Slashdot Mirror
BBC Tells World About The Warden
Anonymous Cowpat writes "The BBC is running a story about the Blizzard title World of Warcraft. Specifically an article about, 'The Warden', Blizzard's highly-invasive anti-cheating software, which some, including The EFF have labelled as spyware. Most of the people around here have probably heard of it by now, but it's interesting to see the story in the mainstream press and (at time of writing) on the front page of the BBC's technology news section, no less." From the article: "The watchdog program, called The Warden by Blizzard, has been known about among players for some time. It makes sure that players are not using cheat software which can, for example, automatically play the game and build up a character's qualities. However, knowledge of it crossed to the mainstream thanks to software engineer Greg Hoglund who disassembled the code of The Warden and watched it in action to get a better idea of what it did."
The watchdog program, called The Warden by Blizzard, has been known about among players for some time. It makes sure that players are not using cheat software which can, for example, automatically play the game and build up a character's qualities.
... if you can!
Yes, but who watches the watchers?
For those worried by what The Warden does, Mr Hoglund has produced a program called The Governor that reports on what it is watching.
Oh.
Well in that case, who watches the watchers of the watchers? Hmmm? Answer me that
In the next patch, all WoW character models will be updated with black suits bearing an individual number.
This is a comment from someone who has dissected the Warden client:
The warden then uses the GetWindowTextA function to read the window text in the titlebar of every window. These are windows that are not in the WoW process, but any program running on your computer. I watched the warden sniff down the email addresses of people I was communicating with on MSN, the URL of several websites that I had open at the time, and the names of all my running programs, including those that were minimized or in the toolbar. Once these strings are obtained, they are passed through a hashing function and compared against a list of 'banning hashes' - if you match something in their list, I suspect you will get banned.
In college, really poor, need a flatscreen.
I really fail to see how this is any different from what other companies have done before. Half Life's Valve Anti-Cheat system scanned the whole system. Punkbuster, etc. also scanned the system (but were third-party add-ons). The only difference here is that Blizzard didn't disclose that they would be probing further, but I don't see further probing as evidence that Blizzard is doing anything wrong.
GameGuard used by NCSoft in Lineage2 is very similiar when it seems to create more problems then it solves.
In fact GameGuard does not block one single hack I know of for Lineage .....
BBC Tells World About The Warden
Why is BBC telling the world about my girlfriend..
[alk]
Something tells me that disdain for providing your credit card info earlier than you'd like isn't what's preventing you from playing WoW, and neither is The Warden.
ACs are modded -6. I don't read you, I don't mod you, I don't see you. Don't like it? Don't be a coward.
Blizzard sucks because they didn't prevent cheating in Diablo 2!
Waaaah!
Blizzard sucks because they prevent cheating in World of Warcraft!
Waaaah!
I'm torn between my love for sticking it to cheaters, and my hate for spyware. I suffered through the speedhacks and scripters in UO, and every time the developers thought about a process scanner the players went nuts and the idea was dropped. In WoW you sign the terms of conduct each time there's a new patch, so technically you agree to let this warden thing run in the background. Is WoW a better game because of it? Probably.
There are already some big problems with ebay gold farmers.. I'd rather they had to sit at the computer to make their gold, rather than just running a script.
This is my post. See sig above ^
of more than one multiplayer online game, I have to say, cheaters playing the same game as you suck. Have you ever played CS with cheaters? Really doesn't make it fun at all. Although I'm not 100% thrilled at HOW they're preventing cheaters, so far, they have proven to be not-that-evil(TM). For now, maybe because I like WoW so much, I will give them the benefit of the doubt.
AirSpeak - http://itunes.com/apps/AirSpeak
The sad thing is, this whole deal was started because one of the WRITERS for the very programs that the Warden was sniffing around for discovered how he kept getting caught and started to whine loudly and constantly.
Consider the source.
I know they are a god like organization here on /., but them calling this anti-cheating software "spyware" is just plain stupid. You don't like the software? It ain't all that hard to cancel you subscription and uninstall the software. There, you aren't being spied on. You can't tell Blizzard what to do with their servers just because you don't like it. Either use the free market and don't use the software or shut up.
