Slashdot Mirror
World of Warcraft's Brand New Rootkit
Captain Kirk writes "We all know that World of Warcraft has checked for hacks to ensure a safe game environment for all players. The latest version of these checks goes beyond anything seen so far in that what is being checked is now completely encrypted. Obviously this hits bot writers as can be seen from these complaints, But it also strikes at the privacy of all users. Now Blizzard has a tool that is encrypted and can run any type of scan, transfer any file or edit any document on your computer. That can't be right."
You can defeat the encryption, but you have to do it a bit at a time - just takes you a couple of years.
which is totally what she said
1 computer for gaming
1 computer for everything else
Sorry if you can't afford a second, but that's how I do it.
A feeling of having made the same mistake before: Deja Foobar
Then don't play. It really IS that simple. If you're having too big of a problem with that, put the mouse down and go join a support group.
If i had a WoW account i would be cancelling it this second, no videogame has the right to violate the privacy of my computer
You've already given up your life when you start playing WoW. What do you have to keep private?
If you don't like it then don't accept the TOS and don't play. It is really simple. I've played WoW since it came out at a very high level and I welcome Blizzard trying to stop the root kits/gold farmers/etc.
Given the fact that the randomly generated hash algorithm can be replaced at Blizzard's sole discretion with any other algorithm, including ones that retrieve and use personal, private and/or otherwise confidential information, with only their server to be required to know about the changes, this should be considered a very scary thing for the rest of us.
I'm not a WoW player and don't particularly know the ins and outs of it EULA, but I can't imagine that that is covered at all in the license. Would a class-action suit be possible for this? I would certainly hope so.
I got a catholic block.
I trust Blizzard with my gaming computer. I would rather lose a bit of privacy and not have annoying crackers trying to game the game.
That said... all of my real data is on another computer.
Is the rootkit horde or alliance?
Nom de dieu de putain de bordel de merde de saloperie de connard d encule de ta mere.
...that I don't play WoW.I always steered clear of it because of the amount of time it requires if you want to have a decent character but stuff like this is just one more powerful reason. It's getting to the point where you need to have a leisure PC and a PC for your finances(i.e. shopping, working, accounting programs) so you know you're personal information is relatively secure.
"There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed H
Where does right enter into it? We're talking about business here, so the operative qualifier is whether or not it is profitable.
How many users will these alienate? A slim minority of elite geeks who actually have a clue what's going on inside their boxes -- you know, the set that contains the sub-set of people technically advanced enough to bother pirating games.
Is this going to slow the sign-ups of new accounts? Not bloody likely. Who listens to geeks? Not my boss, and not my neighbours asking for computer advice.
Take your right|wrong games and play them where they belong: in the cramped ivory tower of a university philosophy department that smells faintly of institutional-grade disinfectant. In the real world, practicality rules.
These stories are free but worth money.
This world of Warcraft thing, or Steam? Or are they equally as bad?
"He's lost in a 'floyd hole"
Summary of TFA: WoW Warden now selects one of many hash algorithms and uses it in server communication. Blog author gets his panties in a bunch because Blizzard could replace one of these hash algorithms with something that collects PRIVATE PERSONAL DATA, and NO ONE WOULD EVER KNOW. A misleading Slashdot headline and poorly-written blurb is generated, and the rest is academic.
Cretin - a powerful and flexible CD reencoder
Or is it windows only?
Anyone know how this affects Wine players? Im not one myself but im wondering if this prevents linux/bsd (macosx?) players?
So, now a "rootkit" is any program that does something we're not sure of?
I thought a rootkit was a program designed to take control of a system remotely or offer access to that system? This is just an obfuscated program (encrypted is a bit strong for something that is "decrypted" on your own system where you can watch its behavior).
Seriously, if this is the worst that Blizzard does, I'm a happy camper. They really do have serious problems with their users being exploited, and detecting these problems early is all good. In my case, they'll see everything that's in my virtual Windows environment under Wine.
Now, if someone proves that they're reading personal files out side of the Windows system directory or the WoW installation, then we can talk. Until then, this is a non-issue.
nm
Does the thing hide itself? Can't you just uninstall WoW? (Maybe you can't but maybe you need mental help.) Ya, you don't know what it is doing but you don't know what most programs are going unless you reverse engineer them. I think this is just the cheaters getting their panties in a twist. Especially because it means the end to a real source of income for those who harvest gold and sell it in the real world.
