|
Post by aardWolf on Jul 23, 2008 9:04:02 GMT -5
The theory was this... You enter your own phone number and it is stored on the Aurora Feint server. Your friend enters his phone number, and his contact list is searched for any phone numbers that match the ones in the database. Voila! He is connected to you.
Implementation was probably a bit trickier. I for one think that just a privacy warning before submitting your data would be fine, but I'd also be fine without the MMO aspect of the game.
|
|
|
Post by seaotter on Jul 23, 2008 9:15:25 GMT -5
The theory was this... You enter your own phone number and it is stored on the Aurora Feint server. Your friend enters his phone number, and his contact list is searched for any phone numbers that match the ones in the database. Voila! He is connected to you. So how does gameplay change once connected? Can you both control blocks in the mining game? Does it just let you know who else is playing? Maybe the tutorials in the update will tell people, but right now its not clear. I doubt most people downloading the game are doing so for the multiplayer component... they're looking at the tetris-attack style gameplay with RPG components... a unique and very compelling combination... By all indications, the update that fixes a number of gameplay bugs is ready and only being held up by the community feature issues. If you're developing a car and the only thing keeping it from shipping is a faulty GPS system, you ship without the GPS and offer to install it later when it's ready.
|
|
|
Post by aardWolf on Jul 23, 2008 9:25:37 GMT -5
Danielle's post mentions that the latest version they submitted has that functionality pulled out.
|
|
|
Post by lowside on Jul 23, 2008 9:30:28 GMT -5
Can you please define exactly what information from our contacts was looked at and stored in your local file?
Also, did this information automatically get sent to your servers? Or did we have to enable anything in your application to make this information be sent to your servers?
Also, I think that it would be fair for your to delete any data that has been collected already and purge all backup tapes/etc.
Some of us store more than just phone numbers in our contact records. Lots of sensitive stuff in there... I am very unhappy about this. VERY VERY unhappy.
By the way, best game on the iPhone. Just amazing work.
|
|
shul
New Member
Posts: 16
|
Post by shul on Jul 23, 2008 9:31:33 GMT -5
Hi, First, I'd like to say that this is not the end of the world, you screwed up a bit, yes, but unless someone already hacked the server everything can go back to normal.
Now, let me try to give you an answer for your problem, as you requested: 1. Erase all of the information already gathered (not game info, just contacts). 2. Get a lawyer 3. In the immediate update - close the community feature (*completely*, not just turn something to false - remove it from the code) 4. Submit an update to apple. ---- Some time in the future: 1. get the lawyer to draw out a EULA for YOUR game 2. make it absolutely obvious that information is sent from the iphone, with a BIG disclaimer 3. do not send information automatically, even if you have the chance, with jail broken apps and others who will probably copy and release images of your game you can't know what they will do. 4. give the user the option to connect to other users *by their nickname in the game only* - this is a free game, there is no need for you to know my real name, my phone number or my buddies information. If I have a friend who wants to add me to his party he will post his nickname, that can be done through this site as well.
All in all, no harm done, newbie mistake, s**t happens, :-)
continue doing this great job!
shul
|
|
|
Post by grolnen on Jul 23, 2008 9:38:48 GMT -5
I think keep the community feature for those who want to use it, but put the security bells and whistles on the transmission. Also (and I think this is already the case) don't store all of the contacts sent to you on your servers. I think that will satisfy the bulk of people's concerns.
Also, please please please put up a paypal donation button or something! You guys are going through some herculean efforts to get us a high-quality game here and some of us would like to thank you with more than words on a forum!
|
|
|
Post by lowside on Jul 23, 2008 9:40:27 GMT -5
Hi, First, I'd like to say that this is not the end of the world, you screwed up a bit, yes, but unless someone already hacked the server everything can go back to normal. Now, let me try to give you an answer for your problem, as you requested: 1. Erase all of the information already gathered (not game info, just contacts). 2. Get a lawyer 3. In the immediate update - close the community feature (*completely*, not just turn something to false - remove it from the code) 4. Submit an update to apple. ---- Some time in the future: 1. get the lawyer to draw out a EULA for YOUR game 2. make it absolutely obvious that information is sent from the iphone, with a BIG disclaimer 3. do not send information automatically, even if you have the chance, with jail broken apps and others who will probably copy and release images of your game you can't know what they will do. 4. give the user the option to connect to other users *by their nickname in the game only* - this is a free game, there is no need for you to know my real name, my phone number or my buddies information. If I have a friend who wants to add me to his party he will post his nickname, that can be done through this site as well. All in all, no harm done, newbie mistake, s**t happens, :-) continue doing this great job! shul I agree with most points above except "no harm done". We have yet to see if "no harm done". Some of my clients who I suggested this game to have very sensitive information in their contacts that could cause A LOT of harm. This is a complete mess of which it will take weeks if not months to rectify. Clearly I take responsibility for thinking that Apple would safegaurd this and developers would provide a license agreement explaining how and why they are reading stuff from our computers (iPhone in this case).
|
|
|
Post by bummer on Jul 23, 2008 9:40:59 GMT -5
Personally, I would rather have the game back in the app store, with the other functionality working, and add the community stuff back in later. I NEED MY GAME!
That said, I would very much like to have the community thing working. I'm not sure of the best way to do that. Seems like just encrypting everything (and making sure that your database is secure) would do the trick.
