Security Questions.

Hey, so in the most recent piece of SS14 drama there’s been this particular little sentence that made me wonder about a few things. Here’s the line in question:
 

Quote

Allegations were thrown around that White Dream’s code does malicious things, and that this was a justification for the act of decompilation.

Now, I need to say that my coding experience is non-existent. I know that there’s different coding languages but that’s really all I know. So if you are a coder / coding enthusiast and are reading this here do consider the naivety at play here. I also therefore don’t know coder-speak, so any explanations would have to be done in oogah boogah caveman speak. 

First of all; how feasible is it even for anybody to code something malicious into funny spessmen 14 gaem? Can I join a server sabotaged by a rogue coder and suddenly have my PC locked up, my hardware fried or my data stolen? How far could this application go if somebody intended to use it for harmful purposes?

Secondly; seeing as SS14 coding is entirely a volunteer-only project, comprised of a dozen random individuals from probably all over the world, with everyone pitching in their work as they see fit (something that’s apparently called “the Coderbus”) who exactly is ultimately in charge?

And I don’t just mean “who is the head-admin of Wizard’s Den”, I mean who is in charge of this entire thing that SS14 is? Who’d be held accountable if let’s say some coder goes full edgelord-rogue and decides to insert malicious code into the game? Who’s the one in charge of overseeing any new code that goes into the game? Is there even such a person? And if there isn’t then why is that so?

 

Thanks in advance for any idiot-friendly responses.

Quote

First of all; how feasible is it even for anybody to code something malicious into funny spessmen 14 gaem? Can I join a server sabotaged by a rogue coder and suddenly have my PC locked up, my hardware fried or my data stolen? How far could this application go if somebody intended to use it for harmful purposes?

all client code is sandboxed before running so it should be Difficult TM for non nation states to troll you
if you pissed off uncle sam im sure hell find a way
 

Quote

Who’d be held accountable if let’s say some coder goes full edgelord-rogue and decides to insert malicious code into the game?

prs typically have a length review process so if you manage to sneak something evil into your first pr and it gets instamerged someones fucked up bad

 

Quote

Who’s the one in charge of overseeing any new code that goes into the game?

any maintainer can merge prs

On 7/3/2023 at 7:14 PM, Rich0rd said:

First of all; how feasible is it even for anybody to code something malicious into funny spessmen 14 gaem? Can I join a server sabotaged by a rogue coder and suddenly have my PC locked up, my hardware fried or my data stolen? How far could this application go if somebody intended to use it for harmful purposes?

Everyone should always approach electronics with the mindset that everything is hackable and nothing can ever truly be secure. People make dangerous code all the time and aren’t aware of it. Its always possible a rogue coder could implement something dangerous in a project or a malicious person could abuse someone’s mistake.