I play World of Warcraft. As a subscriber that plays this game I am ok with Warden as it stands. I want to play a game where hackers and cheaters are caught and banned. I know a lot of people despise the speed hacks and of course the gold farmers, so I don't see what the fuss is all about.
The likely hood of Blizzard hacking or stealing personal data is very small. They know that they could lose their cash cow by doing anything malicious with this information/software.
For those that fear credit card and personal information being lifted, I'm a little baffled. When you sign up for an account you enter most of the same personal info that is going to be on your PC anyway, and unless you are using game cards they already have at least one of your credit cards on file. All information that subscribers gave up willingly.
That aside, I did read the article and find the technology fascinating.
If playing WOW or any other online game on your computer presents a hazard to that computer, the solution would seem to be to play it on a dedicated machine - one where you don't have any files or confidential data to worry about. That then immediately points to the value of a dedicated gaming box, and from there it's just a hop skip and jump to consoles... Now, wasn't the X-Box originally supposed to be a PC gaming console? That idea sort of got lost along the way somewhere it seems.
An alternative might be a genuine virtual machine for games running on your PC, but... well, I'll leave it to the experts to point out the problems that presents.
A-Bomb
Yeah, WoW is like digital crack to it's users. Blizzard could probably pull off taking people's first-borns and they'd be ok with it as long as their account stayed active.
I don't think they have much of a choice. They have to check for game hacks, cheats, and key loggers. If they don't then cheaters basically get free reign over the game and destroy their subscriber base (similar to how hacks put the final nail in Diablo's coffin), and tens of thousands of people who get key-logged wind up blaming Blizzard instead of Microsoft for their woes. It's really an act of self-preservation for Bliz.
Why should we care? Only a complete fool actually stores sensitive information on a Windows box anyway. Oh wait, that's most of the population... well anyway I still don't care.
-Matt
Unfortunatly, World of Warcraft has become the "AOL of MMORPG's" in recent years. This package, while intrusive to most of us who know when to recognize a red flag, is most likely born out of honest necessity for the millions of players who barely know how to play, much less patch and repair the game they are paying 15$ a month to play.
Sure baby, I'll give you my phone number...in Hex
I don't think people use the term correctly.
Rootkit is a program that is invisible to the operating system. OS tools regard it is as if it does not exist: ps does not show it in memory and ls does not show it on the disk.
What is being described here should have a new name for it.
And I know this sounds crazy in our faux capitalist "customer is always wrong" universe, but why not organize and complain to Blizzard? It's not like players aren't already organized into large social groups (c.f. Clans, etc.). They could be mobilized and if they spoke with a collective voice might have an impact. I doubt most players would be comfortable with some corp. being able to toy with their boxes at will, and if it were explained in those terms I think you wouldn't have to work hard to convince people to mass e-mail complaints to Blizzard or something similar.
Or you could pack up, stop playing, go home (or out into the sunlight as the case may be ;). But why is it that the first reaction of this crowd when confronted with something good that has something bad piggy-backed onto it is this scorched earth "abandon the good" mentality? It's the same absurd attitude as those who say "you don't like our president's policies? why don't you leave the country, then?". How about instead of leave the country, work for change and reform? Things go to shit because good people leave instead of fighting to protect what is valuable to them.
All the techniques ever used to make men moral have been themselves thoroughly immoral... (Nietzsche)
Now we will know all about the lives that WoW players don't have!
There is nothing evenly vaguely rootkit-ish about this. Blizzard is scanning your PC for your benefit. What makes people think this is a rootkit, because its polymorphic encrypted code? This isn't a bit of code that is hiding from the OS, nor does it have control over the OS, or the ability to spawn processes in a rootkit'd environment. It is not a rootkit.
Playing two of the greatest geek urges against each other like that: WoW vs Paranoia... who will win?
If you start your architectural design from the assumption that the client is a malicious bot, then you can design out vulnerability. Blizzard chose not to do that. They thought that they could enforce trust on the client side, and let clients make decisions about (oh, just for example) player position. Well, that makes them idiots. Idiot savants, maybe, but idiots none-the-less.
