Welcome to Keen Software House Forums! Log in or Sign up to interact with the KSH community.
  1. You are currently browsing our forum as a guest. Create your own forum account to access all forum functionality.

Serious Discussion on Open Source

Discussion in 'General' started by Nacon, May 14, 2015.

Thread Status:
This last post in this thread was made more than 31 days old.
  1. [EDIM] fevster Trainee Engineer

    Messages:
    3
    Well the fact that there is medieval engineers code mixed in with this source code for space engineers scare me time to check how bad the code is ^^
     
    • Like Like x 2
  2. fourthquantum Senior Engineer

    Messages:
    1,286
    In terms of computer security. I can take a game bugging out. I don't like the idea of someone hacking into my computer.
     
  3. Willemina Senior Engineer

    Messages:
    1,433
    Like Marek said, open source is not free. It is still entirely possible to pirate open-source content by failing to abide by the licensing arrangement the creator has it released under. Failure to include attribution, attempts to capitalize, etc.

    If that's the case, they're pirates and dicks, and should feel very bad about themselves for being so.
     
  4. plaYer2k Master Engineer

    Messages:
    3,160
    That was easily possible before with a modified steam_api.dll so no big deal here.
     
  5. eldarstorm Junior Engineer

    Messages:
    725
    Pirates going to pirate with source available or no.
     
  6. a2457 Senior Engineer

    Messages:
    1,366
    opensource is not a security risk at all.
    i don't evenunderstand why it would be.
     
  7. eldarstorm Junior Engineer

    Messages:
    725
    Its a potential security risk, not a definite one. It really boils down to if there are exploits in the code. If there are not, then security will probably not be a problem.
     
  8. Jewboii Apprentice Engineer

    Messages:
    242
    You underestimate real hackers. Some specialize in putting in seemingly harmless code with a subtle exploitable bug. It helps that the game is run on a C# virtual machine, but there's all kinds of nasty shit people can do. We'll just have to see how this pans out. Personally, I think this was a baadd idea, but I'm not intimate enough with C# to evaluate its security and I have no idea what Keen's overall business plan is.
     
  9. a2457 Senior Engineer

    Messages:
    1,366
    this is nothing more than a -possible- risk.
    you take it every time you open an yet unknown page in your browser for example.

    a real hacker does not need to inject into an opensource code.
    expolits and security holes exsist without these.

    i fail to see how this would put anyone at more risk than any ordinary popup window in your browser.
    or connecting to an open hotsopt via wifi.
     
    • Like Like x 1
  10. Dreokor Senior Engineer

    Messages:
    1,606
    At first glance I'm not too happy about this, still, it is a new idea and a huge experiment and one can only wait for the results before judging a new idea.

    So far, I can only say that this is something we have to wait and see what happens and well, hope for the best.

    On another note Empyrion will be pretty happy.
     
    • Like Like x 3
  11. Thedevistator Senior Engineer

    Messages:
    1,942
    Maybe it's secretly keen trying to rat them out. :)
     
    • Like Like x 1
  12. Cronos988 Junior Engineer

    Messages:
    545
    I am just exited to see whether some of the mod makers who appear to already be capable of magic will take this opportunity to improve what they can do. Autopilot and simple AI already exist. Integrated with the source code, it might become a proper gamemode.
     
  13. Thedevistator Senior Engineer

    Messages:
    1,942
    So where do I get these new mods?
     
  14. Dreokor Senior Engineer

    Messages:
    1,606
    I'm pretty sure a nexus-like page will pop out soon enough, maybe even github has some already.
     
  15. eldarstorm Junior Engineer

    Messages:
    725
    Ya, I would think something like Nexus. Should see some things pop up within a week or so I bet.
     
  16. Malware Master Engineer

    Messages:
    9,625
    What we've been doing so far is not make finished mods, but add features to the mod and ingame apis to enable more advanced mods.
     
    • Like Like x 3
  17. Thedevistator Senior Engineer

    Messages:
    1,942
    So you're currently modding a modding API. Seems like that would be a good thing to start with.
     
  18. fourthquantum Senior Engineer

    Messages:
    1,286
    Browsers have security features built in, Steam ensures the games and mods it hosts are non-malicious. There is a security wall

    If someone wants to put a malicious bit of code in a compiled 'modded' version of Space Engineers and someone runs it then they are making themselves vulnerable.

    I quote a piece of Mereks announcement:

    "Total conversion mods: These mods can ignore the limits of ModAPI and modify anything in the game. Because we’re unable to guarantee security, these mods can’t be uploaded to Steam Workshop and must be distributed in a different way. Games like Counter-Strike, DOTA and DayZ were created in similar fashion."
     
