Jump to content

Back to dayzgame.com
Photo

Security Vulnerabilities fixed by Patch #2 and Character wipe

Important

250 replies to this topic

#1 rocket

rocket

    Bean King

  • DayZ Developer
  • PipPipPipPipPipPip
  • 2003 posts

Posted 19 December 2013 - 12:06 AM

*
POPULAR

The source of the big delay in getting DayZ out was because of the new architecture that we built. As part of this, we spent a great deal of time making very efficient and new ways of doing things. Many of the problems of ArmA for security were by design, doors used by the application to achieve its needs. In ArmA these could not be closed, in DayZ we no longer need them. We thought we had closed some of them, but we found one and we've fixed it. However because some people will have spawned items, we decided to wipe the database to provide a clean slate.

 

All existing characters have been killed, if you are currently logged in when you next join your character will be dead.

 

This is all part of the testing process, we've identified some additional areas of security and enabled some we had left off so we could really see the holes in the architecture without having to rely on the higher tier security measures. Because the vulnerability would allow a player to create items (and they had been) we have decided to wipe the whole database. We could not announce this, as we didn't want to encourage those exploiting to try and figure out a way of leaving items on the ground. We have killed all characters in the database, who existed after all our servers moved to the new version (0.29).

 

Please Note: It is more than likely that we will, much like other software, be continually identifying and patching these kinds of critical security vulnerabilities.

 

Important updates like this WILL attract database wipes during the alpha process. We apologize for the inconvenience but I am sure everyone can agree, it is not fair to keep going with the bad data and some of the unfinished items were spawned in game - which could cause crashes and other issues thus confusing our alpha testing. Many people were experiencing crashes relating to these items that had been created in the game.

 

I realize this is a little vague, but its our policy to be suitably vague about specifics regarding implemented security measures.


  • Honelith, Katana67, SHOT(by)GUN and 139 others gave their beans
>rocket in charge of not being retarded

#2 Hetstaine

Hetstaine

    Chernarus Marathon Champion

  • Members
  • PipPipPipPipPipPip
  • 7484 posts
  • LocationThe Woods

Posted 19 December 2013 - 12:07 AM

There goes my extra torch battery.


  • Dallas, Reuter, h3retic and 42 others gave their beans

#3 Darryl Dixon

Darryl Dixon

    Crossbow Legend

  • Members
  • PipPipPipPipPipPip
  • 4267 posts
  • LocationScotland

Posted 19 December 2013 - 12:10 AM

Do you feel that the security level at the moment is adequate, or will it be an ongoing improvement


  • xRyan99 gave their beans

Don't Throw stones if you have a glass house, and if you have a glass jaw don't run your mouth 


#4 PegasusNipples

PegasusNipples

    On the Coast

  • Members
  • Pip
  • 1 posts

Posted 19 December 2013 - 12:10 AM

Understandable, I can expect this from an alpha, do what you gotta do to keep the heckers out


  • Dallas, jstarkreborn, Aldy and 7 others gave their beans

#5 joe_mcentire

joe_mcentire

    Bean King

  • Members
  • PipPipPipPipPipPip
  • 2715 posts
  • LocationWhere there are no kangaroos

Posted 19 December 2013 - 12:12 AM

...and my axe.
  • Dallas, B00g, aglax888 and 3 others gave their beans

Slowly but surely....slowly..but surely. 


#6 lazy2guns

lazy2guns

    Helicopter Hunter

  • Banned
  • PipPipPipPip
  • 80 posts

Posted 19 December 2013 - 12:12 AM

Right, so instead of implementing a "MMO framework" your plan was to "leave it as is" and slowly plug holes under the pretense/shield of "it's Alpha!". Yeah, nah. I loved the mod, I had great hopes for this game last year but I'm glad I didn't buy nor will I likely ever, especially if this "Alpha" is expected to last up to a year. Trial & error isn't how you write server software. Cheers.
  • Tansien, geekcream, wolffe and 6 others gave their beans

#7 OhDan

OhDan

    Helicopter Hunter

  • Members
  • PipPipPipPip
  • 65 posts

Posted 19 December 2013 - 12:13 AM

As we all know this was going to happen during the Alpha period, It doesn't really bother me, and I'm sure most people will agree.. I'd rather you fix the security issues and kill off everything I have then a hacker teleporting and exploiting the server. 


  • dystopeon, Aldy, wickerrman and 5 others gave their beans

#8 Garainis

Garainis

    On the Coast

  • Members
  • Pip
  • 9 posts

Posted 19 December 2013 - 12:13 AM

All hail the wipe! Sad about losing my compass though.


  • flut gave their beans

#9 rocket

rocket

    Bean King

  • DayZ Developer
  • PipPipPipPipPipPip
  • 2003 posts

Posted 19 December 2013 - 12:14 AM

*
POPULAR

Right, so instead of implementing a "MMO framework" your plan was to "leave it as is" and slowly plug holes under the pretense/shield of "it's Alpha!". Yeah, nah. I loved the mod, I had great hopes for this game last year but I'm glad I didn't buy nor will I likely ever, especially if this "Alpha" is expected to last up to a year. Trial & error isn't how you write server software. Cheers.

 

If you want me to take you seriously, have the common decency not to mock me with your username.


