Slashdot Mirror
Blizzard's Warden Thwarted by Sony's DRM Rootkit
shotfeel writes "First, news of Warden -a bit of code from Blizzard's WoW to trounce game cheats. Then, a Sony rootkit to make your computer safe for music. Now, news that you can use the Sony rootkit to make your game cheats safe from the Warden."
Just goes to show that there is indeed a good use for everything.
Don't Tread on Me
Coincidence, or conspiracy? Hrmm...
You anti-DRM, pro-cheating and stealing hippies must be really conflicted on this one.
An error has occured
:D
Sorry, the database is currently unavailable, please try your request again shortly
Wow, this Sony rootkit works MUCH BETTER than I expected!
Please somebody...anybody!
Christ, anyone got a link/full text?
Obligatory Soundbite Catchphrase
Somebody is going to owe a LOT of people new monitors once they're all drenched in coke.
I have definitely thwarted Warden. I just created a 13th level unicorn, ate all the remaining rhubarb in the forest, and killed the White Wizard with an AK-47. NICE!
I always save my last mod point to mod up a good troll. You people are too serious.
It's not cheating, it's civil disobedience!
Never underestimate the power of the /.
The Warden looks at window titles and such. The rootkit just hides filenames and registry keys. I'm not quite sure how this would be effective. Afterall, you can easily hide a cheat by not telling WoW about it!
dom
Let's stick it to the man by downloading their DRM and not paying!
Am I the only one who finds this amusing? I mean... wow. Whatever monkey at Sony that approved this scheme must be soiling their armor by now.
And that the first (known) exploit of this thing should be a game cheat. The world is a strange place; Sony has made it just a bit stranger.
End of lesson. You may press the button.
Are we suddenly interested in the rights of game cheaters? Whose rights are being impacted here?
/., but in a different section...
This is just a classic hack. Nothing impacting free speech or even property rights. Yes, it belongs on
OK, so I understand that Sony did a bad thing with the rootkit. But I don't immediately understand the link to Blizzard. Surely there are other "rootkits" around (think Hacker Defender) which can hide files? Why has this suddenly become a problem with the release of the Sony rootkit? Is it a case of "yes, this is definitely bad... now quick, find some way of demonstrating how bad it is!"
Do other cheat protection systems use similar methods to look for files? If so, why are they not affected? Why am I only hearing about Warcraft?
Sue sony under the DMCA
Hmmm...it didn't work.
I for one would like to sue sony for hating their costumers and making WOW turn into another game that shows you cant play for fun on battlenet unless you password protect your games and only play with friends you know and trust. Why is it that I cant watch movies on my projector cause my computer blues out the screen thinking I am trying to play to some illegal device? DRM IS NEVER GOOD FOR CONSUMERS!!!
Dan Mayer: my blog, essays, art, etc
if it gets enough attention by doing so to get Blizzard's lawyers into action against Sony, I'm all for it.
So two wrongs do make a right... right? For the cheaters at least... but that's wrong... so two wrongs come together to combat one wrong, and you're left with two wrongs instead of two.. wrongs... Can't we all just get along?
If the process is hidden, the Warden can't pick up on it, right?
So hypothetically, ANY rootkit could be used to hide processes - HackerDefender and the others out there would do the job nicely.
Of course, the other edge of the sword is that you don't know just what _else_ is hiding... unless you wrote and compiled the rootkit yourself using your home-brewed compiler.
Striking fear in the authors of godawful fanfiction, I am here, appearing in darkness, Tuxedo Jack!
Just name your trojan $sys%AllYourMoneyBelongToUs.exe and it's safe and sound.
http://slashdot.org/comments.pl?sid=167099&cid=139 32086. Heh...Slashdot duped me, I think.
Earn a % of cash back from Newegg, Tiger Direct, Walmart.com, and more: http://www.mrrebates.com?refid=458505
World of Warcraft hackers using Sony BMG rootkit
Published: 2005-11-03
Want to cheat in your online game and not get caught? Just buy a Sony BMG copy protected CD.
