# [Update] RetroArch servers and repositories have been hacked



## DJPlace (Aug 17, 2020)

wow...... yet no reason why?


----------



## ShadowOne333 (Aug 17, 2020)

DJPlace said:


> wow...... yet no reason why?


Still no news that I know of.
It's unknown why the attack was made and/or if GitHub has responded. 
I'll keep an eye out for any update


----------



## ShadowOne333 (Aug 17, 2020)

An update on regards to the GitHub repositories:

https://twitter.com/libretro/status/1295181352426516480?s=19


----------



## TheCasualties (Aug 17, 2020)

Codex got a new job! 


But seriously,sounds like  some  dude figured out a password. Most people probably wouldn't even notice, unless they try to update their cores right now.

Edit: dang they didn't have backups?


----------



## Silent_Gunner (Aug 17, 2020)

Is it just me, or does it seem like hackers have been more active than usual this year? Because it seems like a lot of high profile hacks/leaks/and breaches have occurred regarding stuff that's kind of trivial, all things considered.

Like, I remember when hacking groups would target corporations because said corporations were corrupt and/or in the moral wrong, but now, Nintendo's gotten three/four different leaks this year, and now we have RetroArch getting hacked.


----------



## nashismo (Aug 17, 2020)

Silent_Gunner said:


> Is it just me, or does it seem like hackers have been more active than usual this year? Because it seems like a lot of high profile hacks/leaks/and breaches have occurred regarding stuff that's kind of trivial, all things considered.
> 
> Like, I remember when hacking groups would target corporations because said corporations were corrupt and/or in the moral wrong, but now, Nintendo's gotten three/four different leaks this year, and now we have RetroArch getting hacked.



Yes, while the true corrupt/liars get away with it. All the FAKE virus planners and the economy killers they are all happy laughing and no one does nothing to unveil their bullshit.

In oher words, I agree.


----------



## duwen (Aug 17, 2020)

Utterly senseless... yet at the same time probably the proudest moment of the sad individual/team responsible.


----------



## Xzi (Aug 17, 2020)

Fuckin' weak man.  No clue who could possibly hold a grudge against RetroArch, or for what reason.


----------



## Dogson (Aug 17, 2020)

Silent_Gunner said:


> Nintendo's gotten three/four different leaks this year



That hack wasn't this year, it was a hack back in 2016~2017, just one Nintendo internal server hack through iQue, once they noticed iQue requesting too much data they cut that off. The hacker who went by the name wack0 was caught and is serving a type of house arrest now. He also hacked into Microsoft during that time. Those were actual hacks unlike the Twitter scam which was a authority bluff through phone calls to gain access, and with libretro we don't know yet if it was an actual hack.

Anyway, someone else got hold of the supposedly 2TB of Nintendo data and has since been slowly releasing it, at first with some false misleading stories of it being beta cartridge dumps from a collector to muddy the traces. The Space World Pokemon leak and Pokemon Blue backsprites from two years ago, all from that same Nintendo server hack, we've since gotten a lot more betas and source codes, this will continue for a few more years for sure.

Hope that clears up what has been going on. People for some reason think Nintendo was hacked multiple times in a year, which doesn't sound probable or make sense if you think about it.


----------



## FAST6191 (Aug 17, 2020)

"no backups"
How much data are we talking here? Sort of thing the average computer person with the average internet connection would be able to grab often enough?
Or is this more a fault of trusting storing things on computers of others?



Xzi said:


> Fuckin' weak man.  No clue who could possibly hold a grudge against RetroArch, or for what reason.


They have rubbed a few people the wrong way over the years. Drama happened at various points. Their licensing is often a source of contention.



Silent_Gunner said:


> Like, I remember when hacking groups would target corporations because said corporations were corrupt and/or in the moral wrong, but now, Nintendo's gotten three/four different leaks this year, and now we have RetroArch getting hacked.


I don't know if that particularly ever happened. Or at least no specific as much as "I don't like banks and really know sql injection, oh look this bank is vulnerable to a sql injection here and [checks] yep they are arseholes (though what bank isn't)".
A hacker/hacking group targetting a specific bank would fall under the umbrella of advanced persistent threat (APT) which is generally considered a myth.

Equally is Nintendo not a dubious company?


----------



## Xzi (Aug 17, 2020)

FAST6191 said:


> They have rubbed a few people the wrong way over the years. Drama happened at various points. Their licensing is often a source of contention.


So basically male Karens and assholes who just want to see the world burn, got it.  Guess some people thought 2020 wasn't quite shitty enough as-is. 

Maaan this is definitely gonna affect their timeline for the Steam launch, too.


----------



## Silent_Gunner (Aug 17, 2020)

FAST6191 said:


> "no backups"
> How much data are we talking here? Sort of thing the average computer person with the average internet connection would be able to grab often enough?
> Or is this more a fault of trusting storing things on computers of others?
> 
> ...



I know there was some stuff Anonymous did back in the day.

As for Nintendo, based on that one video from Modern Vintage Gamer, I wouldn't be surprised if at least one of these leaks is due to someone at the chip company that's made chips for almost every major Nintendo console leaking things out due to being disgruntled for whatever reason as far as it looks to me, in addition to @Dogson said in regards to the iQue leak.

--------------------- MERGED ---------------------------



Xzi said:


> So basically male Karens and assholes who just want to see the world burn, got it.  Guess some people thought 2020 wasn't quite shitty enough as-is.
> 
> Maaan this is definitely gonna affect their timeline for the Steam launch, too.



I wonder if it's that Reicast guy who had a meltdown on Reddit that led to the core name being changed to Flycast?


----------



## FAST6191 (Aug 17, 2020)

Xzi said:


> So basically male Karens and assholes who just want to see the world burn, got it.  Guess some people thought 2020 wasn't quite shitty enough as-is.
> 
> Maaan this is definitely gonna affect their timeline for the Steam launch, too.


As ever some of the drama was from people with egos rather too large for their position in the world but some of them had a point from where I sat, and I am still not entirely sure what they have given the world; they are more or less just a frontend from what I can make out, which is fine but hardly anything to be particularly excited about.


----------



## Xzi (Aug 17, 2020)

FAST6191 said:


> they are more or less just a frontend from what I can make out, which is fine but hardly anything to be particularly excited about.


Precisely.  It shouldn't be anything worth getting angry about or taking vengeful action toward, either.


----------



## FAST6191 (Aug 17, 2020)

Xzi said:


> Precisely.  It shouldn't be anything worth getting angry about or taking vengeful action toward, either.


As a random hack, sure.
As retaliation if someone felt slighted having put in a bunch of work or time on things, could be different.


