Store Page
IL-2 Sturmovik: Battle of Stalingrad
All Discussions Screenshots Artwork Broadcasts Videos News Guides Reviews

IL-2 Sturmovik: Battle of Stalingrad

Store Page
This topic has been locked
Thomas Anderson Sep 11, 2022 @ 6:56pm
5
5
2
3
3
11
DO NOT BUY THIS GAME! The developers have a bad history of silencing their customers
First off, I don't want to write this, but I feel like I need to. I've had the game uninstalled for a while. Let me start by saying, this is a great game. It's really fun, amazing graphics, excellent flight simulation that you can customize to perfection. The VR aspect is frankly, unmatched at the moment.

But I'm never installing this game again. You see, I'm a professional systems analyst for one of the largest hospital chains in north america. As a result, I get a little paranoid about password security.

When I first bought this game way back in 2018, I found that the devs had left everyone's online password unencrypted in a plain text file. Now, if this was just an indie game from a new dev, that'd be forgivable. In fact, had 1CGS just fixed it and moved on, then I would have changed the review I left for this game to a positive one. But instead of acknowledging the mistake, 1CGS marked my review and tried to get Steam to remove it. Not only that, but discussion of it on their forums on their website was also removed.

Jason himself responded to my review to call it libel and said that they hadn't fixed the problem because there had never been a documented incident of the problem.

That's a lie. It had been acknowledged on their forums as far back as 2009.

https://forum.il2sturmovik.com/topic/28967-startupcfg-and-unencrypted-password/

https://forum.il2sturmovik.com/topic/32656-beware-your-login-data-is-stored-in-plane-text-in-installationfolderdatastartupcfg/

https://riseofflight.com/forum/topic/3851-user-account-and-password-clear-text/

This shows they were aware of the issue and went so far as to delete topics that mentioned the problem. These next links are removed, but can be verified if an internet archive captured it.

https://forum.il2sturmovik.com/topic/34650-password-stealing/

https://forum.il2sturmovik.com/topic/34167-game-saves-password-in-text-config-file-without-any-hashing/?tab=comments#comment-574533

In the review I left on Steam, Jason Williams also says there is already a fix in the works “However, we have plans to change how this information is stored” even though he contradicted himself by saying they weren’t aware of the problem. (Why were they working on a fix already if there were no reports of a problem? Lying?)

Now, the devs may come in and talk about doing a search to see if the 'password issue' is still there, but take notice that they'll not acknowledge if there was ever a password issue to begin with or if it was ever fixed.

TL;DR 1C was exposing all of their customers’ passwords in Il-2 Sturmovik and Rise of Flight for years – as far back as 2009 and anyone that brought it up was silenced or threatened with libel.

EDIT: Here's the post from the developer that was deleted (same old tactics) that Ash is referencing below where they purposefully worded their answer to skirt around acknowledging that the issue ever existed or was fixed.

https://i.imgur.com/vr0vFSy.png
Last edited by Thomas Anderson; Oct 1, 2022 @ 3:57pm
The author of this topic has marked a post as the answer to their question.
Click here to jump to that post.
Originally posted by Ashley 'Ash' J. WIlliams:
welp...

i was on the fence about this game when i first saw it, but i want to say something here. thomas is right. i read the review he posted and it stopped me and like a thousand other people from buying. i'm not over exaggerating. there are 1005 likes on that review. that's one followed by two zeros and a five.

like it or not, dude has made an impact. that's just a fact folks. to be quite honest, the password thing doesn't bother me, but any brainless idiot can understand how an exposed password can be dangerous. don't really care though. i saw how jason replied to thomas' review. it really made my jaw drop. business 101 - the customer is always right. if you call them a liar and threaten them with libel on a public forum when they're raising a legit worry - then no one is going to trust you. i for one don't want to give 777 the money now based solely on how the devs have responded to thomas. dude hasn't done anything beside ask for an answer as to why his review was treated like that.

i would sure like to know why the devs won't acknowledge the problem myself. i saw the other dev reply to him before all the spam was removed and to be honest, it was the shadiest answer i ever saw. sneakyRUS or something told everyone how to check and see that the issue wasn't there making thomas look like a liar but very carefully worded his post to not acknowledge that they screwed up passwords.

shady. as. hell.

oh look. thomas' review has 1006 likes now. and just because of all the white knights here, i'm making it 1007.

yall makin your community look like garbage by treating one reviewer like this here.

dudes right. a lot of us aren't commenting. we're just silently not giving this developer money after seeing the stank coming off the devs.