World of Warcraft hackers have confirmed that the hiding capabilities of Sony BMG's content protection software can make tools made for cheating in the online world impossible to detect. The software--deemed a "rootkit" by many security experts--is shipped with tens of thousands of the record company's music titles.
Blizzard Entertainment, the maker of World of Warcraft, has created a controversial program that detects cheaters by scanning the processes that are running at the time the game is played. Called the Warden, the anti-cheating program cannot detect any files that are hidden with Sony BMG's content protection, which only requires that the hacker add the prefix "$sys$" to file names.
Despite making a patch available on Wednesday to consumers to amend its copy protection software's behavior, Sony BMG and First 4 Internet, the maker of the content protection technology, have both disputed claims that their system could harm the security of a Windows system. Yet, other software makers that rely on the integrity of the operating system are finding that hidden code makes security impossible.
What's the scientific term for when two diseases conflict and the host ends up suffering no harm from either?
Sorry. This rootkit will hide the process from WoW, but the Warden will still be able to tell if a function is hooked within the code. Blizzard won't care what is hooking their code, even if they can't find the process, you will get banned anyway.
Blizzard just have to write their own code for reading the filesytem/registry and to notice the differences between the raw data and the results from the windows API calls, and Warden can start to check for rootkits.
But it would be better if Warden was a product of Sony Online Entertainment, and it was used to protect Star Wars Galaxies. THAT would have made my day.
It was a joke! When you give me that look it was a joke.
According to Sony those DRM-CDs will play just like normal audio CDs when using with Mac.
Here is some more information.
I now live in hope for the day that a bunch of the corporations pushing for invasive DRM like Blizzard's Warden and Sony's whatever-it's-called sue each other under the DMCA for circumventing each others technologies, instead of suing us for trying to crawl out from under them.
Comment removed based on user account deletion
In this corner, the spammers, with thier root for zombies to spam you with...
:)
In this corner, the DRM people, making sure you don't listen to any music you paid for.
And in this corner, the 1337 gamer d00ds, making sure you have to buy it on ebay instead of getting it yourself.
And there is the bell... wait, they don't appear to be fighting... why are they taking off their clothes... what is the Sony guy doing to the spammer... they appear to be... oh my, that's just not right... this fight is called on account of an orgy breaking out...
Meanwhile...
Enjoy the nice cozy comfort of your OSX and Linux boxes
- Adam L. Beberg - The Cosm Project - http://www.mithral.com/
Yes, the software industry is the best way of fulfill the Recommended Daily Allowance for irony.
Welcome to the Panopticon. Used to be a prison, now it's your home.
Blizzard: w3 0wn joo!
Sony: n0, w3 0wn joo!
Blizzard: n0, W3 0wz joo!
Sony: no, W3 0wn joo!
I can already see Blizzard taking Sony to court because their rootkit allows people to cheat. Yes it may seem stupid but if you ever look at some court cases a lot of them are very stupid indeed. There's no question that the US legal system is broken and provides just the means to pull off a stunt like this.
Ha ha!
I am scientifically inaccurate.
Palpatine
this directly relates to a story that was originally posted under the YRO heading. it makes sense to keep posting information about that story there, because people who read yro.slashdot.org might want to know the latest in the Sony DRM rootkit saga.
There is a post on the EverQuest Live message boards asking for a clarification of the EverQuest Producer's message to the community.
Craig Knapp, the producer of EverQuest, has stated that Sony Online Entertainment has a new tool to ferret out cheaters and "hackers." There is no word yet from Sony as to whether this will be a repeat of the mistakes they made five years ago and of the mistakes that Blizzard is currently making.
Wouldn't it be ironic if you could get around EverQuest's cheat protection mechanism by using Sony's own rootkit?
Is a virus to come along and take advantage of this Sony rootkit. How the heck would they explain that one away? It's essentially put a filesystem blindspot right into the core of Windows - one that isn't Microsoft's fault, or responsibility - without asking the owner.
I mean, as far as I'm concerned, that's just plain illegal (or should be).
