Jump to page
Back in August we moved to a new CDN server setup for serving our downloads. For many, download speeds have stayed the same or improved with this move but for some, download speeds have gotten worse.
We're continuing to work on the download setup within the CDN as we continue to learn all the little intricacies involved in such a complex setup but we're struggling to troubleshoot a lot of people's download speed issues, a lot of the time, because we're not getting the right sort of feedback. For example, simply saying "I'm getting bad download speeds" isn't useful at all for us!
As such, we've coded a small piece of stand-alone software which we've dubbed the Nexus Download Diagnoser. It's a very simple piece of software that will run a download speed test against our CDN server and generate a report for you to post for us to see which will provide us with a lot of information. Hopefully useful information that will help us to understand what is happening and why your download speeds are slow. You do not need to install the software in order to run it and you can download it here. Remember, only download it from a nexusmods.com domain, never from anywhere else.
In the interests of security and privacy we've kept things very simple for you. The Nexus Download Diagnoser will obviously need to be able to connect to the internet so it can run the download speed test (so update your firewall as necessary) but it will not send or report any information automatically to us. If you want to share the information, you'll have to willingly post it to us, and you can see all the information in the report so you know exactly what you're sending us. On top of that we've signed the software with our "Black Tree Gaming Ltd." key, just like NMM, so you know the software is legitimately from us and not from someone malicious and we're releasing the source code of the software with the executable just for your own peace of mind. If you really really don't trust us for whatever reason, you can check the source code yourself!
Hopefully with enough reports we will be able to form a decent picture of what's going on and work towards sorting it out.
For more information about the Nexus Download Diagnoser and where to post your reports please head to the specially setup forum thread here.
Hello, and let me start by apologising for the lack of updates recently. August is typically our holiday month where most of us take at least a week or two off (or 4, in my case) to have our holidays, rest and recuperate away from the sites. I'll doubly apologise to those people who've sent in support tickets via the contact form. As I am the sole point of contact for support tickets if I'm not around they go unanswered, and a lot have gone unanswered this month (though I've tried to at least cover the Premium Members who are having issues with their payments). So, sorry about that. Service should resume as normal come September.
I'll also do a shout out to a few of you who spotted me at i52 last weekend at the Ricoh Arena. Always slightly odd when randomers shout out "Dark0ne" across a hall, across some tables during board games or drinking with friends at one of the bars but it was great to meet some of you and share some modding stories. Never be afraid to come up and say hello. I'm not a celebrity, just a regular Joe.
Having said that, it's not like we've done nothing this month.
File servers and CDN switchover
During the Steam Summer Sale, and for several weeks afterwards, we experienced issues with our download servers due to the sheer number of people who were coming to the site to get their fill of mods, a problem we didn't originally have due to the fact the sites would crash before the download servers would. We've been working since then on a switch-over to a CDN service used by the likes of Steam and Eve Online so that this will never be an issue again.
Earlier on in the week we released a new version of NMM that makes use of this CDN service and also switched our manual download mechanism over to the CDN service as well. You no longer choose the file server you want to download from, the CDN should automatically select the nearest server they have to your location and serve your file from there. Even if we wanted to there's no mechanism to manually choose what CDN server you download from; our provider has thousands of servers across the globe.
A few people have come on to the forums to say that their download speeds have decreased and a few people have come on to the forums to say their download speeds have increased. We want to give the CDN a chance to balance itself out -- it does have a self-learning process that adapts to the way in which we use the CDN (e.g. the demographics and usage during the time of the day) and it can only learn this information with prolonged use. It needs to learn how we use their resources so it can allocate them accordingly. The hope is within a couple of weeks it will have enough information to sort itself out for everybody.
This update will require another forced update for NMM users which we'll enforce some time next week. This is because we will be decommissioning our complete set of current file servers as they will no longer be used (and frankly, we cannot afford to keep both the old file servers and CDN service running. We'd be paying double for little reason). What we will do, however, is keep the Premium servers. While it's our hope that the CDN will completely fulfill your download needs I've noticed a few Premium Members stating they're getting slower speeds on the CDN (while others are claiming they can now download at 13MB+ a second...) so, out of respect, these will be kept and we'll add the option for Premium Members to use these again at some point soon.
I'd love to hear your feedback on this but please note if you're getting slower download speeds than before then please be patient and give it some time. If it's still just as bad in 2 weeks time then please come back and let us know. One of the programmers was getting terrible speeds to begin with and now it's maxing out his connection consistently.
