[georgeecollins]

It seems like the fair solution to this problem is to open source server code if you are going to cease support for an online game. That way the community has the opportunity to run their own servers if they want to.

I also really support giving 60 day notice if an online game is going to shut down. Places I have worked have had policies like that for games they are sun setting and I think the best game publishers think a lot about how to do that operation. It's not simple, because if people think a game is going away their behavior changes. And nothing sucks like buying online content for a game right before it shuts down. No matter what you do people will tell you they didn't know the game was shutting down. And if you give away content that you previously sold that also sometimes angers the community.

The problem is when companies know a game isn't working they tend to want to shut it down right away because the money they spend keeping it up is never coming back. And maybe the company is going to die too. So I do support a law for a 60 day notice.

[mrandish]

> open source server code if you are going to cease support

When I was a senior exec at a big public tech company, there was a product we decided to discontinue and we thought would be nice to just open source. Somehow I ended up in charge of managing that process and was shocked at how complex, time-consuming and expensive it was in a multi-billion dollar, publicly-traded corp vs some code my friends and I wrote.

Legal had to verify that there was no licensed library code used and that we had clear, valid copyright to everything there. The project had been written over several years, merged with a project we'd acquired with a startup, some key people weren't around any more, the source control had transitioned across multiple platforms, etc. And even once we nailed all that down sufficiently, we didn't get an "all clear" from legal, we just got a formal legal opinion that any liability was probably under $1M. And then we had to convince an SVP to endorse that assumption of $1M potential liability and make a business case for approval to the CEO.

For a public company, the default assumption for any online game would be "the server side code WILL be open sourced" (under threat of prosecution). That means legal would mandate "No commercially licensed libraries can be used, any open source libraries will have to be vetted to ensure the license is compatible and everything else will need to pass IP and compliance audit." That will certainly have an impact on development time frames and economics.

[gbear605]

That’s exactly the benefit of a law - it’s a forcing measure to require businesses to invest in processes to understand open sourcing, and to go forward when otherwise no one would make a business case for approval.

[brobdingnagians]

And makes it more expensive. There is the seen benefit and then the unseen cost. Every game released will have to account for the possibility of it, and will create issues for people who really didn't want those issues. After awhile people will forget there are associated issues and costs, but they will still be there.

[fluoridation]

Every game released whose developers have chosen to complicate its design with a client-server architecture. It's not like this is going to hurt the little three-man teams making games on shoe-string budgets. Yeah, it's going to make big budget games a little more expensive, just like how cars with seatbelts are a little more expensive to build, and like how it's a little more expensive to do proper waste management instead of dumping sludge into a river.

[furyofantares]

> Every game released whose developers have chosen to complicate its design with a client-server architecture.

Huh? Client-server architecture does make things more complicated to implement but it's not THAT bad. And you (usually[1]) do it in service of multiplayer, not because you're big budget or just want to complicate things.

Among Us was literally a three-person team.

[1] I find there are some major benefits to it, especially in post-LLM-world, and have been strongly considering it for some of my solo-dev single-player projects.

[VorpalWay]

Remember back in the old days when you could just run your own game server, even though it wasn't open source? That would work too. Or peer to peer LAN gaming, why is that not popular any more?

Designing a game to use developer hosted servers is a choice they made. Probably to squeeze money from microtransactions.

[fluoridation]

A lot of games have tacked-on online features to excuse the existence of the server to enable DRM, and a lot of multiplayer games arbitrarily don't offer a way for clients to double as local servers like in the heyday of arena shooters.

[Chaosvex]

Among Us is also incredibly simple compared to the services required to support some AAA games and even then, their networking code was riddled with exploits that no professional would have written, including RCEs.

Didn't stop it from being a fun, successful game but there's no comparison to the work and complexity involved in larger games.

[Folcon]

Agreed, I'm pretty much doing the same thing for my indie game

It's now a lot more tractable to build a multiplayer game, on the other hand balancing it is a whole other kettle of fish

[hparadiz]

What? This a mandate in law that requires a company to do work in order to comply. Studios will spin out LLCs for a game so that if it fails it doesn't end up as a liability. Unintended consequence: more dead games.

[fluoridation]

It's impossible for the law to cause more games to die, because already the default fate of online games is for them to die. If, with the law, a studio chooses to use an LLC to create the game to conditionally release sources once it shuts down, that was a game that without the law would have died anyway because the studio wouldn't have chosen of its own volition to release sources.

[RobotToaster]

If they're spun out as an LLC then there's also zero legal risk to to the parent company to dumping the server code to GitHub as open source.

[thayne]

Really the parent company should be held accountable for that. But that is a more general problem with LLCs that is already causing significant harm.

[sowbug]

Putting on my Pollyanna hat...

Or it could make it a lot cheaper, if the server were developed entirely on open-source infrastructure from the start. Hopefully the actual game logic would be developed entirely in-house, making it easier to audit before releasing.

[jurgenburgen]

Most likely the engine providers would spin off their server components as OSS for this express purpose so their customers can easily comply. This regulation could be a huge win for making the game industry adopt more OSS.

