Gamasutra: The Art & Business of Making Gamesspacer
View All     RSS
October 22, 2014
arrowPress Releases
October 22, 2014
PR Newswire
View All

If you enjoy reading this site, you might also want to check out these UBM Tech sites:

White-Hat Hacker Helps Solve  Rift  Security Exploit
White-Hat Hacker Helps Solve Rift Security Exploit
March 21, 2011 | By Kyle Orland

March 21, 2011 | By Kyle Orland
More: Social/Online, Business/Marketing

A player of Trion Worlds' Rift MMO has helped the development team identify and patch a security hole that opened many user accounts to hijacking and griefing.

Reports of compromised accounts started spreading through the Rift community last week, leading developer Trion Worlds to implement a Coin Lock feature to prevent item and money sales when a user logs in from a significantly different location than they had previously.

But grief-causing hackers were reportedly still able to gain unauthorized access to accounts and delete characters with impunity.

A programmer and Rift player going by the handle ManWitDaPlan was one of these victims, and used the occasion to investigate the security hole that was causing the rash of reported account theft. He eventually identified an account-control exploit and reported his findings to the Rift forums on Friday afternoon.

Trion's response was immediate and impressive, ManWitDaPlan said in an interview with MMO community site ZAM. "Steve Chamberlin, the dev lead for Rift, was on the phone with me within five minutes of my sending the technicals on the exploit, and while I was talking to him, the engineering team was likely already editing and recompiling code," he said.

"A patch was deployed just over two hours after the exploit was revealed," he continued. "The phrase 'epic win' is cliched from its overuse as a meme, but it nevertheless certainly fits here."

Rift executive producer Scott Hartsman offered his "heartfelt thanks" to ManWitDaPlan for his help with the fix, and said that less than 1 percent of accounts had been impacted by the problem. "However, 1 percent of a surprisingly large number is still very noticeable," he acknowledged (the game reached 1 million registered account last month).

Hartsman said Trion continues to hire more employees to handle these and other issues with the game, and will soon be rolling out a two-factor authentication scheme that should help foil account hackers.

Related Jobs

Avalanche Studios
Avalanche Studios — New York, New York, United States

UI Programmer
University of Texas at Dallas
University of Texas at Dallas — Richardson, Texas, United States

Assistant/Associate Prof of Game Studies
Avalanche Studios
Avalanche Studios — New York, New York, United States

UI Artist/Designer
Nuclear Division
Nuclear Division — Sherman Oaks, California, United States

Director of Product Management


Mike Griffin
profile image
Rift. Is it very similar to the fantasy MMO template we know so well from EQ, WoW, Warhammer, Aion and others? Absolutely. Is Rift seriously polished and a ton of fun to play regardless? Yep.

So far, anyway.

It has a rather enjoyable progression arc and a huge number of class options to fiddle with. You can, quite literally, change into another class archetype on the fly -- in the field, in a dungeon, what have you. Wherever and whenever, if you've prepared another class ("Role") to switch to. That's cool.

Really attractive game as well, at appropriately high settings. Plus, as this article indicates, so far the team has been nothing short of religious about patching both security and community-requested gameplay tweaks, such as reducing or eliminating lower level NPC aggression towards passing high level players. Let's see if Trion can maintain the momentum and care.

Tomiko Gun
profile image
And he didn't make a youtube rap video? GeoHotz should learn from this guy.

Kimberly Unger
profile image
Hooray for the White-Hats :D

Good show, ManWitDaPlan and thank you Rift Team for having the sense for working with him, rather than getting all ban-hammer!

Sion Williams
profile image
I really love this game and I'm glad to see that Trion are pro-actively working on these threats.

Yes this game is a WoW clone, but then 11million people cant be wrong – there’s no point reinventing the wheel. Rift is an easy transition for WoW players but I wouldn’t say you will be seeing the same thing… far from it.

Keep up the good work Trion.

Rafael Posnik
profile image
Rift is a good game as far as I played on Beta.

I work at a publisher here in my country and we have some problems and no player ever helps =/.

I Take my hat off to this man

Aaron Truehitt
profile image
It's cool how the only decent MMO and one that lived up to expectations happens to be a "WoW Clone".

Jonathan Osment
profile image
Eh, I wouldnt say it lived up to expectations. From the sales pitch I saw at E3 and the actual game it self, it felt like there was a large divide. Rift's biggest flaw is that its ultra generic and doesnt really out perform, out design, the competition. Their marketing department was a little too aggressive and a bit dishonest from my perspective.

Cynthia Burmester
profile image
I hope they gave him some free months of subscriptions. :D

K Olsen
profile image
it was ManWitDaPlan! (And what a plan!)

Instead of the old-school method of hoping your target doesn't prosecute and instead offers you a job, simply attack them and also be the knight in shining armour. Even if you're not after a job with the target company, you'll at least increase your renown ("wow! you identified a major leak in mere moments, _and_ saved a whole company and community? have my daughter! and all of my moneys!")


Richard Putney
profile image
Cool to hear about quick deployments for important fixes, conscientious hackers, and player - dev interaction. Now I want to hear about your set up and process that let you QA that build and get it out so fast!!

//begin troll food

Personally I'd rather play a WoW clone than WoW these days. Especially when its better looking, wasnt recently dumbed WAY down for a casual market, and has far more interesting (not remotely cloned) combat and specialization system. But way to stick up for the winner and take the easy shots guys. I'm very impressed by your casual MMO loyalty. Very.

//end troll food