What You See Is What You Get (WYSIWYG) editor in uploads
Something that's been requested a lot over the years is a decent way to manipulate the BBCode usable in file and image descriptions to make file and image pages look prettier. Lots of mod authors have learnt the code themselves while lots of others have struggled.
We introduced a WYSIWYG to the description fields to help with this. The editor should provide tools to help manipulate your description and show you exactly what it looks like on the page.
It's not been without its bugs, and we know there are still a couple left to squash. If you're really struggling with it/hate it then if you click the "BBCode" button then it'll switch to code-mode, which is basically resetting the form field to how it used to be. No WYSIWYG stuff.
Following on from an update on the downloading situation made at the start of the month I want to write a quick post to say we're still working on the CDN setup I touted in the original update.
Many people are (wrongly) blaming the new download system we added to the site back in the middle of June, which worked fine up until the Steam sales made everything go a bit crazy. To enable us to fully discount this update as a factor for those of you who are getting slow downloads and downloading issues we've re-enabled the old file server selection download method which we'll likely keep up and running until tomorrow morning for our own piece of mind. This will enable us to monitor the situation and conclude whether it's having any factor on the downloading issues.
Talking of the Steam Summer sale, which ended at the start of this month, we're still seeing unchanged and unprecedented registration traffic on the network since the end of the sale which is the driver for all the download issues occuring. For example, yesterday we hit 9,500 new registrations and today, a Monday (which are typically our slowest days), we've already had 6,200 new registrations with 7 hours of the day still left to go. We're not entirely sure what's driving this big influx of new users well past the end of the Steam sale, all we know is it's happening and we're working to sort out our file server infrastructure to make sure it's no longer an issue. For a more detailed explanation of what we're doing please refer to the news article linked at the start of this post.
After recent events by a malicious user to upload viruses to the Nexus sites and gain access to Nexus accounts (for reasons completely unknown to us as your accounts are worth very little in tangible terms!) we've been stepping up our public-facing security options.
Thanks to the great support of VirusTotal, who have given us very generous access to their virus API for free, we've been able to integrate their virus scanning functionality into the Nexus file pages. VirusTotal is an online tool that will scan files you send it using over 50 of the most used anti-virus programs and generates a report showing how many of the anti-virus programs have flagged the file as a virus.
Any new files uploaded to the site will be sent off to VirusTotal to be scanned and will not be downloadable by users until the report has come back all clean. If more than 4 anti-virus programs used by VirusTotal flag the file as suspicious the file will be sent to a quarantine that will require one of the moderation team to verify the file is either safe, or not safe, before it can be downloaded. This process should only take 5 to 10 minutes, but during this time your file will not be downloadable. While the Nexus has always provided instant upload/download functionality I think a wait of 5 to 10 minutes for added security and peace of mind is a worthwhile sacrifice to make. I'm also aware that there are certain types of mods, especially those that make use of TexMod, that get flagged as false positives quite regularly. While this might be frustrating for you we will endeavour to get your file online as soon as possible.
The VirusTotal report generated for each uploaded file is easy to access by clicking the new icon present on the file tab of file pages. While the file scan report is quite conclusive you should always have your own anti-virus and anti-malware software installed to compliment this service and it should not replace software already on your system.
We are currently, slowly, scanning through the entire back catalogue of 250,000 uploaded files on the Nexus at a rate of 20 files a minute which is going to take a week or two. But yes, it is our hope that every file, new and old, will be scanned at some point soon.
Our two-factor authentication system is relatively close to being completed as well but has been put on the backburner for the next week or two while we evaluate the CDN situation. This system will work in the same way as Steam and Facebook; if you login from an unrecognised location you will be sent a unique authentication code via email to verify it's actually you. You will be able to turn this system off in your preferences but we'd obviously recommend having it on for maximum security.
After the compromise of one of our staff accounts we have removed the ability for staff to upload files to file pages they are not authors of. If you're wondering why they had that functionality to begin with it was a commonly used feature by the staff to help authors who were struggling to upload their files here for one reason or another. The author would upload the file to dropbox or similar, the staff would download the file and then upload it to their page for them. Staff can no longer do this, but it should ensure that any compromises in staff accounts again would have less implications.
Many of the staff features are hidden behind a second password gateway that is unrelated to the staff member's username and password. For instance, you can't ban someone without being logged in to a staff account and knowing this secondary username and password. All the staff have been told to never save this information in their browser and to simply write it down on a notepad near their PC. This was already present before the compromise and probably helped to limit the compromise substantially.
