Jump to content

Osu source code leak and (possible) privacy breaching

Nosebleed

By Nosebleed
in Gaming Talk

 Share

Recommended Posts

Nosebleed Fuwa Cheater

Nosebleed

Posted
Posted

This happened a few hours ago but the jist of it is that osu!'s source code has been leaked by somebody.

What's known so far (TL;DR):

  • According to this leaked source code, as an anti-cheat measure, osu is able to look at your processess list, take screenshots of your monitor (not just your osu window) and look for and upload files with "LL" in the title.
  • There were similar issues 5 months ago where Peppy (the creator/developer of osu) confirmed a lot of what was going on at the time, but he has said the source code has been changed since then and this anti-cheat system is no longer in place.
  • Peppy has clarified this code is several months old and very different than the current one.
  • Peppy has also said no user data has been compromised by this leak, and he points to the main goal of this leak being "place a bad image on osu".

I advise you to read through the reddit threads to get a better picture (you should probably skip the 8chan thread since it's just a huge circlejerk of shitposts):

Now I don't want this thread to just be a circlejerk over if Peppy is literally hitler or not, I'd much prefer people discuss some of the things that are brought to light here, and I think the most important one is: how far can/should an anti-cheat system go?

For those that don't know, osu! takes its ranking system very seriously. You will be perma banned if you're found cheating once, no exceptions. Making a second account means another perma ban as well (you can't even have 2 accounts if you're not banned). However, there's all sorts of cheating systems around, and a great deal of the source code is to prevent these cheats from breaking into the game (e.g the screenshots of your desktop are to capture any known cheating program that might be opened). It seems like in earlier days, according to Peppy, the source code was rather intrusive, although he claimed nothing was locally stored and everything that could be uploaded to the servers was deleted hours after, but he claims he has gotten over those old days and that privacy breaking anti-cheat system is no longer in place, which if you believe in the team is reassuring. But was this all warranted in the first place?

I'm personally not going to stop playing osu over this, because it is to me one of the most community driven games ever and I know how much love Peppy pours into the game code, so I do think a great deal of the drama surrounding this leak is just an attempt at bashing the game and the developers. 

There's also already plans to make osu open source in the near future, so hopefully a lot of these concerns die out when that happens. The past can not be erased, but I find it hard to believe there was any malicious intent from the dev team when they created this anti-cheat system earlier on.

I'd like to hear pepole's opinions though, even if they don't themselves play osu.

PS: Please don't post or link to any part of the code anywhere in here even if you have it as it's copyright protected and not open source.

Link to comment
Share on other sites
Nosebleed Fuwa Cheater

Nosebleed

Posted
  • Author
Posted
33 minutes ago, solidbatman said:

Peppy also created puush! which had a serious breach last year I believe. 

Yeah but these are quite different cases. What happened here was someone managed to breach into one of the dev's (not Peppy) github account and stole the code from there. 

27 minutes ago, Kiriririri said:

Umm... isn't this the exact same stuff that was already confirmed months ago? or is there something new too?

Well this is an actual source code dump, but yeah the concerns are fairly the same, although I believe this source code is more recent than the one 5 months ago, but I can't confirm it.

Link to comment
Share on other sites
Codesterz Fuwa Veteran

Codesterz

Posted
Posted

Meh. Seeing as to how I have never cheated this is a non issue. Also the code they got was from a build used 5 months ago. Osu no longer uses the same anti cheat system. Just some attention desperate whore who is super salty cuz he got his rightfully deserved perma ban. Just play the damn game and have fun.

Link to comment
Share on other sites
Guest

Guest

Posted
Posted

As a player, I don't give a damn, the only things that really testify of your level are tournaments and achievements. PP doesn't measure achievements. I'd rather they didn't go into my computer and rely on player reports to check problems. Finding cheaters with replays should be possible too to some extent.

Link to comment
Share on other sites
Nosebleed Fuwa Cheater

Nosebleed

Posted
  • Author
Posted
32 minutes ago, maefdomn said:

Finding cheaters with replays should be possible too to some extent.

I don't know, seems like there'd be too many variables te take into account that the human eye can't detect, especially considering that every user has their own way of moving the cursor so I don't know how you'd define cheating exactly just by looking at a replay.

Sure there are obvious ones that go for DT+HR+HD on crazy maps, but there's people that try to cheat just to get some extra pp and aren't that flashy about it.

Link to comment
Share on other sites
Guest

Guest

Posted
Posted
1 hour ago, Nosebleed said:

I don't know, seems like there'd be too many variables te take into account that the human eye can't detect, especially considering that every user has their own way of moving the cursor so I don't know how you'd define cheating exactly just by looking at a replay.

Sure there are obvious ones that go for DT+HR+HD on crazy maps, but there's people that try to cheat just to get some extra pp and aren't that flashy about it.

Granted, it wouldn't be easy, but it could be worth studying if it is something they really want to get rid of.

Link to comment
Share on other sites
Nosebleed Fuwa Cheater

Nosebleed

Posted
  • Author
Posted
13 minutes ago, maefdomn said:

Granted, it wouldn't be easy, but it could be worth studying if it is something they really want to get rid of.

Well, Peppy said they've replaced the old system for something that's not intrusive, so I would hope something like that is not needed anymore.

Hopefully when osu open source comes out we'll know how it all works.

Link to comment
Share on other sites
spademan Fuwa Senior

spademan

Posted
Posted

wow literrally started playing this game after someone refrenced it to me from another game because it will help my micros and mechanics immensely. Osu does not dissapoint!

I find myself struggling atm even on the most basic song (fk the reverse arrow sliders man) and it feels like i use more energy playing osu then i do fapping. Anyone know some not so intense track names to play?

Link to comment
Share on other sites
marcus-beta Fuwa Veteran

marcus-beta

Posted
Posted

i download the source... hmm i don't play osu but this is... strange? why this host have the source, who upload it?
anyway, the osu update the server, the source can't play online now.... (but here i have sucess to update, just use a http debugger to see the changes)

--looking more and updating source i open a local osu server...
http://prntscr.com/b8j5a5
and have a sql "template" wtf

Link to comment
Share on other sites
Codesterz Fuwa Veteran

Codesterz

Posted
Posted
5 hours ago, spademan said:

wow literrally started playing this game after someone refrenced it to me from another game because it will help my micros and mechanics immensely. Osu does not dissapoint!

I find myself struggling atm even on the most basic song (fk the reverse arrow sliders man) and it feels like i use more energy playing osu then i do fapping. Anyone know some not so intense track names to play?

Just keep playing you'll get better with time. I've been playing Osu for about 3 or so years now and still play the game fairly commonly. I'm not all that great though 5.5 stars is about the best I can do. Then again I take breaks from the game every so often so I don't improve much anymore, but I'm not really worried about it.

Link to comment
Share on other sites
Kenshin_sama Fuwa Master

Kenshin_sama

Posted
Posted

Someone always has to be an ass. Apparently it's a crime for people to enjoy a game you got banned from.

16 hours ago, spademan said:

wow literrally started playing this game after someone refrenced it to me from another game because it will help my micros and mechanics immensely. Osu does not dissapoint!

I find myself struggling atm even on the most basic song (fk the reverse arrow sliders man) and it feels like i use more energy playing osu then i do fapping. Anyone know some not so intense track names to play?

If you have supporter, I'd recommend downloading a bunch of maps from the "top rated" and "most played" section of osu!direct. If not, just grab a bunch of random beatmap packs (the newer they are, the better). You can find some decent one in multi also.

I have a guide posted on my profile if that helps at all. https://osu.ppy.sh/u/4313410

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...