Jump to content

Welcome to Obsidian Forum Community
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. If you already have an account, login here - otherwise create an account for free today!
Photo

Urgent: Infinite gold exploit found


  • This topic is locked This topic is locked
11 replies to this topic

#1
Tobold

Tobold

    (2) Evoker

  • Members
  • 57 posts

My excuses for publishing this information, but I have not other means of contacting the devs and find it is better to inform them of an exploit rather than keeping it secret until everybody has found it and it causes a big crisis.

 

 

Devs, feel free to delete this post once you got the information. Hope you can fix this soon.


Edited by Fionavar, 29 May 2016 - 04:59 PM.


#2
Feywood

Feywood

    (2) Evoker

  • Members
  • 83 posts

Send them a private message through the forum and remove the details from your post; advertising an exploit like this is a spectacularly bad idea, no matter how well-intentioned you might be.



#3
Tobold

Tobold

    (2) Evoker

  • Members
  • 57 posts

A) As I don't know who is around this weekend, I don't know who to PM.

 

B) Trusting that "if I don't publish the exploit, nobody will know about it" is a spectacularly bad idea, as lots of people are looking for those, and the information then just travels through back channels instead under the eyes of the devs. I've experienced both, and publication is the less bad option in my experience.



#4
Feywood

Feywood

    (2) Evoker

  • Members
  • 83 posts

You're openly informing everybody on a public forum — in step-by-step detail, even — how to rip Obsidian off, end of story. Justify it how you like, you're deliberately telling everybody how to steal from them while wringing your hands, pretending to want to help. Publicly announcing how to perform the exploit isn't going to get it shut down any faster, it just means Obsidian will now have to clean up — or take a hit on — a mess you knowingly and willingly just helped make bigger than it had to be.

 

The folks at Obsidian will either need to roll back any progress made since the patch, including gold earned and chests bought, specifically go through accounts and reclaim gold (and purchases) earned via the exploit while not touching legitimate earnings, or let it all go and take the hit on all the gold that has basically been stolen from them. You handing over a detailed plan to every would-be thief out there who had no clue about the exploit until you just told them only makes the developers' job that much harder.

 

If you were genuinely interested in helping, you'd already have sent every Obsidian member you can find on the forum a private message, and sent an email through to support@obsidian.net instead of making excuses. If this forum is like any other, administrators/moderators can see edits made to posts, so there's no need to leave that information openly available unless you're actually trying to share it with everyone.

 

I'm not sure what twisted logic you used to come to the conclusion that openly telling everybody how to perform a major exploit would somehow be less harmful than just informing the developers themselves. I'd already reported your initial post for openly advertising the exploit in order to help get an admin's attention to note the issue and remove the post; at the time I'd also noted that your sharing of the info wasn't malicious, but with your bizarrely argumentative insistence on sharing your step-by-step guide to the exploit with everyone, I now rather think it was.



#5
Longshot11

Longshot11

    (7) Enchanter

  • Members
  • 814 posts
  • Pillars of Eternity Backer
  • Kickstarter Backer

Hah, good luck. Considering the HCtF is too stubborn to even register your victory, I wouldn't worry about much use being made of this 'exploit'. (I'm currently stuck on 'Normal' even though I beat the scenario - and I also didn't get any gold for it).

 

Also, considering they botched the Daily Gold with the update, this can be some recourse for people who paid real money for nothing. Personally, I'm too disheartened by all the bugs to bother cheating my way into the Gold I'm owed, so I guess I'll just wait for the long weekend to end (I gather there's some holiday in the US now?) and get properly recompensed.



#6
Longshot11

Longshot11

    (7) Enchanter

  • Members
  • 814 posts
  • Pillars of Eternity Backer
  • Kickstarter Backer

You're openly informing everybody on a public forum — in step-by-step detail, even — how to rip Obsidian off, end of story. Justify it how you like, you're deliberately telling everybody how to steal from them ...

In as much as Gold is readily obtainable through re-playing Legendary scenarios, I doubt this would strictly classify as 'theft'. Otherwise, the same can be argued for players who paid real money for Gold that they were defrauded of their money by not revealing that not all Treasure cards (bought with Gold, which in turn is -possibly- bought with real money) are available as drops.

At any rate, I doubt Obsidian will be interested in a legal debate and they'll probably just roll back the offenders' accounts. I just hope they first bother to fix their paying customers' game before they go chasing after some virtual 'thieves' (which, at best, are a 'missed opportunity', rather than a real damage to Obsidian's assets; meanwhile I'm stuck with $25 purchase that's not being suitable for use)


Edited by Longshot11, 29 May 2016 - 04:59 AM.