We've had a couple of outages this week. Earlier on in the week we had a couple of hours of down-time because someone who is in the same Cloud as us had some how managed to take our allocated IP addresses. Without any IP addresses you can't access the sites. We managed to sort that one out and our hosts have told us it shouldn't happen again, but it was completely out of our control.
Last night was a sleepless night for us as we had some extended down-time as well. Our hosts were attempting to install a lot of expensive new hardware under some scheduled maintenance. It didn't go to plan for them and took a lot longer than expected without even being finished. After that our internal network was extremely unstable and has yet to be resolved. We're working with our hosts to get this sorted on their end. However, you might notice things being quite slow, or slower than usual, today. That's because we're only running on 3 of our 5 database nodes. Given how good they've been to the Nexus over the years we won't be kicking up a fuss over a couple of incidents but it is (here's the silver lining) nice to be talking about down-time that isn't actually something to do with our setup for once.
We'll get there.
Over the past 10 days we've had widespread reports of downloading issues on the sites that has gone hand-in-hand with the annual Steam summer sale promotion that sees games getting massively discounted on Valve's gaming platform. These downloading issues were caused, simply put, by the fact every single one of our 20 download servers was filled to capacity with people trying to download.
If our registration statistics are anything to go by this year's summer sale was the most successful one yet for Steam. Over the past ten days we've averaged 8,200 new registrations a day including a new Nexus record of 14,505 new members in a single day beating the previous registration record set on November 26th 2011 of 13,570 new members just a couple of weeks after Skyrim's launch. Typically the Nexus will average 3,500 - 4,500 new registrations a day when something special isn't going on.
When you have a huge influx of new members in a short space of time this has quite a detrimental effect on the file servers. While you can typically only browse the site one page/tab at a time, which helps us maintain our resources on the web servers, you can have many downloads running at any one time. The inherent problem with having a huge influx of new people is that their downloading habits are different to "regular" users. As a new user you want to download a lot of mods all at once. You'll go through the top 100 and look up "best mod" lists on the internet and try and download as many as possible. As a "regular" user you've already done this, your mod list is pretty set, and you're now browsing the Nexus to see what's new, perhaps only downloading one or two new files a day to augment your current mod lists. So having a huge influx of 14,000 new users in a day is like adding an extra million regular users to the site over night for a short term period. The result was 20 file servers all serving 400 concurrent downloads each which meant during the Steam sale we were serving 8,000 concurrent file downloads at any given second and maxing out a 10Gbit line. That number would have likely been much higher if it weren't for the hard connection limits we've set on the servers. Hopefully you can appreciate that's a lot and the infrastructure you need to handle that has to be extremely powerful and resolute. While our file server infrastructure is powerful it's typically designed to handle around 6,000 concurrent downloads, and we average around 4,000-5,000 on a normal, non-Steam sale day.
Question: Why has this only become an issue now?
Aha, here's a silver lining (ahem). The reason this is the first time we've maxed our file servers is because this is the first time our web servers (the servers we use just to display the sites) have held under all this traffic. Secretly (ahem), we're patting ourselves on the back that the sites themselves were accessible for practically the entire Steam sale week, which means our new Cloud setup and centralised database cluster is finally working. We're obviously not happy about the file server setup so we're working to sort it out.
Question: Why weren't you more prepared?
I thought we were :)
Back in January I posted that we had completely decommissioned our file server setup and we were moving from a 15 standard download server setup to a 20 standard download server setup, an increase in capacity of 33%. The inherent problem was, because our web servers always used to fail before the file servers did it meant we'd never thoroughly tested our file setup under extreme load conditions. Now that the web servers are up to scratch and holding under these conditions the file servers are taking on a lot more load. And so now we can react.
Question: Why didn't you just buy more servers when the Steam sale started and it became apparent the load was too much?
The file servers we need can't just be requisitioned overnight. They need to be ordered, delivered, plugged in and have all the firmware and updates applied before we can even get the entire file database copied on to the drives. That takes time, more time that the Steam sale was going to last.
Picture the situation like a huge rock festival (lets take Glastonbury as it's only just finished) that comes to a very small town (population just under 9,000) in England once a year. 361 days of the year the local road infrastructure is completely fine, but 4 days a year, when the Glastonbury festival sets up in nearby fields, the roads are completely choked full of cars and the local residents can barely get out of their own town. Is it prudent for the local council to build an 8 lane highway to support a 3rd party event that may or may not happen from year to year that will only be used for 4 days of the year? I think not. In a similar vein, we'd be talking an extra $5,000 expense each month, minimum, to accommodate an event that happens once or twice a year.We can't just say to our server provider "we want these servers during November/December and June/July but for the rest of the year we don't want them". Contracts have to be signed and so on and so forth.