[hedora]

The beauty of making it a criminal issue is that those costs go away.

When the library vendor licenses some proprietary crap to a game server vendor, they take on the risk that their library may fall under the open source requirement when the game server shuts down.

At shutdown, criminal law says the library vendor must open source. Since criminal law preempts contract law, no amount of weasel words in the software license change that.

Even if the upstream vendor is out of business or something and did not provide source, surely, the binaries fall under the the open source clause.

Problem completely solved, and no lawyers need to be paid after the fact. (Library vendors might want to pay lawyers to tell them not to license to game servers, or not. Either way, that's not the customers' problem.)

[Dylan16807]

If you plan for it from the start, it's a small cost. And the simpler the game development process the cheaper it gets.

[socalgal2]

It is not. Most of the full online game stacks are not open source and most of the open source ones are poor and under featured

[fluoridation]

That could change once a law comes out requiring all new developments to be designed differently. Besides, no one is talking about open sourcing the server code. Releasing binaries and patching the client to talk to a local instance is perfectly acceptable. A developer would then just need the ability to redistribute compiled builds.

[account42]

A lot of things are costly until they become required by law - then vendors have no choice but making that part of the price they compete on.

[varispeed]

Middle ground could be completely open API from the start, so community could build alternative server from the ground up.

[account42]

Having a documented API and the game actually abiding by it would probably be way more expensive than ensuring you can dump the source code on the community on end of life. The latter is only (sometimes) costly now because the industry is not built around it.

[rexpop]

Not everything that makes a product more expensive to release is the end of the world.

[account42]

The costs won't be high if doing things that way are industry standard as required by law so all middle ware is already certified for it.

And its not like its a bad thing for a company to calculate in the full cost from the start rather than offloading it onto society when they drop the product.

[socalgal2]

Yes, an many indie devs will not be able to clear it.

[duxup]

Seems like it would it would put smaller developers in a bind / limit what games even bother with server side systems.

[foresto]

Of course, it would also create a demand for open-source game server libraries, which would surely appear after a while and make the whole process much easier.

So while I believe you about all those difficulties existing today, it's plausible that they would mostly fade away over time. I think temporary growing pains would be an acceptable price for the significant long-term public benefit.

[throwaway85825]

Unreal is open access but not open source.

[WalterBright]

This difficulty has been greatly reduced by git. With git, you can have the complete provenance of every line of code.

Git has ended the accusations people have leveled at me for code theft. (I beat them all back because I had meticulous documentation and the accusers always had nothing. Git just made that easy.)

For my work, Git (and Github) have been a godsend.

[Nition]

Nah, you just open source it in a broken state without anything that had separate licensing, so nobody is happy and the law is followed.

[JacobKfromIRC]

This would be a way better outcome than the current default. I've even seen this suggested before [1].

If game-specific logic is not public, information needed for reverse engineering could be completely missing, but if game-specific logic is available plus the names of the missing libraries, reconstruction of the game should be possible eventually.

[1] https://drewdevault.com/blog/Open-sourcing-video-games/ (See "What if I don’t completely own my game?")

[account42]

Yes, partial source is still very useful. I don't think the law should allow for it though as companies could intentionally put as much as possible into "proprietary" libraries that they conveniently only license for binary distribution from a totally unrelated company that for no reason at all is owned by the same stakeholders. Much better to just require everything to be there and then have the industry adapt.

[mrandish]

> so nobody is happy and the law is followed.

An outcome so common they invented a word for it: https://en.wikipedia.org/wiki/Malicious_compliance

[account42]

This is already common with source releases for games and it is much much much better than no source release at all. A lot of the proprietary middle ware ends up being not that hard to replace after all.

[thombat]

The final phase of Symbian OS was becoming the open-source Symbian Foundation. This required the existing codebase, hundreds of thousands of files, to be categorised properly (mostly homegrown, some acquired, some licensed) and where necessary restructured so that each directory only had one kind. Painful, exacting, tedious archaeology which all-but-froze development for weeks. Like a long-deferred merge, the cost to pay for belatedly resolving a mess of licenses is daunting.

[throwaway85825]

Only retroactively.

[whateverboat]

To be fair, it was in a time and age where BOM was not that common. I am assuming nowadays, with BOMs being in place, the process should be much easier.

[aaravchen]

BOMs are used when they're legally required or if the company has a sufficiently mature cyber security stance, but those both tend to focus mostly on shipped client code versus server-onlt code. Usually you end up with a highly fragmented set out different "BOMs" that are only present as language-specific lock files for the proteins of code that support it.

Lots of games are written in C++ to this day for example so they can eek out every bit of possible performance no matter the trickery required. I would presume this extends to server side of MMOs etc too. C++ has no standard build system even, it's sort of settled on CMake mostly, which has minimal native (working) support for dependencies even, let alone lock files and/or BOMs.

[rcxdude]

More likely, those commercially licensed libraries will wind up needing to adjust their terms to allow for this kind of release.

(Also, legal will basically never give an 'all clear'. That's not their job, their job is to inform you of the risks, and so it's extremely rare that they will not come up with some)

[watwut]

> Legal had to verify that there was no licensed library code used

Your company did not tracked libraries licenses in the first place?

