DevOps Kat_pw Posted January 5, 2018 DevOps Share Posted January 5, 2018 Hello Truckers! In response to recent developments with certain processor exploits We will be shutting down US1 / AS1 / SA1 until we get confirmation from the datacenters that the shared physical servers that these are hosted on have been patched. While at this time we are not aware of any active attacks against our users, we take security extremely seriously and do not want to risk any chances as they are on hardware shared with other customers of whom we do not know. You may also notice the website being unavailable for a few moments over the next few days. This is due to our datacenter provider patching our fleet of 30 servers. We apologize for any frustrations this may cause, however know this is a very important step that is required to secure our users data. Thank you for your understanding. EDIT: US servers are now back online. View post on homepage 4 2 1 1 Traffic Cameras : twitch.tv/kat_pw | Ets2Map : ets2map.comKat_pw Status:[CCTV #1] Status:[CCTV #2] Status:[CCTV #3] Status: Link to comment Share on other sites More sharing options...
WooQash Posted January 5, 2018 Share Posted January 5, 2018 Omg... seriously big risk... an inflated problem and clickbait news... If anyone can, it will break the security anyway and it doesn't matter if it's an Intel or AMD processor or some another bug everywhere... Link to comment Share on other sites More sharing options...
DevOps Kat_pw Posted January 5, 2018 Author DevOps Share Posted January 5, 2018 9 minutes ago, WooQash said: Omg... seriously big risk... an inflated problem and clickbait news... If anyone can, it will break the security anyway and it doesn't matter if it's an Intel or AMD processor or some another bug everywhere... As repeated from you on our facebook, thank you for your opinion. There is a reason however we are running the servers and someone like you who flames us for taking security decisions is not. Cheers 1 1 Traffic Cameras : twitch.tv/kat_pw | Ets2Map : ets2map.comKat_pw Status:[CCTV #1] Status:[CCTV #2] Status:[CCTV #3] Status: Link to comment Share on other sites More sharing options...
WooQash Posted January 5, 2018 Share Posted January 5, 2018 Security... I like this word in last days... I feel safe without any updates regarding this error. I feel happy. Link to comment Share on other sites More sharing options...
DevOps Kat_pw Posted January 5, 2018 Author DevOps Share Posted January 5, 2018 1 2 Traffic Cameras : twitch.tv/kat_pw | Ets2Map : ets2map.comKat_pw Status:[CCTV #1] Status:[CCTV #2] Status:[CCTV #3] Status: Link to comment Share on other sites More sharing options...
WooQash Posted January 5, 2018 Share Posted January 5, 2018 Why Google, Microsoft, OVH, Amazon etc. don't close their services? Maybe they also have Intel processors? My security is in danger? Link to comment Share on other sites More sharing options...
doorgapmonsterTTV Posted January 5, 2018 Share Posted January 5, 2018 Thanks for keeping us up to date with the latest problems 2 Link to comment Share on other sites More sharing options...
DevOps Krashnz Posted January 5, 2018 DevOps Share Posted January 5, 2018 53 minutes ago, WooQash said: Why Google, Microsoft, OVH, Amazon etc. don't close their services? Maybe they also have Intel processors? My security is in danger? Most of those companies have already updated/working on/patched their services. Some other companies are yet to deploy a fix such as the ones we use to host our gaming servers. Links: https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html?m=1 https://aws.amazon.com/security/security-bulletins/AWS-2018-013/ https://www.ovh.co.uk/news/articles/a2570.meltdown-spectre-bug-x86-64-cpu-ovh-fully-mobilised 1 Link to comment Share on other sites More sharing options...
Guest Posted January 5, 2018 Share Posted January 5, 2018 http://www.zdnet.com/article/security-flaws-affect-every-intel-chip-since-1995-arm-processors-vulnerable/ Link to comment Share on other sites More sharing options...
novice Posted January 5, 2018 Share Posted January 5, 2018 Link to comment Share on other sites More sharing options...
DevOps Krashnz Posted January 5, 2018 DevOps Share Posted January 5, 2018 40 minutes ago, novice said: ^ That Reddit user that posted that chart has said it isn't accurate anymore. Intel has now said they can fix Spectre 1 & 2 with OS, software and firmware updates. You can check out https://meltdownattack.com/ for the latest and more accurate information. Link to comment Share on other sites More sharing options...
Guest Posted January 5, 2018 Share Posted January 5, 2018 Maybe we'll be deprived for a few days. you mean that? This is so sad Link to comment Share on other sites More sharing options...
Carrera18 Posted January 5, 2018 Share Posted January 5, 2018 Hello Developers I guess it will be a sad darkness and then a sun arise. you are doing this job for unrequited. you are wasting your time here. this is from your time in your life. I wish you good work. Cheers. Link to comment Share on other sites More sharing options...
Dragos M Posted January 5, 2018 Share Posted January 5, 2018 thank you for keeping us safe Keep up the good work Link to comment Share on other sites More sharing options...