The client cannot be trusted. Clients request, servers decide and dictate. Let the client anticipate and drift its local world state all you like, but the server must never, ever, accept a state change from the client, only requests. That's the way it has to be, unless you - demonstrably - want to play catchup for ever and a day. And if you get caught in that hole, then you need a spade the size of WOW's playerbase and Blizzard's resources in order to keep digging it deeper.
If you were blocking sigs, you wouldn't have to read this.
If you aren't doing anything wrong you don't have anything to worry about when it comes to Warden. The fact that people still persist in finding ways around it to screw with the game aggravates me no end. The only thing new that Warden is really doing is that it's hiding better, so as to prevent a standardized way of detecting, and foiling, it without breaking the hash encryption.
Now Blizzard has a tool that is encrypted and can run any type of scan, transfer any file or edit any document on your computer.
You do realize that *any* software you install on your computer can do this? Unless you have read the full source code and compiled it yourself (Ignoring the possibility of a trojan'd compiler) there is a possibility that a program could do these things. So what's new?
In the totalitarian state of the computer world, it's a "take it or leave it". In the real world, compromises, contract changes and the like can be offered.
If I could edit a EULA, I would. Most of the time I go with the standard lawyer approach: it's only a contract, it isn't law.
I'm glad I run WoW on top of Wine on Linux
It works great with Fedora 7, CrossOver Office, and the latest Nvidia drivers.
Root my emulatar. Please!
Dere was dis one time mon, dat I was out huntin' da stoof dat I always hunt. And dere was a big light dat was really - uh - glowy! Yeah dat's da word, glowy. An' dis giant came oot and he 'ad a doggie head instead o' sumt'in' normal, like a face. I t'ought it was some kinda doggie I nevah seen befo' so I sneaksy ups on it an' it thwacked me good. An' da moral o' dis story is don' trus' anybody dats gotta doggie head.
Sorry, that was the best trollish rp I could do this early.
Oh darn, you meant a different kinda troll. My bad.
People are really too panicky. True this is a shitty thing to do and yes it sux... but they suck; afterall they quashed the open source warcraft server. I have just chosen to pick my battles and this isn't one that I'm fighting. They are supporting games on Mac and for that I have to support them. They've got my pint of blood.
This is my sig. There are many like it but this one is mine.
I wasn't aware that one must enter, say, social-security information, banking information, medical records, or personal communications -- all of which are on my PC. Those people at Blizzard must really want to know a lot about you.
It must have been something you assimilated. . . .
They clearly state in their TOS that they do this (Section 14)
http://www.worldofwarcraft.com/legal/termsofuse.html
Don't like it? Don't play the game. Very simple.
And in fact, when you first sign up for an account, Blizzard gives you 30 days to return the game for a *full refund* if you don't agree to the TOS and don't wish to play. That seems pretty fair IMHO, and far more than most game companies will do.
- Roach
I find it funny people complain about this sort of thing and they do not even refer to the fact Blizzard uses case insensitive passwords? Curious.
Jeroen Ruigrok/Asmodai
Do bot users root kit there bots? Hide themselves from the filesystem, process list etc. How would blizard detect that?
Have you ever been to a turkish prison?
I run WoW via Wine (Ubuntu-GG) - not exactly 100% sure it'll matter much, but in reality, I suppose since I'm not running wine as root... there isn't _much_ to worry about.
dontrootkitmebro = LOL
I simply do not understand some of the people's comments on this matter. "I feel more secure with this" isn't a very good argument. Games have bugs: if a game can access and modify your entire system, a bug exposing this would be very dangerous.
Game developers have no right whatsoever to delve into your personal assets no matter what the intent might be. There are various examples known world wide such as in Argentina (1980's) when all of the communications were monitored by the government to "capture the terrorists." Hackers and cheaters are not even remotely in that realm, so my computer which holds very confidential information should not be monitored. (Though it might make an interesting paper comparing hackers to terrorists)
When I drive on the South Florida roads I am constantly monitored by cameras at each stoplight, I don't particularly would like to be monitored in my own home where I still have the illusion of privacy. However naive that might sound.
does this mean that WoW *DOES NOT VALIDATE CLIENT INPUT*? This is basic PHP programming, for Turing's sake!