[acdha]

Consider that there might be a difference between knowing which licensed libraries you used and verifying that your usage of them fully complied with the current license terms when releasing the source code. For example, licensing a library for binary distribution might not cover releasing a copy of a header file, modified copy of something you got from support before a bug fix made it into a release, some random utilities used for preprocessing data, etc. even though for years your developers might not have made the distinction because it wasn’t open source when they were actively working on it.

[aaravchen]

Also, every company I've ever worked at, including ones producing regulated products like medical or home appliances, uses the beuracracy to take the stance of "Considered Risk". Rather than spending all the tone knowing for sure they comply, they make a "best effort" (the level of which varies a lot by company and industry) and bank on never getting closely questioned about the specifics. Releasing publicly is exactly that "closely questioned about the specifics" though.

[watwut]

This is a non problem. We use libraries with standard licenses and there is finite set of them - like 4. And I work on fairly large software.

If your company has issue achieving this, then it was simply not complying with those licenses.

You can go through all licenses just by checking their list in maven. None of that is hard or expensive.

[acdha]

We have considerably more than 4, some of which are custom works of companies which have been selling under their terms since the 80s. No, I don’t think it’s a huge problem but if you have a lawyer who doesn’t at least want to check, you need a better lawyer.

[account42]

This is actually something that a law requiring source code releases would end up improving though as those companies would be forced to standardize their licenses or find themselves without customers.

[account42]

Historically, the game industry often enough wasn't even able to track the final source code of their past releases.

[pjmlp]

That is already the case in enterprise projects for many years now.

Since around 2010, that in most projects I am involved, the CI/CD pipelines can only talk to internal repos with vetted dependencies.

You can still do whatever locally, however the build will break when using non authorised dependencies.

[account42]

> That will certainly have an impact on development time frames and economics.

I don't think there would be much of an impact long term as third party frameworks would be forced to adapt their licensing or die. It's not like years old source code is really as valuable as some companies pretend.

A lot of the pain you experienced is mainly due to making the decision to open source after the code was already written rather than from the start - its really no different than any other late requirements change.

[marsbars241]

I’m curious if you think the law would cause companies to keep better track of these things as development happens. If there was tracking for all the shared libraries from the get go, I’m guessing it would have been an easier transition?

[umvi]

Better to just publish the protocols/APIs and let the community roll their own

[mrgaro]

Often, especially on competitive games, the server is basically a full client, but just without graphics. The server will often run physics simulations etc, so that it can validate that nobody is cheating.

Sure, in some cases you can roll your own server, but often it's impossible.

[account42]

Impossible is too strong of a word.

[throwaway85825]

If the market is big enough licensed libraries will just change their terms.

[dudul]

Is your argument that companies would be forced to obey the laws if they are mandated to open source discontinued games? And it's a... bad thing?

[thombat]

Not OP, but it's more the warning not to underestimate the cost required for compliance, and apprehension of this cost may deter their creation.

[avarun]

Huh? The point is that game developers would never be able to use commercial libraries again. Thus making all development significantly more expensive.

[wsve]

But what commercial software licenses are you using to write backend server architecture for a video game? There's no need for a dependency on FMOD or anything (unless you're doing something very unusual)

[rahkiin]

Big AAA games have access to Unreal or Unity code and they change the code to fit their needs. They are not able to share the Unity/Unreal code

[account42]

They are not able to share that code now because licensing the code in a way that it cannot be shared is currently a viable business model for Unreal and Unity - that would change with the proposed law and the middle ware providers will be forced to adopt different terms if they want to continue existing.

[guelo]

If the bill is properly worded open sourcing the code shouldn't imply that all 3rd party libraries also have to be open sourced.

[mrandish]

> shouldn't imply that all 3rd party libraries also have to be open sourced.

That's a very reasonable way to address the issue of 3rd party licensed IP. I expect something like that will get incorporated into the legislation. In fact, I'm confident it will because well-funded lobbyists will ensure that common sense concern and its very reasonable solution are heard.

Then Electronic Arts and Microsoft will sell their existing server code to newly formed companies (which they happen to own). Then their captive game studios will start releasing new versions where the publicly released "server source code" is five pages of #IfDefs followed by a call to "Start_Totally_3rd_Party_GameServer" in the new library that's not required to be included in the mandated release.

For extra credit, the newly formed 3rd party entity will be incorporated and domiciled in Ireland, Malta or whatever country is currently most tax and currency exchange advantaged. Then the license fees their captive studios have to pay to use the 3rd party library get offshored and tax sheltered - while being large enough amounts to prove this definitely isn't a sham transaction!

To be clear, I don't approve of this myself. In fact, I hate it. But I worked at a high level in a top ten publicly traded tech giant long enough to see how the armies of soul-eating MBAs, lawyers, consultants and lobbyists can subvert anything. Fortunately, only half my soul was eaten and some of it has regrown.

[account42]

It should if it wants to prevent malicious compliance by spinning out essentially the whole server into a "third party" library.

[JoeAltmaier]

AI today may be able to streamline that process.

