the situation[/url]
However, it is not unwise to just wait out an official response from the TF2 team, [url=https://twitter.com/CSGO/status/1253075594901774336]much like we did with the official CS:GO twitter account.[/url]
Also for those unaware, it has been proven that the images that were shown here a while back where a pop-up saying that cathook was getting into your account were fake.
Also this: [url=https://steamcommunity.com/app/440/discussions/0/2270320616957466159/]Apparently the leaked code isn't strictly TF2 source code, but just code shared by TF2 and csgo[/url] -> Posted by a Steam community forum mod
First of all, the source code being leaked doesnt mean much when it has been known by hackers for ages, which was the source of the lag/crash bots. If an RCE exploit existed, it would've been used a long time ago, or would've been reported to valve for a couple thousand dollars.
Interesting links:
[url=https://soatok.blog/2020/04/22/source-code-leak-is-effectively-meaningless-to-endpoint-security/amp/]A take from a professional[/url], [url=https://hackerone.com/soatok]who has earned a lot of money finding 0-day exploits in programs such as Filezilla[/url]
[url=https://twitter.com/TF2teamwork/status/1253075601575104513]Teamwork.tf's opinion on the situation[/url]
However, it is not unwise to just wait out an official response from the TF2 team, [url=https://twitter.com/CSGO/status/1253075594901774336]much like we did with the official CS:GO twitter account.[/url]
Also for those unaware, it has been proven that the images that were shown here a while back where a pop-up saying that cathook was getting into your account were fake.
Also this: [url=https://steamcommunity.com/app/440/discussions/0/2270320616957466159/]Apparently the leaked code isn't strictly TF2 source code, but just code shared by TF2 and csgo[/url] -> Posted by a Steam community forum mod
This is all a ARG and they're gonna announce Orange Box 2 tomorrow
This is all a ARG and they're gonna announce Orange Box 2 tomorrow
PumAn RCE existing is extremely unlikely.
that's not what the article says, and that's not remotely verifiable
there exists bugs, some lead to bad behavior, some let people run code on your computer
they're not all discovered
they're not all exploitable
have to make myself more clear than previous edit:
- the amount of bug is fixed (with each release)
- anyone can find all the bugs simply reverse-engineering the binary
- anyone can find all the bugs simply reading the source
- finding bugs is easier with the source
- not all the bugs have been found
- a lot of publicity is being thrown on this
- a lot more effective man-hours are being put into finding bugs than previously (because reading source is more efficient, and because more people wil ltry their hand)
- saying "there's no more danger than before" isn't really good because it's nuanced
my Official Take is that you should probably avoid casual/public/lobbies for a while because of this potential issue and some other that i will not discuss publicly, playing on servers ran by trusted owners and with trusted players should be fine, so pugs, mix, scrims
[quote=Pum][b]An RCE existing is extremely unlikely.[/b][/quote]
that's not what the article says, and that's not remotely verifiable
there exists bugs, some lead to bad behavior, some let people run code on your computer
they're not all discovered
they're not all exploitable
have to make myself more clear than previous edit:
- the amount of bug is fixed (with each release)
- anyone can find all the bugs simply reverse-engineering the binary
- anyone can find all the bugs simply reading the source
- finding bugs is easier with the source
- not all the bugs have been found
- a lot of publicity is being thrown on this
- a lot more effective man-hours are being put into finding bugs than previously (because reading source is more efficient, and because more people wil ltry their hand)
- saying "there's no more danger than before" isn't really good because it's nuanced
my Official Take is that you should probably avoid casual/public/lobbies for a while because of this potential issue and some other that i will not discuss publicly, playing on servers ran by trusted owners and with trusted players should be fine, so pugs, mix, scrims
that's not what the article says, and that's not remotely verifiable
there exists bugs, some lead to bad behavior, some let people run code on your computer
they're not all discovered
they're not all exploitable
have to make myself more clear than previous edit:
- the amount of bug is fixed (with each release)
- anyone can find all the bugs simply reverse-engineering the binary
- anyone can find all the bugs simply reading the source
- finding bugs is easier with the source
- not all the bugs have been found
- a lot of publicity is being thrown on this
- a lot more effective man-hours are being put into finding bugs than previously (because reading source is more efficient, and because more people wil ltry their hand)
- saying "there's no more danger than before" isn't really good because it's nuanced
my Official Take is that you should probably avoid casual/public/lobbies for a while because of this potential issue and some other that i will not discuss publicly, playing on servers ran by trusted owners and with trusted players should be fine, so pugs, mix, scrims
https://twitter.com/zemnmez/status/1253065741789736961
(fyi this guy had been submitting major bugs in tf2 and steam for years https://hackerone.com/zemnmez)
https://twitter.com/zemnmez/status/1253065741789736961
(fyi this guy had been submitting major bugs in tf2 and steam for years https://hackerone.com/zemnmez)
(fyi this guy had been submitting major bugs in tf2 and steam for years https://hackerone.com/zemnmez)
mikersTheMackey5Scrims are off I guess, what are your plans for tonight now tftv?
