Data and Security risks regarding Bloop Boop

Bloop Boop is a game that stores player data and like most games that deals with data, there can be security problems. Our application uses IAPs, analytics, and credit card information that can result in a lawsuit should any of this information be released. Luckily Bloop Boop doesn’t actually keep track of this information, only the player data (which is done locally). Google play keeps track of the IAPs and the credit card stuff which means that we do not have to ensure security on these things. Analytics is handled by Unity services, which means that we also do not have to handle any of this stuff.

Though the only information that we do keep is player data (progress in the game) we do upload data to the Google Play leader boards, which, if someone is able to mess with, could ruin the fun times others may have with trying to be the best. A lot of other games have this problem, usually with some time-score leader board there will be some hackers with a 1 second best time which pushes people who actually tried to get a better score be knocked down. Flappy bird had this problem, people were having a high score of 999 which was supposedly the highest score you could get before the game ended. A possible solution to this would be to wipe the leader boards when people begin to hack and start implementing anti-cheat algorithms.

With data security, a famous example of a data leak was when a developer at valve had his computer hacked by a German man who was able to extract all of the Half Life 2 source code and proceeded to publish it to the net. Doing so costed Valve and estimated $250,000,000. The way the German man was able to get the source code was through an emailed virus that an employee at valve opened. Usually in the industry, when you are working on a project, you have all of the project data on a secure and isolated network, unaffected by the internet in any way since there is no connection to the internet. The valve problem seems to be a big knock on the head for anyone working on a large project that could generate a lot of money and have their computer they are working on connected to the internet.

The German man was arrested in Germany  after being tricked by Gabe Newell to come to the US for a potential security job at valve (the authorities were ready at the US airport to arrest the German man

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s