NCSoft to Roll Out Hackable Anti-Hack Software

← Back to Stories (view on slashdot.org)

NCSoft to Roll Out Hackable Anti-Hack Software

Posted by Zonk on Thursday January 20, 2005 @09:59AM from the problems-in-adena-land dept.

Greyzone writes "NCSoft is preparing to use a security product to protect the Lineage II game process from user hacks while running on a user PC. Unfortunately, this product has serious flaws of its own. Securityfocus.com explains the serious flaws and the possible hacks that can be used against user PCs that have installed this software." From the article "It is true that even with this vulnerability the user must still be tricked into running a malicious application that exploits it. However, in South Korea, where the Gameguard service is widely used, net cafes have become part of the social fabric. These machines are ripe fruit for damage."

22 comments

Min score:

Reason:

Sort:

That's just sad. by game+kid · 2005-01-20 10:02 · Score: 1

Still, you can't block every hole in security. Sometimes you just have to hope, right?

--
You can hold down the "B" button for continuous firing.
1. Re:That's just sad. by Scrameustache · 2005-01-20 11:48 · Score: 2, Interesting
  
  you can't block every hole in security. Sometimes you just have to hope, right?
  
  How's about not introducing new holes? That would be a good start.
  
  --
  You can't take the sky from me...
2. Re:That's just sad. by wrm932 · 2005-01-20 17:17 · Score: 0, Redundant
  
  Hi I played the game before and it seems the issues regarding the security program has just got to a point that I quit it altogether. Though it was a nice game in my opinion and something that I began to get addicted to unfortunately.
  
  --
  www.iWebmasters.com Offshore staff leasing services ICQ 236696307
I was under the impression ... by DikSeaCup · 2005-01-20 10:21 · Score: 1

That the machines in South Korea's net cafes were already compromised and were used as spam relays. Or was that China?
And in the environment the Internet has developed into, there's enough proof to show that it doesn't take much to trick even seasoned Internet users into running malicious code.

--
I talk about stuff.
nProtect, not just another Anti-Hack software. by PiratSS · 2005-01-20 10:45 · Score: 2, Informative

nProtect is not a sure way to eleminate hackers, but it's a pretty good at detecting if any hacks are running. If you used nProtect before, you will know what I mean. I used to run a TSearch and a debugger program for my C++ applications, and nProtect wouldn't allow me in any of it's protected games. I remember a few ways of patching old versions of nProtect, but they are eleminated now, and it's pretty hard to stop for an AVERAGE programmer.
1. Re:nProtect, not just another Anti-Hack software. by gl4ss · 2005-01-20 13:45 · Score: 2, Insightful
  
  well. but this is not about hacking the software that is protected by the nProtect software.
  
  rather, it's about nProtect getting hacked - causing your computer to be OWNED. sure, your lineage might be protected but how about your banking?
  
  --
  world was created 5 seconds before this post as it is.
2. Re:nProtect, not just another Anti-Hack software. by nastjuid · 2005-01-25 19:08 · Score: 1
  
  I wonder how this update to L2 will be affected in a linux environment. I try not to play L2 on windows...
Even bigger problem by Cipster · 2005-01-20 11:30 · Score: 2, Informative

The main problem with nProtect is that it will do nothing to stop cheaters. The most popular bot for L2 does not even use the game client but runs as a complete standalone app. The protocol the game uses to communicate with the game servers has been completely hacked to pieces and the bots can emulate it perfectly. All this will do is install a bad piece of software on legit users' machines while the botters will bypass it completely.
Once again chinese botters/hackers > NCSoft (the most popular bots/hacks are made by chinese programmers and are used by the workers of the companies that sell in-game currency for cash).
1. Re:Even bigger problem by wrm932 · 2005-01-20 17:44 · Score: 1
  
  So you mean to tell me that nProtect only keeps track of hacks? Not to prevent them?
  
  --
  www.iWebmasters.com Offshore staff leasing services ICQ 236696307
2. Re:Even bigger problem by Cipster · 2005-01-20 18:52 · Score: 1
  
  The problem is NProtect only runs when the game client runs. It's basically a wrapper app around the game client that prevents any app from running concurrent with the game. The first bots for L2 ran on top of the client basically intercepted and manipulated the packets to and from the server.
  The most popular new bot for L2 does not use the client at all but emulates the communication protocol with the server. So botters will never have to worry about it but legit users have to put up with the buggy app on their machines.
screw the Marvel IP case... by Anonymous Coward · 2005-01-20 12:37 · Score: 0

...this is a class-action suit waiting to happen!

Especially the fact that it doesn't uninstall the game guard kernel driver and service when you finally get tired of paying for Lineage.
Yes and no by Pan+T.+Hose · 2005-01-20 13:55 · Score: 4, Interesting

Still, you can't block every hole in security. Sometimes you just have to hope, right?