They have some time, but with virtualization, you'll be able to hide everything from everything else, putting programs in their own vserver, thereby thwarting valves current method of checking strings of other apps you have running; there will be nothing visible to the warden to check.
...well, maybe they're not human in the gameworld. ;)
WoW uses a rather invasive technique for scanning Gameplayers whether they cheat or not. Sony's DRM scheme also inteferes with the ability for people to make backups of they're own property. In fact, the only interesting thing about this story is these two issues have collided in an unexpected way at a moment in time.
Sony's DRM rootkit can be thwarted by not doing business with those evil bastards.
No folly is more costly than the folly of intolerant idealism. - Winston Churchill
-Eric
SJW: Someone who has run out of real oppression, and has to fake it.
Did you know that if you are playing X-Com: UFO Defense while running SETI@home, it speeds up the chances of finding an actual UFO by 0.0005%!?!? ZOMGLOLFTW
1: Why are people celebrating victory because Sony announced they will remove the cloak, they're still leaving all the rest of the crap on your system - including the memory and cpu wasting scan that runs continually, even when you're not playing their DRM infested CD's.
2: Now that the cloak is removed, what was that registry key that keeps track of how many CD's you've burned under their DRM system?
3: Don't you think you're celebrating a bit early since Warden 2.0 should be able to use the same tricks as RootKitRevealer to diagnose your system? And how long will this take to appear?
4: If you detecting and removing this software from your computer violates the DMCA, then the DMCA is so cleary wrong that it should be repealed this afternoon.
5: Profit! Or in other words, who is profiting from this now? I don't see Sony going broke yet.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
booo!
glowing brightwood staves for none!
boooo!
glowing brightwood staves for some, miniature American flags for the others!
YAY!
"Sorry, the database is currently unavailable, please try your request again shortly"
/.'d within 15 minutes? Now THAT is something.
Wow.
But yeah, this was pretty much inevitable considering that these are two of the biggest stories of the week. Watcher scans for currently active progams and contents of programs, while the Rootkit hides the said problem. Doesn't take much to figure the link.
I'm wondering now if the same can be applied to other Anti-Cheat systems (VAC and so on). If so, then I believe that Sony may have opened a pandora's box for potential cheaters.
Some think the Internet is a bad thing. I just think that AOL is a bad thing.
Try and get Sony's DRM to interfere with DVD protection. RIAA Vs. MPAA... FIGHT!
"...Well, there's egg and bacon; egg sausage and bacon; egg and spam; egg bacon and spam; egg bacon sausage and spam..."
Or, King Kong versus Godzilla - two gigantic forces of destruction battling it out!
I'm going to pop some corn and watch the sparks fly.
52 Weeks, 52 Religions with John Hummel
Perhaps someone could write a P2P software that uses Sony's DRM to hide itself on PC's, spreads like a virus, and shares infected user's drives with the world. Then Sony's own DRM would be helping to spread the music.
Not that I advocate such a program.
I think I will post this anonymoosely.
The question I am most interested in is the rumor that this code bricks Vista. What about W98, X360 or CE?
Remember folks: friends don't give friends herpes or Sony products!
Is there a list of all SONY CD's and DVD's online? I really do not want to buy SONY products anymore, but it is a bit difficult to find out which CD's and DVD's are made or distributed by SONY. Any URL?
One theory is that this is included on a mass-production CD. Most people are non-technical and wouldn't know what is on their system (until it crashes at any rate), which means that Blizzard couldn't try to ban people for having this particular rootkit on their system, which makes it insanely difficult to retain the integrety of their environment.
Worse still are the other potential applications of this. It wouldn't suprise me if malware vendors are already using this to try to hide their newest crapware, and when the inevitable Virii start moving in, there is going to be a seeeeerious problem.
1: Install WoW.
2: Install Sony Music CD.
3: Install Cheat Hacks.
4: Win at WoW.
5: Profit!
6: Discover that Sony RookKit drops frame rate to unacceptable levels.
7: Buy new AMD64 gaming system.
8: Discover that game gold no good in the real world.