  • Dallas, Kassander, linfosoma and 85 others gave their beans
>rocket in charge of not being retarded

#10 dakisback

dakisback

    Helicopter Hunter

  • Members
  • PipPipPipPip
  • 50 posts

Posted 19 December 2013 - 12:15 AM

NOOOOOOOOOOOOOOOOOOO

 

http://steamcommunit...s/?id=205261505


  • Terrorviktor, h3retic, Statik and 9 others gave their beans

#11 wickerrman

wickerrman

    Scavenger

  • Members
  • PipPip
  • 10 posts
  • LocationSheffield, England

Posted 19 December 2013 - 12:15 AM

Right, so instead of implementing a "MMO framework" your plan was to "leave it as is" and slowly plug holes under the pretense/shield of "it's Alpha!". Yeah, nah. I loved the mod, I had great hopes for this game last year but I'm glad I didn't buy nor will I likely ever, especially if this "Alpha" is expected to last up to a year. Trial & error isn't how you write server software. Cheers.

 

Why are you complaining about this? They patched what they could find, people finding these exploits during an alpha...which is the stage where things are usually fixed during true development can only be a good thing, so they can be fixed everytime one pops up.

 

Fixing these security issues can only be a good thing.


  • Luis, Styrias, echo5rom3o and 8 others gave their beans

Originally a friendly survivor, slowly being forced into reluctant banditry.

 

P.S. If you're in the mood to see random animations/SFM and gaming videos. Click here to visit my YouTube. Subscribe if you enjoy what you see, all muchly appreciated.


#12 Hetstaine

Hetstaine

    Chernarus Marathon Champion

  • Members
  • PipPipPipPipPipPip
  • 7484 posts
  • LocationThe Woods

Posted 19 December 2013 - 12:15 AM

Right, so instead of implementing a "MMO framework" your plan was to "leave it as is" and slowly plug holes under the pretense/shield of "it's Alpha!". Yeah, nah. I loved the mod, I had great hopes for this game last year but I'm glad I didn't buy nor will I likely ever, especially if this "Alpha" is expected to last up to a year. Trial & error isn't how you write server software. Cheers.

 

:emptycan:


  • Dallas, liquidcactus, Statik and 4 others gave their beans

#13 stricky345

stricky345

    Scavenger

  • Members
  • PipPip
  • 10 posts

Posted 19 December 2013 - 12:15 AM

No, just had a run with a friend and we got fully modded guns and everything :P.



#14 RedNome

RedNome

    Survivor

  • Members
  • PipPipPipPipPip
  • 447 posts

Posted 19 December 2013 - 12:16 AM

Right, so instead of implementing a "MMO framework" your plan was to "leave it as is" and slowly plug holes under the pretense/shield of "it's Alpha!". Yeah, nah. I loved the mod, I had great hopes for this game last year but I'm glad I didn't buy nor will I likely ever, especially if this "Alpha" is expected to last up to a year. Trial & error isn't how you write server software. Cheers.

 

So, no reason for you to be posting anymore then?

 

Right?

 

RIGHT???


  • bad_mojo, Luis, bonesnap and 8 others gave their beans

#15 joe_mcentire

joe_mcentire

    Bean King

  • Members
  • PipPipPipPipPipPip
  • 2715 posts
  • LocationWhere there are no kangaroos

Posted 19 December 2013 - 12:16 AM

NOOOOOOOOOOOOOOOOOOO

 

http://steamcommunit...s/?id=205261505

inb4 seppuku


  • Hetstaine, Kydoimos, EvilLivesHere and 1 other gave their beans

Slowly but surely....slowly..but surely. 


#16 Vandelay

Vandelay

    Scavenger

  • Members
  • PipPip
  • 14 posts

Posted 19 December 2013 - 12:16 AM

there is a ban hammer associated to this? i hope those hackers got the hammer for good, so the only way for them to come back is to buy the game again, and this time play fair.


  • sergio, Vendaar, liquidcactus and 3 others gave their beans

#17 dan_legend

dan_legend

    Woodland Warrior

  • Members
  • PipPipPip
  • 48 posts

Posted 19 December 2013 - 12:17 AM

Good job, I'll also take this moment to post videos of hacks for every other video game. It is important for you neckbeards to note that no game is free of hacks and all that was promised in DayZ standalone was no more nukes, ThunderDomes, Insta killing servers, and animal hacks.

Youtube videos of hacks of every other fps: http://youtu.be/i0r-bC2l6v0?t=41s http://www.youtube.c...h?v=pIzq0IttNZk http://www.youtube.c...h?v=emGj4LtKNH0 http://www.youtube.c...h?v=8KoMMeMwT88


  • echo5rom3o, Kydoimos, Hosty and 2 others gave their beans

#18 lazy2guns

lazy2guns

    Helicopter Hunter

  • Banned
  • PipPipPipPip
  • 80 posts

Posted 19 December 2013 - 12:17 AM

If you want me to take you seriously, have the common decency not to mock me with your username.

 

It doesn't really matter if you take my words seriously, does it?


  • okiimatsu gave their beans

#19 Xucphra

Xucphra

    Kean Bing

  • Members
  • PipPipPipPipPipPip
  • 622 posts
  • LocationPennsylvania, USA

Posted 19 December 2013 - 12:18 AM

It doesn't really matter if you take my words seriously, does it?

It might. Presentation is everything.


  • St. Jimmy, Michaelvoodoo25 and Korsbaek gave their beans

#20 Garainis

Garainis

    On the Coast

  • Members
  • Pip
  • 9 posts

Posted 19 December 2013 - 12:19 AM

Right, so instead of implementing a "MMO framework" your plan was to "leave it as is" and slowly plug holes under the pretense/shield of "it's Alpha!". Yeah, nah. I loved the mod, I had great hopes for this game last year but I'm glad I didn't buy nor will I likely ever, especially if this "Alpha" is expected to last up to a year. Trial & error isn't how you write server software. Cheers.

Server software is written by predicting the future by eating a lot of rotten kiwis of course. Rocket clearly doesn`t know what he`s doing despite creating DayZ and consistenly improving upon the formula.


  • sergio and elf cakes gave their beans





Also tagged with one or more of these keywords: Important