masturmbate
finished
[quote=mikers][quote=TheMackey5]Scrims are off I guess, what are your plans for tonight now tftv?[/quote]
masturmbate[/quote]
finished
masturmbate[/quote]
finished
in theory, open sourcing stuff is supposed to make it easier to find bugs/exploits because there are "many eyes" looking at it, but afaik that doesn't really hold in practice. I.e., the linux kernel being open source doesn't make it significantly more or less secure than it would be otherwise (though super smart researchers can experiment with testing/analysis tools on the kernel to find bugs, but that's different than this situation imo.)
Something major may be found, but who knows :-/
mikersfinished
nice
in theory, open sourcing stuff is supposed to make it easier to find bugs/exploits because there are "many eyes" looking at it, but afaik that doesn't really hold in practice. I.e., the linux kernel being open source doesn't make it significantly more or less secure than it would be otherwise (though super smart researchers can experiment with testing/analysis tools on the kernel to find bugs, but that's different than this situation imo.)
Something major may be found, but who knows :-/
[quote=mikers]
finished[/quote]
nice
Something major may be found, but who knows :-/
[quote=mikers]
finished[/quote]
nice
official word is now apparently that TF2 code wasnt actually leaked, but it is just the CSGO code and that some old tf2 code is shared between the two, which resulted in what appeared to be tf2 leaks
https://steamcommunity.com/app/440/discussions/0/2270320616957466159/
official word is now apparently that TF2 code wasnt actually leaked, but it is just the CSGO code and that some old tf2 code is shared between the two, which resulted in what appeared to be tf2 leaks
https://steamcommunity.com/app/440/discussions/0/2270320616957466159/
https://steamcommunity.com/app/440/discussions/0/2270320616957466159/
dbkofficial word is now apparently that TF2 code wasnt actually leaked, but it is just the CSGO code and that some old tf2 code is shared between the two, which resulted in what appeared to be tf2 leaks
https://steamcommunity.com/app/440/discussions/0/2270320616957466159/
if you look at the files they are definitely from TF2
[quote=dbk]official word is now apparently that TF2 code wasnt actually leaked, but it is just the CSGO code and that some old tf2 code is shared between the two, which resulted in what appeared to be tf2 leaks
https://steamcommunity.com/app/440/discussions/0/2270320616957466159/[/quote]
if you look at the files they are definitely from TF2
https://steamcommunity.com/app/440/discussions/0/2270320616957466159/[/quote]
if you look at the files they are definitely from TF2
i think valve has a monorepo for source games? something like that
it's possible the branch leaked was csgo's, but that also contains all of the code from tf2 although outdated
the code is older than jungle inferno because i can't find any references to jetpacks or bananas, but it's also older than meet your match because there are references to the lobby system
kinda sad now
i think valve has a monorepo for source games? something like that
it's possible the branch leaked was csgo's, but that also contains all of the code from tf2 although outdated
the code is older than jungle inferno because i can't find any references to jetpacks or bananas, but it's also older than meet your match because there are references to the lobby system
kinda sad now
it's possible the branch leaked was csgo's, but that also contains all of the code from tf2 although outdated
the code is older than jungle inferno because i can't find any references to jetpacks or bananas, but it's also older than meet your match because there are references to the lobby system
kinda sad now
Lekhttps://twitter.com/teamfortress/status/1253186403900420098?s=21
"From our review, we have not found any reason for TF2 players to be alarmed or avoid the current builds (as always, playing on the official servers is recommended for greatest security)."