9: Profit^-1.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
So, just to get this straight. Before we had the watchers (Warden) watched by the watchers of the watchers (Governer). Now we have the watchers unable to watch the watched but instead being watched by both the watchers of the watchers and the watchers of the watchers hidden by the watched that not even the watchers of the watchers can see. Sound about right?
Good, just wanted to clear that up.
..for all windows users, ~and I am a bit surprised no blog or tech site picked this up~, is what the hell is it with windows and the way a piece of code can 'hook' into a kernel call and redirect it - and it's all HIDDEN - I mean, what the hell is a sysadmin supposed to do now?
What the hell else is there, running *unknown*.
MS, through their obsession with hidden controls, little or no documentation, a nubilious registry system (what DO all those entries do?) and total disregard to people that buy it, it's a sure eyeopener for all concerned - and windows users should be.
Thanks to Mark Russinovich for this - and if HE struggles to find/remove this type of delibrate (by MS) obscuration to an operating system, what hope does all the mortal 'Harry homeowners' have?
Like the proverbial irresistable force meeting the immoveable object.
Blizzard make spyware-thats-not-really-spyware, just to make sure no one's cheating (or perchance playing some other game).
Along comes Sony, trying desparately to keep people from listening to free music whilst ensuring that they can't listen to the music they paid for when they want and how they want.
And so these titans collide, as one's software can be used to bollix up the other's. Will there be lawsuits? Of course! And in the end, both companies will merge, combine their forces, and attack Google. This is so reminiscent of 1930s Germany. Please, let us annex the Sudetenland... we won't cause any trouble...
GetOuttaMySpace - The Anti-Social Network
And speaking of WoW, you mean there is no game hack that changes it's name each instance so that The Warden will never have it in its signature file?
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
I, for one, welcome our copy-protected unattended-macroing orcish overlords.
Well, for one thing the Sony CD is a lot cheaper than HD-Gold - and you get music along with it.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
1. Blizzard sues Sony for circumvision
2. Sony lobbies to have the DMCA repealed
3. ??????
4. Profit!?
At the very least perhaps the circumvision provisions in DMCA will be taken out.
My only question is, where's the Monty Python foot that belongs next to this article?
f*ck. Back to the drawing board. :(
Sony should take a page from the Johnson and Johnson book. When the Tylenol poisonings happened, J&J took aggressive action to limit the damage and help the people concerned. They pulled the product off the shelves at a huge financial hit. They turned around a potential PR nightmare by doing the right thing (and the tragedy wasn't even their fault)
Instead, Sony is using the Intel Floating Point strategy of obfuscation, excuses, hard line statements etc.
From BBC News:
"A spokesman for Sony BMG said the licence agreement was explicit about what was being installed and how to go about removing it. It referred technical questions to First 4 Internet.
Mr Gilliat-Smith said Mr Russinovich had problems removing XCP because he tried to do it manually something that was not a "recommended action". Instead, said Mr Gilliat-Smith, he should have contacted Sony BMG which gives consumers advice about how to remove the software.
Getting the software removed involves filling in a form on the Sony website, visiting a unique URL and agreeing to have another program downloaded on to a user's PC that then does the uninstallation. "
I don't play WoW anymore OR use Sony's rootkit.
I'm just crazy like that.
"Online poker gaming sites rely on being able to look at a user's running processes in order to detect bots."
Not necessarily bots specifically; but more importantly, poker sites do monitor processes to prevent some kinds of cheating. Check out #7 in Party's terms and conditions. Common wisdom is that Party does screen scrapes at least, but I do not know what else they do, or how they act on it. In particular I do not know that they use the same methods as relate to the Sony issue.
This reminds me of the old Reeses commercials...
Sony: Hey! Your spyware's in my rootkit!
Blizzard: Your rootkit's in my spyware!
User (taking a bite): Mmmm, now that's good computing! So liberating...
Announcer Don Pardo: Two great tastes that go together.
To the making of books there is no end, so let's get started
Goes to show: the squeeky wheel gets the grease.