Have it read and compare the code with what it knows about open source. Many AI engines can also google that and give a comprehensive list of similarities.

Reduces the list of things to check by maybe orders of magnitude and months to days.

[IG_Semmelweiss]

> open source server code if you are going to cease support

> Legal had to verify that there was no licensed library code used and that we had clear, valid copyright to everything there.

I can tell you the other side of that equation. There's no poison pill -short of outright fraud- that will kill an acquisition of a software company, than open source code embedded deep in the product.

I've been in both sides of the table of M&A activity, and in the due dilligence, smart acquirers will always look at the code and libraries in use. If there's anything that even has the hint of open source, that is heavily scrutinized: what is open source by default can't be owned by anyone and if it cannot be owned, it doesn't have IP value.

Most deals that ran into this issue would stop dead in their tracks, and it would take a while to spin back up, that is if the deal went thru at all

[Capricorn2481]

I don't follow. What IP value is there in game server code? I would wager usually none. And I would imagine the amount of games made without open source software somewhere in the stack could be counted on one hand.

Open source is a pretty broad umbrella. I doubt a company would say Slay The Spire 2 was poisoned by Godot and that there's no IP value.

[gmane]

I think you miss how sophisticated some game server code is. Taking fighting games for example: they have entire processes to have both clients predict what the other client will do, and then have the server arbitrate the different client solutions into a "fair" result based on latency, player inputs, etc. There are problems that game servers solve that could have applications in other areas, and have a lot of value.

[meheleventyone]

Fighting games usually run peer to peer either with deterministic lockstep or rollback both of which are managed on the client. For actual gameplay at most there’d be a relay as a server. But almost certainly a bunch of ancillary services to support matchmaking and so on.

[Capricorn2481]

Sure, I didn't say server code wasn't important, but that doesn't make it an IP concern. Not in the way OP was suggesting.

[account42]

Hey I already liked the proposed law, you don't have to keep trying to sell it.

[weberer]

It doesn't need to be open source, you only need to provide server binaries to download. This was the standard until circa 2010. People were able to host dedicated servers themselves.

[Terr_]

That would be an improvement over nothing, but closed-source means that the game is still going to die as soon as someone finds a security vulnerability (or even just a gameplay glitch) that can't be feasibly patched.

Imagine an MMO where special text in the chat causes viewers' clients to crash, or a glitch exists to duplicate items or money, or where anybody can crash the server to run arbitrary commands.

[pests]

I play SubSpace (a MMO spaceship game released in the 90s) to this day. It was shut down soon after release.

The original server binaries were left on the original CDROM by a programmer.

Then PriitK, a creator of Kazaa and then Skype and Joost!, went on to re-create the client due to cheating/hacking, naming it Continuum.

Years later the server is reimplemented as A Small Subspace Server (ASSS), making it a complete fan remake of the original game (sans graphics). This is also when we finally got server side mods, everything before that was client only or a hack.

We even got on Stream Greenlight.

https://store.steampowered.com/app/352700/Subspace_Continuum...

[skullone]

Props for bringing up Subspace! What a fun game that deserves more players! (And a new client ui)

[pests]

Thanks, it does. I've been playing since about 2000, came from Cosmic Rift / Infantry when they went non-free.

We're lucky we got Priit to release the encryption/security module so Continuum clients could connect to ASSS servers without the security warning. I doubt it'll ever be updated, someone will have to take up the mantle.

[XorNot]

Yeah damn that takes me back.

[Fabricio20]

That implies the community that builds around it would not reverse engineer and remake the binaries. Which many already do (to be fair), it just so happens that it's way, way harder when the servers are entirely gone already for a game and you have no way to capture server/client traffic for example. Even if the binaries are flawed, just having those in there and being able to spin up a server to see the packet flow already greatly helps in preservation, much more if you have the binary itself and can also peek at server logic for certain things like conflict resolution, instead of having to guess post-game-shutdown!

[nkrisc]

> Imagine an MMO where special text in the chat causes viewers' clients to crash, or a glitch exists to duplicate items or money, or where anybody can crash the server to run arbitrary commands.

No need to imagine. Pretty much all of that (minus the last part) happened in Amazon’s New World MMO in the first few weeks.

Though I wouldn’t be surprised if the last part did happen and we just didn’t know about it.

[gsich]

Modern Warfare 2 and 3 have an unpatched RCE. Still available on Steam.

[Terr_]

So perhaps replace "die" with "die or turn into a dangerous zombie"?

Either way, the point is that the difference between open-source vs close-source transfers is pretty significant.

[account42]

> That would be an improvement over nothing, but closed-source means that the game is still going to die as soon as someone finds a security vulnerability (or even just a gameplay glitch) that can't be feasibly patched.

No, it just means you need need to limit players to a trusted community - but that is usually how things work anyway because malicious players don't need any exploits to make a game unfun.

[braiamp]

Having a working implementation means that you have the means to re-make/re-build it from scratch. People are resourceful and would make a implementation without such limitations. Companies on the other hand after years of known vulnerabilities and still selling the game haven't fixed yet:

https://techcrunch.com/2023/02/28/gamers-are-fixing-a-video-...