----------



## MrCokeacola (Aug 17, 2020)

Oh no, I hope all the emulators which RetroArch has nothing to do with will be safe. /s


----------



## yoyoyo69 (Aug 17, 2020)

Man, I know Nintendo hate people playing rooms of their 40 year old games, but damn, they've gone full militia now.


----------



## uludag (Aug 17, 2020)

Oh, I summon all of you 4chan lurkers 
Hunt that f***er down. Give him what he deserves.


----------



## KokoseiJ (Aug 17, 2020)

Hopefully someone would have a local repository not overwritten by this incident...


----------



## linuxares (Aug 17, 2020)

Don't anyone of them have a local backup?


----------



## Alexander1970 (Aug 17, 2020)

linuxares said:


> Don't anyone of them have a local backup?





> *Aufgrund des fehlenden Geldes sind bedauerlicherweise auch keine Backups vorhanden.* In Zukunft soll auf einen neuen Buildbot-Server umgestellt werden; bis es dann Builds für Konsolen gibt wird es aber noch dauern. Wer das Vorhaben unterstützen will, kann auf Patreon spenden. Wer die vollständigen Git-Repos geklont hat, sollte sich auch beim Libretro-Team melden.



Unfortunately, due to the lack of money, there are no backups. In the future, the plan is to switch to a new Buildbot server; it will take some time until there are builds for consoles. Anyone who wants to support the project can donate to Patreon. Anyone who has cloned the full Git repos should also contact the Libretro team.

+++++++++++++++++++++++++++++++++++++++++++++++++++++++

The Buildbot server is currently offline and all stable and nightly versions of RetroArch and all cores are no longer available. The Nintendo versions are safe with us.

The attacker only deleted all data and did not exchange any downloads. He also used spear phishing to impersonate a team member and delete three pages of Git repos from the libretro organization - the RetroArch repository was not affected. The team has already contacted GitHub.

https://wiidatabase.de/retroarch-buildbot-und-git-repos-kompromittiert/


----------



## HideoKojima (Aug 17, 2020)

No backups? I backup my old games at least in 3 places could and drives....

Conspiracy theory: Retroarch need some donations so they pretended to be hacked. ...jk


----------



## Jokey_Carrot (Aug 17, 2020)

lul imagine using retroarch


----------



## Mythical (Aug 17, 2020)

Hopefully someone has an updated un modified fork


----------



## Dartz150 (Aug 17, 2020)

Jokey_Carrot said:


> lul imagine using retroarch



What is wrong with that? I mainly use standalone emulators as I want to be specific, but I find retroarch as a great frontend to keep all the configurations in one place.


----------



## leon315 (Aug 17, 2020)

Isn't gihub entirely owned by Microsoft?

ALL heard through years that Microsoft has hacker-proof servers.


----------



## 64bitmodels (Aug 17, 2020)

Silent_Gunner said:


> Is it just me, or does it seem like hackers have been more active than usual this year? Because it seems like a lot of high profile hacks/leaks/and breaches have occurred regarding stuff that's kind of trivial, all things considered.
> 
> Like, I remember when hacking groups would target corporations because said corporations were corrupt and/or in the moral wrong, but now, Nintendo's gotten three/four different leaks this year, and now we have RetroArch getting hacked.


quarantine has got hackers going crazy


----------



## Dimensional (Aug 17, 2020)

The article should get an update, now that the developers got a reply back from Github, stating that a restore from their side isn't possible.

Github has told us that they are not able to restore our repositories  - "I'm sorry to say that we aren't able to restore a branch or repository to its previous state on our end." So we will have to do it manually.— libretro (@libretro) August 17, 2020


----------



## CompSciOrBust (Aug 17, 2020)

Dimensional said:


> The article should get an update, now that the developers got a reply back from Github, stating that a restore from their side isn't possible.
> 
> https://twitter.com/libretro/status/1295181352426516480



Didn't GitHub just burry a bunch of tapes and shit filled with oss code in the artic? Too bad they don't still have that.


----------



## Dimensional (Aug 17, 2020)

CompSciOrBust said:


> Didn't GitHub just burry a bunch of crap filled with oss software in the artic? Too bad they don't still have that.


Not sure. I saw a few that were apparently submitted, but those could be very old version, not to mention this is code copied onto ceramic tablets, stronger than stone tablets, and sent to a physical off sight vault, so it's not like someone can just waltz into the place and download millions of files to a pc.


----------



## Jokey_Carrot (Aug 17, 2020)

Dartz150 said:


> What is wrong with that? I mainly use standalone emulators as I want to be specific, but I find retroarch as a great frontend to keep all the configurations in one place.


It's just a bunch of shitty emulators taped together.


----------



## VinsCool (Aug 17, 2020)

Jokey_Carrot said:


> It's just a bunch of shitty emulators taped together.


I would love to see you do better.


----------



## Dimensional (Aug 17, 2020)

Jokey_Carrot said:


> It's just a bunch of shitty emulators taped together.


Really? Which ones? mGBA? Dolphin? Parallel64? VBA-M? PPSSPP? Mesen? Nestopia? SNES9x? MAME? CEMU? Citra? Dosbox? ScummVM? Seriously wish to know which emulators are shitty and which aren't. I probably could name one or two that could easily be removed from their repository since better versions are around, but still wonder what you think are shitty and which aren't.


----------



## ChaosEternal (Aug 17, 2020)

leon315 said:


> Isn't gihub entirely owned by Microsoft?
> 
> ALL heard through years that Microsoft has hacker-proof servers.


I highly, HIGHLY doubt that they hacked Github in the way you're thinking. If you managed to crack Github and seize control over arbitrary repositories, wouldn't you use that to exfiltrate valuable intellectual property from private repositories that would be worth millions or even billions of dollars? A true hack of Github would be front-page news in major newspapers. Why in god's name would someone blow such a valuable exploit on an emulator front end? It just wouldn't make any sense. It seems far more likely that they stole the credentials from a server belonging to Retroarch or acquired their credentials some other way.


----------



## smf (Aug 17, 2020)

Dimensional said:


> Really? Which ones? mGBA? Dolphin? Parallel64? VBA-M? PPSSPP? Mesen? Nestopia? SNES9x? MAME? CEMU? Citra? Dosbox? ScummVM? Seriously wish to know which emulators are shitty and which aren't. I probably could name one or two that could easily be removed from their repository since better versions are around, but still wonder what you think are shitty and which aren't.



