29 réponses à ce sujet

[Dai Grepher]

The person who leaked the info of Keep also had the URLs for Keep in the screenshots!

 

I plugged a URL into my browser and it brought me to the login screen. I input my user information and it took me right into the Keep despite the fact I was not sent an acceptance email into the beta!

 

Now anyone with an Origin account could gain access to the Keep using this exploit!

 

I highly recommend correcting this vulnerability by changing the URLs or adding more security measures to the Keep!

 

EDIT: I might be mistaken on this. I was sent an email stating I was being considered for the beta, and when I tried to login it said I was not accepted yet. Perhaps within that timeframe they enabled my account but never sent me an email saying I was in. So my account may have been granted access without my being aware of it.

 

Still, the staff may want to double-check to make sure.

 

Sorry if this caused anyone any distress.

[Dai Grepher]

I also sent this same message through the Keep's feedback system to immediately alert the admins. Also, I did not go any further into the Keep program than was necessary to confirm that my account had been allowed in.

 

To any admins of this forum, please pass this information along to the proper people in BioWare.

[Samahl]

Perhaps posting this publicly wasn't the brightest idea.

[Saints]

Oh my... I hope they fix that problem.

 

Now if you'll excuse me, I must preform... Science..

[Dubya75]

Everyone needs to calm the hell down

[Dai Grepher]

Actually... I may have jumped the gun on this. I got an email saying I was being considered for the beta, but when I logged in it said I wasn't accepted yet...

 

Maybe within that timeframe they granted my account access? (without telling me)

 

Still, the BioWare staff may want to follow up with this just to make sure.

[Saints]

 

Pretty jelly you got an invite.

[Dai Grepher]

Thanks, but the email doesn't read like an invite. It basically says that I am being considered and that I may have to wait a little longer. When I tried to login after following the instructions, I still didn't have access to the beta. Which led me to believe that I was not granted access yet.

 

It is possible however that I was granted access and not notified. I've been checking my email every day waiting for that reply. If this is the case, then... I guess I'd feel a little embarrassed now. LOL!

[chance52]

What does it really matter? I mean it's picking your save states really. Not really sure why a NDA is needed in the first place or why reddit has it in a 'spoilers' section. It's all info you already know.

[Dai Grepher]

Yeah, I just read my email again. It had me first click a confirmation link to confirm that I was still interested in participating. Then I had to wait for someone to contact me.

 

Well, no one ever contacted me. So either I found a vulnerability, or someone at BioWare granted me access without telling me. Just to clear things up.

[Kantr]

Man, thats a bit annoying getting an email saying "Hey we're thinking about putting you in the keep". Are we then to live in fear of another saying "Sorry not at this time"

 

ED: Putting in those urls doesnt work as you need to login to your account. All it will do is bring you back to the apply screen.

 

However I would recommend next time you think you find an exploit, PM a dev.

Modifié par Kantr, 21 août 2014 - 09:13 .

[CIA]

Can confirm, this happened to me, same day as the leaks came out. I messaged some people on this site but edited my message when I found out it was an 'exploit'.

Fixed now, I think.

[Kantr]

Can confirm, this happened to me, same day as the leaks came out. I messaged some people on this site but edited my message when I found out it was an 'exploit'.

Fixed now, I think.

Yeap. Didnt work for me.

[Dai Grepher]

CIA, so then it was a vulnerability? Thanks for confirming. But then does that mean I'm still NOT in the beta and I just bypassed the check system because it wasn't fixed, or was I added to the beta without anyone sending me a confirmation email? How frustrating.

[CIA]

CIA, so then it was a vulnerability? Thanks for confirming. But then does that mean I'm still NOT in the beta and I just bypassed the check system because it wasn't fixed, or was I added to the beta without anyone sending me a confirmation email? How frustrating.

idk i googled 'dragon age keep' randomly, logged in expecting the 'sign up for beta!' thing and I got full access to the keep for an hour or so. Later that day I heard someone had leaked it.

[Kantr]

idk i googled 'dragon age keep' randomly, logged in expecting the 'sign up for beta!' thing and I got full access to the keep for an hour or so. Later that day I heard someone had leaked it.