;_; I didn't even get to read the story, "database unavailable", XD
It's never just a game when you're winning. - George Carlin
Much as I detest the Sony DRM, this is not a valid criticism of it. Anybody wanting to implement cheats will just use the same method as the Sony DRM directly to hide the cheats, not rely on the Sony DRM having been installed first! This is a flaw in Warden that is independent of the fact that the Sony DRM is a bad thing. It also points out the flaw in the anti-cheat arms race -- since you don't own your customer's machines, any anti-cheating technology you deploy can be quickly circumvented by determined individuals.
I've abandoned my search for truth; now I'm just looking for some useful delusions.
It's too damned hard for a non-technical person to remove on their own, and it's going to re-install itself everytime they try to listen to their music. As a result, It's going to seriously peeve people off if they try that.
Then there's the small matter of re-writing the Warden so it can actually SEE the $sys$DRM files in the first place - not quite so trivial.
So two wrongs really DO make a right!
@HbFyo0$k8 tH!$
Thats hilarious, almost wet myself!
Any info on what episode it came from? and more importantly is there a sound clip of it on the web?
This demonstates how it will never work in the long-run for every manufacturer to be installing stuff on your PC to make sure you play by their rules.
Before long, if you get 10 or 15 different toolkits which all try to change your system behaviour to ensure no cheating/copying/peeking is taking place, then absolutely NOTHING will keep working.
An arms race of installed crap to keep you honest will just leave everyone with busted machines.
Cheers
Lost at C:>. Found at C.
Hey sony..
c:\My Wallet>Ren Disposableincome.$$$ $sys$Disposableincome.$$$
(ie I ain't buying your CDs with that kind of attitude)
We already have bootable CDs for anti-virus, they can easily be modified to do static rootkit detection.
A bit harder but doable is booting a CD that loads a hypervisor which in turn loads the real OS in a virtual environment. The hard parts here are that the virtual environment will have to be seen as identical to the original environment or device drivers and such won't work right, AND that a smart rootkit might detect a slowdown or otherwise realize it's not in the same environment it was when it was installed, at which point it can go to sleep to avoid detection. I'm not claiming this is EASY far from it and the performance hit would be very high if every line of code was examined as it was running, but it is doable in principle.
The real answer is OSes that alert the user before loading any ring-zero code that isn't digitally signed by the OS vendor.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
In the trillion dollar episode, i believe
Wouldn't the DMCA make the Windows uninstaller or the thing that rolls back your registry a circuvention device, because it removes copy protection software in the process?
If not because it's primary purpouse isn't to circumvent, then could not one write a program designed to "speed up" and "clean up" a PC remove said copy protection programs because it's purpouse is to make the PC faster and remove undesired uncessesary files?
Something I've been wondering....
How, exactly, is Blizzard's "Warden" software any different from anti-virus software? Doesn't A-V software do everything Warden does, and more? Why do we trust Symantec to scan every file and process on our computer, but we don't trust Blizzard?
so, anyone willing to share a bit of their rootkit?
...
I want the rootkit but having to buy a protected CD just for the rootkit is too much =(
by the way, wouldn't it be legal to redistribute the rootkit by itself?
Since I don't think it is in the EULA
I don't need no stinking McAfee... I can just let the various malware programs duke it out amongst themselves.
"Avoid employing unlucky people - throw half of the pile of CVs in the bin without reading them." -- David Brent
(1) it's way too slow. Warden runs every 15 seconds. It can't do any serious scanning of the hard drive. Right now all it does is grab all the titles of all the windows open on your computer, and scan all the DLLs loaded into the WoW process. Notice that neither of those tasks requires file system access (paging doesn't count ;)
(2) it's too hard to make sure it works compatibly across everyone's machines (which is the job of Windows + drivers in the first place). The hackers will find some clever way use those incompatibilities as a smokescreen behind which to hide their hacks.
Also: Any new rootkit-writer wannabe can buy a sample rootkit object for the price of a CD, to disassemble and study, while leaving no traces whatsoever (beyond a cash music purchase like a few million other peoples'). Meanwhile the black hat old hands are already all over it, checking for any improvements they can port to their own stuff.