Question: So what are you going to do about it?
Last year we spent considerable time, effort and money to sort out our web server situation and we moved to a much more flexible cloud and cluster setup. This has worked. It now makes sense that we continue those efforts and bring our file servers inline with the cloud ethos.
We're currently in talks with a big CDN service, who already partner with big video game players like Steam, CCP and Wargaming, to get rid of our current dedicated file server setup and move our entire file serving efforts on to a CDN.
If you don't know what a CDN is I won't bore you by going into detail about what it is (a simple Google search will surely enlighten you!), but I will bullet some key advantages it will have over our current setup:
- Flexibility and scalability. There's practically no limit to the resources we can use and there's no time delay in making use of them, which means no bottlenecks. We contract for a set amount of usage and any overage due to one-off events, like a Steam sale, is charged at a standard and competitive rate.
- Less administration and more secure. Maintaining 27 file servers (20 normal, 3 Premium, 4 static content) is a huge undertaking that requires a lot of server administration to keep up-to-date and secure. Moving to a CDN places this responsibility in the hands of a team of qualified individuals who are much better suited for the job, freeing us up to both not worry as much, and not work as much on this issue.
- Increased performance and localisation. We currently have 14 download servers in the US and 6 download servers in the UK, but the Nexus has a global reach with many users from South America, Asia and Oceania. CDN networks have data centres distributed across the globe that should ensure you really will max out your connection when downloading from our servers, hopefully, irrespective of where you are in the world.
Question: It sounds good, so why haven't you done this in the past?
Partly because it wasn't necessary and partly because it costs more. Between 30%-70% more than our current dedicated file server setup depending on how much bandwidth we use. We've come to the realisation from our work on the cloud and cluster setup that this really has to be the future for us, and the added cost, although tough, is necessary to secure the future of the sites. We need to be able to move fast during these sorts of situations which is something we cannot do with a dedicated server setup.
As soon as possible. We're testing out the feasibility of the CDN for our setup as I'm typing this.
It's been a while since I last wrote about the updates we've made on the sites, of which there have been quite a few, just some have been quite subtle. For my part I've been extremely busy over the past few months (here, have a picture of my feet dangling over the edge of the grand canyon) in between trips to the US and moving home. Thankfully the Nexus to-do list is neverending so the other staff have had more than enough to keep themselves busy. As there's so much I'll just break it down into more manageable sections.
Have you noticed? The sites seem to be up a lot more than they used to and we haven't had to use "maintenance mode" in a long time (past when we accidentally overloaded the servers last week). That's because we finally think we've cracked our database cluster issues. Since the update we made last week we haven't had a single database blip (that wasn't caused by something we did) and needless to say we are freaking happy about this, especially since one of the guys has been working on this for over a year now.
We're currently sorting out an issue when downloading via NMM and those annoying "retries" that can occur and then we'll be all set, at least we think we will.
About a month ago we silently released an update to the "Donations" system that now allows users to donate Premium Membership to other members on the site. At the time I wanted to write a big news post about it but I just didn't have the time, so now I've got to try and be concise within this news post.
Where before you could only donate direct money to a mod author there's now a second option to "Buy Premium membership for this user" on the user's profile and when using the "Donate" button on file pages.
You can turn off this option if you are uninterested in being donated Premium Membership from within your preferences. A user cannot have more than 5 years of Premium Membership bought for them, or more than a life-time membership (if you try and donate life-time membership to someone who already has it the site won't let you).
We've also incentivised this system for the donor as well. If you donate Premium Membership to another user we'll apply ~25% of the Premium time you purchased to your account as well, free of charge. For example if you buy 1 month of Premium Membership for another member you'll receive 1 week of Premium Membership for yourself as well along with all the benefits that come with that (including being a Supporter for life). The time "stacks" as well, so if you buy 4 people 1 month of Premium Membership you'll have 1 month of Premium Membership yourself.
The Premium Membership system is an unfortunate necessary evil. Without it I just couldn't afford to pay the server bills in this day and age of adblockers and diminishing advertising revenues. I hate asking people for money, or relying on it, so when people willingly share it with me I want to make sure they're looked after as much as possible.
I get the occasional lifetime member ask me if there's a way they can donate more money to the site. This is the way you can do that while also giving back to your favourite mod authors or users on the site. And thank you.