Yeah, it's not the emulators that is shitty


----------



## Dimensional (Aug 17, 2020)

ChaosEternal said:


> I highly, HIGHLY doubt that they hacked Github in the way you're thinking. If you managed to crack Github and seize control over arbitrary repositories, wouldn't you use that to exfiltrate valuable intellectual property from private repositories that would be worth millions or even billions of dollars? A true hack of Github would be front-page news in major newspapers. Why in god's name would someone blow such a valuable exploit on an emulator front end? It just wouldn't make any sense. It seems far more likely that they stole the credentials from a server belonging to Retroarch or acquired their credentials some other way.


Been reading up, the hacker did some Spear Phishing, which is what allowed them to learn the credentials of one of the contributors for the repository, thereby getting access. And apparently what they did was also add themselves as a new contributor so they could do it without losing access if the hacked account's password gets changed. Fortunately they were caught before they were able to do any more damage.


----------



## Deleted User (Aug 17, 2020)

sound like an internal conflict with a grudge to me


----------



## Dimensional (Aug 17, 2020)

smf said:


> Yeah, it's not the emulators that is shitty


Well.... the interface does have a learning curve, I'll admit. But it's not exactly shitty. Just needs a lot more work. The Desktop UI is still a WIP, but any more it's progressing, and hopefully we'll be able to drag-n-drop and change settings without having to scroll through menu options and sub-menus one by one.


----------



## Obveron (Aug 17, 2020)

I'm surprised there aren't local backups of this sort of thing.  Even when you add up all the branches, platforms, and documentation, it can't be much more than a dozen gigabytes.
Github is supposed to be for publishing your work, not for being the only copy.


----------



## Joom (Aug 17, 2020)

Silent_Gunner said:


> Is it just me, or does it seem like hackers have been more active than usual this year?


It's because of quarantine. This has been confirmed for a while now. More people are working from home who don't know how to implement security measures on their network, and hackers know this. There's also a lot of boredom in the world right now, and as the saying goes, if you put a thousand monkeys in a room with type writers one is bound to write a screenplay.


----------



## duwen (Aug 17, 2020)

Joom said:


> There's also a lot of boredom in the world right now, and as the saying goes, if you put a thousand monkeys in a room with type writers one is bound to write a screenplay.


That also explains all the shit on VOD streaming platforms right now too... except in that instance it seems like all thousand monkeys are having their screenplays produced.


----------



## Solid One (Aug 17, 2020)

Damn, why hack RetroArch servers and repos? They're doing an excelent job maintaining a lot of emulators within a same interface, and even having a pretty decent netplay functionality. I use them a lot in RetroPie, in a Raspberry Pi.

I understand if some of the guys behind RetroArch were doing something wrong somehow, just like the guy from Final Burn Alpha that sold the emulator to Capcom without consulting other contributors, which culminated in a new fork called Final Burn Neo. But I haven't seen anything like this from RetroArch's side, which leads me to think the hackers that have done this are kinda the 'wrong guys' here.

Anyway, hope they can get RetroArch back. It's an awesome open source project that shouldn't die like this.


----------



## m4xw (Aug 17, 2020)

linuxares said:


> Don't anyone of them have a local backup?


We do have backups of all things, restore takes like 30h+ still tho, from the time of writing.


----------



## Raylight (Aug 17, 2020)

Probably Karma for the main dev and his shit ive heard about.


----------



## atoxique (Aug 17, 2020)

Raylight said:


> Probably Karma for the main dev and his shit ive heard about.



explanation please? i


----------



## tigersaman (Aug 17, 2020)

simple ftp backup space for 300gb costs like 5 bucks a month. are they really that desperate ?


----------



## Clydefrosch (Aug 17, 2020)

fine, I'll chip in, I'll just hope this wasn't just a clever ploy to make it to that milestone.


----------



## m4xw (Aug 17, 2020)

tigersaman said:


> simple ftp backup space for 300gb costs like 5 bucks a month. are they really that desperate ?


Tenfold the amount of data and add 7 day retention time.
You also want a redundant copy offsite in a different datacenter as well (relevant for new infra).


----------



## smf (Aug 17, 2020)

Solid One said:


> Damn, why hack RetroArch servers and repos? They're doing an excelent job maintaining a lot of emulators within a same interface,



If they'd done it without pissing so many people off and begging for $ and getting more than the emulator developers (who put way more work in than retroarch) then I might agree.

There are a lot of emulator developers who are not shedding a tear over the hack.


----------



## PatrickD85 (Aug 17, 2020)

Wow ... that sucks big time for a project as vig as Retroarch/Libretro.
Especially as they did so much good for gamers all around the globe.
Only people who might not like them ... are gaming companies themselves ... but they wouldn't ... or would they?


----------



## Raylight (Aug 17, 2020)

atoxique said:


> explanation please? i


the main dev has been known to harass other devs and be a real dick to pl who dont share his beliefs that every emu should be open source and will smack talk about it to no end


----------



## evertonstz (Aug 17, 2020)

Shalashaska98 said:


> No backups? I backup my old games at least in 3 places could and drives....
> 
> Conspiracy theory: Retroarch need some donations so they pretended to be hacked. ...jk



Oh yeah, kid, you backing your library in three places is just the same as backing up multiple git repositories that have literally years of commits and builds plus the redundancy and automation.

Jesus Christ, that's why nobody likes developing emulators/homebrew anymore, non coders think they know everything about everything because they coded "hello world" by seeing a youtube video and shitpost in internet forums.


----------



## smf (Aug 17, 2020)

Raylight said:


> the main dev has been known to harass other devs and be a real dick to pl who dont share his beliefs that every emu should be open source and will smack talk about it to no end



Not just him, I heard byuu quit the scene after being hounded by mudlord for 6 years.



Shalashaska98 said:


> Conspiracy theory: Retroarch need some donations so they pretended to be hacked. ...jk



I wouldn't be surprised, but I think this just landed on them by surprise and just gave them an excuse to ask for more $$$

Either way, nobody should ever give them any money.


----------



## Joom (Aug 17, 2020)

PatrickD85 said:


> but they wouldn't ... or would they?


They wouldn't. Gaming companies don't give a single care about emulators unless they do something illegal. If nobody remembers, this also happened to Luma's Git because someone who had access used the same password on a site that was compromised. This kind of stuff isn't uncommon. Disgruntled developers who have access have done this in the past as well.


----------



## PatrickD85 (Aug 17, 2020)

Joom said:


> They wouldn't. Gaming companies don't give a single care about emulators unless they do something illegal. If nobody remembers, this also happened to Luma's Git because someone who had access used the same password on a site that was compromised. This kind of stuff isn't uncommon. Disgruntled developers who have access have done this in the past as well.


I hope you are right when it comes to that. But they shouldnt indeed totally agree on that.