The guy who discovered it and cracked it had a few things to say about some minor flaws. But it's a professionally developed and pretty well-debugged and robust rootkit nontheless. (Note that was "in the wild" for several months before said security expert happened to notice the traces - while working on a tool designed to detect and identify exactly such software.)
Once they crack it they can take his criticisms as bug reports - of things to fix when they do their own version.
OK, black hats: Time to say "7|-|4nx u 50|\|33"
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
Sorry, the gimmick AC was mine. Keeping hold of it for the inevitable followup to this thread. Anyway. " more likely the "non-technical" person wouldn't be going out of there way this much to cheat on WoW without knowing the risks " - Missed what I was saying. What I meant was that normal, Non-tech users (IE, 95%+ of PC users) wouldn't realise what the kit was or what it was doing. The WOW cheats could then masquerade as innocent non-tech users and there would be no easy way to seperate the two - So do you start banning the regular users, or let the hackers get away with it? Either way, you are going to end driving your own customers away. This is a lose-lose for Blizzard, and the cheats know it. Worse still, this same argument can be applied to ANY videogame with active cheat detection/prevention that uses standard windows calls to the filesystem.
I don't know if it's been done or not but rootkits can 0wn the drive and have it lie to you, much like the firmware already lies to you when there's a bad block it's remapped.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Lets see, the sony article was just yesterday, and since we all know that the warden takes three-four days before closing an account.
Ha Ha Ha Ha! Sunday will be a bad day for a lot of people! Perhaps Cmdr TACO does have a sense of humor.
Sorry, the gimmick AC was mine. Keeping hold of it for the inevitable followup to this thread. And I ballsed up with the defaults. *shakes fist*
Anyway.
" more likely the "non-technical" person wouldn't be going out of there way this much to cheat on WoW without knowing the risks "
- Missed what I was saying. What I meant was that normal, Non-tech users (IE, 95%+ of PC users) wouldn't realise what the kit was or what it was doing. The WOW cheats could then masquerade as innocent non-tech users and there would be no easy way to seperate the two - So do you start banning the regular users, or let the hackers get away with it?
Either way, you are going to end driving your own customers away.
This is a lose-lose for Blizzard, and the cheats know it. Worse still, this same argument can be applied to ANY videogame with active cheat detection/prevention that uses standard windows calls to the filesystem, so the implications are pretty bad.
Thanks Sony. I've been looking for a way to steal SoundForge, ACID and a bunch of other Sony software toys. Now I'll just rip a bunch of ISO's, use Alcohol 120% to create virtual CD drives, and now... {drumroll please} I'll hide the A120% runtime by renaming the executable $sys$*
Now how's that for Irony? Sony's DRM trojan...used to defeat Sony's other CD copy protection...
Party on!
------ The best brain training is now totally free : )
http://www.googlefight.com/index.php?lang=en_GB&wo rd1=Sony&word2=Blizzard
Enjoy.
It's just the normal noises in here.
indestructable!
In Linux you can disable the ability to load kernel modules at compile time. I'm not sure but I think there's experimental code to allow you to load kernel modules UNTIL a certain call is made then never again after that. For all I know that code might even be in the kernel.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
BABF08 - The Mansion Family
of the game manufacturers?
Not that I play that game, but I'd REALLY laugh if people started cheating at EQ2 with sony's own crap rootkit!
Guns don't kill people, people kill people.
An arms race of installed crap to keep you honest will just leave everyone with busted machines.
"And that would be a problem because...?" (gestures innocently with outstretched hands)
Get it right next time! :)
I am just wondering what will happen when let say geffen creates their own copy protection and it works a lot like sony's only if you have sony's installed it kills your computer? Like any of the big record companies are going to show each other how their copy protection works to keep this from happening. This is bound to be an issue in the future if they go on an allow these companies to create this software and install it without your consent.