Changes to the way manual downloads are served
We've changed the way we serve manual downloads to you via the pop-up. While before when you went to download a file manually you would be presented with a list of file servers to choose from we are now moving to a quicker, more automated system that will pick the least over-loaded server from a geographic location you've specified in your preferences. If you haven't specified your preferred location then the first time you go to download a file you'll be asked to pick one.
There are several reasons for doing this:
- Right now we have 23 file servers. As we continue to expand the number of file servers we provide it's going to become untenable (or very ugly) to show them all to you so you can make a selection.
- Many people seem to grow attached to a certain file server and will only ever download from that server even when it's overloaded. This causes an unnecessary load on the network we'd rather avoid.
- It allows us to code algorithms that manage our file server network more closely, ensuring that load is evenly balanced.
- It removes a click from the downloading operation which in turn speeds up the downloading process.
We're monitoring this system closely to ensure it's working properly. If you set the wrong location when the system first asks you, or if you want to change locations for any reason, you can do so from your preferences area.
Something the mod authors talk about regularly in the mod author forums is the low endorsement to download ratio on their file pages. Mods that have millions of unique downloads can have a comparatively low amount of endorsements. There's a multitude of reasons for this, which have been discussed to death, but during the last discussion that happened a couple of months back I said I would get some things added to the site that could help to combat a few of these issues.
To begin with we've added added an endorsement reminder pop-up to the sites. This is something we had a few years back but it never really worked brilliantly. This time around the pop-up will provide you a list of files you've downloaded recently that you have yet to endorse. You can quickly endorse the listed files from within the reminder pop-up without any page reloads and if you've endorsed all your files already you won't see this pop-up. You can change how often this reminder is shown to you, if at all, from within your preferences (
I think we're having a few issues with that right now, which means a few people might be getting spammed by the reminder, which we're in the process of fixing- should be fixed).
There's a consensus among some mod authors (probably not a majority) that if you've downloaded a mod you should endorse it. I disagree with this philosophy. Because endorsements on the site are seen as a positive rating against a file it doesn't go that just because you've downloaded a file you think it's worth endorsing the file. Because this new reminder system checks if you have any files you have not endorsed, it's not fair to you if you're reminded about files that you have no intention of endorsing. As such we've added a new option when endorsing files that is labelled as "Abstain" and indicated as either a red cross or a thumbs up symbol with a red line through it. Abstaining from a file is just that; you are refraining from endorsing the file. It is not a negative mark against a file. The amount of people who have abstained from endorsing a file is not shown anywhere on the site. So what's the point? By abstaining you are telling the site that you are aware you can endorse the file but you don't want to. It's different from before because now the system knows that you aren't planning to endorse the file and, ergo, won't remind you to do so. You can change your mind later on by going to your download history and changing your abstain to an endorsement.
Going hand-in-hand with the download changes listed above we've also added a sort of mini-endorsement reminder to the download pop-up window. If you have unendorsed mods you will be presented a list of 5 mods from your download history that you have yet to endorse which you can quickly do from within the pop-up without affecting your current download. We hope to update this system so that the list is organised in such a way that the unendorsed mods shown to the user will also belong to the author of the file you're downloading from first. For example, if you've downloaded 3 files from the author already that you've yet to endorse then you will be shown 5 files, 3 of which will be the ones that belong to the file author. Our early attempts at getting this put in, however, overloaded our servers so we're looking in to implementing this author preference system as soon as possible. If you have endorsements turned off on your file then the endorsement list will not be shown on your downloads.
It's my hope that by presenting users with these convenient ways in which they can quickly endorse or abstain from endorsing files we'll see an increase in endorsement ratios for files. I'd be interested to hear from authors as to whether they've noticed any sort of noticeable bump in their endorsements over the next week.
Using apostrophes and full-stops in file names
We've changed a lot of things since the last time I was directly involved in programming a major recoding of the sites in 2007 but one thing that's never changed is the inability to use apostrophes and full-stops in file names. We've now, finally, updated the sites so you can use proper grammar in your file names and use full-stops to denote version numbers in your uploaded files.
Smaller updates and bug fixes
On top of these updates there's also been a number of smaller updates and fixes applied to the sites:
- Banned members will now be notified of why they were banned when they attempt to login to the Nexus sites.
- Fixed the filters in the Image Share not working.
- Fixed an issue where user uploaded images were showing on file pages before the author had verified them.
- Implemented our IP ban list on the sites when originally it only worked on the forums. If you are getting this error and you haven't been banned in the past then please get in contact via the contact form (obviously letting me know your IP address) so I can sort it out for you.
