Why would it be in-game or a steam announcement? The malware was in a mod, not the base game. Mod authors can’t post game announcements. So, at best you get a comment of the workshop or on nexus.
Because Beamng runs their own mod repository which is even accessible ingame. This isnt about some random mod hosted on a randrom 3rd party site. This mod was released and distributed over servers and a services which Beamng as a company runs themselves. So reading a whole ass month after the incident my system and my passwords were potentially compromised fucking sucks. I’m not blaming them that the mod got uploaded. I’m blaming them that they made no attempts to publicly communicate: “yo, a mod containing malware got uploaded to our service and 3000 users downloaded it before we got informed that it was infected. If you happen to have downloaded the mod in x timeframe your system was likely compromised. Sorry yadda yadda”
Because it’s supposed to reach affected users as quickly as possible, and a Steam/ingame announcement is the best way to do that? Slay The Spire made such an announcement when a popular mod was infected, and even though I didn’t use that mod, I still appreciated the outreach and care.
Why are you acting like it’s such a crazy idea to use broad announcement channels to reach all affected users?
It’s not reasonable when it means their users are possibly affected by this vulnerability without being informed. Even if it’s mod stuff, they have a responsibility towards their customers - and it’s not like it hurts them in any way.
Why would it be in-game or a steam announcement? The malware was in a mod, not the base game. Mod authors can’t post game announcements. So, at best you get a comment of the workshop or on nexus.
Because Beamng runs their own mod repository which is even accessible ingame. This isnt about some random mod hosted on a randrom 3rd party site. This mod was released and distributed over servers and a services which Beamng as a company runs themselves. So reading a whole ass month after the incident my system and my passwords were potentially compromised fucking sucks. I’m not blaming them that the mod got uploaded. I’m blaming them that they made no attempts to publicly communicate: “yo, a mod containing malware got uploaded to our service and 3000 users downloaded it before we got informed that it was infected. If you happen to have downloaded the mod in x timeframe your system was likely compromised. Sorry yadda yadda”
Because it’s supposed to reach affected users as quickly as possible, and a Steam/ingame announcement is the best way to do that? Slay The Spire made such an announcement when a popular mod was infected, and even though I didn’t use that mod, I still appreciated the outreach and care.
Why are you acting like it’s such a crazy idea to use broad announcement channels to reach all affected users?
It’s not a crazy idea. But it’s also perfectly reasonable for the game publisher to not involve themselves with mods.
Well, but they involve themselves with mods quite a bit: https://www.beamng.com/resources/
It’s not reasonable when it means their users are possibly affected by this vulnerability without being informed. Even if it’s mod stuff, they have a responsibility towards their customers - and it’s not like it hurts them in any way.