Don't hate me because i'm windows....
mootkit.
noun: software program that interferes with another software program's attempt to interfere with the actions of a given user.
symnonyms: see windows, et al
There is a way to stamp out DRM technology like Warden and Sony's DRM. All it would take is a high profile court case, of course the judge would have to make the ruling that DRM software and how it works is the same as illegal wiretaping and criminal invasion of privacy. DRM would be illegal at that point and the companies would be forced to come up with a way to remove the software. Or... You we should all write our Congressmen and ask that they support a bill that makes intrusive software (trojans, worms, DRM, etc.) illegal. Corporations should NEVER EVER be given the kind of power DRM gives them now. It shifts the balance of power away from the consumer where it is supposed to be in a Democratic Society. DRM should be classified in the same category as viruses. This is just wishful thinking. I'm considering a letter to the American Civil Liberties Union about this. All it takes is one man to change the world. :-)
Michael "TheZorch" Haney
thezorch@gmail.com
http://thezorch.googlepages.com/home
Yeah, I just bought a Sony CD!
The perfect sig is a lot like silence, only louder
Can we stop conflating a worm that runs on Windows with a "rootkit"?
"Remember when the U.S. had a drug problem, and then we declared a War On Drugs, and now you can't buy drugs anymore?"
WTF, that's all I've seen in the past few weeks.
"Rootkit".
It's not a fucking rootkit. Call it what you've always called it - spyware, or a trojan.
Why the flashy names?
We have secretly replaced these Slashdot mods' sense of humor with a rusty nail. Let's see if they notice!!
Sony just jumped the gun. They weren't willing to wait until Microsoft put a formal system for this kind of bullshit to take place. The only difference between this and 'trusted' computing is that there's no formalized mechanism in place .... yet.
Sometimes boldness is in fashion. Sometimes only the brave will be bold.
... running WoW with Wine? Wouldn't the Warden be checking the processes run by Wine, and not find macros etc running in your standard linux environment?
Then you wouldn't have to sell your soul to Sony.
Citation: Army of Darkness
The man who trades freedom for security does not deserve nor will he ever receive either. - Benjamin Franklin
Don't usually make a right. This is just too funny to be wrong, though. Invasive anti-cheat software + Invasive and secretive copy-protection software = OMGH4X This is going to be good. Good as in hilarious. I just know it.
Second, as it is installed it in no way would assist in cheating in WoW. A third party can take advantage of what it does do. In other words Sony is not shipping this DRM software with the primary intent to enable cheating in WoW.
While we are talking about blizzard, lets go back to similar incident in blizzard's past. Bnetd, as written, did not support the Warcraft III beta. The authors of bnetd did not want to support the beta and the intent of bnetd was not to support pirating. Some third party (warforge) took the bnetd source, extended for the Warcraft III beta, and it enabled playing of the pirate copy of the beta that was going around. By your logic, the third party that enabled Sony's rootkit to be used to hide the cheats should be sued. By blizzard's logic, bnetd was sued, not the warforge people. Blizzard sued the people who created the original tool that had no bad intentions. If blizzard sticks to their priniciples, they will sue Sony.
But I don't believe blizzard has any morals in regard to their decision to sue bnetd, therefore, they won't sue Sony. And the cheating and pirating continues...
This SONY Rootkit is great!! Now we easily hide the keyloggers we use on the kiosk machines here at my company!!! We had a problem with Symantec Anivirus Corporate 10 detecting our keylogger (Ghostkey Logger 3.8) Thanks Sony for the free software and nifty solution to our quandry!!! We went out and bought the Van Zant CD-ROM this afternoon. This solution works great on the kiosk machines running Windows XP in the public areas of our company! Plus BY JUST HOLDING DOWN THE SHIFT key while placing the CD-ROM in the CD drive, we were able to COPY the music using our MP3 ripping software too!!! ROFL!!!!
Plus the NES had multitap! http://www.google.com/search?q=nes+multitap
A call to arms of the polititions to protect us from the corporations.
This is wrong for two reasons:
Imagine being in a country where the average income is 250 dollars a month.
Now you can make 500 dollars a week sitting at a computer. Now your 'rich'.