- Fixed an issue where the "required files" system wasn't working properly.
- The tracked files system no longer breaks the home page.
- Authors who upload mods for games we haven't approved yet will now be emailed when we approve the game.
We are aware of two ongoing issues with the sites right now. An issue with the tracking and notification system not properly informing users of certain updates to certain files, and an issue with comments sometimes going crazy and not being posted to the proper file page thread. Our work on fixing these is ongoing but is likely tied to our continual efforts to sort out the database cluster and ensure our code is efficiently reworked to synergise with this system.
Recently we've been the target of some attacks on the site that date back to March of this year. To begin with a user was uploading a virus to the sites masquerading as other popular files. The virus was being used to gain infected user's stored usernames and passwords for the site which were then being used to login to their Nexus accounts here and continue to upload more viruses. That stopped. Now recently we had a high profile breach of one of our staff accounts that allowed a user to replace some popular files here with viruses masquerading as the popular files which is obviously more serious. I'm now getting reports that users are being spammed by a mailer which is sending out fake notifications to update to the latest version of NMM with a download link that, quite obviously, points to a location that isn't anything to do with Nexus Mods. This email doesn't even come from a nexusmods.com email address (or any address in any way related to games!) and doesn't point to nexusmods in any way, shape or form. However it does look convincing to people who haven't got their guard up and aren't checking the email headers to see where it's coming from or the link address itself (why would I send an email telling you to download a file from anywhere other than the Nexus Mods site!?). Please don't get caught out by this pathetic attempt to gain access to your system. You should treat this email the same way you'd treat an email from a Nigerian prince, or the "Bank of America" telling you there's a problem with your account that needs to be fixed by opening a zip file, or the Swedish consort letting you know the latest penis enlargement instruments really do work...
I have not done a bulk email to members of the sites since 2007 when TESSource became TESNexus. I hate doing it because I know how annoying it is to get unsolicited emails from sites trying to pump their product in your face. What's actually more worrying for us is how your email addresses have been obtained which is something we're looking in to much more closely. If I felt we'd had a breach of our system then I would most definately let you know (openness is obviously the best policy in these regards), however we've had no indication of that. What we cannot be certain of is a breach from before December of last year when we switched over to our new database system. Indeed, the newest account we've received a confirmation from on this topic is from April of 2013. We cannot verify that because we no longer have the original servers the databases were on. Obviously the most prudent course of action for you would be to change your password to be on the safe side.
We've had noone come forward to lay claim to these attacks directly so we're going off the assumption this is someone who's targeting the Nexus simply because it has a large amount of members with an active userbase. What we do know is that this is a brand new virus that anti-virus firms are only just starting to recognise now. Whether it's been made specifically for us or not is unknown.
We're no strangers to being attacked. We receive DDoS attacks regularly, you just don't notice it because as our resources have increased so have our means to combat them. We're working with our suppliers to come under the net of a new £250,000 investment in anti-DDoS measures that will continue to help us, and others, combat against this internet threat. Our servers automatically block hundreds of IP addresses daily from people trying to gain unlawful access to the servers or doing things they shouldn't be. The fact we're now being targeted more regularly is simply testament to what we have going on here and the people who want to try and exploit it for their own means.
This isn't the first time this has happened to a gaming community, or even a modding community. I know that the folks over at Curse have had many issues with their Curse Client (Curse's version of NMM for World of Warcraft) being "faked". Only as recently as January another fake client surfaced that was used to steal user's World of Warcraft account details. In 2010 the scammers even went so far as to pay for Google advertising so that their fake Curse client would show before any other results. So we're not alone here. The only difference is this is the first time this has happened to NMM, and it's important you're vigilant.
We pay $500 a year to buy a unique code signing certificate from Verisign that we use to certify all the versions of NMM that we provide. You can see this certificate when you go to install NMM. Here, have a picture so you can see what screen it shows on:
As you can see the installer is signed to "Black Tree Gaming Ltd.". The name of the company I setup to handle Nexus affairs. We sign every single new release of NMM for this exact reason: so you know it has come from us and only us. If your installer does not say this or if you download NMM at some point and it doesn't say this then that's bad. VERY BAD. And you should cancel what you're doing and do a full system scan.
We will only ever offer NMM from our download page on the main Nexus Mods site. We will not send it to you in an email attachment or link you to somewhere that isn't on the nexusmods.com domain. Even then you should remain vigilant and check for that certificate on the installer.
As our work on the database stability issue comes to a close (thank god for that) we are going to be directing our attention on providing you, the user, with more tools to remain secure both when on your account and when downloading from the site.