Intead of doing rootkit-or-whatever-complicated-check-by-the-client, they should check stuff AT THE SERVER to make sure things are 100% valid. If they're not, then they can implement the appropriate penalties or error-correction routines (like disconnecting the user or preventing certain actions from taking place).
Sheesh, is that so hard to do?
I think the author needs to see what polymorphic really means, aside from being a virus related buzzword. A program being able to dynamically update itself from a server is not polymorphism. I think we just have a cheater bent out of shape that he can't write a single cheat tool that will work across multiple systems.
Wouldn't it be simpler to flag accounts that go over maximum theoretical limits for how much gold is farmed per hour, how fast they move, etc?
It's a mistake and meaningful insight into some severely misguided priorities if this is an issue to any players. The company is doing what's needed to improve the game.
Let's go a few steps backward and remind everyone of the absurd EULAs everyone has agreed to when using proprietary software. They invalidate any moral authority one could possibly bring to a discussion about WoW's new scheme.
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
You can not derive what is right from what is. Our current business climate may not place much stock on what is right or good, but that does not mean that is how things should be, or how they will be in the future. Besides, by expressing our opinions on what is right and wrong (and backing those opinions up with our wallets) we give business valuable feedback about the things that influence our purchasing decisions. You don't see Sony putting rootkits on CDs anymore, do you? Morality could be an important part of the business world if we made it so, and the first step is talking about it.
People who dismiss notions of morality and embrace a purely 'practical' world view frighten me. Especially frightening are those who try to get others to embrace their amoral world view. Fortunately, we live in a society where sociopaths like you are not yet entirely in control. I'm guessing that you have your own ideas about right and wrong (What I like is right, what I don't like is wrong. Am I right?), you just don't want anyone else having the power to force consensus views of right and wrong (rape, murder and theft are wrong, etc.) on you. Let me guess, your moral calculus is limited to "What are my chances of getting away with it?" and your philosophical position on morality is predicated on the idea that if you can get everyone else to give up conventional ideas of right and wrong, you'd stand a better chance of getting away with whatever the hell you want to.
- None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
They already install patches on my machine every month or so. If they want to compromise my machine, they don't need Warden to do it.
Okay, stop and think for a second. What's Blizzard going to steal? Your credit card number? They already have that. You gave it to them when you signed up. They have your CC number, your billing address and your name. If they REALLY want to steal from you, they don't need to sneak information out of your computer to do it. I suppose someone there could go for your social security number, but what do thieves do with those? They get credit cards. Once again, Blizzard doesn't need to do that.
Face it, if Blizzard wants to take millions of dollars from it's customers, all it has to do is A) release an expansion pack or B) jack up it's monthly fee by a dollar or C) both. Just about every WoW player I know would gladly fork it over.
The war will continue until the cheaters are forced to use the same interface(keyboard/mouse/monitor) the humans use. I.e. within 5-10 years you'll be able to buy a little box for $50 that will plug into your mouse and keyboard ports(with passthru of course) and point a camera at your monitor that will play the game for you. There will probably even be an open source powered version of this box :) At that point it will become impossible to differentiate cheating from playing and the cheaters will have won.
This is the only way it can go down in the end. All of the current and future "anti-cheating" technology basically boils down to calling someone on the telephone and asking "are you cheating?" while expecting a truthful answer.
Instead of wasting time with all this crap the game makers should be redesigning the games such that reflex augmentation(aimbots) and robotic automation(24/7 farming) do not provide the advantages that they currently provide.
Blizzard are incompetant morons, and have written their server to trust the client. Hence you can cheat. Warden has never done anything to stop us from cheating, and we cheat because its a good way to make easy money (selling gold). Warden only stops the idiots like you from downloading a known botting program. Those of us who write our own are fine, always have been fine, and always will be.
The program they tell me they're running to detect trojans and cheat-ware encrypts what it is doing to protect itself from the trojan and cheat-ware authors. THE SKY IS FALLING!
If you don't trust Blizzard, why did you install the game? Why did you give them your credit card number?
But I love this stuff. It means my non-technical guildies are less likely to be exploited, it means the gold farmers have it that much harder, and drives away the vocal, whiny morons, who are likely the same vocal, whiny morons in the game.
