ubisoft deserves to get the source code for all their old games leaked. One by one they have shut the servers down (quite understandable because of server costs) but offered no ways or means whatsoever to play them alienating the old fans really hard. Some of us have memories of playing the older games which we can never relive again. It should be illegal for a game company to shut an online only game down without offering a LAN patch. Developers should bake in LAN functionality from day 1 but keep it hidden which the patch must fix at EOL for games
Surely server costs for something that's no longer being used much can't be very high? Running an idle ETLegacy server on my desktop uses a whopping 100 MB RAM and 0.02 CPU cores on my 6th gen i5 with the powersave governor on and all cores at 800 MHz. The more obvious motivation is just that they want you to buy their new thing and not have the old one anymore.
If the matchmaking server isn't getting requests, you can put it on a potato VM for $5/month or whatever. Likewise at least old games could run with 64 players on much weaker CPUs than we have today. Surely a small VM could keep a handful of 16 player servers around.
It is really cool that Id keeps the ET master server online from like 2003. There is more than one nowadays, but most servers only ping the old master. I occasionally work on ETL btw, nice to meet a fellow ET player!
I'm used to working in a context where you have to deal with audits and it makes sense to weigh that cost, but for video games, couldn't they throw it in EC2 or fargate in an account with nothing else and forget about it? It doesn't need to have access to anything important (it might not need access to anything at all if you're not persisting any player data). If the only open port is the game server, patch schedules can be somewhere between late and never.
No it's deffinately not as easy as that. You need to manage those servers, manage the updates, security patches, roll out updates to the game server... Because it will need updates because things break or need security updates etc. Managing things like that means it needs to be within the existing infrastructure.
Imagine with every old game they just threw up an ec2 and left it rotting, they'd have hundreds of out of date servers running vulnerable software, it would be a nightmare.
Videogames also by very definition attract the kind of people who will want to hack the servers for fun; which in extreme cases will also involve RCE on the player's computers:
But what I'm saying is why do they need to install updates? If the only open port is your software, who cares if curl or ssh or whatever is out of date. Worst case, you shut it down if it ever does get compromised, and there was nothing anyone could do with that machine because it was underpowered and firewalled to only allow incoming connections on your game port and no outgoing connections. Unless there's an exploitable vulnerability in the Linux networking stack or their server application, everything else doesn't matter. If they run it in fargate, Amazon will take care of Linux patches, so it's only their application server that matters. Games usually use custom UDP protocols, right? So there's no off-the-shelf library for them to patch in their application.
Same deal with people talking about windows requiring new hardware really: for most people the answer should be "good, it'll stop rebooting to update now". Almost everyone is behind a firewall that doesn't allow incoming connections (it can't by default because of NAT). The only point of entry is the browser, and if you stay off the seedier parts of the web and have an adblocker, that's not really an issue either. Your bank or Spotify presumably aren't going to be dropping malware on your machine via old browser exploits.
You can't do that kind of thing if you're under some auditing regime, but they're not, right?
Because that's not how videogames in 2023 (or the past ~decade plus) have worked.
You need, at a very minimum:
— login system that also works with consoles
— persistence for users stats (maybe not for some kinds of games)
— matchmaking service (which really wants a persistence system for SBMM)
— make sure your systems aren't actively being exploited (you don't want to accidentally run a botnet)
— make sure nobody is "hacking" or modding the game (what's the point of keeping the severs up if they're filled with aimhacking bots)
— monitor the services to make sure they're up
— potentially patch the games on multiple platforms if you need to make a backwards-compatible change to fulfill any of the above.
— also potentially update your games if the console vendors make changes to their stacks
I agree that it sucks that the services are being shut down without any alternatives being provided, and I wish there was a way to force the publishers to support them for longer or provide an OSS servers options; but it is definitely not "free" or "easy" to provide these services for years.