Our login mechanism will soon be using SSL, a long over-due addition. We are looking in to implementing two factor authentication on account logins similar to how Facebook and Steam Guard work; if you login from a different location we'll send a unique code to your registered email address before you can login. We're looking in to implementing a new feature for the site that will let you explore the file structure of archives before you download them, which will not only help with spotting things that shouldn't be in the archive before you download but also help you work out whether a mod is actually compatible with NMM or not. We'll also implement a moderation system on files and archives that contain executables or other files that are potentially dangerous. If one gets uploaded we (the staff), will have to approve it before it goes public on the sites. Lastly, we'll explore our options in regards to external virus scanners to see if there's a decent online API that can handle the number of uploads we'd need to make to their servers.
The fact we have to spend time on this sort of stuff when we'd rather be working on things that help make your modding experience better is obviously annoying, but it's also part and parcel of the world we live in. Your security is a high priority for me, as is keeping you up-to-date with the latest issues and ensuring you're informed about the times when we've let you down. It's important for me to take responsibility when we do slip up and to make sure that, while sometimes I might slip up, I will take that responsibility for it and do everything I can to get things right. At the end of the day, you guys trust me with your visits, your mods, and some of you even with your money, so your trust is very important to me. Your words of support and encouragement during these sorts of times only serve to compound what I already know about the community we belong to. It's flippin' good.
Back in March you might remember a news post written by myself titled Be Careful: Trojans masquerading as popular executables. To cut a long story short, a user was uploading a malicious file to the site that, when installed, would enable the user to find out your Nexus username and password, which was then in turn used to log in to other user's accounts with the stolen login information and continue to upload the same virus to the sites.
Today we were alerted to a malicious change to SkyUI, one of the most popular files on the Nexus network, at around about 12.30pm GMT. Within 20 minutes the file was removed and we got to work investigating how the file was added and who removed the original SkyUI file and replaced it with a malicious executable (thank you to those people who reported the file and were clever enough not to install it!).
Following on from that we noticed some strange actions coming from one of the staff member accounts here and, while I have not been able to get in contact with the staff member yet, we can conclude that the staff member's account has been compromised and this was how the "hacker" was able to remove files and upload new ones in their place. As part of their job the moderation team need to be able to access and edit the file pages on the site. If an unsavoury miscreant gains access to one of those accounts they can, potentially, do quite a bit of damage. Unfortunately that was the case today.
We were able to quickly identify and remove access to the account, however, a few more files were changed by the "hacker" before we could trace things. These files, on top of SkyUI for Skyrim, were:
ApacheiSkyHair for Skyrim
Fallout 3 Redesigned - Formerly Project Beauty for Fallout 3
Project Nevada for Fallout New Vegas
Oblivion Character Overhaul version 2 for Oblivion
It's clear the "hacker" was going for some of the most popular files for each of the main games the Nexus supports to gain maximum exposure.
It's important to note that staff members do not have access to any personal details (they can't even see your email address) including any Premium Member details and we do not store any credit card information so that's not an issue at all. This was not a traditional "hacking". Our server's themselves weren't compromised (indeed, we think we've got things locked up pretty damn tight right now to the point where you need to be on a specific IP address before you can even gain access to the server terminals and think about user accounts and passwords). Unfortunately the computer's of one of the staff members was compromised and this is the result.
Things have been tidied up and the threat has been removed. If you downloaded one of the compromised files listed above and ran it between the hours of 12pm and 2.30pm today then please run a full virus sweep of your system. If you did not download any of those files in that time then this breach will not have affected you. We've contacted each of the owners of the files listed above. For them, unfortunately, because their main files were removed they will need to be reuploaded and the stats will have been reset for those specific files. It's important to note that deleting an uploaded file does not reset or clear the main file's stats. It's just unfortunate that the stats for those specifically uploaded files will be lost. I'll have a word with the main database admin to see if we can't get the majority of stats for those files restored, with a bit of loss due to having to roll-back a day or two. If you're the owner of one of those files please send me a PM so we can look into that with you.
I apologise personally for what has happened because, at the end of the day, the buck stops with me. I am highly protective of the staff here who have individually volunteered thousands of hours of their time, some of them for many years, to keep this network of sites clean and tidy. Unfortunately these things happen and I will obviously have a word with all the staff here to remind them all of best internet practises to maintain account security.
On an unrelated note I've had a few reports from German users saying that one of the ads on the rotation is sending them to a fake java updater page. This seems to be localised to only German locations, which makes it tough for me to diagnose, but I have been in contact with the advertising supply chain to try and get to the bottom of this and hopefully the issue will be resolved shortly.
