Wednesday, June 15, 2011

Drinking CCP's Carebear Tears

So I got a bunch of negative feedback yesterday from people who thought my post criticizing CCP for security issues culminating with the devastating DDOS from lulzSec. As I said in a later edit it does seem that the attack was purely DDOS and not a genuine hack, however it is still a BIG problem for CCP. I am going to try and describe why in terms EVE players may understand.

CCP is a hi-sec missioning alliance that has ground it's way up from doing L1s in Rifters to dominating L4s throughout hi-sec space. LulzSec is a griefer corp with a -10.0 sec status. Anytime LulzSec pops out of 0.0 or low-sec and into hi-sec, CONCORD (the police, FBI, etc) go after them. Unfortunatly LulzSec uses fast agile ships and CONCORD can't quite seem to get a lock on them before they go elsewhere. Yesterday they were trying to boost up the epeen by going after some juicy hi-sec targets. One of these targets was the CCP Alliance. CCP's officer fit Nightmare was attacked and barely made it to warp deep in structure before being taken down. CCP then proceeded to hide in station for several hours refusing to play. Many in the CCP alliance (including the players) ranted in local across New Eden about how LulzSec 'should go get a life', 'get a girlfriend' and move out of your 'parents basement'. There was even a ten page long thread in COAD about it.

Now what do you think is going to happen?
1. LulzSec realizes that the harm it is doing is real. This is internet spaceships after-all. Important stuff! LulzSec slowly morphs into an Anti-pirate consulting group to teach others how to avoid being taken down.


2. LulzSec get really drunk. Those carebear tears... so tasty. My god they stuck it out in station for hours after they had moved on. Lets try it again.

Any questions?

Edit: And down it goes again


  1. or 3. The Script Kiddies grow up and leave their parent's house.

  2. f3fd3914-977e-11e0-ba15-000bcdcb8a73...
    how did that plan work out for BOB in their fight with the Goons?

  3. The analogy with griefers is pretty accurate, but I'm not sure how it supports the conclusions from your previous post.

    Yes, a DDoS attack is a bad thing(TM) for CCP, but it's not as if it indicates a huge security flaw, or that CCP suffered especially badly compared to other parties. In fact compared to the far longer downtimes and exposure of personal data suffered by some previous targets, CCP got off fairly lightly.

    I also haven't seen any evidence that the plan to repeat the attack is a result of poor security. In fact, it sounds like the motivation is all the tears which came from the Eve *players* rather than those of CCP (who actually seem to have reacted to it quite professionally).

    I'll concede buggy patches and the failure of the new forums are a bit ridiculous, but I'm not sure how those are related to CCP's ability with withstand a DDoS?

  4. Azual,
    My point is that CCP has an issue with Security. They know it. Just watch some of the videos with CCP Sreegs who was brought in from goonswarm to help their security. It sounds like before him they had very little strategy. He has started to put in a whole bunch of stuff to deal with botting. The reason why there security guy is dealing with botting has nothing to do with the fight against bots, but rather the attempt to secure their server.

    The issues with the forum website was a gross security failure. Security is not part of the CCP culture. It needs to be.

    Now that EVE has been so humiliated and its security failure made public, you can be sure it will be attacked again and again. CCP has literally got hours at this point to get a hold of the situation or they are going to be screwed.

    Also, as I have said before, bugs are a great indication of security problems. There is a very strong positive correlation between bugs and security vulnerabilities.

    EVE is what is called a honeypot. The largest single shard MMO. And it is supported by a company that has serious problems addressing security. This could be very very bad.

  5. Correct me if I'm wrong (I honestly don't know the first thing about network security), but is there much you CAN do in the face of a sophisticated enough DDoS attack? You can't just block an IP address or two since it's distributed...