Thats a really weird thing to happen

[Dai Grepher]

Yeah, that's very weird. I think what happened is the link that you searched was actually a URL to a main part of the Keep. My theory is that every Origin account is allowed access to Keep (since that's what it will happen eventually anyway), but in order to get to the actual Keep you need the correct URL address. Any other URL will just put you at the "Apply for Beta" page.

 

In other words, there is a specific part of the URL needed to gain access. The URL is divided by forward slashes, such as, "da-keep.com/special-filename/whatever-keep-page/" as an example. Obviously I won't post the actual URL here.

 

So what the leaker posted was the actual URL for the main part of Keep. Also, CIA's search engine just happened to find the same kind of URL through it's automated process of searching and logging pages. Which Google is known to do. Google saves the URLs of pages that are frequently visited, and logically the Keep's main page would be frequently visited by the beta testers. So Google added that main page to it's search engine's list. I'm naming Google as an example, it could have been any search engine.

 

Anyway, that's why both of us were able to get access while Kantr was not. Kantr was just going through the front door, the normal URL, which is still locked. But once you input the main URL, you're in.

 

Like Saints wrote above, they should fix this soon. The leak pictures are now on third-party sites for anyone to see.

[Dai Grepher]

Now that I think about it... I wonder if that's how the leaker got in. Someone just happened to search for DA Keep through a search engine, it supplied the main URL for Keep, they clicked that and logged in even though they never signed the NDA. And maybe that's why the person leaked it, because he or she can't be held to that NDA!

 

Think about it. Why would anyone who signed the NDA actually take Print Screen screenshots of their monitor along with their desktop info, date & time, and what-have-you if that person could be held criminally liable for it? I'll bet it was just some random person who gained access to Keep through the search engine, not one of the beta testers.

 

This is all just speculation though.

[Dai Grepher]

Believe it!

 

But like I wrote, I suspect the leaker wasn't in the beta and did not sign the NDA. In which case, he or she can't be prosecuted.

[chance52]

Now that I think about it... I wonder if that's how the leaker got in. Someone just happened to search for DA Keep through a search engine, it supplied the main URL for Keep, they clicked that and logged in even though they never signed the NDA. And maybe that's why the person leaked it, because he or she can't be held to that NDA!

 

Think about it. Why would anyone who signed the NDA actually take Print Screen screenshots of their monitor along with their desktop info, date & time, and what-have-you if that person could be held criminally liable for it? I'll bet it was just some random person who gained access to Keep through the search engine, not one of the beta testers.

 

This is all just speculation though.

 

First off nothing would happen but that person would be banned from the beta.  I took part in the ESO beta and we had a NDA too, but some people hated the beta and posted screenshots and video all over the place because in their opinion they didn't care if they got banned from the beta because they weren't having fun (which really isnt the point of a beta, beta's are to find bugs and let the dev team know about them)

[TurretSyndrome]

What does it really matter? I mean it's picking your save states really. Not really sure why a NDA is needed in the first place or why reddit has it in a 'spoilers' section. It's all info you already know.

 

Yeah I find the whole thing blown out of proportion. I've taken a look at these leaked images, and they were nothing that needed absolute secrecy. Just a bunch of choices with pictures and descriptions, almost like a children's story book. Talk about being overdramatic.

 

"We gotta move the president into the bunker, the enemy has the launch codes for Dragon Age Keep! MOVE!"  

[Dai Grepher]

I agree that it's an overreaction, but I figured BioWare should know about the vulnerability anyway. Also, I don't know what ESO is, but this is EA we're talking about. They don't play around in legal matters. I wouldn't want to mess with them.

 

I can understand where you guys are coming from. The leak just shows past choices really, but I think BioWare's goal was to have it all be a surprise for fans. That and the whole thing with the Hero of Ferelden's possible involvement, which still hasn't been officially confirmed yet.

 

Nice BoF avatar BTW.

[Chron0id]

Gee, thanks for ruining it for the rest of us.  Now they're going to patch it.

[Dai Grepher]

Good. They should patch it. Besides, it isn't like you won't be able to experience the Keep eventually.

 

Also, I'm sorry they cancelled ThunderCats. T'was a good show.