As for passwords etc. From my multiple years in the hosting space ... I learned to never re-use any password.
Otherwise you get a domino effect rather simple.


----------



## FAST6191 (Aug 17, 2020)

I am going to need some help understanding this build server scenario/general setup and how it could go so wrong here.

As I understand it
Retroarch itself is a frontend for emulators but I assume each of the "cores" (that being other existing emulators things boot into/load from and retroarch presumably handling some of the issues with save locations, controller settings, graphics setups and the like) all want their own special versions of compilers, packers, asset tweaking and whatever else in addition to the main project both as getting everything on the same page (or same page for what can be if there are very disparate languages) is a nightmare and the cores themselves are external projects that the devs are presumably happy enough with their own build setups and don't want to change it on account of this (see also the far from unjustified apathy and indifference, or worse, from various emulator devs towards this project).
Not a makefile/build batch file I would want to make from scratch, and I can well imagine a few of those tools conflicting so needing to be isolated after a fashion (whether other paravirtualisation, full virtualisation, sandboxie or custom to appear as another I don't know). All this multiplied again as various target architectures exist rather than just Windows X86/X64 PC though I am not sure how tied in they are (things vary somewhat).

Also good reason to have a remote version of the compiler setup so randoms, or a mainline dev playing on a tablet somewhere, just wanting to type a bit of C on an evening or whatever to squash a bug or tweak a feature don't have to install the complete build setup or figure out a piecemeal variant for their particular emulator/"core" of choice. Personally I would have probably gone for the piecemeal approach and precompiled versions some of the Linux "we like source code" distros operate with but I can see that being additional maintenance and not gaining the absolute most.

So anyway this many stacked containers/virtual machines added up to something notable it seems, above someone claiming hundreds of gigs (an impressive amount for a few compilers but I can see it, especially if full VM approaches are adopted/needed).
At the same time was development/alteration so fast paced that something in the order of a once a month (or few months) backup is so impossibly far behind the curve as to be useless? If it is container and VM based then that surely also lends itself to even more able to keep current (500 gigs is nothing special but can be a slight imposition, especially if you are somewhere backwards like the US and have bandwidth caps in addition to already "some dude with some flags" bandwidth) not entirely differently to how git works itself.
So now single point of failure and enough people with admin creds presumably that someone utilised a lesser guarded (or maybe forgotten) address with a nice bit social engineering to press the delete button, for which github has no restore option.

Guess then the usual lesson of never too big, never too small, never too virtuous and never too careful to not have backups. Could also be a good time to revisit a monster if it is going to be several hundred gigs and make it more robust.

Sucks I guess, but at the same time if I ask the "what has retroarch ever done for us?" question I can see why several are not particularly distraught and saying this is going to set back the state of emulation a while.


----------



## Joom (Aug 17, 2020)

evertonstz said:


> Oh yeah, kid, you backing your library in three places is just the same as backing up multiple git repositories that have literally years of commits and builds plus the redundancy and automation.


You're not wrong. Backing up code is actually easier. Redundancy and retention are also trivial. It's not like making a Git archive is hard, either. It's an available feature on the main page of every repo. Usually everyone involved also has the repo available locally.

@m4xw, maybe you guys could look into renting a Kimsufi box. They're an OVH reseller with very fair prices for the specs offered. If all you really need is storage, they're perfect. I've ran a seedbox with them for several years with no issues.


----------



## Agusto101 (Aug 17, 2020)

I don't really understand why would someone hack retroarch its not even a company or something just a normal app full of emulators, btw this are not going to stop them is just a little trouble, I'm a dev too and know that pain in the ass.


----------



## Joom (Aug 17, 2020)

Agusto101 said:


> I don't really understand why would someone hack retroarch its not even a company or something just a normal app full of emulators, btw this are not going to stop them is just a little trouble, I'm a dev too and know that pain in the ass.


For teh lulz, of course. That's exactly what happened here.


----------



## The Real Jdbye (Aug 17, 2020)

Well, that's some shit. But at least they didn't inject malware into the builds, which has happened to other projects in the past.


----------



## m4xw (Aug 17, 2020)

Joom said:


> You're not wrong. Backing up code is actually easier. Redundancy and retention are also trivial. It's not like making a Git archive is hard, either. It's an available feature on the main page of every repo. Usually everyone involved also has the repo available locally.
> 
> @m4xw, maybe you guys could look into renting a Kimsufi box. They're an OVH reseller with very fair prices for the specs offered. If all you really need is storage, they're perfect. I've ran a seedbox with them for several years with no issues.


Git isnt the issue, the non virtualized server is, if you wan't a proper backup its a full 2TB disk image.
I only took over this server, so for me its just tons of legacy scripts and we are in the process of creating a reproduceable pipeline by virtualizing and containerizing the buildbot anyway.
Also we will move to Hetzner, currently already using their storage solution, but as you can think a 2TB backup is easily days of downtime, the current bot just doesnt allow it without missing out _some_ things (and the _some_ part will by universal law, the most crucial thing at the time)


----------



## Sizednochi (Aug 17, 2020)

The cool part is that their patreon monthly contribution amount is up from $1100 before the incident to a whopping $1700+. So yeah, congrats to the hacker I guess? lul


----------



## Joom (Aug 17, 2020)

m4xw said:


> Git isnt the issue, the non virtualized server is, if you wan't a proper backup its a full 2TB disk image.


I know Git isn't the issue here. This is also why I recommended a Kimsufi box, because I kind of assumed everything en masse was a decently sized collection. I rent a 2 TB VDS for $25 a month. If you need more, the scale in price for storage is very affordable. But if you already have a solution, don't worry about it.


----------



## m4xw (Aug 17, 2020)

Joom said:


> I know Git isn't the issue here. This is also why I recommended a Kimsufi box, because I kind of assumed everything en masse was a decently sized collection. I rent a 2 TB VDS for $25 a month. If you need more, the scale in price for storage is very affordable. But if you already have a solution, don't worry about it.


We get 5TB for that price.


----------



## smf (Aug 17, 2020)

Sizednochi said:


> The cool part is that their patreon monthly contribution amount is up from $1100 before the incident to a whopping $1700+. So yeah, congrats to the hacker I guess? lul



Fools and their money are easily parted.


