14 DAY TRIAL // It seems that Oculus VR needs to build a replica of the Barad-dur in order to keep daring adventurers in check. Or has it already? Maybe its scorching gaze was gauging the internet's reaction to the recent acquisition by Facebook, allowing some characters fueled by malicious intent to get inside its metaphorical Mount Doom.
In a typical Kansas-City shuffle just like the one pulled off in The Lord of the Rings, while everyone was busy being distracted, some intruders managed to slip by undetected using a security issue in the company's Developer Center, an issue which was undiscovered until this past weekend.
"As an ongoing commitment to security for our internal systems, we regularly run security audits to identify vulnerabilities. Over the weekend we discovered a vulnerability that potentially allowed for SQL injection within the Oculus Developer Center," company representatives wrote in a post on the Oculus Developer Forums.
The issue seemed to be serious enough to warrant the VR specialists taking down their system until a solution was worked out. Oculus uncovered a vulnerability that allowed hackers to hypothetically gain access to the company's database contents via SQL injection, a technique through which executable code is inserted in otherwise innocuous locations by exploiting faulty data processing.
Once the discovery was made, Oculus turned their Developer Center system off in order to prevent further attacks while applying the necessary fixes, and now that the security flaw has been patched, they advise all their users to change their passwords as an extra security measure.
There is no sensitive data in the database, no credit card details or other such personal information, and the company stated that they don't have any reason to believe that any "personal or confidential" information was taken from their database before the weekend and apologized for the inconvenience nonetheless.
The company's recent acquisition by Facebook for $2 / €1.55 billion has definitely escalated into a controversial topic over the last week, with reports of harassment calls and even death threats being issued.
A large segment of the Oculus Rift audience is displeased with the acquisition, as they believe that it will impact their experience negatively by having Facebook snoop into their private lives once the company starts using the virtual reality headset for social media.
Many of the initial backers of the project have become irate after the news, imagining a future in which Facebook will mine all their data and incessantly harass them with advertisements, and rightly so, as the social media giant has the habit of buying various services and then forcing users to log in with their Facebook account in order to use them, and then turn their data into cash with which to further propagate the process.
The Oculus VR people have been so far trying to sway public opinion toward a more positive outlook, but the truth is that it's all in the hands of Facebook now.