Monstar L
So, you would say it is ok for the Police to come search you house to make sure you have no drugs, stolen goods, kidnapped 3yr olds
The difference is that you have the right to private property, WoW has the right to deny you access to THEIR private property based on their own criteria. If this you feel this criteria is too invasive then, by all means, do not use their software/services.
This is like drug testing, you have the right to choose not to work for an employeer that does drug testing, you do not have the right to change their policy on drug testing.
Dedicated Cthulhu Cultist since 4523 BC.
Different entirely. You're agreeing to play the game, and even paying explicitly. Read the EULA/ToU and you'll see the Warden outlined plain as day. The Warden doesn't even report back to Blizzard what it sees unless a match is found. Blizzard asks "Do you see or ." and Warden answers either yes or no.
If you want to use a public service analogy, a better fit would be "Do you want the Police to search the bags of everyone boarding an airplane to make sure noone's brought any bombs (hacks) onboard?" I think the answer would be a resounding freaking yes, and if you don't like it, don't fly.
When will "The Warden" get released for my iMac?
Actually, in all seriousness, I assume this is built into the Mac version as well? Overall, I don't care. I'm glad there's no (less?) cheating and I don't run anything else when I play anyhow.
So, you would say it is ok for the Police to come search you house to make sure you have no drugs, stolen goods, kidnapped 3yr olds - anytime they want? Just because you are against druids, stealing and kidnapping doesn't mean that would be a good thing.
No, I wouldn't say that's a good thing - but the rules are different out here. In the US the citizenry is guaranteed a certain measure of privacy and protection from egregious law enforcement by way of the Constitution. We have Amendments that protect against unlawful search and seizure, we have Amendments that guarantee a certain due process, etc.
When you go to a foreign country, these rules do not apply. If you traveled to Spain, your United States civil rights would hold no water. You would be operating under the legal system of the region you were traveling into.
So what on earth makes you think that the rules that govern US law enforcement apply, in any way, to whatever virtual world it is that WoW runs under?
Blizzard built that environment from the ground up. They invested time, money, and countless man hours to make it into something real. They invited players like you to step in and enjoy their creation. Some jackasses feel the need to bend and break the few rules that exist. I feel Blizzard is entitled to end cheating by any means necessary.
It is their product.
As always, if you don't like how they enforce their rules, you are welcome to take your dollars elsewhere. Just don't make the mistake of thinking that you have some right to tell them how to run their show.
Because the online version of BBC news is getting better and better, and they have decent technology news, like NY Times and unlike CNN.
FTA: "[The EFF] added that the Blizzard could get away with using The Warden because information about it was buried in licence agreements that few people read."
Didn't read the license agreement? Sorry, but that's not Blizzard's problem. It would be nice if Blizzard had made it more obvious that they would be doing this.
But you know what? Tough titties, you agreed to it.
That said, it's good that people are drawing attention to this -- maybe next time around, Blizzard will be faced with losing revenue should they try to implement the same kind of solution.
What MMORPGs need to do is implement better server-side analysis to identify cheaters. Difficult? Yes. Expensive? Yes. But probably less difficult and less expensive that losing craploads of clients, and hiring craploads of lawyers. Then they won't need to have the invasion clause in the license for their games.
Spread the word, and maybe we won't have to deal with this next time.
"Trolls they were, but filled with the evil will of their master: a fell race..." -- J.R.R. Tolkien on Olog-hai
By definition, spyware sends back personal information concerning the user. Warden does no such thing, even going by the analysis of Hoglund (the author of a rootkit.com article, and a developer of cheat software for WoW). Hoglund uses FUD to scare the reader into believing that WoW is snooping around their e-mail addresses and IM friends list, but in actuality, the first thing Warden does when it scans a string is to hash it, thus removing all personally-identifiable information. It compares the hashes to a list of hashes sent from Blizzard's servers, and sends a notification to Blizzard if a hash matches one on the list. That's the only information it sends back.
Yes, it does scan window titles, and yes, coincidentally, those window titles may contain URLs or e-mail addresses. But Warden only works with hashes of those strings and doesn't phone them home. The paranoid can easily close other windows while running WoW (or, for that matter, uninstall), but the majority of the game-playing public wants anti-cheat measures in place.