----------



## m4xw (Aug 17, 2020)

The backup storage funds are really less important than actually the buffer for the transition to the new infra due to setup costs (200+ bucks) as well as having both systems run in parallel for a transition period (thus doubling our server costs for that period) ,so we can ensure undisrupted service and still quick access to the files instead of a month of downtime altogether (we planned this for months already but then covid happened and servers werent in restock).
I think the blog post puts the wrong emphasis out. The current bot would be useless with automatic backups, it produces more data than we could even save away without basically DOS'ing ourselves the way its currently structured and this is a way more urgent matter (on top of breaking the consistency would throw you back to the same state like only doing a backup every half a year because so much volatile data and nobody knows which glue scripts got added over the years).
I was literally prepared for a fallout anytime tho since the HDD's run since 8years or so and are not even secured by a raid (which is ridiculous at the cost of the 100tb server, I literally get 2 servers with nearly simliar/better spec for that price in a different datacenter).

At least I can tell you we will put the money to good use to fix that legacy mess, but the 100$ extra allocated for a backup budget wont be much of a concern till all that is resolved (we plan on handling 4-8TB on data)

Suddenly 1k gone , btw little sidenote I was already planning to pay the setup costs of my private money, but seems we might just be able to cover the costs!
So your help is def. appreciated.


----------



## Beerus (Aug 17, 2020)

why whats the point smh


----------



## Joom (Aug 17, 2020)

m4xw said:


> We get 5TB for that price.


Well there you go then. But this begs the question as to why the cost of storage has been a problem, or am I conveniently missing something?

Edit: You ninja answered me, heh.


----------



## mathew77 (Aug 17, 2020)

Must punish script-kiddies who is responsible for this. Do not forgive. Do not forget!..


----------



## Tatsuna (Aug 17, 2020)

Silent_Gunner said:


> Is it just me, or does it seem like hackers have been more active than usual this year? Because it seems like a lot of high profile hacks/leaks/and breaches have occurred regarding stuff that's kind of trivial, all things considered.
> 
> Like, I remember when hacking groups would target corporations because said corporations were corrupt and/or in the moral wrong, but now, Nintendo's gotten three/four different leaks this year, and now we have RetroArch getting hacked.


Why, is RetroArch bad? I'm wondering out of curiosity -- I don't know anything about that.


----------



## m4xw (Aug 17, 2020)

Joom said:


> Edit: You ninja answered me, heh.


Yea its like panic mode engaged on the reporter and I was asleep


----------



## SuperDan (Aug 17, 2020)

ThE Fuckin Kunts WHY <?>?<??>


----------



## Joom (Aug 17, 2020)

m4xw said:


> The current bot would be useless with automatic backups, it produces more data than we could even save away without basically DOS'ing ourselves the way its currently structured


So why not split the load between it and rsync, and decrease the bot's workload as to not cause unnecessary overhead? Surely someone has the resources to solely dedicate to the bot, and another could use rsync to only sync on a set time interval. I feel like resource management itself is the real problem here. Then again, I only have the mind frame for projects that are considerably smaller than RetroArch. I more have a proclivity for data retention itself, too, so I probably don't have a dog in this race due to sheer ignorance.


Tatsuna said:


> Why, is RetroArch bad? I'm wondering out of curiosity -- I don't know anything about that.


It itself isn't. I guess uppity fan boys are gonna blame them for swagger jacking (which is dumb because emulator core devs support front-end development since it makes it easier on their users), but from what I can tell, the problem lies within the belief system of the lead dev who I guess flaunts a sense of arrogance.


----------



## Deleted member 532471 (Aug 17, 2020)

Is it that surprising
Some time ago I set up a password protected netplay session to play with a friend and someone hacked into our room almost immediately.
They made it in faster than my friend, who I was in a call with
Retroarch is not safe


----------



## m4xw (Aug 17, 2020)

Joom said:


> So why not split the load between it and rsync, and decrease the bot's workload as to not cause unnecessary overhead? Surely someone has the resources to solely dedicate to the bot, and another could use rsync to only sync on a set time interval. I feel like resource management itself is the real problem here. Then again, I only have the mind frame for projects that are considerably smaller than RetroArch. I more have a proclivity for data retention itself, so I probably don't have a dog in this race due to sheer ignorance.


This would add more costs, all this will come free of charge with the new infra.
Its a legacy mess


----------



## Joom (Aug 17, 2020)

zupi said:


> Is it that surprising
> Some time ago I set up a password protected netplay session to play with a friend and someone hacked into our room almost immediately.
> They made it in faster than my friend, who I was in a call with
> Retroarch is not safe


Now this intrigues me. Does RetroArch not use encryption, thus making MitM attacks possible? It's also quite possible that you had a keylogger at the time without knowing. This said, what does one benefit from joining a private netplay lobby?


----------



## m4xw (Aug 17, 2020)

Joom said:


> Now this intrigues me. Does RetroArch not use encryption, thus making MitM attacks possible?


Lobby is unsafe by design, a malicious actor can pause lock any game, this requires chcanges in the code and lobby system.
Mitm isnt a concern here, dunno about password protection tho.
Certainly not enterprise grade


----------



## Joom (Aug 17, 2020)

m4xw said:


> Lobby is unsafe by design, a malicious actor can pause lock any game, this requires chcanges in the code and lobby system.
> Mitm isnt a concern here, dunno about password protection tho.
> Certainly not enterprise grade


Well, it's understandable. I edited my post to reflect a stupid epiphany; what could one benefit from circumventing their way into a protected lobby? I have to imagine that it doesn't offer a wide open attack vector, so it's more trolly than anything.


----------



## m4xw (Aug 17, 2020)

Joom said:


> Well, it's understandable. I edited my post to reflect a stupid epiphany; what could one benefit from circumventing their way into a protected lobby? I have to imagine that it doesn't offer a wide open attack vector, so it's more trolly than anything.


Pure troll reason
No RCE afaik, but maybe in one ver over the years


----------



## Obveron (Aug 17, 2020)

What? There's 3 terabytes of retroach data?


----------



## m4xw (Aug 17, 2020)

Obveron said:


> What? There's 3 terabytes of retroach data?


2TB on current, 3TB projected on new infra.


----------



## Obveron (Aug 17, 2020)

m4xw said:


> 2TB on current, 3TB projected on new infra.


Ok but thats a full server image right?   If you just wanted to backup the actual database, like source code of all branches of all platforms, plus documentation, etc surely that would compress down to far less?  This is the stuff you want to backup in real time, or atleast daily.

Things like a server core image if you exclude the database, shouldn't change as often and in theory could be rebuilt from scratch if you lost the image.


----------



## Hambrew (Aug 17, 2020)

So... was it wrong of me to update my nightly Retroarch app?


----------



## Joom (Aug 17, 2020)

Obveron said:


> Ok but thats a full server image right?   If you just wanted to backup the actual database, like source code of all branches of all platforms, plus documentation, etc surely that would compress down to far less?  This is the stuff you want to backup in real time, or atleast daily.
> 
> Things like a server core image if you exclude the database, shouldn't change as often and in theory could be rebuilt from scratch if you lost the image.