This is the reason I don't do much gaming on the PC. I always preferred the PC as a gaming platform, but between CD key disks, root kits, spyware, and other malware, I just can't trust them on the same system I do work on. I also have a hard time rationalizing the space and cost of a game only system so that I can give more money to the people that are consistently trying to assault me. I have to wonder if they really make more money from the people who don't 'pirate' their software than they have lost from those of us who have stopped buy games because we are afraid of what the games will do to our systems.
You agreed to the License Agreement.
Don't like it, stop playing. It is only a game.
There is no "-1 offended" or "-1 you don't agree with me" mod options for a reason.
What you described is a backdoor.
Rootkit is an OS-level subversion program.
http://en.wikipedia.org/wiki/Rootkit
3.243F6A8885A308D313
If they have just changed Warden and I'm no longer happy to agree to their terms of service, can i return wow and BC for a full refund? Don't I agree to let them run what software is in the box when i agree to the ToS? If they change the software can't i change my mind?
... a blizzard employee had access to the source code of the WoW Client and could sneak in something just directly like that? Oh wait, all the programmers have access to the WoW Client code and can already do that. Oh wait, all programmers of all games have access to all code and could sneak in something during a patch of any game that could easily just get run one in a million times and completely avoid normal detection. I swear, journalism like this along with normal news articles that lead out "The was not caused by a terrorist act." where we are so paranoid about everything, just means it is time to shut down the internet and hide in our 1960s bomb shelters.
Do you have to run wow as an admin account? Seems like this type of thing could be handled @ the user rights level.
*rant/flame*
I find humour in the outrage of "educated" people who make mention of Guantanamo and Abu Ghraib as though it is something new and unique. Certain strategic knowledge has (and always will have) more value then a few or dozen or hundred lives. Is the torture of an "enemy of the state" wrong if it preserves life? We have been torturing them for as long as we have been a country. So has France. And England. And Russian. And China. And Japan. And Iraq. And *.
There is nothing this administration is doing that the last one, or the one before that, or the one before that or the one before that ortheonebeforethat ortheonebeforethatortheonebeforethat did NOT do.
Deal with it. Move on.
Why exactly does the summary's headline say "Rootkit"? If you are running WoW in administrator mode, it has full access to your machine. This is not new knowledge. It is also not new that WoW contains code to scan your machine for cheating programs.
The neat thing about the commercially available botting programs for WoW is that they leverage Windows security permissions to try to sandbox WoW from peering into the rest of your machine. That's correct, the botters and cheaters have more privacy when running WoW than you do, because you've got nothing to hide, right?
The article linked in the summary is very whiny. It looks like Blizzard is now using a different hash for every client that connects to the service, and it's making things troublesome for people to identify which "version" of Warden is being run on their machines. There's no obvious change in the functionality of Warden, and there is no evidence of a Rootkit.
This is a neat story, but the term "Rootkit" is being mis-applied. When the Sony DRM dug itself into your system files and cloaked itself, that was a rootkit. This is a program that runs with your user priviledges whenever you decide you want to run it.
So, how is this different then Symantec, Ad-Aware, Spybot or any other type of scanner that is setup to automatically run, check for online updates, etc...which could also easily be sending information in found about your system, etc... back to home base? They all scan your registry, files, zipfiles, etc... yet you trust them? Personally, I trust Blizzard a lot more then I trust Symantec or Mcafee.
Farmers, hackers, cheaters are annoying as fuck. If Blizz has to run a "virus" scan on my comp now and again to check for them I don't have an issue with it.
I liked HL and bought the expansion (though Blue Shift went straight into the triple pack before getting down to a price I wanted to pay, so I never got that). HL2 I never bought. Never will. WoW I'll never play. Starforce games don't go on my machine. At this rate, there will be no games to play.
However, that means I don't need a computer. I won't need internet access (and if TCPA becomes required, I'll not be able to use it anyway). I can't go abroad unless I agree to a rectal print etc. My car will soon require GPS to be driven and I won't be getting a passport or ID card. At this rate, I'll only need to eat and keep warm. Who needs a job now?
As you may have forgotten about the 2005 Sony BMG CD copy prevention scandal, let me refresh your memory.