:D
[quote=Lek]https://twitter.com/teamfortress/status/1253186403900420098?s=21[/quote]
"From our review, we have not found any reason for TF2 players to be alarmed or avoid the current builds (as always, playing on the official servers is recommended for greatest security)."
:D
"From our review, we have not found any reason for TF2 players to be alarmed or avoid the current builds (as always, playing on the official servers is recommended for greatest security)."
:D
From the circle I originally heard the leak from, this was likely just a rce injected by whoever leaked the code as it was extremely obvious. Regardless the code got leaked 1.5 weeks ago it just got mainstream now
From the circle I originally heard the leak from, this was likely just a rce injected by whoever leaked the code as it was extremely obvious. Regardless the code got leaked 1.5 weeks ago it just got mainstream now
What kind of bullshit is this? First we need to social distance in real life, and now TF2? "For your safety" in both respects. Not that I'm advocating against the guidelines, but what the hell?
What kind of bullshit is this? First we need to social distance in real life, and now TF2? "For your safety" in both respects. Not that I'm advocating against the guidelines, but what the hell?
AMCWhat kind of bullshit is this? First we need to social distance in real life, and now TF2? "For your safety" in both respects. Not that I'm advocating against the guidelines, but what the hell?
[quote=AMC]What kind of bullshit is this? First we need to social distance in real life, and now TF2? "For your safety" in both respects. Not that I'm advocating against the guidelines, but what the hell?[/quote]
https://imgur.com/a/DgO0uZp
https://imgur.com/a/DgO0uZp
Is there a mask cosmetic i can buy to protect from the virus? Or is someone hoarding all those too?
Is there a mask cosmetic i can buy to protect from the virus? Or is someone hoarding all those too?
JDuffIs there a mask cosmetic i can buy to protect from the virus? Or is someone hoarding all those too?
https://wiki.teamfortress.com/wiki/Physician%27s_Procedure_Mask
https://wiki.teamfortress.com/wiki/Berlin_Brain_Bowl
[quote=JDuff]Is there a mask cosmetic i can buy to protect from the virus? Or is someone hoarding all those too?[/quote]
https://wiki.teamfortress.com/wiki/Physician%27s_Procedure_Mask
https://wiki.teamfortress.com/wiki/Berlin_Brain_Bowl
https://wiki.teamfortress.com/wiki/Physician%27s_Procedure_Mask
https://wiki.teamfortress.com/wiki/Berlin_Brain_Bowl
cookieJDuffIs there a mask cosmetic i can buy to protect from the virus? Or is someone hoarding all those too?https://wiki.teamfortress.com/wiki/Physician%27s_Procedure_Mask
https://wiki.teamfortress.com/wiki/Berlin_Brain_Bowl
[quote=cookie][quote=JDuff]Is there a mask cosmetic i can buy to protect from the virus? Or is someone hoarding all those too?[/quote]
https://wiki.teamfortress.com/wiki/Physician%27s_Procedure_Mask
https://wiki.teamfortress.com/wiki/Berlin_Brain_Bowl[/quote]
https://wiki.teamfortress.com/wiki/Fuel_Injector
https://wiki.teamfortress.com/wiki/Physician%27s_Procedure_Mask
https://wiki.teamfortress.com/wiki/Berlin_Brain_Bowl[/quote]
https://wiki.teamfortress.com/wiki/Fuel_Injector
Lekhttps://twitter.com/teamfortress/status/1253186403900420098?s=21
late 2017 is like the most recent version of the game
[quote=Lek]https://twitter.com/teamfortress/status/1253186403900420098?s=21[/quote]
late 2017 is like the most recent version of the game
late 2017 is like the most recent version of the game
Please
sign in through STEAM
to post a comment.