hope your review hits a million likes, thomas.

hey 777, if i were you, i'd at least apologize for that garbage you guys are pulling if you want to save any face. free advice. take it or leave it.

oh and in case yall wonderin.
the next most liked POSTIVE review for this game is 233 likes.
the next most liked NEGATIVE review is 721 likes.

you guys have a real problem but instead of addressing it or apologizing, yall gonna troll your critics. good luck with that. peace.
< >
Showing 1-15 of 110 comments
The Red Ace Sep 11, 2022 @ 7:21pm 
1
for hating this game.. This person loves copy/pasting the same comment every 3-4 days. Dude, it was 4 years ago, bad history is exactly that... History. Sure the developer made some poor decisions, but its time to let the past go and move on. You can sh*t on the devs all you want but people who already own the game will still play it and people will still buy it.
#1
Thomas Anderson Sep 11, 2022 @ 7:25pm 
It's not about those who have the game already though. As I keep saying. Its a warning to those that don't. You yourself acknowledge the developer's misdeeds. I'm just letting people know about them before they purchase.

Also hoping to get an answer from the devs themselves here, of course. For the misdeeds, that is, not necessarily for the password issue they don't acknowledge.
#2
The Red Ace Sep 11, 2022 @ 8:28pm 
yes, but if you already posted this for years now, don't you think you already got the point across? My online password is unique and have not had this problem yet. You responded to me 5 minutes after I commented which means you are 100% serious about a situation you mentioned... again said 4 years ago. Also, which password are you referring to? The IL2 sturmovik online account or the person's STEAM account, specifics were not mentioned.
#3
shadowgravy Sep 12, 2022 @ 4:38am 
2
I've come to the conclusion that Thomas Anderson is attempting to extort a ransom from 1C. This perpetually refreshed yet outdated review is the Steam equivalent of Yelp-bombing a small business until the owners pay for positive reviews. Thomas Anderson's previous comments like (paraphrased) "I'd be happy to change my review if..." and "by my fuzzy math I've costed 1C this much in revenue and I'll continue to until..." is to me plausible evidence that a cyber crime is in progress.

Or--to play on the white knight analogy Thomas Anderson uses against his detractors--he is tilting at windmills.
#4
3/4 MILE, CALL THE BALL Sep 12, 2022 @ 5:28am 
Originally posted by shadowgravy:
I've come to the conclusion that Thomas Anderson is attempting to extort a ransom from 1C.

This perpetually refreshed yet outdated review is the Steam equivalent of Yelp-bombing a small business until the owners pay for positive reviews.

a cyber crime is in progress

Concur
#5
Thomas Anderson Sep 12, 2022 @ 8:43am 
Hey guys, so all I see here are personal attacks. Nothing really to do with the subject at hand. That's fine if you want to do that. Those comments affect me less than my comments about your favorite vidya gaem, apparently. Just recognize that personal attacks against the person presenting an argument is the number 1 sign that the opposition has no defense to what's being proven. What's being proven?

That 1C exposed everyone's passwords.

Now, let me address a few things that were said here.

Originally posted by The Red Ace:
You responded to me 5 minutes after I commented which means you are 100% serious about a situation you mentioned... again said 4 years ago. Also, which password are you referring to? The IL2 sturmovik online account or the person's STEAM account, specifics were not mentioned.

You responded 5 minutes after I posted, then responded almost immediately again after I replied to it, yeah?

Yes. I am 100% serious. Exposed passwords are a serious thing. Now, regardless of whether the issue is indeed fixed or not (good luck finding any official acknowledgement), there's no explanation for Jason's behavior toward someone pointing out this problem. As far as which password I'm talking about, that's a good question, actually. I don't think I was clear here, so my bad on that one. This, if I recall correctly, was anyone's online IL2 account - required if you want to play online. I don't remember if you were forced to log in before booting up the game.

Good question. Thanks for pointing it out.

Originally posted by shadowgravy:
I've come to the conclusion that Thomas Anderson is attempting to extort a ransom from 1C

Ok - let's take this ridiculous analogy to it's logical conclusion. Let's assume that you're right. What am I attempting to extort? An explanation? An apology? An iota of customer service? If a customer doesn't get customer service, instead getting threatened with libel and writes a review that reflects that service, then comes back to the business after being called liar and says 'Hey, maybe I misunderstood what you were saying. Can we have a conversation about it?' and you apparently think that's extortion?