Note that this anti-Warden crusade is perpetrated by people who will benefit financially if Blizzard is humiliated into discontinuing the use of Warden. The folks over at WoW!Sharp, the most well-known cheating/botting program for WoW, were selling subscriptions to their software, right up to the point where Warden caught them using their cheat software and led to them being banned. They realized that if they continued selling subscriptions to their software, they could be sued, so they released it as open-source, essentially to shove the problem of liability off onto their users.
If Warden were discontinued, they would, quite literally, be back in business.
Why is it that almost more and more news items on slashdot are derived from the BBC?
Pfff, that's typical Slashdot Euro-centrism for you. Why are all of us North Americans constantly pushed to the side? Please, submitters, you must realize that the Internet != Britain.
Why should someone getting multiple free trials be a problem?? The "account key" should be the distinguishing factor there. And a free trial that is limited to 2Gold and level 20 isn't likely to be abused by someone wanting to chain free trials.
Food not Bombs is a nice platitude but it breaks down when you notice that the Bombees are usually well fed
People agree to this when they sign up for the service. This is the only method to stop cheating, and thats to be invasive.
The current top anti cheat for medal of honor allied assault is a third party program that makes the warden look like a freaking panzy on what it does.
It checks memory to verify there are no spyware signatures, verifies all files before they run, locks the files, runs its own explorer shell so that a person cant alt tab and run things. The game can only be executed within the context of the anti cheat software, the hardware is checked to make a key that can be bannable even if the person re-installs or reformats.
It locks the memory of itself, and the MOHAA software.
Even at that point it isnt good enough, it also launches two other executables with similar protections built in that check each other to make sure that none of the executables is being shut down or altered by an outside program.
People have to agree with this, because nothing else works, if you slip in one area, they write a cheat to exploit it. You slip in another area you get a cheat in another area. If you dont validate all files, even files with odd extensions, they write a kernal thingy that goes around it.
Cheaters have too many dedicated fucktards trying to ruin the games for everyone else.
When you sign up for World OF WarCraft, or use another type of anti cheat, you are saying that you agree to this kind of thing because you want to participate.
In sports, umpires can watch the players and make sure that they arent cheating, in on-line games the umpires have to get right on the computer. AS LONG as those people only use information required to successfully stop a cheater (IE they arent going in and finding out what programs you have installed in your registry and uploading your outlook e-mail book etc...) then what is their to complain about?
All of the stuff where it scans the URL of web sites, and views peoples MSn etc.. thats all tertiary to what its doing. It is scanning those because it is showing up as open windows processes, there is nothing for the anti cheat program to use to determine that the open windows ARENT cheats, until it checks there names to see if it matches the signature.
I dont think people realize just how clever cheaters can be. One of the cheats turned in for MOHAA involved using a bug with MSN and video drivers for ATI. If a notification was up, you could see through the walls!
Then people wonder at the lengths anti cheat software is beggining to take.
If you don't vote, you don't matter, so don't waste your time telling me your opinion
"Just because you are against druids"
damn right i am! they have a very quick flash heal/regen spell and also can turn into beast form which will rival a warriors tanking. not to mention the very annoying "root" spell. i dont even think you can blink out of root anymore. savages...
i think i speak for everyone when i say nerf teh druids!
I'll just use my special getting high powers one more time...
Hoglund noted that the text strings in title bars could easily contain credit card details or social security numbers.
Since when would a site submit a URL in the title? I assume this is for sites which don't have a <TITLE> tag, and just display the URL as the title. Even in that case, any website that submits a document with such information in the GET string is asking for trouble. It would allow it, among other things, to be viewed in the document history etc.
We need to stop jumping every perceived violation. There seems to be a witch-hunt on for privacy/security violators, and often the assumptions of what 'could' create a security risk falls into the realm of pretty silly...
Whatever happened to the good ol' days of Diablo 1 online when I had to use a hack for the sole purpose of disabling everyone else's hacks around me?
Perfecting Discordia
www.stevenvansickle.com
SOE's problem was that they didn't notify the players about any sort of scanning. The WoW EULA includes notification, in all caps and in easy-to-read language, that they will perform these scans when you play the game. Since SOE's woes, gold selling (i.e., selling in-game gold for real cash) has become a pox upon MMOGs, and players are much more acutely aware of the misdeeds of other people in the game because of it, to the point where most players are happy to let Blizzard run these scans if it means that cheaters will be caught and banned.