Yes, you can. No you don't. Software is just an applied form of discrete mathematics. "Beware of bugs in the above code; I have only proved it correct, not tried it," as Donald Knuth once said. It is possible to present a formal proof of correctness for any algorithm. It is nearly impossible and certainly impractical when you have a big mess of spaghetti code like with most of software that is utter crap, but it is possible nonetheless when you know what are you doing and design appropriately, with very clean, small and isolated parts of your system responsible for enforcing its security policies. Take a look at such operating systems as KeyKOS and EROS. E.g. read Verifying Operating System Security paper by J. S. Shapiro and S. Weber: "This paper presents a proof of correctness of the EROS operating system architecture with respect to confinement." Read some essays by Norman Hardy, especially those on Capability Theory. This is hardly a new idea, see GNOSIS: A Prototype Operating System for the 1990s paper by Bill Frantz, Norm Hardy, Jay Jonekait and Charlie Landau, written more than 25 years ago. The bottom line is: it is certainly possible to have a 100% secure system, but developers don't bother because users don't care.

--
Sincerely,
Pan Tarhei Hosé, PhD.
"Homo sum et cogito ergo odi profanum vulgus et libido."
1. Re:Yes and no by cluke · 2005-01-21 00:08 · Score: 1
  
  I remember they got us to prove around about 5 lines of code correct as part of a module in my Comp. Sci. degree. It took around half an hour of non-trivial effort, so good luck getting companies who churn out millions of lines of code to do this.
  And doesn't it get more complex with increased code size? Is it even feasible for large projects? And what about when you inevitably make a mistake in your calculations?
  
  (Disclaimer : this was quite a while ago, my memory could be faulty. Feel free to correct me!)
L2 bots by Anonymous Coward · 2005-01-20 17:40 · Score: 0

The comprimisation of the l2 protocol was not done by the bot makers themselves but the server emulation folks.
Phantasy Star Online Blue Burst by Myria · 2005-01-20 18:28 · Score: 1

Phantasy Star Online Blue Burst uses nProtect, and the first thing I did was net stop it.

C:\>net stop npptnt2

The NPPTNT2 service was stopped successfully.

Melissa

--
"Screw Sun, cross-platform will never work. Let's move on and steal the Java language." - Visual J++ Product Manager
Mmmmmm by Walker2323 · 2005-01-20 19:14 · Score: 1

Irony. Sweet, delicious irony. So good.
Good questions by Pan+T.+Hose · 2005-01-21 00:49 · Score: 1

I remember they got us to prove around about 5 lines of code correct as part of a module in my Comp. Sci. degree.

So you know that it is possible, even if not trivial.

It took around half an hour of non-trivial effort, so good luck getting companies who churn out millions of lines of code to do this.

I can guarantee you that if people demanded, the companies would do it, and that is exactly what I was saying. Remember that those are customers who have the power, not the companies. The companies might not like it, but they would have no choice if people stopped buying their products.

And doesn't it get more complex with increased code size?

Yes, it does, and that is why your kernel cannot be monolithic, because otherwise you have to prove the correctness of every single line of code running in the kernel space, including all of the drivers and kernel modules. The projects I was talking about in my post above use a concept of nanokernel, for that very reason.

Is it even feasible for large projects?

Yes, it is. See the EROS operating system.

And what about when you inevitably make a mistake in your calculations?

Then other people might spot it reading your proof. This problem is as old as mathematics. What if Einstein made a mistake in his calculation?

--
Sincerely,
Pan Tarhei Hosé, PhD.
"Homo sum et cogito ergo odi profanum vulgus et libido."
GameGuard arrived today by kemkerj · 2005-01-26 13:12 · Score: 1

And with it, many, many bugs^H^H^H^H"features."

My Nostromo N52 is inactivated when I play Lineage2. Why? Because NCSoft, in their infinite wisdom, has determined that this game controller constitutes a "third party bot program" and is, therefore, BAD to use when playing a game.

A friend's USB keyboard was completely deactivated when he tried to play the game. Seems it's a "programmable" keyboard and that means you can BOT with the keyboard!

Funny thing is, NCSoft went through quite a bit of trouble to post a poll on the official L2 forums asking the North American audience how they felt about GameGuard. It was 2:1 or more against GG.

To make things even worse, if you update your Lineage2 (as you must, in order to play) with GG, you have no offical way to REMOVE GG even if you subsequently decide to get rid of L2. Persistent spyware, isn't that neat?

Bugtraq and SecurityFocus have both reported exploits based upon nProtect's GameGuard. NCSoft ignored those. It takes the inherent protection that XP Pro provided against particular types of attacks and throws it away.

The crowning glory of all this is that NCSoft began banning people on the public forums when they complained about GameGuard. Threads were deleted, and discussion was suppressed. While a good number of those banned were guilty of stating that they were leaving the game (a no-no on the official forums) because of GG, it still left an overall impression of supressing information, a distinctly distasteful concept to most North Americans and Europeans.

Anybody interested in a Level 50 Paladin on the Erica server?