Ok, friend. Let me know if you think I've been asking for anything other than an apology or an explanation and I'll gladly clear up any misunderstanding you may have.

a cyber crime is in progress

Well, technically, 1C was exposing user passwords and apparently swept it under the rug, so.... Yes. There's a case being made for that.
Last edited by Thomas Anderson; Sep 12, 2022 @ 8:46am
#6
Thomas Anderson Sep 12, 2022 @ 8:54am 
Originally posted by Wwulff:
you convince no one. IL-2 is an amazing game.

Here are some actual replies to people that have been convinced not to buy this game:

Mr. Kickass Sep 8 @ 5:25pm
Thanks for the head ups. Was going to buy this game, as I love playing flight games in VR, but now I'll just stay away from it

Shquidward Sep 8 @ 3:39pm
damn jason got absolutely rolled and rightfully so

Harmony Sep 2 @ 7:23am
Thanks, was just about to buy this game but seeing the Dev act like a child and not actually acknowledge the problem properly or even want to fix such a big security risk makes me beyond worried to the point of just black listing anything these people work on from the past/future.

Years of comments like this, brother. In the time between my last post talking about how much money 777/1C is losing, my review crossed the 1000 likes benchmark. People may not be commenting (probably due to the toxic white knights) but they are seeing what I'm seeing and seeing what you're saying. Again, me purpose is not to convince you, but to warn everyone else that isn't a fanboi and looking at Il2 for the first time.

So yes. I'm convincing a lot of people. Word of mouth is very, very effective. Your behavior (ad hominems out the wazoo) does not help your case.
#7
After All, It's Just a Game Sep 12, 2022 @ 9:01am 
Originally posted by Thomas Anderson:
Here are some actual replies

Fake accounts, Fake replies, Fake claim...
#8
Thomas Anderson Sep 12, 2022 @ 9:04am 
Originally posted by "Woke" is the Real Virus:
Originally posted by Thomas Anderson:
Here are some actual replies

Fake accounts, Fake replies, Fake claim...

https://steamcommunity.com/profiles/76561197984055298/recommended/307960

*shrug* Go see for yourself. If you think I'm creating hundreds of fake accounts lol ok, friend.
#9
Occupy Mars Sep 12, 2022 @ 9:06am 
Millions of copies sold.

THREE were "convinced" by OP. :steammocking:
#10
Thomas Anderson Sep 12, 2022 @ 9:07am 
I just picked the latest 3. You can go through all the comments and see the total number likes for yourself if you like. Would you like me to do the fuzzy math again to show how much money 777 has potentially lost?
#11
Thomas Anderson Sep 12, 2022 @ 9:12am 
Originally posted by "Woke" is the Real Virus:
If you spend THIS much time posting here, you'll spend it making accounts to "support" your claim. Obsession is a pitiful thing. But none of it's real.

Ad. Hominem.

That's fine if you want to think that, but you still haven't addressed anything I've said about the developers. Care to comment on the topic?
#12
After All, It's Just a Game Sep 12, 2022 @ 9:14am 
Keep pretending.
Notice there are none here coming to your aid.

Only NEW accounts with ONE post to their credit. :steammocking:
#13
Thomas Anderson Sep 12, 2022 @ 9:17am 
Originally posted by "Woke" is the Real Virus:
Notice there are none here coming to your aid. :steammocking:

LOL You guys are literally sounding like comic book henchmen now. I legitimately laughed when you said that lol thank you for that.

I'll quote myself again since you apparently didn't understand my purpose for posting. I don't need anyone to come to my 'aid' lol I only need to show 777's behavior.

Originally posted by Thomas Anderson:
It's not about those who have the game already though. As I keep saying. Its a warning to those that don't. You yourself acknowledge the developer's misdeeds. I'm just letting people know about them before they purchase.

Also hoping to get an answer from the devs themselves here, of course. For the misdeeds, that is, not necessarily for the password issue they don't acknowledge.
Last edited by Thomas Anderson; Sep 12, 2022 @ 9:17am
#14
Thomas Anderson Sep 12, 2022 @ 9:20am 
ad hominem
hŏm′ə-nĕm″, -nəm
adjective
Attacking a person's character or motivations rather than a position or argument.
#15
< >
Showing 1-15 of 110 comments
Per page: 1530 50

IL-2 Sturmovik: Battle of Stalingrad > General Discussions > Topic Details
Date Posted: Sep 11, 2022 @ 6:56pm
Posts: 110

Discussions Rules and Guidelines