SimCity Always-Online DRM Lets Hackers Play Godzilla With Anyone's Cities

from the go-go-godzilla dept

It seems that everyone is giving EA and Maxis quite a bit of grief over the SimCity debacle. The game's launch was, um, not great. The backlash against the game's producers was worse, all the more so once the lying began. But late last week, new evidence was uncovered that suggests perhaps we've all been a little bit unfair to EA and Maxis. What if I told you that the always-online game architecture enabled you to be what all of us have secretly wanted to be since we were very, very little children?

Well, hello, childhood fantasy o' mine. I didn't see you standing there.
Image source: CC BY 2.0

Yes, as Kionae alerts us, one (unplanned?) consequence of requiring online saves for your SimCity games is that anyone with a bit of hacking skill can visit your city, put some Blue Oyster Cult on in the background, and wreak the kind of havoc normally reserved for Japanese nuclear monsters. See, you can, were you so inclined, enter the save game city of another person, and then completely edit or destroy their loving creation like some kind of digital psuedo-god.

Pictured: Omnipotence

Just so we're clear, this is only possible because of the EA always-online requirement.

It's still awesome because this hack is only as destructive as it is because of EA's decision to make the game always-on. If the game hadn't had always-on DRM then this hack wouldn't be half as devastating as it is. Having EA delete these kind of topics from their forums is great damage control but don't be surprised if there's another furor when people start raging on the forums when some hacker decides to go through and Godzilla everyone's town. Enjoy.
Enjoy indeed, as long as that enjoyment happens outside of EA's forums. As noted above, the company is enforcing their TOS rules on their forums and deleting all topics relating to these kinds of hacks. Why? Well, because when a dingo is chewing on your arm, the best defense is to place your noggin lovingly into some sand to make it all just disappear. Or, if that doesn't work, you could always just apologize for what is becoming the greatest video game debacle this side of a Duke Nukem game, but I'm not holding my breath.

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. icon
    Tim Griffiths (profile), 19 Mar 2013 @ 8:27am

    This is somewhat misleading

    This is taking place on a local version of the map, the one you load up when you view some one else's city. A bug where you could place parks while viewing some one else's city has been in since launch.

    This changes are not and currently cannot be synced with the server, the modder was only talking about being worried that some one would be able to spoof other player ID's down the road and cause trouble. We don't know if that can be done and we don't know if there are server side checks that would prevent it if you could.

    In short I'm on the hate EA train as much as every one else but there is plenty of real issues that we don't have to start making crap up.

    What's happened here is some messing with the debug mode has allowed some one to mess around with the local data uses to allow viewing of other peoples cities in a region. This has nothing to do with the DRM and currently, and is frankly unlikely too, lead to being able to damage other peoples saves.

    I'd expect Tech Dirt to do better than this, even reading the youtube description rather than the sensationalist blog should make all the above perfectly clear.

    IMPORTANT NOTE: I have NOT enabled syncing of data for this. All cities you see in this video remain UNHARMED - nothing got synced to server. I would not condone any action which could actually harm another player's city without permission!

    So, this was done by editing the SimCity packages, tweaking some code, and getting the game to think that, when I visited a random person's city in a random region, I WASN'T in observer mode, and force enabling of edit mode so that I had full access to the city as if it was my own. There is still no city syncing at this most basic level, so you can wreak havoc on a friend's city, quit out, log back in, and it's back the way it was - great fun! I am worried about people that go deeper into the code and start spoofing the owner ID's of cities and start doing this maliciously though. Hopefully there are server side safeties on this... hmmm.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Insider Shop - Show Your Support!

Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.