CNN/Money 
graphic
Commentary > Game Over
graphic
Playable version of Half-Life 2 stolen
Theft of game's source code was just the beginning.
October 7, 2003: 3:32 PM EDT

NEW YORK (CNN/Money) - When hackers broke into the computing system of Valve Software, they stole more than just the source code to Half-Life 2. They also stole enough game maps and other components to put together a playable build of the game. Today, five days after the first leak, they have released that build.

Message boards and chat rooms were buzzing Tuesday morning with word of the leaked game. Some fan-based and hacker sites were even displaying in-game images. It is unclear whether the leaked version features the entire game or a limited number of levels. Also unclear is how current the assets used to create the game are.

It's the latest in a series of frustrations for Vivendi Universal Games (V: Research, Estimates) and developer Valve. Earlier today, Christophe Ramboz, VU Games president of international operations, told Reuters the source code theft would result in a four month delay, pushing Half-Life 2 back to April 2004.

Hackers have leaked a playable version of Half-Life 2 onto the Internet.  
Hackers have leaked a playable version of Half-Life 2 onto the Internet.

Valve, though, has not confirmed that delay. (Calls to the developer were not returned.) That's an important thing to note. Large independent game developers such as Valve and id Software typically decide when their games are released – not the publishers.

The hunt for the thieves is ongoing, but a rough timeline of events has emerged. Somewhere on or around Sept. 11, hackers broke into the email of Valve founder Gabe Newell, possibly utilizing a security hole in Microsoft (MSFT: Research, Estimates) Outlook. Eight days later, they made a copy of the game's source tree. Keystroke recorders were also installed on the computers of several other employees. The invasion was methodical and seems deliberately aimed at the developer.

"This [keystroke] recorder is apparently a customized version ... created to infect Valve (at least it hasn't been seen anywhere else, and isn't detected by normal virus scanning tools)," said Newell in a message board posting last week.

YOUR E-MAIL ALERTS
Game Over
Hackers

In the same post, Newell said the company had been subject to "a variety of denial of service attacks" over the past year. He was unsure whether these were related to the code theft.

The company has since minimized its network connection to the Internet, as it was still finding infected machines on Saturday.

The company has asked the Half-Life fan community for assistance as it searches for the attackers. Newell also mentioned in a Saturday update that it's possible other game developers might have been targeted by the same group.

"There's anecdotal evidence that other game developers have been targeted by whoever attacked us," he wrote. "This hasn't been confirmed. We've been providing other game developers with more detailed information about the exploits and evidence of infiltration."

Valve did not name the other developers who might have been targeted.

Id Software, though, knows a few things about source code leaks. Several of the company's biggest games, including all of the Quake games, have seen their source code leak out. Last year, a playable build of the still-in-development Doom 3 hit the Internet.

"It's happened enough that you think you'd start to get used to it," said Todd Hollenshead, CEO of id Software. "But whenever it happens, it's a sinking feeling. It's like somebody died. I don't mean to over dramatize it - I know its just a video game - but this is our lives here."

Today's release of a playable version of the game brings Vivendi's comments from earlier today into question. Ramboz told Reuters "a third of the source code was stolen". However, with the stolen game now out, it's possible a more complete version of the source code was taken.

While it's possible to make a playable version of a game without its complete source code, doing so without a strong knowledge of game development is extraordinarily challenging.

There are additional fears that the thieves could distribute other aspects of the game, which have not yet been officially announced.

Valve has been actively pursuing the thieves since the hacking came to light, which is a different approach than other developers have done in previous instances of code theft. Hollenshead said he understands where the drive to find who was responsible comes from, but questions its usefulness.

"From what I've seen of Half-Life 2, it looks like it's going to be a really fun game," he said. "My focus would be on doing the thing that's going to make the game great: Focus on finishing it. ... The risk is they find out who did it and [the hacker is] a resident of Russia. Then there's not a damn thing you can do about it. Ultimately, we're in the business of making games, not chasing hackers."

Half-Life 2 was shaping up to be the year's most anticipated PC game. Vivendi was counting on heavy sales to help it improve revenues – and possibly make its gaming unit more attractive to potential buyers. The game, originally scheduled to be released Sept. 30, was first delayed on Sept. 23, with Valve saying it was "targeting a holiday release."

The leak could also have a negative impact on graphic chip manufacturer ATI, which Valve recently named the preferred graphics card partner of Half-Life 2. ATI (ATYT: Research, Estimates) planned to give away a free copy of the game with its two latest products. The leaked version could lessen demand for those graphics cards, though.  Top of page


Morris is Director of Content Development for CNN/Money. Click here to send him an email.




  More on COMMENTARY
Yes Virginia, there is a Santa Claus rally
Thanks for nothing, Corporate America
It's not just the economy, stupid
  TODAY'S TOP STORIES
'Patriotic duty' to see 'The Interview'
We watched 'The Interview.' It was OK.
The worst stock market in the world is...




graphic graphic

Most stock quote data provided by BATS. Market indices are shown in real time, except for the DJIA, which is delayed by two minutes. All times are ET. Disclaimer.

Morningstar: © 2014 Morningstar, Inc. All Rights Reserved.

Factset: FactSet Research Systems Inc. 2014. All rights reserved.

Chicago Mercantile Association: Certain market data is the property of Chicago Mercantile Exchange Inc. and its licensors. All rights reserved.

Dow Jones: The Dow Jones branded indices are proprietary to and are calculated, distributed and marketed by DJI Opco, a subsidiary of S&P Dow Jones Indices LLC and have been licensed for use to S&P Opco, LLC and CNN. Standard & Poor's and S&P are registered trademarks of Standard & Poor’s Financial Services LLC and Dow Jones is a registered trademark of Dow Jones Trademark Holdings LLC. All content of the Dow Jones branded indices © S&P Dow Jones Indices LLC 2014 and/or its affiliates.

Most stock quote data provided by BATS. Market indices are shown in real time, except for the DJIA, which is delayed by two minutes. All times are ET. Disclaimer.

Morningstar: © 2014 Morningstar, Inc. All Rights Reserved.

Factset: FactSet Research Systems Inc. 2014. All rights reserved.

Chicago Mercantile Association: Certain market data is the property of Chicago Mercantile Exchange Inc. and its licensors. All rights reserved.

Dow Jones: The Dow Jones branded indices are proprietary to and are calculated, distributed and marketed by DJI Opco, a subsidiary of S&P Dow Jones Indices LLC and have been licensed for use to S&P Opco, LLC and CNN. Standard & Poor's and S&P are registered trademarks of Standard & Poor’s Financial Services LLC and Dow Jones is a registered trademark of Dow Jones Trademark Holdings LLC. All content of the Dow Jones branded indices © S&P Dow Jones Indices LLC 2014 and/or its affiliates.