If you’re an avid Star Citizen watcher, you’ll probably already know that a gigantic 48GB of data from the game was leaked into the internet wilderness over the weekend.
For those who don’t actually want to see what the leak contained: I’m not going to link directly to it, or dwell on the spoilery-specifics. The latter images and videos are easy enough to find.
The way it happened, though, is an interesting contemporary tale of online security. Or lack thereof.
On Friday night/early Saturday morning, a Cloud Imperium employee going by the name Disco Lando was teasing some phone-images (or similar, they were fairly blurry) of the upcoming Star Marine FPS module from Star Citizen. Nothing particularly outlandish about that, except that one of Lando’s images displayed a partial Content Delivery Network (CDN) url.
CDNs are used to house and distribute large files (the latest public builds of Star Citizen, for example.) This particular CDN url, which was quickly figured out by those who’d noticed it on the image in the first place, turned out to be publicly accessible.
Disco Lando subsequently felt quite bad, as 48GB of data, including the FPS build Lando was showing off, leaked online. With a little specialist knowledge, it could be loaded up in CryEngine and viewed.
Yeah, I'm the reason we can't have nice things. =/
— Jared Huckaby @ Gamescom (@discolando) May 23, 2015
Poor Lando. Though he was the accidental source for all of this, having the CDN so readily accessible (with just a url) is probably the chief security culprit here. I’d imagine Cloud Imperium have been doing some internal vulnerability reviews over the past couple of days.
Aside from raising some pretty serious questions about security, though, this leak doesn’t appear to be doing Star Citizen much short-term harm. Much of the discussion around the leak seems to be coalescing around how eager people are to buy some of the work-in-progress ships; to the extent that some have floated the idea this wasn’t even ‘accidental’ in the first place.
That theory seems pretty far fetched, given how much came out.
There may also be more serious, longer-term repercussions to this. If Cloud Imperium feel the need to make major changes in response (the leak reportedly includes things like Squadron 42 mission details,) it could lead to developmental delays and a new production schedule.