A cheater-robot gets caught because it plays a game better than any human could... right? So then, the real challenge for a human player is to be mistaken for a machine... a kind-of reverse Turing test...
Seeing bad movies only encourages them. Watch responsibly
Blizzard does say they will probe your computer.
From Terms of Use:
=================
In order to assist Blizzard Entertainment to police users who may use "hacks," or "cheats" to gain an advantage over other players, you acknowledge that Blizzard Entertainment shall have the right to obtain certain information from your computer and its component parts, including your computer's random access memory, video card, central processing unit, and storage devices. This information will only be used for the purpose of identifying "cheaters," and for no other reason
=================
So they can look at anything in RAM, or even your hard drive. And you agree to this. As other posters note, you can either not play, or not run other apps, since they don't seem to scan your drives.
I, for one, think Blizzard is doing something positive here, and the complainers are probably cheaters or farmers -- or non-players. Cheating ruins the experience for honest customers.
This is what PHP programmers have known for a LONG time.
Just as you can hack some javascript to prevent validation, what makes them think we can't run some remote control software whose client happens to run on... *GASP* your own machine!
But what are they gonna do next? Introduce captchas into the game every 5 minutes?
No, sir. The answer is changing THE GAME RULES (the equivalent of validating user input in the server, not the client) so that quick advancement is not done. i.e. restrict repetitive training to N hours, and such.
Trying to control the client is nonsense.
Mr Hoglund noted that the text strings in title bars could easily contain credit card details or social security numbers. ... even though he knows that - in the astonishingly massive world of Windows commercial software, shareware and freeware - there's not a single program out there that does this.
Mr. Hoglund is an idiot.
"Mr Hoglund noted that the text strings in title bars could easily contain credit card details or social security numbers."
are you joking me? sure title bars COULD contain that data, but i think anyone here would be hard pressed to find an actual example of that happening.
if some company website or program is too ignorant to keep a CC or SSN off the title bar, they probably have a lot more problems on their hands.
ALSO, is it just me or is the EFF going a little nuts here? i'm a firm believer in freeing up information for the benefit of the consumer, but i think this is stupid. maybe they should try playing in a world (of warcraft) where there are no cheat protections.
there have been hacks for games as long as i've played them, and they always ruin the game. well, unless i'm the one doing it! [myg0t]tehwebguy pwnz j00!1
-- lol pwned
What about if you play WoW using Wine or Cedega? I assume that "The Warden" would be limited in some way if not totally crippled. Does anyone who knows more than I do have any thoughts? And what about Macs?
Ceci n'est pas une sig.
This is a stupid, specious argument. If we were talking about something running on their servers, then you would have a point. However, we're talking about software running [and snooping] on the user's computer. Now, if all it sends back is hashes, I'm not worried about it; it might even send less than that (just an all-clear, or a warning flag) but the point is, your computer is your computer, it doesn't belong to blizzard.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
I have a hard and fast rule -- if I'm not actually paying you any money, I'm not providing you with sufficient information to subsequently bill me.
I absolutely will not provide CC information to use a 'free' trial. I also typically refuse to allow people to take moneys out of my accounts in the future without my interaction. You may send me an invoice. You may not just decide to take what you need.
But, I'm probably being unrealistic. Nobody would ever misuse that, right?
Lost at C:>. Found at C.
Well, I actually don't play the game so I haven't read the EULA. But I really have to wonder - does the EULA mention all the screwy stuff that this client checks? I'm guessing not since someone had to disassemble the sucker to find out what all this thing does.
Mind you, I'm not against it at face value. I just think that consumers should be able to make informed decisions. If the EULA says the client software will probe your IM and figure out your friend's email addresses and you install anyway, then no problem. But that's probably not the case here.
Weaselmancer
rediculous.
You know, they have these things called disposable credit card numbers now... Create a number, set the limit to $0.01 and freely give it out for "free trials". Even if they try to run it, the transaction fees will put them in the red.