[rbits]

So then you just only play it with trusted friends. It's still better than the current situation

[Imustaskforhelp]

Although I get the idea of providing server binaries but if one has to absolutely do it, then provide great modding efforts behind it.

But I have found that the greatest modding efforts/community can be generated by open source. Balatro for example is easily modified in the sense that although it might not be open source but iirc its lua files are visible.

There are other games as well which have something similar imo although that being said its possible to create modding efforts without open source in general too with say something like for example old versions of counter strike.

Personally I would prefer open source though if its possible but I understand that some game studious might be worried about it but I don't quite understand it if they are shutting down the game anyway though. I think that @mjr00's comments are nice about third party library etc. which cause issues in open sourcing so its good to have a discussion about that too (imo)

[bluGill]

I want to host a closed search server that's not being updated on today's internet. It might be good enough for home use, but definitely not if I want my friends to connect.

[account42]

For playing with your friends you can use a VPN to not expose the potentially dangerous server to the wider internet. And sandbox both server and client as much as you feel needed depending on the value of "friend".

[neksn]

Closed source binaries rot.

[papichulo2023]

It would like a month to the community to figure out the APIs and few years to decompile it... If they really want to.

[polski-g]

Codex could do it in a weekend.

[tshaddox]

No worse than the closed source binaries of the games themselves, surely.

[malfist]

GOG has a whole business around making old closed source binaries run

[account42]

Technically most of their business is in packaging existing community-developed solutions to make the games run (dosbox, scummvm, compat shims and game-speficifc patches) into a nice installer. Not that that's a useless service.

[cortesoft]

I run a lot of closed sourced binaries that are over 30 years old.

[account42]

False. Expectations and environments change, but if you choose to you can also keep those constant.

[mjr00]

> It seems like the fair solution to this problem is to open source server code if you are going to cease support for an online game. That way the community has the opportunity to run their own servers if they want to.

It's nice in theory, but in practice many (most?) games are using middleware they don't have the rights to redistribute as open source. IIRC when the source code for Doom, the first major commercial game that went open source, originally came out, it had all of the sound code removed because it was dependent on a third party library. Not that you're going to have sound code in a server, but you may be using third party libraries for networking, replays, anti-cheat, etc.

[Ukv]

If bills like this pass there'd be financial pressure for middleware providers to either license under terms that allow distribution at the game's end-of-life, or allow their middleware to be easily severed while still leaving the game playable - else they'd lose out on all customers selling games in California/EU/etc.

Which is also a nice side effect to reduce intellectual property barriers for developers that do already want to distribute their server or source code.

[dminik]

This has an easy solution. If the middleware cannot be used in a new regulatory environment then it will either die or adapt.

[collingreen]

Sometimes the easy solution isn't easy for all sides or even realistic. "Fuck the publishers" is easy but not going to get a lot of publisher buy in.

We all agree there is a foolproof method to fixing all bugs - delete all the code.

We also all probably agree that isn't the optimal balance.

[lovehashbrowns]

Should’ve thought of that before accepting significant amounts of money in exchange for a game they plan to kill when it’s no longer financially advantageous for the publisher. They’re so happy to rake in what, $60, now $70, soon $100 for a product they can disable access to for any reason at all or no reason at all, with no notice? How’s that fair? Why’s it only unfair when the hardship goes the other way around?

[dminik]

Right, like "Oh no, this first video game related regulation in the entire history of the industry is too much for us."

[account42]

A lot of "hard" solutions are only hard until there is a legal/business requirement for them. Licensing is the poster child example for that.

[Permit]

This is not the only possible outcome. Another approach would be not to offer software within the affected region. U.S. local news is often not available to European visitors now due to GDPR. Similarly, Canadian news outlets are not available on Facebook due to Bill C-18. If I was an indie game developer I would consider this approach and simply avoid selling within California.

Larger game studios would likely adjust as you say. However they too could adjust in such a way that they only offer subscriptions within California as that appears to exempt them from this rule. Many outcomes are possible beyond simply adjusting to the legislation in the way you are suggesting.

[rahkiin]

Lets skip California, the 5th biggest economy in the world.

[account42]

Ok, then customers in California/EU would be at least aware of the deal they are getting and more ethical companies would have a competitive advantage. Sounds good.

[gsich]

Then don't. People will find a way to replace those.

[account42]

So?

A) This state is not inherent but a result of there being no general requirement to release the sources. Middle ware would use different licenses if that was required to have any customers.

B) Omitting the sound code did not stop the community from releasing source ports based on that release, with sound of course.

[strags]

> That way the community has the opportunity to run their own servers if they want to.

That might be fine for very small titles - where the "game server" is a relatively simple binary that can be run anywhere. Larger titles depend on a huge amount of infrastructure, for authentication, progression, matchmaking, etc... It's not feasible to open-source all of that, especially given that it may well still be in use for more recent titles.

[Ukv]

> It's not feasible to open-source all of that, especially given that it may well still be in use for more recent titles

If they're still running their authentication server (for example), then they wouldn't need to release that service.