Positivetrucking168 Posted January 5, 2018 Share Posted January 5, 2018 (edited) If there is a processing exploit going around the providers' servers that host the game servers affected, I do really hope though that the incident does not reach mind-boggling proportions seen with the database leak in February 2016. Have fun and work hard to make sure that the situation on the three affected servers are stable enough for people to enjoy. Edited January 5, 2018 by Positivetrucking168 Clarify on what servers are affected. Link to comment Share on other sites More sharing options...
GGF MD Posted January 5, 2018 Share Posted January 5, 2018 Thank you for keeping us safe! If there is anything or not! We / You must take it serious! I don't understand people who are flaming about this! .. ---------- Former Support - Appeal - TruckersMP Rules - Feedback - Report Link to comment Share on other sites More sharing options...
Aykut / 31] Posted January 5, 2018 Share Posted January 5, 2018 Thank you for keeping us safe ! ı dont understand people, why doing this :S what's the point Link to comment Share on other sites More sharing options...
seamustrainfan25 Posted January 5, 2018 Share Posted January 5, 2018 Thanks for keeping us out of harm's way. Is this breach only contained to the US/AS/SA servers? Is there any risk that it could spread to the EU servers? Link to comment Share on other sites More sharing options...
Joeallison Posted January 5, 2018 Share Posted January 5, 2018 Better safe then sorry i suppose there's always that worry about security. Link to comment Share on other sites More sharing options...
PLSBX Posted January 5, 2018 Share Posted January 5, 2018 That's nice that you're keeping us safe, but i cant see a reason for disabling server. But anyway, are people from database working on security patch or not? Link to comment Share on other sites More sharing options...
H4MZ4_ Posted January 5, 2018 Share Posted January 5, 2018 16 hours ago, WooQash said: Omg... seriously big risk... an inflated problem and clickbait news... If anyone can, it will break the security anyway and it doesn't matter if it's an Intel or AMD processor or some another bug everywhere... I don't get how you can be so butt hurt right now? Link to comment Share on other sites More sharing options...
Leandro Santiago Posted January 5, 2018 Share Posted January 5, 2018 It is guaranteed that we players have an adequate antivirus installed on our computers, and also the developers and managers of the database, also needing security and creating this to us. I am immensely grateful for the warning, seriously, this is very important. And developers should continue to develop more effective methods of security. Link to comment Share on other sites More sharing options...
Tommie59 Posted January 5, 2018 Share Posted January 5, 2018 Well, in some people's eye's the developer can do never well. Now they make sure that our data is safe it is'nt good, but if they don't do it and the data is stolen they should have make it more secure. Just be greatfull that we have developers that really care for our data and for us. Link to comment Share on other sites More sharing options...
HumaneWolf Posted January 5, 2018 Share Posted January 5, 2018 7 hours ago, seamustrainfan25 said: Thanks for keeping us out of harm's way. Is this breach only contained to the US/AS/SA servers? Is there any risk that it could spread to the EU servers? Not a breach. Breach is absolutely a wrong word here, nobody has gained unauthorized access to our systems. It is an exploit, it is something that can be abused to gain access to some of our game servers, if you happen to rent a VPS on the same hardware. The game servers we shut down are shut down because they are running on VPS', meaning there are other peoples applications running on the same physical machine. The CPU exploit means they can bypass the authentication and access memory run by our game servers. There is little to no risk of this affecting the EU gameservers, since they all run on dedicated hardware only in use by us, meaning we can 100% control what software runs on those machines. 12 hours ago, Aykut / 29] said: Thank you for keeping us safe ! ı dont understand people, why doing this :S what's the point This is a design flaw in nearly all modern computer processors, it's not someone trying to abuse or gain access to our services in specific. 39 minutes ago, Tommie59 said: Now they make sure that our data is safe it is'nt good, but if they don't do it and the data is stolen they should have make it more secure. There should be no risk for the user data, as our database is on it's own server fully controlled by us. Only a few game servers running on shared hardware is shut down at this time. 12 hours ago, Positivetrucking168 said: If there is a processing exploit going around the providers' servers that host the game servers affected, I do really hope though that the incident does not reach mind-boggling proportions seen with the database leak in February 2016. It should not provide a risk for our database server right now. It is primarily an issue for the affected game servers because those game servers run on shared hardware, meaning other people run their own software on the same physical machine. Normally they would not be able to access our game server at all, but this CPU exploit allows them to bypass the normal barriers, and thus access our memory, because they can run their own code on their own parts of those machines. 1 1 HumaneWolf - Website - Twitter - GitHub Ex-Developer Link to comment Share on other sites More sharing options...
[Интегра] DT ML [RU] Posted January 6, 2018 Share Posted January 6, 2018 Spoiler So help us great yum update or apt-get update && apt-get upgrade or.. Actually it is a frightening sight lately. Heartbleed, shellshock, cloudflare vulnerability, meltdown/spectre (cpu)... Anyway, the more complex the device and software become, the more security risks it carries. My wishes to be servers MP are always in security. Link to comment Share on other sites More sharing options...
Recommended Posts