#7
Feywood

Feywood

    (2) Evoker

  • Members
  • 83 posts

Hah, good luck. Considering the HCtF is too stubborn to even register your victory, I wouldn't worry about much use being made of this 'exploit'. (I'm currently stuck on 'Normal' even though I beat the scenario - and I also didn't get any gold for it).

 

Also, considering they botched the Daily Gold with the update, this can be some recourse for people who paid real money for nothing. Personally, I'm too disheartened by all the bugs to bother cheating my way into the Gold I'm owed, so I guess I'll just wait for the long weekend to end (I gather there's some holiday in the US now?) and get properly recompensed.

 

HCtF isn't completely broken, and it seems that larger parties are seeing progress where smaller groups aren't, in terms of unlocking difficulty levels (I've already completed the entire adventure on legendary). As for the exploit, it is pretty consistent in its behaviour, and will pay out a ridiculous sum very quickly if abused. The one saving grace is that you need to have already bought all the currently-available adventures in order to abuse it, but that's not really a silver lining.

 

As for the broken daily gold timer, I don't think that really justifies taking "the law" into your own hands in this situation, considering Obsidian have said they're happy to go through player accounts and make sure anything that is owing gets paid out. The patch made a pretty big mess of things on its own, and community members deliberately sharing exploits won't make life easier for the devs.


  • PinkRose likes this

#8
Tobold

Tobold

    (2) Evoker

  • Members
  • 57 posts

The folks at Obsidian will either need to roll back any progress made since the patch, including gold earned and chests bought, specifically go through accounts and reclaim gold (and purchases) earned via the exploit while not touching legitimate earnings, or let it all go and take the hit on all the gold that has basically been stolen from them. You handing over a detailed plan to every would-be thief out there who had no clue about the exploit until you just told them only makes the developers' job that much harder.

 

Your error in logic is that by me *not* publishing the information this rollback somehow needs not to happen. You are wrong. The dishonorable option is to keep an exploit secret in order to use it (and as you say that you already beat HCTF at legendary I am starting to wonder about your insistence that secrecy is better). Exploits never go unfound, and making a splash on the forums is the fastest way to get them fixed and limit the damage from the necessary rollback.



#9
Kamikazi

Kamikazi

    (2) Evoker

  • Members
  • 63 posts

It's actually not that fast. There are extra animations to wait for, the annoying count-down timer after you forfeit, and even if it worked you would only get a flat 200 gold. And I suspect you have to do a location and get an ally or two for it to correctly count as a win.

 

Doing a Poison Pill run with Mersi is very similar to payout. And this requires you to beat the level on both normal and hard, and have it open.

 

Yes they should fix it as soon as practical. End of the world it isn't.


Edited by Kamikazi, 29 May 2016 - 05:42 AM.


#10
Rhygar

Rhygar

    (4) Theurgist

  • Members
  • 265 posts
Doh, whatever the reason publishing this just so hundreds if not thousand of users get to " try" their hand at the glitch is bad form. Not knowing which Dev is on and indeed not knowing how to contact them is no excuse for this. There is a way to inform them through proper channel than the equivalent of the equivalent of youtubing it " I told ja, it's a bug ! ". Private message the mods. I'd already pm one on this prior to this post surfacing,

For that matter , compounding the issue is the long weekend where I think the Dev won't be checking the boards much if at all. But in case they do, I hope they moderate this post and check in on this issue.
  • PinkRose and Feywood like this

#11
Feywood

Feywood

    (2) Evoker

  • Members
  • 83 posts

 

The folks at Obsidian will either need to roll back any progress made since the patch, including gold earned and chests bought, specifically go through accounts and reclaim gold (and purchases) earned via the exploit while not touching legitimate earnings, or let it all go and take the hit on all the gold that has basically been stolen from them. You handing over a detailed plan to every would-be thief out there who had no clue about the exploit until you just told them only makes the developers' job that much harder.

 

Your error in logic is that by me *not* publishing the information this rollback somehow needs not to happen. You are wrong. The dishonorable option is to keep an exploit secret in order to use it (and as you say that you already beat HCTF at legendary I am starting to wonder about your insistence that secrecy is better). Exploits never go unfound, and making a splash on the forums is the fastest way to get them fixed and limit the damage from the necessary rollback.

 

I didn't say anything of the sort, and I don't know how you got that from what I did say. Neither did I "insist on secrecy" in the way you're dishonestly trying to intimate; in fact, what I did repeatedly insist was that you communicate the issue to the developers directly, rather than sharing an exploit openly and in detail so that it could be abused by every Tom, Richard and Harry.



#12
Fionavar

Fionavar

    Community Manager

  • Global Moderators
  • 12640 posts
  • Location:Saskatchewan, Canada

Thanks  Tobold - Admin has been notified and they are in touch with Apple. I have edited the 'How' ;) Thanks again!

 

with respect,

 

Fionavar


  • PinkRose and elcoderdude like this




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users