Mark Russinovich, formerly of Sysinternals, stated that there were shortcomings in the software design of the Sony BMG installed rootkit that manifest themselves as security holes that can be exploited by malicious software such as worms or viruses. He also mentioned that the XCP software installed silently before the EULA appeared, that the EULA does not mention the XCP software, and that there was no uninstaller, all of which are illegal in various ways in various jurisdictions.
I don't know if the Warden is mentioned, and I don't know about illegality, but if the WoW software can be hacked, what is to prevent the Warden itself from manipulation from outside programs? Such programs that may steal WoW account information so that gold farmers and the like can misuse under-used accounts for profit?
I'm not saying it's guaranteed, but it's happened before.
For context, click Parent.
No it's not, and the post just before yours pointed out why. I haven't watched TV in years now, but I don't hear about how it's suddenly amazing.
TV must not have heard yet. I will craft a sternly-worded letter to TV informing it that the world does, in fact, revolve around you. After thatn, I'm certain that it will turn into something that pleases you.
I don't make the rules. I just make fun of them.
You let a program run downloaded code and it can do something other than what you want. Blizzard games have been downloading and running arbitrary code since at least 2004 when they added the extrawork.dll check to Diablo II. There's no real change now that it's a "randomly selected hashing algorithm". Ok, sure, you can't have a whitelist of safe warden modules. If you're worried about your privacy then just watch what the warden code is doing. Unless it does install a rootkit, which I believe is false and just a FUD slashdot headline (imagine that!), you'll be able to tell if the code reads outside of it's own address space pretty easily. Just the same, in fact, as you do with warden in wow (or Diablo II) right now. If you really don't trust blizzard then don't play the game. Simple enough.
I run World of Warcraft with WINE anyway. :D
But, apparently, installing four CDs full of unsigned, unaudited third party code which can do anything on your computer is okay. And having third party software which is in constant communication with its authors is okay. And having it download and execute new code every Tuesday, with or without your approval, is okay.
It's only _now_ that it's becoming a problem?
If you don't trust Blizzard, don't buy their software and don't install it on your PC. How hard is that?
except:
A) it seldom works for numerous reasons.
B) the FBI has used friendlier techniques for years with an exceptionally high level of information quality
C) it hurts us with foreign affairs, dramatically.
You argument that others have done it before is laughable.
1) There is no evidence of it happening with every president at all. In fact the outcry of it happening now is a strong indicator that it doesn't happen all the time.
2) Here is the kicker, I hope in can find a place in your pea brain: Just because it happened before does not make it right, nor does it mean we should not try to stop it.
"Is the torture of an "enemy of the state" wrong if it preserves life?"
Yes. Who is an Enemy of the state? how is it determined? where is their trial? History has shown that it doesn't take much to find yourself the enemy of the state. It certianly doesn't require you to be a threat, nor does it require you to have done anything wrong. These days demanding your rights as protected by the constitution is enough to have you declared an enemy of the state.
The Kruger Dunning explains most post on
Reminds me of the craze over Bioshock's copy protection.
Your not giving up any privacy. It only looks for specific items, they tell you want they are doing, and mostly it is there protecting you.
YOU WILL THROW AWAY MORE PERSONAL INFORMATION DAILY THAN YOU WILL EVER HAVE ON YOUR PC.
Read the above again. I can go through the trash of any one of my neighbors and figure out mroe about them in one hour that I can scrape off their PC.
Really, if your that worried about it then I suggest you turn off your PC forever as well. There are real malicious programs and people out there, not imaginary villians at Blizzard, that will not warn you or ask your permission to look for specific items before doing so.
Blizzard is providing a service. You do not have to use it. Feel free to leave.
* Winners compare their achievements to their goals, losers compare theirs to that of others.
It has also been known for quite some time now that torture often produces, not true confessions, but whatever information the torturer wants to hear, true or not, as the tortured tries to escape from the situation. People will confess to anything if it gets them out of hot water.
I think I speak for a lot of us when I say: "Cry some more". Play or do not play, there is no try. Poor little crackers wining about being banned, cry me a river.
So, if they're using this hash as a type of public key then the private key would be transmitted after connecting with the server. Thus you just have to catch the public key whizzing by and handle the initial server interaction then you could monitor it on your own. But thats assuming it is a key type setup like https is. Man in the middle ftw?