Or you could do it the way the Wii does it: have the app generate an ID unique to the phone it's on, and store that in your database. Then we could send the ID to people in our contacts list.
|
|
|
Post by hobo345 on Jul 23, 2008 9:49:24 GMT -5
lol i would love to see what lowside has hidden on his iphone
|
|
|
Post by William Pugh on Jul 23, 2008 9:49:53 GMT -5
OK, nice game, but horrible security and privacy architecture.
Security and privacy are important, and it seems clear that you didn't give it adequate consideration. I'll offer some quick advice, but you need to go read up on this topic. I suspect a lot of iPhone developers need to read up on it. I'd start with "Software Security: Building Security In" by Gary McGraw.
OK, my strongest recommendation (and the only way I would use your game) is to never send email or phone numbers for your contacts over the network or store them on your server. Never. You don't need to, and it is a privacy and security risk. I don't care about whether or not you use https. Never do it.
Instead, take some arbitrary string (e.g., "Aurora Feint"), append a phone number to it, compute a SHA1 hash of that, and that gives you an identifier for that phone number you can send across the network and store on your servers.
For people who opt-in, you can compute SHA1 hashes for all the phone numbers and emails in their contact list, and send just the hashes to your server. This will allow you to determine on your server if anyone in the user's contact list is also registered, but won't leak much of any other information.
If you want to be really secure, take it an extra step: Don't hash or send individual phone numbers or emails. Instead, do it only for pairs. For each contact, sort and append the phone numbers. For example, the player has the phone number 555-123-4567 and a contact has the phone number 000-324-1245. Append them in sorted order, giving the string Aurora Feint:000-324-1245:555-123-4567 and compute the SHA1 hash of that and send that to the server. If two players send in the same hash, that means that both know each other. However, by only sending in pairs, you can't even figure out how many people two players know in common.
|
|
|
Post by enkerli on Jul 23, 2008 10:00:33 GMT -5
Lots of very insightful posters already but since Danielle is asking the community as a whole, it's probably good if more people chime in. It's not a waste of bandwidth and something can come out of it.
Community features should be implemented in another game in the series. They're not ready from primetime, we haven't seen them yet, and they can easily justify a switch from free to paid. I'm personally not that concerned about the privacy issues. But being "proactive" is probably the best strategy. Like others have said, pull off all the contact data you have and prepare for a future release. Sure, I'd prefer it if the community features were included. I understand that this is to become a real MMORPG. But "The Beginning" could be just a puzzle game with some character building. The "quest" will start in the second game, with *robust* community features. No use in putting anything together in haste. We've already been through a kind of "alpha release" period with the App Store, iTunes 7.7, iPhone 2.0, iPhone 3G, etc. In other words, release a stable version of the free AFtB puzzle game without community features and build momentum for community-focused games in the future.
|
|
|
Post by dgvirus on Jul 23, 2008 10:02:10 GMT -5
lol I to wonder what people are storing on their phones that is this sensitive. I mean come on would you have stored all this info in a paper roledex on your desk that could just be stolen. For security concerns the most you should have on your phone is name, address and email. No passwords, no account numbers, definitely nothing illegal because well thats just stupid
|
|
graphx
Junior Member
Posts: 89
|
Post by graphx on Jul 23, 2008 10:03:33 GMT -5
SON OF A ;D jk im not gonna go cross my arms and make a frowny face this time. To J & D there was a great thread the other day about a solution to this community fix. As i am sure you have read and looked into it I do feel as if this was indeed a great solution. although i am not going to go into my opinion and where i stand on the security issues (even though some people tend to freak the out about it all) i do feel that AF should cater to these persons as well as those who feel differently. Hope you guys find a fix soon. another option, and only a last resort if apple remains to be a pain, is to post up the game on the Installer.app for jailbroken iPhones / Touch, NOT to say that i and in full support of this it is just another option. Thx for a great game and i only hope that it will be made available for us soon. -g
|
|
|
Post by lancewallen on Jul 23, 2008 10:05:47 GMT -5
lol I to wonder what people are storing on their phones that is this sensitive. I mean come on would you have stored all this info in a paper roledex on your desk that could just be stolen. For security concerns the most you should have on your phone is name, address and email. No passwords, no account numbers, definitely nothing illegal because well thats just stupid The roladex on your desk is more secure than what's going on currently. To keep the roladex analogy going. Right now I have a roladex (phone) and I routinely put other things on my desk. This is the equivalent of me purchasing a deck of cards, at which point the deck of cards, without asking my permission, picks up my roladex and runs through an extremely crowded room with a lot of shady folks and phone spam salesmen, waving it about without even putting it in a little bag. Give the deck of cards a bag and make it ask my permission and I'm happy. I imagine most folks would be happy then.
|
|
graphx
Junior Member
Posts: 89
|
Post by graphx on Jul 23, 2008 10:08:19 GMT -5
lol I to wonder what people are storing on their phones that is this sensitive. I mean come on would you have stored all this info in a paper roledex on your desk that could just be stolen. For security concerns the most you should have on your phone is name, address and email. No passwords, no account numbers, definitely nothing illegal because well thats just stupid agreed. what about a computer? someone can hack in to that baby day and night? what about forums or joining any other website. emails, passwords, even credit card information is stored on those sites!! a community function that stores your email address and contacts such to link you IN GAME would be would be so small and so minute of a worry that it isnt even worth it. i digress. plain and simple. if you don't like it. don't download it.
|
|