Welcome, Guest
Username: Password: Remember me

TOPIC:

Warning to users: 1.4.4 client cannot be trusted 6 years 1 month ago #3659

TL;DR Binary doesn't match source code and personal fury of the author went into the binary

Users have to be able to trust programmers, because they run their code on their computers. Code that could bascially do anything there - things the user wants as well as things the user doesn't want.
Even a software being open source is no guarantee for anything. Many people aren't capable of reviewing code, all others might think "someone else will have reviewed the code" so in the end noone reviewed it.
Also only a very small percentage of people will actually use the code to compile the binaries themselves. People will instead use the provided binaries - relying on the fact that the source code published is indeed the code that was used to produce the binaries provided along with it.

That said, I came here to warn you about the fact that from version 1.4.4 the BTPro client is abused for expression of some personal feelings of its author. What he has done is change the behaviour of the client if certain users are detected to be using the client, namely "Kwissy", "Naz" and "Choclate-Starfish".
This has been done secretly. Neither the changelog points out this change nor does the source code file (the "diff" file) provided along with the binary contain such user specific code. It is only in the binary itself. That means the binary does not match the source code provided and nobody knows what is in there in reality.
The best way to verify is when you have already downloaded the client. In this case check your openttd.exe simply by opening and searching it with a text editor. You should be able to see it like in this screenshot .

In case you don't have the client yet or the files available from BTPro are altered at a later point I have saved the files as evidence, I have stored them here:
BTPro_Client_1.4.4_A_32Bit.zip
BTPro_Client_1.4.4_A_64Bit.zip

This is a major breach of programming ethics and a betrayal of trust. Furthermore it violates the licence of OpenTTD, as you have to publish the source code matching the binaries along with them - not some different source code!

You should know that these people are not banned on BTPro or anything. This is a completely personal thing of ST2 with them, which means that he abuses his "client provider" position he was entrusted with by BTPro for some personal vendetta.
For you as a user it means that if you enrage ST2 you could end up getting a client version that does whatever things with your computer, you cannot know. But even if you didn't enrage him, you should think twice whether this is a person who should be able to ever bring code onto your computer again. If you really still want to stick to the BTPro client better make sure you don't take any of the 3 above mentioned nicks with the current version.

This is a matter of BTPro and should stay here. However, should this post here get deleted I will repost this on the n-ice forums as well as on the n-ice.org main website as a news. Users need to know about this...
The following user(s) said Thank You: NAZ
  • YorVeX
  • YorVeX's Avatar Topic Author
  • Offline
  • Fresh BTPro Poster
  • Fresh BTPro Poster
  • Posts: 4
  • Thank you received: 9

Please Log in or Create an account to join the conversation.

Last edit: by YorVeX. Reason: of course I meant "licence of OpenTTD" and not "licence of BTPro", corrected

Programming ethics and trustability missing 6 years 1 month ago #3662

Recently I was trolling about trustworthiness of BTPro OpenTTD client's patch and here we are, new version comes out with hacks.

I don't think this violates BTPro licence but it sure as hell violates OpenTTD licence and the trust in BTPro itself since ST2 has wide access around BTPro property like client, gamescripts, server source or user's database which all is sensitive material and could be abused in wrong hands.

Despite my distrust in ST2, I hope this client's hack was just childish and immature manifestation and it will stop right here.

Let's wait for some clarification of such actions aimed against regular players. As classic would say: "players need to know"
Admin of Novapolis OpenTTD servers, www.novapolis.net
The following user(s) said Thank You: NAZ
  • TheDude
  • TheDude's Avatar
  • Offline
  • Senior BTPro Poster
  • Senior BTPro Poster
  • Novapolis admin
  • Posts: 46
  • Thank you received: 11

Please Log in or Create an account to join the conversation.

Programming ethics and trustability missing 6 years 1 month ago #3669

it was a rage action, reprehensible and without any justification
was taken only by myself
it was fixed and won't happen again
in shame, my appologies to the players in cause
  • ST2
  • ST2's Avatar
  • Offline
  • BTPro Administrator
  • BTPro Administrator
  • Posts: 1216
  • Thank you received: 617

Please Log in or Create an account to join the conversation.

Last edit: by ST2.

Programming ethics and trustability missing 6 years 1 month ago #3670

Hi, that's a good starting step, ST2. Hopefully all players and, err ... your BTPro employers, will find it to trust you again for your past good work.

Nevertheless, I happened to download the incidental client and now I have a binary which is licenced with GPLv2 and I'd still like to see the true source code of it as the licence enables me to, so if you could send it to me please.
Public post would be nice for others too I guess, but you can send it to my mail, which I know you know.
Thank you in advance
Admin of Novapolis OpenTTD servers, www.novapolis.net
  • TheDude
  • TheDude's Avatar
  • Offline
  • Senior BTPro Poster
  • Senior BTPro Poster
  • Novapolis admin
  • Posts: 46
  • Thank you received: 11

Please Log in or Create an account to join the conversation.

Programming ethics and trustability missing 6 years 1 month ago #3671

I'm not proud of my actions and all was fully fixed.
I haven't created diff's of the changes, but was only this:
if ((strcmp(_variable,"USER")==0)) {
  // Do absolutely nothing
} else {
  AllocateWindowDescFront[i](...)[/i];
}

I'll make my "desert walking" now, leaving my appoligies to BTPro community for my actions there and to the players in cause. One thing is sure, it won't happen again.
  • ST2
  • ST2's Avatar
  • Offline
  • BTPro Administrator
  • BTPro Administrator
  • Posts: 1216
  • Thank you received: 617

Please Log in or Create an account to join the conversation.

Last edit: by ST2.

Programming ethics and trustability missing 6 years 1 month ago #3672

The thing with your appologies we already had, we also know that you do this to end conversations to make some persons happy. If you want i can go further, but thats not why i came here.

Let's face it, would you also not be like "I'm not proud" if nobody would have uncovered that story? Answer - no, you would be quiet proud of it. Honestly, after you done it, it never came to your mind, that you maybe have done something wrong. You could not wait until we notice it, suggesting us to immediatly use the client and tell you when we done it. Still no time to think maybe i go to far. The fact that the openttd source is given to you free also makes you responsible for what you do with it. You did it with full purpose and you reacted just and only because it felt back on you and became dangerous for your position.

You picked our n-ice-usernames and not the bt ones aswell, isn't this strange? Stupidity or just a way to obfuscate your actions and bring the focus to n-ice and not a moded client?

When someone would apply for admin on btpro, would you accept an application with this kind of story in his pocket? Would you listen to moral stuff when someone did that? What have we done on n-ice to enrage you?

You unloaded the dirt this time on your own community, playing with the fire to loose the ability to ever again be allowed to release a client. People want answers, especially members of btpro should have the right to know why a headadmin is going that far. It's time to finally speak out in all honesty, excuses and talkarounds are clearly not what people will accept.

ps. don't kill the honour, you clearly deserve for your good work, with such actions.

Please Log in or Create an account to join the conversation.

Time to create page: 0.047 seconds
Best hosting deal on hostgator coupon or play poker on party poker
Copyright 2020 Warning to users: 1.4.4 client cannot be trusted - BTPro - OpenTTD Community.