You have to take into consideration that the image also contains the build environment. For production, you need this kind of image.


Hambrew said:


> So... was it wrong of me to update my nightly Retroarch app?


No, you're fine.


m4xw said:


> No RCE afaik, but maybe in one ver over the years


That's good. That would require something much more than just poor authorization handling anyway, and again, this isn't a priority or pertinent to emulation itself, so it's understandable that netplay is just "meh" status. I mean, it's just a UDP connection, so there might be a way to turn it into a DoS at the very least, but I kinda doubt it.


----------



## Worldblender (Aug 17, 2020)

I wonder, does there exist mirrors of all the Retroarch stuff on other services such as GitLab, or that has never been considered before?


----------



## Silent_Gunner (Aug 17, 2020)

zupi said:


> Is it that surprising
> Some time ago I set up a password protected netplay session to play with a friend and someone hacked into our room almost immediately.
> They made it in faster than my friend, who I was in a call with
> Retroarch is not safe



Solution is quite simple: use Parsec. I tried it and, when the connection is good, outside of maybe some compression here and there, it's like you're playing the game in the same room with the person in terms of lag and the usual problems that are associated with streaming games.

Or does Parsec have "hacker-jumping-into-private-lobbies" problems as well?


----------



## mituzora (Aug 17, 2020)

At least some of the cores are hosted on AUR, so they can at least get a base of the cores from there.  So that's good news at least.  It's stupid that GitHub said they can't do anything.  they're owned by big-pocket Microsoft, and you can't tell me they don't do something akin to VSS copies on every repository.


----------



## tigersaman (Aug 17, 2020)

m4xw said:


> Tenfold the amount of data and add 7 day retention time.
> You also want a redundant copy offsite in a different datacenter as well (relevant for new infra).


so ... you have 3 terabyte of code and stuff on server ? how ? what do you store there ? and 7 day retention with is like 10 or 20 percent more than original so even if there is realy 3 terabytes of data it cost around 60 bucks. and 60 more bucks for another one on another datacenter. still i can't believe there is 3 terabytes of data there.

ps: I just did a quick search and it's way cheaper the more you go up in storage. your argue is totally invalid.

edit: I just read your other answers and it seems money was not a major problem. there is a lesson to be learned in this situation. i'm a website developer and i learned the lesson the hard way. BACKUP IS THE MOST IMPORTANT THING !


----------



## m4xw (Aug 17, 2020)

tigersaman said:


> so ... you have 3 terabyte of code and stuff on server ? how ? what do you store there ? and 7 day retention with is like 10 or 20 percent more than original so even if there is realy 3 terabytes of data it cost around 60 bucks. and 60 more bucks for another one on another datacenter. still i can't believe there is 3 terabytes of data there.
> 
> ps: I just did a quick search and it's way cheaper the more you go up in storage. your argue is totally invalid.
> 
> edit: I just read your other answers and it seems money was not a major problem. there is a lesson to be learned in this situation. i'm a website developer and i learned the lesson the hard way. BACKUP IS THE MOST IMPORTANT THING !


I know that from my own experience as well, the server doesnt run a raid and didn't have a backup in 8 years!
Just wouldnt touch that shit without at least a copy if i cant do a snapshot, lol.
It will take a while to clean all that up if the funding is secured.
Talking about hundreds of Build rules for CI/CD for dozens of platforms..


----------



## Silent_Gunner (Aug 17, 2020)

m4xw said:


> 2TB on current, 3TB projected on new infra.



You have this backed up locally, I hope? Because I don't know about Germany, but over here in the US, getting even an external 5TB HDD can be pretty cheap. I know Best Buy had a sale recently on some easystore Western Digital external HDDs that's now done, but you could get a 5TB variant of it for less than $100!

That being said, after my previous main PC went up in smokes (not literally, thank god, the mobo just died), I usually try to use the internal SSD as little as possible other than for some games here or there due to it being a M.2 drive, and data being a little bit more of a hassle to recover in terms of acquiring an adapter from what I remember.


----------



## m4xw (Aug 17, 2020)

Silent_Gunner said:


> You have this backed up locally, I hope? Because I don't know about Germany, but over here in the US, getting even an external 5TB HDD can be pretty cheap. I know Best Buy had a sale recently on some easystore Western Digital external HDDs that's now done, but you could get a 5TB variant of it for less than $100!
> 
> That being said, after my previous main PC went up in smokes (not literally, thank god, the mobo just died), I usually try to use the internal SSD as little as possible other than for some games here or there due to it being a M.2 drive, and data being a little bit more of a hassle to recover in terms of acquiring an adapter from what I remember.


Its backed up in a german datacenter right at the backbone 
Otherwise this would take a few weeks more, hah.


----------



## Ericthegreat (Aug 17, 2020)

Someone has to have backups.


----------



## the_randomizer (Aug 17, 2020)

GitHub customer service is fucking stupid, no wonder because Microsoft owns it.

And also to the hacker who did this, you can screw off.  This is such BS >.>



Jokey_Carrot said:


> lul imagine using retroarch



Lol imagine being a troll



smf said:


> If they'd done it without pissing so many people off and begging for $ and getting more than the emulator developers (who put way more work in than retroarch) then I might agree.
> 
> There are a lot of emulator developers who are not shedding a tear over the hack.



Yeah and they're all conceited jerks too, I'm sure


----------



## Pickle_Rick (Aug 17, 2020)

smf said:


> If they'd done it without pissing so many people off and begging for $ and getting more than the emulator developers (who put way more work in than retroarch) then I might agree.
> 
> There are a lot of emulator developers who are not shedding a tear over the hack.


Do those devs plan on porting their emus to every platform RetroArch supports? Then maintaining it? NO? Then they can piss off.

Where is the native port of Gambatte to 3DS? Nestopia? Mame? FBN? Dosbox? Etc, etc...
They don't exist? That's what I thought. The devs who hate RA for these petty reasons piss ME off.


----------



## Silent_Gunner (Aug 17, 2020)

Pickle_Rick said:


> Do those devs plan on porting their emus to every platform RetroArch supports? Then maintaining it? NO? Then they can piss off.
> 
> Where is the native port of Gambatte to 3DS? Nestopia? Mame? FBN? Dosbox? Etc, etc...
> They don't exist? That's what I thought. The devs who hate RA for these petty reasons piss ME off.



Final Burn was ported to other systems standalone before, was it not? Or have things changed over there due to the shenanigans that went down over the emulator being used in that one Capcom arcade stick that honestly kind of looks cool, but is more of a collector's item than anything.