Patching the game to no longer contact the authentication server would also be acceptable, for services that aren't a core part of the game. It's pretty likely the game already allows this for development/debugging.

If they've accepted money from people to buy the game, and don't want to keep the authentication service running, and don't want to patch the game to no longer require the authentication service, and don't want to refund people, and don't want to release the authentication service so others can run it - I think it's fair for a regulation to force one of those.

[knollimar]

So do games just have to have a perpetual endowment to fund any shared component costs? This seems like a logical conclusion. You wouldn't get scalability from reuse (e.g. reusing an auth library).

Or what's likely cheaper is budgeting for that patch in the game.

You may bemoan "oh they just don't want to release the auth service", but it functionally shuffles the cost math.

I'd personally rather the 5% cheaper games than trying to play a multiplayer only game 20 years later wtih 6 people on the server.

[Ukv]

> So do games just have to have a perpetual endowment to fund any shared component costs? This seems like a logical conclusion.

They don't need to keep services running perpetually. strags's objection seemed to be that it could be infeasible to release services like authentication that they're still running, to which I'm saying they don't really need to consider any of this until they stop running it.

> You may bemoan "oh they just don't want to release the auth service", but it functionally shuffles the cost math.

Releasing or patching it out is largely just fulfilling their side of the deal.

If I sell you a lawnmower that depends on some authentication server to start up, then shut down the server the next day (I got your money, why would I keep the cost?), and don't release the server code or a patch to work without it, then would you not say I've scammed you?

The resource cost of everyone I've sold to losing access to their lawnmowers would be far greater than what it'd cost me to release a patch, just that the former is not a cost borne by me if the law allows me to ignore it.

> I'd personally rather the 5% cheaper games than trying to play a multiplayer only game 20 years later wtih 6 people on the server.

Allowing a company to cut people off of their software (large cost) just to save having to push out a patch (small cost) will, on net, result on more expensive products - since on net you're wasting more resources.

Particularly when it comes to authentication checks, this doesn't just apply to multiplayer games. Imagine if this applied to other forms of media (already kind of happening with DRM), like if we couldn't read books from over 20 years ago.

[knollimar]

"If I sell you a lawnmower that depends on some authentication server to start up, then shut down the server the next day (I got your money, why would I keep the cost?), and don't release the server code or a patch to work without it, then would you not say I've scammed you?"

A lawnmower isn't a piece of software. It's not licensed. There's an expectation it should continue working. The lawnmower is a single player game.

I think it's understood that online games are a license (read multiplayer ones, not the Crew).

If I sell you an IoT lawnmower, and you get 20 years out of it, do I owe you a full refund if I shut down my server? imo, any refund should be prorated.

I get your externalities argument, but I think multiplayer games should be treated differently if there's not an easy solution.

>Allowing a company to cut people off of their software (large cost) just to save having to push out a patch (small cost) will, on net, result on more expensive products - since on net you're wasting more resources.

I don't think all the patches are small costs when you factor in licensing, etc. Also keep in mind if you use a library for networking and the API changes, do you have to then roll it on your own? I'm skeptical of the middleware that's made life easier

>Allowing a company to cut people off of their software (large cost) just to save having to push out a patch (small cost) will, on net, result on more expensive products - since on net you're wasting more resources.

This doesn't logically follow. Mandating you need to put out a patch creates a legal obligation that would sit on your books. Cutting the 12 people off your multiplayer game after 20 years isn't a large cost, and it's not going to make your next game more expensive. It was an externality that made consumers sad, not one making products more expensive.

>Particularly when it comes to authentication checks, this doesn't just apply to multiplayer games. Imagine if this applied to other forms of media (already kind of happening with DRM), like if we couldn't read books from over 20 years ago.

I think the DRM thing is a separate issue from the mandate for recoding games to be usable post server shutdown. I'd like it to be legislated separately as well. The books are analogous to single player games.

I think it's a slippery slope to turn that entitlement onto multiplayer games; if not that, then why not all software that you buy? Everyone should get a full refund when any software EoL's and companies go bankrupt whenever an online product stops being profitable.

You don't get a full refund in other sectors when they kill the consumable after a long while. Printer cartridges can stop being made and you don't get a refund for your printer. We didn't give HP the option "make your competitors ink work on your printer, give full refunds, support indefinitely, or open up your ink manufacturing line blueprints".

[Ukv]

> A lawnmower isn't a piece of software. It's not licensed. There's an expectation it should continue working.

I believe we should be able to have the same expectation of software, at least where not specifically sold as "X months of access".

> If I sell you an IoT lawnmower, and you get 20 years out of it, do I owe you a full refund if I shut down my server?

Ideally, to avoid unnecessary e-waste, you should patch out the requirement or release the server-side code so I can continue using my lawnmower. Buying it off me might also work, if you're offering approximately what I'd get out of having it continue to work, but I'm not sure if that scales well.

> I don't think all the patches are small costs when you factor in licensing

If bills like this pass, middleware providers would need to license under terms that allow distribution at end-of-life, or lose out on all customers selling software in California/EU/etc. Should also help clear obstacles for developers who already want to distribute their server/source code even before this law but are held back from doing so.

