Simpsons Tapped Out iOS 7 Login Bug Analyzed

Simpsons: Tapped Out screenshot of Wesley's Springfield
My Springfield
If you're playing Simpsons: Tapped Out game (iOS / Android) on your spare time like me, and also happened to be a developer that upgraded your phone to iOS 7 (beta 1), then you may encounter a bizarre bug where you automatically get login to a completely random, but different account.

Some leafing through the web yielded some clues on what was likely going on. It seems to be caused by the way EA implemented the device and account management.

Apparently, EA decided to keep session information of both the device and the account that it's logged in on the server. When a user exits the game and comes back, the game checks the device and automatically login to the account it was last associated with. Seems harmless, right?


Well, iOS 7 changed a few things under the hood and messed up this scheme. According to the last entry on the "Networking" section of the release note for iOS 7 beta 1, low-level APIs to detect a device's MAC address has been deprecated and returns the same value, so that developers would migrate to UUID, Apple's preferred method for device identification. Unfortunately, Tapped Out seems to have been using MAC address all this time, due to its cross-platform nature.

And when this detection broke, the login problem manifested. Basically, everyone on iOS 7 would seem like using the same device to the game and its server. So when a user exits then returns to the game, the server actually returns the account information of the last iOS 7 user to connect to the game to your device since it can't tell two iOS 7 devices apart. And so, instead of returning to your Springfield, you're warped into a complete stranger's counterpart.

The worst part of it is that, while your stay on someone else's account is temporary, you can modify the town as you like without any restriction. In a sense, you've "hacked into" someone's account, however unwillingly. There have already been reports where someone's town had been completely destroyed, and the in-game currency Donuts depleted.

Luckily, this bug seemed to been mitigated at the server level, as it no longer happens as of a couple of hours ago. Those who still see this issue should completely logout and then login again. Hopefully, I hope this sort of town-destroying bug doesn't happen again.
Defined tags for this entry: , ,

Trackbacks

Trackback specific URI for this entry

This link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.

No Trackbacks

Comments

Display comments as Linear | Threaded

No comments

Add Comment

E-Mail addresses will not be displayed and will only be used for E-Mail notifications.
Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.

Copyright (C) 1996-2016 Wesley Woo-Duk Hwang-Chung. All rights reserved.