----------



## Pickle_Rick (Aug 17, 2020)

Silent_Gunner said:


> Final Burn was ported to other systems standalone before, was it not? Or have things changed over there due to the shenanigans that went down over the emulator being used in that one Capcom arcade stick that honestly kind of looks cool, but is more of a collector's item than anything.


It was but not officially and it wasn't maintained. Regardless my point is that they don't support every platform RA does. There is a tangible benefit that RA gives people that they may want to pay for.


----------



## Kubas_inko (Aug 18, 2020)

Why would anyone hack an open-source project?


----------



## Silent_Gunner (Aug 18, 2020)

Kubas_inko said:


> Why would anyone hack an open-source project?



Because they're dicks.


----------



## 64bitmodels (Aug 18, 2020)

VinsCool said:


> I would love to see you do better.


as much as i like retroarch...
you can just fuck off, this "id LOvE TO see YOu do BETTeR" attitude is complete cancer
you shouldnt have to be an expert in emulator/frontend development to criticize an emulator or not like it


----------



## VinsCool (Aug 18, 2020)

64bitmodels said:


> as much as i like retroarch...
> you can just fuck off, this "id LOvE TO see YOu do BETTeR" attitude is complete cancer
> you shouldnt have to be an expert in emulator/frontend development to criticize an emulator or not like it


Because you think that poster's attitude was better? Please.


----------



## 64bitmodels (Aug 18, 2020)

=


Pickle_Rick said:


> Do those devs plan on porting their emus to every platform RetroArch supports? Then maintaining it? NO? Then they can piss off.
> 
> Where is the native port of Gambatte to 3DS? Nestopia? Mame? FBN? Dosbox? Etc, etc...
> They don't exist? That's what I thought. The devs who hate RA for these petty reasons piss ME off.


i dont think even a new 3ds could handle mame, fbn, or dosbox.


----------



## HaloEffect17 (Aug 18, 2020)

Silent_Gunner said:


> Is it just me, or does it seem like hackers have been more active than usual this year? Because it seems like a lot of high profile hacks/leaks/and breaches have occurred regarding stuff that's kind of trivial, all things considered.
> 
> Like, I remember when hacking groups would target corporations because said corporations were corrupt and/or in the moral wrong, but now, Nintendo's gotten three/four different leaks this year, and now we have RetroArch getting hacked.


Well, when you're stuck at home...


----------



## the_randomizer (Aug 18, 2020)

64bitmodels said:


> as much as i like retroarch...
> you can just fuck off, this "id LOvE TO see YOu do BETTeR" attitude is complete cancer
> you shouldnt have to be an expert in emulator/frontend development to criticize an emulator or not like it



Oh my, someone forgot their Prozac this morning. If you don't like RetroArch fine, but don't be a condescending prick about it or be fine with them being hacked, etc.

Use standalone emulators and stop bitching about "but it's hard to use!"


----------



## Silent_Gunner (Aug 18, 2020)

64bitmodels said:


> =
> 
> i dont think even a new 3ds could handle mame, fbn, or dosbox.




Except that it kind of can, as someone who tried to play KOF98 on it like, a month ago.

This is Silent_Gunner of the Thug Wire, and facts don't fucking care about your feelings!

Now, if only RetroArch didn't take 10 minutes to load a game on the New 3DS...anyone know why it does?


----------



## Dinomite (Aug 18, 2020)

Ohh, where's my popcorn....Juicy news!

What kid of "developers" don't backup their work and rely on Micro$oft to back it up for them? Sounds like incompetence to me.


----------



## Joom (Aug 18, 2020)

Silent_Gunner said:


> anyone know why it does?


The 3DS has really bad I/O. Not much can be done about it.


----------



## KingAsix (Aug 18, 2020)

Definitely surprised that 2FA isn't being used.


----------



## AutumnWolf (Aug 18, 2020)

JinTrigger said:


> Definitely surprised that 2FA isn't being used.


Join me and the tinfoil hat gang


----------



## Silent_Gunner (Aug 18, 2020)

Dinomite said:


> Ohh, where's my popcorn....Juicy news!
> 
> What kid of "developers" don't backup their work and rely on Micro$oft to back it up for them? Sounds like incompetence to me.



Honestly, these devs should just use some of the money they get donated and get themselves this HDD I just got: https://www.bestbuy.com/site/wd-eas...able-hard-drive-black/6406512.p?skuId=6406512

@m4xw, if I remember right, said he'd need about 5TB total to have a reliable backup of everything for RA. So why not? $100 isn't exactly a lot compared to some of the stuff I've bought personally. If he or whoever's responsible on the RA team wanted, there's even bigger HDDs that I'd argue are pretty affordable compared to how much they used to cost.

At the very least, it'd allow them to have a complete backup on their own personal hands to rely upon!


----------



## HarveyHouston (Aug 18, 2020)

Ouch! That smarts, I bet. If libretro reads this, I have a suggestion: perhaps he can make a copy of his work on GitLab, as well as GitHub? It's a free repo place, too. It has its own perks, including GitHub integration. Just a thought.


----------



## Captain_N (Aug 18, 2020)

Some basement troll must a got board that his E-Penis was to small.

I see they needed cash for regular backups of the site/repos... 
Why cant they have the server data sent to a computer on one of the admins home connection? Is that above their skill set? We are not talking about 100 terabytes of data here. They dont need to pay a service to make backups.  

Any repos that are updated/created can just be uploaded to one of their own home computers. an 8TB external WD drive is often on sale for under $179. you can often find working drives from old dvr boxes in the trash if they cant buy new drives.

As you all can see they restored it so someone must be smart enough to have off site backups.
Maybe someone on /r/datahoarders musta helped them....


----------



## m4xw (Aug 18, 2020)

Silent_Gunner said:


> Honestly, these devs should just use some of the money they get donated and get themselves this HDD I just got: https://www.bestbuy.com/site/wd-eas...able-hard-drive-black/6406512.p?skuId=6406512
> 
> @m4xw, if I remember right, said he'd need about 5TB total to have a reliable backup of everything for RA. So why not? $100 isn't exactly a lot compared to some of the stuff I've bought personally. If he or whoever's responsible on the RA team wanted, there's even bigger HDDs that I'd argue are pretty affordable compared to how much they used to cost.
> 
> At the very least, it'd allow them to have a complete backup on their own personal hands to rely upon!


4-8TB x 7 is the worst case of storage usage.
Probably more like 15TB storage will be required for continuous replication


----------



## Silent_Gunner (Aug 18, 2020)

m4xw said:


> 4-8TB x 7 is the worst case of storage usage.
> Probably more like 15TB storage will be required for continuous replication



Is that for mirroring every small change made to whatever you and other RA devs work on? 