> Mandating you need to put out a patch creates a legal obligation that would sit on your books

There's no issue with creating the patch/releasing the server-side software early, just that I assume they'd want to maintain exclusivity to milk profit for as long as possible.

> It was an externality that made consumers sad, not one making products more expensive

If you expend resources to create some media/software/product, then brick that product while customers would've otherwise still extracted value in excess of the patch's resource cost (developer time, not licensing price), then you're on net wasting resources and thus making products in general more expensive.

Issue is that because the cost of patch is borne by the company, whereas they get to ignore the cost to the customers of bricking the products, the latter is often preferred even though it's typically the more expensive option by a significant margin. A bill like this should fix that.

> I think it's a slippery slope to turn that entitlement onto multiplayer games; if not that, then why not all software that you buy?

I believe it should, and that for a lot of software the case is even stronger.

> Everyone should get a full refund when any software EoL's and companies go bankrupt whenever an online product stops being profitable.

If you take someone's money to buy a CAD package, then no longer want to provide some service it relies on (usually just for authentication reasons), then you should release the server software or patch out the authentication check.

> We didn't give HP the option "make your competitors ink work on your printer, give full refunds, support indefinitely, or open up your ink manufacturing line blueprints"

I'd 100% support doing that!

[dontlaugh]

Plenty of games (especially MMOs) have lots of gameplay logic in the server. In many cases that is intertwined with the rest of the intrastructure, like databases, logging, deployment or even subscription services. Lots of games simply wouldn’t be functional without the publisher’s infrastructure.

Of course that is regrettable and could be changed, but it would require a significant change in incentives.

[strags]

Authentication is an interesting example - it sounds like might be the easiest component to remove. But without authentication, you don't have identity. And without identity you have no viable notion of accounts - and without accounts you don't have persistence, entitlements, progression, achievements, or any of the meta aspects that are deeply entwined with modern games. Not to mention how extensively identity ties into Matchmaking - another fairly complex backend service.

This legislation might be more persuasive if it were tied to a reasonable time limit, but I don't see anything of that nature in the text. An obligation to support or refund customers that lasts for a fair timespan (ie. preventing rugpulls) is far less onerous than an obligation to release your code to satisfy someone's nostalgia.

[Ukv]

For many games (and software, IoT devices, etc.), persistence/progression is tied to save files on your own device, and any authentication is more to the publisher's benefit of making sure you have an authorized copy - that's where it should be fine to just patch out the authentication check.

Even for games with centralized server-side progression, if you don't want to release the authentication service when you stop running it, then it could still be acceptable to patch out authentication by default and let those running community servers substitute in their own access system (like cracked/leaked unofficial servers already do).

> This legislation might be more persuasive if it were tied to a reasonable time limit, but I don't see anything of that nature in the text. An obligation to support or refund customers that lasts for a fair timespan (ie. preventing rugpulls) is far less onerous than an obligation to release your code to satisfy someone's nostalgia.

Should we be able to read books and watch movies that were released over, say, 20 years ago - or is that just satisfying someone's nostalgia? Maybe you don't think this matters for games, but with DRM it seems other media isn't far behind.

[account42]

Excuses. If there is a legal requirement you can watch all those concerns evaporate away.

[jayd16]

Game engines/code aren't all open source. The game developer might not have the legal rights to release the source.

Also, does this stop at games? Why not any online service ever? Why not any program at all?

[parliament32]

Gaming might be unique in the sense that it's the only industry where 1) consumers make a one-time purchase of a product, but then 2) the manufacturer remains responsible for the online component.. forever? I can't think of any other examples in real life where this happens across an industry (maybe a few niche products).

Maybe this is the reason MS has been pushing Game Pass so hard, to get rid of the "purchase" part entirely.

[Dylan16807]

Well I don't want the company I bought the game from to be completely in charge of the online component. If it helps them make more money then good for them but they need a winddown plan.

[LocalH]

Any company that willfully chains a device to their cloud platform in such a way should get the same treatment, whether the cloud offering is free as in beer or paid. It's happening a lot more than you might think.

[ajvs]

The way Kindles are being forcibly deprecated lately is another good example.

[account42]

Yes, cases where the service deprecation causes physical e-waste are particularly egregious but we should also not underestimate the societal cost to breaking peoples workflow just because some company can't be arsed to responsibly sunset a service in a way that gives users options to continue it themselves.

[jcranmer]

> I can't think of any other examples in real life where this happens across an industry

Vehicles? Maybe not necessarily forever, but I'd expect the large car manufacturers to all still have some level of support for a 20-year-old car...

[limagnolia]

Cars don't really need an online component in order to continue working. Some manufacturers have tried to force some features into online components, but the cars continue to work without it once they turn it off.

[jandrewrogers]

The contracts underlying the support for consumer automotive commonly run around 10 years. After that it is best effort and unofficial support by other companies if there is enough money to be made by offering it.

[fragmede]

Large car manufacturers in the US are required to support their cars that they give warranties for by the the federal Magnuson-Moss Warranty Act, which are 10 or 12 years long by this point.

