Maugrim McFiriba's Eve Online Journal

Really? I'm so disappointed. Up to a few days ago I had a weird surge in hits to my other blog's (packaging source code for) PEAR article sourced from Google searches for "eve online source code". Now this reliable source of traffic has been wiped out from all those news articles declaring Eve Online's source code has been leaked - oh, the Client source code has the leaked. No wait, specifically the Python source code from the client. Hey, it's like less than 2MB???

Does anyone know what Python is?

If you're a fellow programmer you can commence giggling hysterically... The problem of course is that it's Python. Python is like Ruby, PHP and Javascript in that it's stored and utilised in its plain text form unless obscured to hide the source code (or compiled to bytecode if you want to be prim and proper) - and obscuration methods for scripting languages is notorious for being relatively easy to de-obscure once you know how the obscuration system works. In this case, it seems to be .pyc files - if so that means Python bytecode, and you can "decompile" it yourself using Decompyle. Hell, the decompyle guys offer it as an online service .

I think what really drew attention here is two fold. The main one being all those news articles without a clue what Python is, and why a torrent for Python code decompiled from an MMO's client is nothing news worthy to anyone with an actual clue. The second was CCP's
response, well, their reported response. They started banning accounts on the forums, apparently, and there are even sparks flying over reports of IP bans since they have been tracking the torrent themselves. Putting aside how stupid IP banning is (IP addresses are NEVER, and have NEVER been, a good basis as a unique identifier for an individual as any good web application developer will tell you), CCP's reported actions merely drew attention to the whole debacle (which has developers in stitches the world over by now) and pushed it into the publicity spotlight. Even if CCP didn't perform all the actions they were reported as doing .

That's the informed impartial media (aka Horde) for you...

At the end of the day, this is a story of misconceptions and overreactions without anything truly news worthy backing it up. The only news worthy tidbit in here is that someone distributed Python source code by torrent, easily obtained by any 4 year old with access to decompyler, and such distribution is no doubt illegal at a minimum for copyright reasons.

But maybe there's a shadowy side to all this. Historically, scripted code's readability and ease of access to the readable source code can be a serious problem. Once everyone can read the source code, everyone can also attempt to discover ways of using it to their advantage. We already know all the game logic required to operate the client is contained in the Python code (see devBlog (7 Nov. 2007): Penguins In Space.

But other than Bot programmers, who cares? The main risk to any application is that its state (i.e. the database usually) is compromised and open to data theft or manipulation. This has already happened at least once with a very public shutdown of the Tranquility for 10 days late last year, but I'm confident Python editing was not involved...