I guess I'm looking at it from a "guy working alone, only uses the backup HDD for archival purposes" perspective.


----------



## m4xw (Aug 18, 2020)

Silent_Gunner said:


> Is that for mirroring every small change made to whatever you and other RA devs work on?
> 
> I guess I'm looking at it from a "guy working alone, only uses the backup HDD for archival purposes" perspective.


We are talking about the whole production infrastructure from webserver, build envs, etc.


----------



## Silent_Gunner (Aug 18, 2020)

m4xw said:


> We are talking about the whole production infrastructure from webserver, build envs, etc.



Well...

...that sounds a bit more complicated than what I use my backup HDDs for...if only I was out of debt and owned a Synology and some WD Red HDDs that are full fledged HDDs and not those SMR ones.


----------



## Jay1983 (Aug 18, 2020)

I have a recent set of files for Android version, if they need that and there's a place to send it.
Not all cores though ... Nintendo, Sega, Sony systems and Atari 2600.


----------



## 64bitmodels (Aug 18, 2020)

the_randomizer said:


> Oh my, someone forgot their Prozac this morning. *If you don't like RetroArch fine, but don't be a condescending prick about it or be fine with them being hacked, etc.*
> 
> Use standalone emulators and stop bitching about "but it's hard to use!"





64bitmodels said:


> _*as much as i like retroarch...*_


really don't know where you got that one from, i also don't think retroarch is very hard to use.  i just think people should stop saying "you should be able to do better" to people who don't like their favorite software or thing- thats putting you on the same level as the jackass poster that says "lol WHO USES reTrOArCh lolOLoL whAT A PiECE of sHIT SoFtWARE LOLOLoL sO GLAd THeY gOT hAckeD loloLOL"
you shouldnt have to be a programmer or a emulator developer to not like retroarch. when someone says something like "id love to see you do better" or "let me see you make your own *insert software/game here*" it just immediately ticks me off- stuff like that on the internet is so toxic


----------



## HideoKojima (Aug 18, 2020)

evertonstz said:


> Oh yeah, kid, you backing your library in three places is just the same as backing up multiple git repositories that have literally years of commits and builds plus the redundancy and automation.
> 
> Jesus Christ, that's why nobody likes developing emulators/homebrew anymore, non coders think they know everything about everything because they coded "hello world" by seeing a youtube video and shitpost in internet forums.


Know it all boy lol


----------



## raxadian (Aug 18, 2020)

Well I don't have any Retroarch installed save the Sega Genesis and SNES emulators for 3DS and I haven't updated those since last year.  

This just shows why having backups is so important.


----------



## Bladexdsl (Aug 18, 2020)

someones pissed that they couldn't get retroarch to work or maybe because it's so bad on the switch?


----------



## PerfectB (Aug 19, 2020)

There's lots to process here. The lack of backup/fail over/redundancy for the builds is whatever. I'm a big proponent of backups because I've never needed them until I needed them and getting cavalier has cost me data a time or two myself. 

Gaining access to both the buildbot and GitHub points to password reuse, lack of MFA (or, email MFA plus password reuse). Glancing at the repo in its current state, the only 'Verified' commits are merged PRs through GitHub's web interface. I wish they wouldn't even apply that status unless the account in question was secured by one of the heavier forms of MFA. 

I guess my expectation tends towards higher profile projects using security mechanisms that are already in place. SSH and PGP keys are easy enough to revoke, SMS or TOTP MFA are trivial to implement. 

Anyway, I've used RetroArch but a cursory Google search reveals that there's likely a number of individuals willing to go to these lengths to harm the project. The only real personal complaint I have is the push/pull between speed and accuracy that comes with retro emulation becoming more mainstream. Raspberry Pis are great, but the idea of full emulation setups at two figure price points certainly attracts "team speed"


----------



## smf (Aug 19, 2020)

Pickle_Rick said:


> Do those devs plan on porting their emus to every platform RetroArch supports?



That is like saying that it's ok to hit your wife when you get home from work, because you pay the bills.


----------



## MetoMeto (Aug 19, 2020)

Nintendo hackers taking a revenge!

--------------------- MERGED ---------------------------



uludag said:


> Oh, I summon all of you 4chan lurkers
> Hunt that f***er down. Give him what he deserves.


----------



## SilverWah (Aug 19, 2020)

'Haha Imma hack someone's stuff and they go cry while I go brrr moar haxx!'

Please find something useful to do with your sad pathetic life.
Contribute to society and find a fucking job.


----------



## mrnintendoguy (Aug 19, 2020)

oh this is why i couldnt download retroarch yesterday.


----------



## PROTOBOY (Aug 20, 2020)

Does anyone knows if the servers are up again???


----------



## ChiefReginod (Aug 21, 2020)

PROTOBOY said:


> Does anyone knows if the servers are up again???


The main download page is up. EDIT: Only some builds are up.
The buildbot server (nightlies, older stable versions, etc) is still down.
Downloading/updating cores from the RetroArch menus is still down as well.

You can still download some stuff from from the Wayback Machine if you enter a direct link.


----------



## PROTOBOY (Aug 21, 2020)

ChiefReginod said:


> The main download page is up. EDIT: Only some builds are up.
> The buildbot server (nightlies, older stable versions, etc) is still down.
> Downloading/updating cores from the RetroArch menus is still down as well.
> 
> You can still download some stuff from from the Wayback Machine if you enter a direct link.


ahh okay 

thanks


----------



## malevka1 (Aug 22, 2020)

wow


----------



## ShadowOne333 (Aug 22, 2020)

The buildbot is now back online, though not at the same extend as it was before the attack
http://buildbot.libretro.com/

Right now some builds for multiple platforms have been compiled, but some of those builds might be prone to failure.
I recommend trying them out only if you have your previous build backed up in case some compilation went bad.

The @libretro buildbot is back alive and slowly starts building stuff again.Meanwhile we got the new Servers and started our work on the new Infra!— m4xw (@m4xwdev) August 21, 2020

Keep in mind, the downloader will still not work since I had to clean all old builds, otherwise lots of people would've downgraded by accident :PAlso expect the next Switch nightlies to be broken anyway, need to take a look and the toolchain on the bot isnt updated yet either.— m4xw (@m4xwdev) August 21, 2020


----------



## naughty_cat (Sep 28, 2020)

I bet it was someone hired by one of the 3 industry giants, if not all of them. One day a better hacker is gonna catch one of these guys red handed, and they're not gonna enjoy it.


----------

