Suite à notre article d’hier et aux réclamations des joueurs d’Insurgency concernant la présence d’une backdoor sur les serveurs hébergeant le mod, l’équipe de développement a tenu à publier un droit de réponse que vous retrouverez en intégralité ci-dessous.

En résumé, ils reconnaissent s’être octroyé la possibilité d’administrer n’importe quel serveur en accédant aux commandes « rcon » dans l’optique de lutter contre les hackers. Ils déplorent l’attitude de Louti qui a abusé de ce pouvoir et, afin que ça ne se reproduise pas, ils retireront ces « outils » lors du prochain patch qui sortira mi-août.

Le communiqué :[–SUITE–]

Dear Dr. Loser and the NoFrag community, Baloku community, Insurgency.fr and gamers.fr,

I am writing to you in behalf of Insurgency Team.

We want to issue a public statement regarding the events of the 8th of August 2009, where a member of the development team kicked a player from a public server after an unfortunate clash and some discussion.

It is not our intention to discuss the matter of the confrontation. Unfortunately, foul language and arguments (that we don’t endorse) are relatively common things in online games, particularly in first person shooters intended for mature audiences online, such as Insurgency. We are not happy when such language is used, especially when used by members of our team, but we also know that many times, in the heat of the game, bad things are said by even the most respectful of players.

When the game and the excitation ends, comradeship, friendship and good spirits always prevail, and we believe this issue has no serious importance. The persons involved have already spoken and mutually apologized about the bad language and unfriendly attitudes where applicable.

However, as a consequence there’s been some public discussion regarding the existence of « backdoors » in our mod. We believe that the issue has been artificially magnified and taken out of context, causing unnecessary alarm among a few communities of INS players. There is no malicious code of any kind in Insurgency.

What is still present in the code, as this is a non-commercial and non-profit project in beta stage, are some debug, development and testing tools that can be used by the developers of the mod to work in the game. Our tools only allow registered developers to execute code that has been approved and accepted by all of you when using Source-engine related software, such as rcon commands.

When addressing malicious attacks in the past we have been repeatedly asked by server admins to implement anti-cheating measures. To work on those measures we have also had the need in the past to exceptionally execute rcon commands such as kicking a player from a server, particularly in servers without server admins, test servers or promotional servers (such as the ones we’ve grown used to setting up for free for our community when releasing major updates). That’s the only reason why those tools are present.

We are convinced that this policy has enabled you to have a better online experience until now. However, we are ready to revise it and change / remove some of its functionality.

Most online titles include such tools and many more, such as content censorship, profanity lists, and other measures that our mod does not have. Yet most users are happy to have those safety features implemented in their favorite games. It is hard to find a balance between control and freedom in online games, and Insurgency, as a mod in a beta stage, has yet to find this balance. In this search for the optimal balance errors can happen, and we consider it a good thing that this issue has been brought to our attention.

As developers of the mod, we take these security issues seriously and thanks to those tools we have been able to ensure that the community is safer against known exploiters that are banned in most commercial games and servers, and that try to continue harming the online community in mods due to their relative lack of protection against such practices.

While we still believe the tools are useful for that purpose, it’s true that they have been incorrectly used in this particular case, so we have decided to remove them in the next update scheduled for mid-August. From now on we will fully and exclusively rely on server administrators to execute those commands and keep their servers free from exploits, aggressive behavior, racist insults or well-known cheaters.

This was a function we had already scheduled to eliminate in the future when the mod reached « final » status, however it has been brought to our attention the benefits of eliminating the developer rcon access already at this stage, so we will do so in the following weeks.

With the best regards to the INS community,

Dr. Spielmann

Project Lead – Insurgency Team

Article précédentWolfenstein dans un Zeppelin
Article suivantUn Heavy aussi rapide qu’un Pyro ? [TF2]