The Kruger Dunning explains most post on
not interested in your music but I just *love* your rootkit!
Maybe they should release it under GPL?
YES!! This is absolutely wonderful news!
You are gawd dam gifted, Private Gump! You are going to be a general someday!
YES!
So, you're telling me that if anyone made a sony-drmed spyware/virus which would infringe on Warden, innocent wowplayers could be banned? Meanwhile wowcheaters could use the same rootkit for personal gain?
Whopdee-doo?
Yep, and then they condemn their customer support to the fifth circle of CS hell, because Warden is going to immediately start banning thousands of innocent users who have done nothing wrong except run a Sony DRM-protected CD in their computer at some point, ever, and now the included rootkit makes WoW think they are trying to pull a fast one. That generates one account banning, and the world's worst CS situtation -- your temporary worker can't even *understand* the issue that is behind the company policy so he can only follow it to the letter, and if Warden says you're guilty then you're guilty. Remember, WoW has over *one million* US subscribers. The intersection between those one million subscribers and high-selling music is really, really bloody large.
Help poke pirates in the eyepatch, arr.
I dont know for sure, but id say warden aint got shit on my linux box, if i wanted two right a hack for wow, im sure i could.
it seems lately that stories involving companies/governments/people doing things that are horribly wrong/immoral/stupid often involve an often funny aspect of irony.
(like the mpaa/riaa "analog" bill named, the A. Hole bill)
does anybody think it's possible that we can predict the news by thinking up something ironic and applying it to companies?
like, i predict microsoft will release a product/service with the acronym S.H.I.T. in the near future.
maybe Super Highspeed Information Transfer or Self Healing Information Technology...
Of the news right here
One line blog. I hear that they're called Twitters now.
but to you trust it?
http://updates.xcp-aurora.com/
Are we suddenly interested in the rights of game cheaters?
Not per se, but indirectly, yes. You see, the same technology that is used to assist cheaters (aimbots, programmable controllers, etc) is also used by the disabled to give them the ability to play. Without it, they are excluded by their handicap.
Also, games that spy on the player's computer are inherently unfriendly to non-Windows operating systems, so I'm sure that giving Warden a kick in the shins will be much appreciated by the WineX community, whether it's done through Sony's rootkit or otherwise.
And it's a matter of principle too: Blizzard have no right to poke around on my box, regardless of their attempt to gain that legal right from me through their crappy EULA. Their rights over machinery stop where their network connects to the public Internet, and they have as little right to poke around on my system as I have on theirs.
alright chums lets do this LEROOOOY JENNNNNKINS
Foolish child. Only now, at the end, do you truly appreciate the power of the dark side.
Oh, how does this strenghten my believe in the human kind.
...
Which might be somewhat disturbing in itself
Computers are useless. They can only give you answers - Pablo Picasso
Faking out a non-live system is practically impossible, for the very reasons you cited.
Some live-system rootkit detectors work by comparing the OSes memory structures with what they should be based on a direct read of the disk at the time. I think this works for most or all known rootkits but it may not in the future.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Some allege that Symantec knew about this DRM and gave it a pass in Symantec Antivirus. I wrote them the following letter.
------------
You are probably aware of the recent publicity surrounding one of Sony BMG's Digital Rights Management mechanism. This partricular mechanism contains something very similar to a "rootkit." Thanks to poor programming, it is exploitable by malicious third parties.
I am a system administrator and it is critical that I know about all system-level software on my clients' systems. In particular, I need to know about software that by its very nature "hides" itself from normal tools.
Now that this particular rootkit is known to be exploitable, it moves from the category of "part of the music-player software" to "gaping security hole."
I expect future versions of Symantec Antivirus to detect this particular DRM as "dangerous" and to flag any other software that attempts to hide from ordinary tools as "stealth" software. Furthermore, with tools like DRM, where stealth software may be there for a useful purpose and not exploitable, I expect Symantec to report the software's existance and if it can, who published the software and how to uninstall the software if and when I or my clients no longer need it.
Not doing so will cause me to recommend other Antivirus products for my clients.