[voidifremoved]

Amazon just ended support for older Kindles. Not sure how that's any different.

[jayd16]

It's more like it's the only software industry that still has a relevant amount of non-subscription based one time sales. I guess this will be the end of that.

[account42]

Or maybe it will allow those developers that still provide fully offline games to more easily compete now that others with less consumer friendly business models are forced to make their deal more clear to the customer.

[XorNot]

Am I the only one who remembers that multiplayer was just peer to peer? Like we had multiplayer before every studio decided they wanted to host their own servers, it was just what the guy with broadband in the neighborhood ran or something my ISP provided.

The issue is nobody gets that option if the ability to run a server is made unavailable to the public.

[michaelmrose]

An online service requires the continual investment in the costs required to run the service and comes with the expectation that the service happening on someone else's computer could cease to exist the second you stop paying or at the end of the current contract cycle.

A game although specified as a license is treated and described as a purchase that is expected to work forever on the end users device so long as it fits the specs.

[keyringlight]

I wonder where the 'extents' of the game product/service you buy can be defined. I could foresee a game client/server/toolkit like Bioware's Neverwinter Nights being released but as a barebones legally compliant framework that lets you play. Then on the other side of the line they have an optional online service that provides a scenario to play in (running the same server the public has), if that service goes away the game still works, just as buying a load of D&D kits doesn't give you a DM to run games in perpetuity. As another example, there's a lot of servers for games like Counter-strike where the experience and how it runs the gameplay is modded server-side only.

[michaelmrose]

The public responds to complexity and ambiguity by not giving you any money whereby you get to make money making french fries. Logically the most trivial thing people are going to do is make a minimalist multiplayer mode which allows users to join each others games like we did in 1995.

[buzer]

> The game developer might not have the legal rights to release the source.

Then the game developer/publisher should choose to use another technology or be ready to replace that piece when game reaches EOL. If no game developer can use that technology, the vendor will end up loosing a lot of sales. They can then decide if more permissive license would make sense.

[jayd16]

It's just going to push all multiplayer games to be sold as a service. The users will get used to this because they basically already are used to it for every other piece of software.

There is basically zero chance that when given the choice between "structure billing as a service" vs "rewrite everything and open source it" that they will choose open source.

[SecretDreams]

Guarantee X years of server time from launch. If you shut down early, pro rated refund and open source server code. After the launch window, close server with no penalty if desired, but just still open source code. Or keep server open if it's profitable. Or some other option.

The specifics can be hammered out, but something middle ground seems sensible.

[abustamam]

When the 6 person startup I worked for shut down, the founders spent a few months of their own time to open source the product because people still liked it, they just didn't wanna pay for it.

So people were allowed to selfhost.

Of course this probably doesn't scale or work for every company but I thought it was nice to see.

[mifydev]

Based on comments below the solution is to make the API public and publish the architecture design, along with the binaries.

This way the company can avoid spending too much money on open sourcing the code, and the community can just rewrite the server while keeping the original binaries running.

[summerlight]

Many developers with good will actually tried that and gave up due to lots of problems. This is not just bad ROI but also a legal minefield. Engineers usually cannot argue against this kind of risks. Enforcing this will unlikely work in higher courts. Though something like open sourcing protocols for server reimplementation may have some chances.

While I see problems in the law but the spirit is reasonable. We need to push toward this direction. At least there should be difficult economical trade-off for publishers when they decide to shut down the game. Nowadays, some random executive just takes look into some excel, see some games have declining revenue and decides to "simplify the business" without much thoughts. This has to stop.

[Razengan]

> It seems like the fair solution to this problem is to open source server code if you are going to cease support for an online game. That way the community has the opportunity to run their own servers if they want to.

Said this in another comment: In case a company or new management wants to renew an IP, maybe there should be a waiting period like 1-5 years before they are legally required to release/open-source the server code.

Or how about this: what if, in order to launch a new online-only game in the first place, companies have to submit a copy of the source code as it is on launch day, to the courts or wherever. Then the courts could release it if the game hasn't been active for N years...

[roarcher]

I think this is a more desirable solution for customers than a refund anyway--if I like a game, I don't want my $60 back in exchange for never being able to play it again. I just want to keep playing it.

[account42]

Yes, the $60 is nothing compared to your time investment into a game you like.

[account42]

> It seems like the fair solution to this problem is to open source server code if you are going to cease support for an online game. That way the community has the opportunity to run their own servers if they want to.

For a number of reasons (licensing issues, code being lost, etc.) this will only work if source code must be escrowed long before that time.

[matheusmoreira]

Just make it a literal crime for corporations to interfere with community work on games they don't care about supporting. The problem will take care of itself. People are more than willing to put in the work themselves, it's just that hateful corporations will send them cease and desist letters if not actual lawsuits.

[imtringued]

This doesn't make sense. The developers should only be obligated to provide a dedicated server plus an in-game server browser that supports a standardized service discovery protocol. The players must figure out themselves how to run the software on their computer.

[SkiFire13]

> open source server code

No, and requiring this will likely give the opposition counter points.

You don't need the source code at all. You only need the ability to run the server yourself.