1q2w3e4r5t6y7u8i9o0pqawsedrftgthyjukilo;p'azsxdcf
1. Not very. They use cryptographic hashes, and the chances of an accidental hash collision (i.e., you're not trying to cause one) are negligible (depending on the size of the hash, of course). The rumor is also that Blizzard doesn't ban based solely on the outcome of the scan, but has a GM monitor you in-game to determine what action should be taken.
2 4).
2. No, Warden only runs while WoW is running.
3. Yes. There is a default version of Warden that is part of the patched version of the game. When you run WoW, Blizzard can push another version of Warden to your machine that exists in memory only while you are playing the game. When you uninstall WoW, the basic Warden software is deleted along with it.
4. You can still use a proxy to monitor what data is sent across the connection, and such a proxy (as long as it doesn't try to alter any data) is pretty much undetectable. Blizzard has made general statements about their monitoring, but they haven't given any specifics on what is transmitted. The cheat authors, however, have been fairly verbose about what Warden does. (See http://www.wowsharp.net/forums/viewtopic.php?t=70
5. Hard to say. Warden is polymorphic, and a new version can be pushed from the server at arbitrary times while you play, so it's fairly slippery. It's tough enough to beat that the WoW!Sharp developers decided that continued development and sales of their software was too risky, after they got caught. I suspect that Warden faces the same set of challenges that virus scanning programs face. At the same time, the cheat authors, because their game accounts are on the line when they test their software, could potentially get socked for $50 every time they get caught - and while a little cheating here or there doesn't damage the game too much, Blizzard only has to nail the cheat developers once in order to ban them. (And Blizzard can always take extra steps to try to prevent them from resubscribing.)
They ought to just develop a World/Server where all the hacks can play against each other and see who hacks best. Even the people with the hacks themselves might find that more interesting.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
I take your point. But people are easy to fool. The irony (re the Turing reversal) is to get a machine to think you're a machine.
Seeing bad movies only encourages them. Watch responsibly
"Nobody would ever misuse that, right?"
am i the only one with a credit card that has online fraud protection? i don't remember the last time i actually worried about my credit card number being stolen. every time i've disputed a charge that i didn't make or that i was not happy with, it was removed and i paid NOTHING.
there are plenty of credit card companies out there! use the competition to your advantage! credit card companies are one of the few places where you can still get good customer service.
The real issue is to create a game that has good gameplay, not the rather sordid and boring task of collecting "Super Vampire Slayer Sword +3", only to find out a week later that there's now a "Super Duper Vampire Slayer Sword +4 that also makes coffee in the morning", which, btw, costs 3 times as much. Coincidently, tomorrow, all mobs (mobiles, otherwise known as monsters or nasty things out to kill or abuse you) will only be attackable by +4 weapons....
That's the crap that makes MMORPGs boring and prone to cheating. Well, that and the endless camping (sitting around waiting for a mob to spawn, ie, reappear) so you can kill a mob again and again, ooo - what fun! Or, and these are my favorites, "quests" that involve a minimum of 8 hours of continuous online time so that you can travel from point A to B to retrieve an arbitrary piece of crap to deliver to C to retrieve another arbitrary piece of crap so you can hike back across the entire planet 3 times to get your +1 dagger gilded, so there are now 59,142 +1 gilded daggers in the world.
So, how to fix it? First off, electronic real estate is essentially free. Therefore, why do houses, castles, or Ogre swamps keep going up in value with time? MMORPGs are mostly fantasy worlds, use a little fantasy and fix the core issue. (If I have to explain this, you shouldn't be dabbling in fantasy...)
Secondly, if game play becomes the attractant, and the collection of equipment etc becomes secondary, then you'll have a truly decent world without ebay gold miners, because there won't be any point to it. To make most equipment even less attractive, some breakage rules and such should be instituted. Since it's a fantasy world, make every change of ownership degrade the eq in question, in some way, perhaps raising its "breakability" rating. People would want to get their own eq, as you could never be sure how far down the hand-me down chain the eq has survived.