  19. a2457 Senior Engineer

    Messages:
    1,366
    are you aware that steam is not bulletproof ?
    nor are browsers.
    both have security holes.

    i understand its is less of a problem to inject malware into an open source code than in a closd one.
    still, both are possible.
    i see no additional risk here.
     
  20. DDP-158 Master Engineer

    Messages:
    3,748
    A lot of people seem to be focused on strictly the negative aspect of open source, but as I read it the first thing I think of is the Technic pack. For anyone who possibly wouldn't know what the technic pack is, it's a game changing mod pack for minecraft that introduced tons of new rules to the game. There are hundreds of mod packs like these for MC, I just remember Technic specifically. Now what does this mean for you?

    It means if you were asking for wiring to be introduced into the game, you'll get wiring. You'll get rules on how wiring works. Your ship can now become this super complicated machine just like you wished it to be.

    It means if you were asking for survival, like true I need to eat and sleep survival, you get survival. You'll get rules that make survival work. You will now have a hunger bar, food can be created and eaten, hydroponics will actually grow, and create oxygen. You will finally be a real boy.

    It means if you were asking for shields and lasers and warp drives, you better slap on your Vulcan ears because you can get shields and lasers and warp drives and the rules that they follow. You can now actually travel from one end of the system to the other and possibly even beam from ship to ship.

    This is only the tip of the iceberg. We can see future skin packs, different forms of ai, all kinds of new weapons and blocks, and even entire scenarios to play. Yes, there could be malicious software out there, but I'm fairly confident that there will be many sites that pop up who have dedicated people that check the code before putting the pack up on their site. I can list over a dozen such sites for MC. They have huge libraries and forums to discuss everything MC related.
     
    • Like Like x 4
  21. a2457 Senior Engineer

    Messages:
    1,366
    i absolutely agree.
     
  22. fourthquantum Senior Engineer

    Messages:
    1,286
    Are you aware that steam and browsers have security features (including vetting) which will not be implement if you download an exe externally?

    It increases the risk. I will be downloading the various versions of Space Engineers from unknown sources as oppose to a company who will have to abide by certain data protection laws etc...
     
  23. fourthquantum Senior Engineer

    Messages:
    1,286
    If the game is finished then I would agree, but it isn't.
     
    • Like Like x 1
  24. DDP-158 Master Engineer

    Messages:
    3,748

    That's fine. It doesn't affect me in any way, shape, or form. MC wasn't finished either when he open sourced it.
     
    • Like Like x 1
  25. a2457 Senior Engineer

    Messages:
    1,366
    i think that the pro's absolutely outweight the con's .
     
    • Like Like x 2
  26. Devon_v Senior Engineer

    Messages:
    1,602
    Basically, if you don't trust the source of a mod, don't install it. Stay on the workshop, and you will be fine. The "correct" way to mod using the source code is to add your required functionality to the ModAPI, build your mod around it, and when Keen is sure your adjustments are not an exploit, they'll incorporate it into the main build and your mod can go on the workshop and work with the vanilla game. Best of all everyone else gets access to whatever you added.

    Alternately, if you see something broken/not working as well as it could, you can fix it if you like. Again, Keen will absorb such things into the vanilla game once they give it a look over to be sure it's legit. Also, for every black hat who reads the source and starts planning their next hack, a white hat can just point out the vulnerability, or just submit a fix.

    Also Pirates gonna pirate. Some companies spend rediculous sums of money and inconvenience their legitimate users in a vain attempt to stop it. (Looking at you, EA) Others realize that it's not worth it and don't even bother with any form of DRM. We who have licensed copies of the game get auto-updates and workshop support, and WE KNOW WE DID THE RIGHT THING.
     
    • Like Like x 3
  27. Dragonspride Apprentice Engineer

    Messages:
    460
    3 words to explain why I think this is a bad idea.

    Silent Hunter Five
     
  28. hellokeith Apprentice Engineer

    Messages:
    335
    no 64 bit = whole topic is dead in the water
     
  29. a2457 Senior Engineer

    Messages:
    1,366
    when ingame programming was introduced there was a lot of people freaking out, thinking anyone can upload a virus on the computer they use, written in SE ingame programming language.
    well it did not happen at all.
    i think the fear from going "open source" is similar.
    You will still have your steam version that is official and is as virusfree as ever it was.
    if you are looking for a 3rd party "fork" then its up to you to find a trusty source.

    i would like to see where would the additional risk would come from this, really.
    since You have the option to stick with official release.
    but i would really like to understand the fear of some members.
     
  30. Cronos988 Junior Engineer

    Messages:
    545
    That's a good point, actually. How much will this curtail use of the source code? I am assuming not every part of 32bit code is incompatible with the 64 bit code, but it might significantly limit the applications. Space Engineers is not light on resource use, and having only 32 bit adressing might be a problem.
     
Thread Status:
This last post in this thread was made more than 31 days old.