You already have the login and database systems though. And who cares if someone mods or hacks the game; you were going to abandon it. If people are still having fun, you've added some incremental happiness to the world. If an OS vendor breaks your game that you otherwise would've abandoned, that sounds like something the users should take up with the OS vendor (really, it's something the users should take up with the OS vendor regardless, but if you've already decided you're done supporting it, that definitely applies). Or on PC they can avoid patching/"upgrading".
Basically, unless someone takes control of your servers or other players, if the alternative is to shut it down, why not just leave as-is and not maintain/support it? If an impactful exploit is found, then shut it down. Preemptively shutting it down because the experience might degrade is silly; shutting it down will definitely break it.
So you want the unsupported, unmanaged, not monitored game server - that will get hacked - access to the credentials database that holds emails, password, names, addresses and possibly payment details?
You also want users to contact the the OS devs when their old, unmanaged, not updated game no longer works? Or you want the users not to install important security updates because they want to play one old game?
None of what you've said really makes sense in the the enterprise IT world. AS it's already been previously stated to you, you can't just spin up a VM and host your game on it, it just doesn't work like that. There are plenty of valid reasons for that in the thread already.
Why would a game server database have payment details or passwords or PII? That's insane to start. It's a video game server, not a bank. It shouldn't have anything important on it. Even auth is handled by platforms/stores (which are maintained) for some time now, right? So the actual game servers just receive tokens for the user?
> Or you want the users not to install important security updates because they want to play one old game?
If the OS vendor is releasing patches that break user programs, then yes. This anti-customer attitude of move fast and break (other people's) things (without their consent) needs to die.
Historically, games were designed so that you very much could just spin up a VM and host it. Has that competence been lost? I'm not seeing why things aren't designed to continue working. It's not difficult to do.
You also now want the current login severs to continue to support the old game logins and handle auth for them? So we're still supporting the old game, still maintaining it.
These old unmaintained, unmanaged servers you want to run get hacked they distribute malware to your users. Whoops, the hosting provider finds out, the business account gets locked, now nothing works.
They get hacked a different way, they start mining bitcoin, your hosting provider finds out and locks the business account, whoops, now nothing works.
They get hacked a different way, they intercept the api calls to the auth servers. They use the auth tokens to break into people's main accounts, use that for phishing attacks, steal millions of dollars. Whoops.
>it's not difficult to do.
That's the point you don't get. It is difficult. Standards change, security changes, things NEED updating or things go wrong, people lose confidence in you, you dont make any money and you go out of business.
Spin up an old version of minecaft on an old version of Linux, see how long it lasts before it all goes wrong.
legacy games of ubisoft such as watch dogs, splinter cell conviction/blacklist, ghost recon future soldier, far cry 3 etc only need a server to login via ubi credentials, they actually work peer to peer so shutting these down is a crime on so many levels honestly
It's more than $0. That means that when ubi goes belly up, nobody will be able to pay the bill to keep the lights on, no matter how cheap it is to do so
Not that a large corporation would ever do this, but you could imagine an indie company that cared setting up a trust with a few thousand dollars of the initial revenue, and that could pay the bills indefinitely using the interest.
For a large company, that money could've been a few micropennies back to the investors, so obviously it's silly to imagine. Also, if they really cared, they'd release the server code so others could run it.
Such games are often not peer to peer, like the games of old. Releasing a server in a form that's somehow operable by a third party is not always easy.
If there's enough people interested in the game, someone will figure out how to run a private server. People are so persistent it happens even without the source code. For many online games the source code is either stolen or dedicated people black box reverse engineer it just to run private servers. That's how runescape private servers operated back in the day, although I don't know if it was a clean room reverse engineer.. someone probably stole the code given Jagex.
which is why there should be a law in place to force game companies to add LAN even if it is completely hidden from day 1 which should not be usable if companies care about competitive edge but at EOL they should be forced to add a patch that activates this feature
Indeed, I sincerely hope someone leaks Rocksmith 2014 soon, as well as all the no-longer-available CDLC packs. The current Rocksmith+ is a completely different application and is not a substitute, I want the real thing that I already paid for back.
They did publish the code for World in Conflict online server (initially made by Massive Entertainment), and a few other tools https://github.com/ubisoft