Lastly, if the game is properly setup, you can't "cheat". RPGs aren't inteded to be FPS's, so server driven play isn't necessarily "bad". The graphics et al can be handled on the client side, with the server controlling all portions of it. For user server networks, using an MD5 routine to generate a hash based on client requested specifics could be used for authentication? (This could also be gotten around, but it gets harder, basically, user controlled servers always put security at greater risk than hosted systems.) A trusted registration system could also be used, with automatic downloads of code snippets that would modify an executables signature to verify that the executable truly is unaltered. This would be harder and not be 100% user based, but is a possibility.
You should note I love the concept of RPGs, but the execution of most games falls far short of what RPGs are meant to be. These are just some rambling thoughts that've gathered over the years.
The cesspool just got a check and balance.
And if the company does the testing without your knowledge?
If a company can collect a urine or blood sample from you without your knowledge, maybe you need to lay off the drugs for a while, anyway.
...sometimes, in order to hurt someone very badly, you have to tell that person terrible lies. - PA
The Warden runs in enemy territory so it can be altered just like WoW can be altered. It will not solve anything. All hacks I know of are warp and dupe which can only truly be fixed on the server. Log scanning can indentify bots.
Blizzard is making tons of money, the least they can do is come up with a real solution. The Warden just provides piece of mind for those who dont realize it too can be hacked. So in the end all the are really doing is installing spyware.
I believe poker sites like PartyPoker does something similar.
Adidas To Bring Back Sneakernet
playing WoW isn't a public service either. Blizzard is a private company that have the right to ensure the safety(non-exploitation? I'm not sure of the word that would equate to safety in an online game) of it's paying customers.
sent from my slashdot browser.
http://www.simon.com/giftcard
(Disposable Visa cards) Used them for years with no problems, and they'll mail you the card if you can't go pick one up.
Just google on "Visa Gift Card" and you'll find any number of others doing the same.
Careful when opening mouth. You may be inserting foot. Who said anything about paying for something that's free? They collect your billing info at the beginning, then charge you at the beginning of your first month's normal play. It's a highly common practice, and if you don't like it, I suggest you avoid cable and satellite tv, internet access, and your local gym for starters.
ACs are modded -6. I don't read you, I don't mod you, I don't see you. Don't like it? Don't be a coward.
If you honestly don't trust Blizzard with your CC number for a free trial, why on earth would you ever trust them for a paid subscription service? Your argument makes no fucking sense. You either trust a company with your CC number, or you don't. There is no "I only trust them if I want them to charge it".
You have to have a number of things done on the client, otherwise it just gets too slow. One of the mandidates for a game like this is that it works over nearly all connections, including those with very high latency and very low bandwidth. That being the case, if you take a pure "don't trust the client" approach, you find that you can't effectively communicate what you need to for the game to work.
You can see this in old games like QuakeWorld. Your client does very little other than render the graphics, it relies on the server for constant, timely updates for everything. If you try to play on a modem, you discover that you have to aim not at your target but at where you think your target is based on the latency. So if it takes data 200ms to get from the server to you, or vice versa, you have to adjust your shots by almost half a second. Where you see people will be 200ms behind where they are, according to the server, and they will have moved for another 200ms by the time it registers your shot.
All this is for just like 20 players too. It's made much worse in a game with thousands per server.
So, to cope with this, the client has to start doing things, and has to be trusted for some things. It sucks security wise, but if you don't you'll be religating your game to the low-latency, high bandwidth folks only and that really cuts your market down.
Bingo.
Anyone know what the comparative difficulty involved in making spyware like this is between Win and Mac?
I presume it's possible to make a Mac Warden - but it would probably involve a system password prompt (like people wouldn't fall for that). Software installation gets the privileges it needs...
But for the time being here's to betting there's no Mac version. And surely Mac WoW has a few cracks and trainers of its own, right?
Ok, this is just specious:
Should I be expected to forfeit my original $50 and a years worth of subscription fees because they changed the terms?
What - did you suddenly lose the years worth of gameplay you already experianced? Do you call up HBO when they cancel a show you liked and demand a refund from the moment you subscribed with them?
I mean, you can stop playing the game! And stop paying for it.
I would hope people understand that subscription based games are going to be like any subscription service rather than like the old single player CD based games which were like books (sort of).
Of course, this among other issues is exactly why I have yet to buy or play a MMORPG.
Opera, Proxomitron-Grypen,GPG 0x0A1C6EE3