We've been a bit short in the news department recently. This isn't because there's been no news to report on but simply because I've been extremely busy. I'll be reporting on all the updates we've made recently in due time but in the mean-time, today we released a new version of NMM along with a new "Legacy" version of NMM. Let me explain what's going on.
The NMM programmers are finding that more and more of their time is being taken up by trying to support old and outdated versions of the .NET framework which is not only limiting the functionality NMM can provide but, simply put, taking an inordinate amount of time for the less than 5% of people this helps to support. The inherent issue is that Windows XP no longer supports the latest versions of .NET, specifically, version 4.5 of .NET. Statistics show that less than 5% of users who use NMM are on Windows XP. We have therefore taken the decision to branch NMM from this point on in to two releases: the normal Nexus Mod Manager and the Nexus Mod Manager - Legacy Edition.
The Legacy Edition of NMM will be for those users who either want NMM to simply stay as it is right now or who cannot use the main version of NMM due to it now requiring the latest version of .NET in order to work. It's the fall-back to support those users who can't, won't or don't want to kept up to date with their operating systems. For us, NMM is now for Vista, Windows 7 and Windows 8, the Legacy Edition is for users of Windows XP.
We will update the Legacy Edition with any bug fixes that can be applied but, unless a new feature doesn't make use of any .NET 4.5 features, the Legacy Edition is now feature frozen: it will not be getting any new functionality.
In other news, a lot of people have noticed that the "Download With Manager" button is not working for them on the site. Firstly, let me say that this is nothing to do with us, in that we haven't caused this problem. The problem arises with the combination of Windows 8.1 and the Google Chrome browser, and only this combination. NMM works fine in IE and FireFox with Windows 8.1. For a slightly technical explanation of what's happening: a recent silent update to Chrome has forced the browser to no longer recognise third-party URL protocols, like the "nxm" URL the Nexus sites use to start your download in NMM. Instead, Chrome will now only accept URL protocols that are classed as "safe" by Windows 8/Microsoft, which at this time is basically just the Windows Store. Great update, Google. The fix for this issue involves editing a Google Chrome config file to tell Chrome that the Nexus Mod Manager is a safe program to accept URL requests from. Google haven't coded any sort of system (like FireFox has) to ask if you want to trust the Nexus Mod Manager protocol, it just refuses to work. That's just plain laziness on Google's part.
Version 0.50.0 of NMM has added a button to the settings menu that will attempt to edit this Google Chrome config file so your download button will work again. It's experimental, and while it won't break anything, the worst it will do is just continue to not make the button work for you. We won't know until people use it. However, we can completely understand why you might not want NMM editing any config files unrelated to NMM, so for you guys I'm afraid the only option is to manually download then add files to NMM (very, very easy to do) or simply use a different browser. Once again, this problem hasn't been caused by us, and we're slightly miffed Google have taken this lazy approach.
We're obviously interested to know if this button fixes it for people who've experienced this issue, so please let us know.
Version 0.50.0 of NMM requires an uninstall of your current version of NMM before you can apply it. The process is extremely simple and NOTHING will change in your NMM so long as you reinstall NMM to the same directory. Your mods, load orders, settings and everything else won't change. If they do change then you have NOT installed NMM to the same folder, or you've changed your game folder location either physically, on your hard-drive, or within your NMM settings so they no longer point to the right location. NMM does not delete mods off your hard-drive when it is uninstalled. We needed to force an uninstall due to some of the .DLL packages changing or being removed and we didn't want people filing bug reports because they couldn't be bothered to uninstall the software like they were asked to do.
We've released a dummy 0.49.8 release of NMM which has a tweaked update mechanism for those people updating through NMM itself from version 0.49.7. If you do it this way, you'll first have to download 0.49.8, which will then direct you to the correct version of 0.50.0 to download based off the operating system you're using. If you are using Windows XP, 0.49.8 will direct you to download the Legacy Edition of NMM. If you are using Vista or higher, 0.49.8 will direct you to download version 0.50.0 of NMM. You can skip this step (going from 0.49.7 to 0.49.8 to 0.50.0) simply by downloading the latest version from the NMM download page. This process might seem a little convoluted but you'll be all done within the space of a minute (depending on your download speed).
Fingers crossed now we've got this task behind us the long awaited Profiling system will not be far behind.
If you are a fan of the Fallout Nuka Break series there is good news for 2014.
Jump to page