.. stop your complaining and stop giving them your money. They will learn the lesson once it hits their balance sheets.
http://www.rense.com/general79/wdx1.htm
Thank you.
I prefer Flambe as apposed flamebait.
Google search for REGMON and FILEMON. Load these puppies up and close down every process/service you run except WOW.
Let WOW do a scan.
These show you exactly which registry and file locations/files they are looking at.
Unless they scan 100% of your hard drive and 100% of your registry, then you can tell what they are looking for. Nothing stops them from just dumping your entire registry into a zip file and sending it off, though.
There are tools out there to redirect a processes access. So if they look for a file, it won't exist - or a registry location - it will have some other value. Rootkit is one example, but there are other ways to hook into Windows to redirect this.
--------------
It's all fun until everyone's a bot.
Ah, this is the often ignored genius of systems like the APT installation software in Debian flavored Linux distros. When you download software from a trusted repository, you are downloading binaries that have been compiled and digitally signed using the private key of people that you (implicitly) trust. This is a good thing, because the sources you are downloading have been checked by an expert third party that you believe capable of doing the job. This mitigates the need for trusting the software provider and/or checking the source code yourself.
Not that this helps with WoW, but it addresses a common cynical criticism of free/open source software, where people claim it's useless since the average joe can't read source. Yes, the average joe can't read source, but he can decide to have a trusted third party for do so.
How feasible would a game to the scale of WOW be if the servers had to meticulously track every little detail of every player? CPU power is high, but I'd imagine that part of the reason the client handles some things is that it would just be too much load for the server(s) to handle all these details for every client. Perhaps random checks against expected/actual values would work best?
If one had to use an existing term, "backdoor" would be the closest. But it's really a totally new problem. The problem is that, when you click "install new patch", you no longer have any solid way for third-parties to double-check that the patch does only what Blizzard says it does, since every user could potentially get a different copy of the code. "Backdoor" implies that you're open to attack by someone at any point. That's not the case here, you're only open to attack when you click "install new patch". (and only then if the patch author, or an individual who works there, or anyone who's compromised their machines, wants to do something malicious. So there's a few qualifications. But given there WILL be other patch authors that try this new vector, and you WON'T be able to trust them nearly as much as you trust Blizzard, they're ultimately not very meaningful qualifications.)
just like no mp3 ripping software can be blocked, no game playing bot can be blocked either
just pipe the video output and the keyboard input to another clean box
make it hardware pipes if need be
there is no way the software running on the box where WoW is installed can ever detect this, unless the bot acts particularly "bot like". in which case, put in random hesitations and repititions
and if this seems a bit extreme to you, consider that we live in a world where people actually pay people in china to play MMORPGs for them. just that fact alone seems insanely extreme to me, so i don't think this kind of hard hack bot is that ludicrous
in fact, in the world of online poker games, i am 100% certain such hardhack bots already exist, considering the profit motivation there and the anti-cheating measures in place there
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
"Is the torture of an "enemy of the state" wrong if it preserves life?" Yes. Who is an Enemy of the state? how is it determined? where is their trial? History has shown...
Ooookay, now we've jumped the rails.
rootkit: hides completely from the user, user cannot disable or uninstall it while it is active
warden: polymorphic, encrypted
There is nothing common in them
Patents Drive Free Software as Hurricanes Drive Construction Industry
Nothing else, a simple program could be written to determine the best move based on odds. This alone would put an edge against human players.
The Kruger Dunning explains most post on
With this sort of access what exactly stops the US goverment from going to Blizzard like they have AT&T? They can gain far more information about you, and your habits, via this manner than anything they can get from your Phone calls and internet traffic.
So of course he's trying to make a fuss about it--It will hurt his ability to help people cheat. Slashdot has been trolled, sigh. Warden is good for us that actually just want to play the game and not have people cheating. If you are that concerned about it, please feel free not to play. No one is forcing you. It isn't being installed behind your back or hidden in any way. QQ moar, as we say in WoW. :)
replacing it with NEW Folger's Crystals! (lets see if they notice the difference)
The real deal killer was when I found out the damn thing (Warden) was sending back descriptions of everything it looked at on my computer to Blizzard!
The only change is that now all that information Blizzard is gathering on you evil Blizzard customers is randomly encrypted rather than singularly encrypted.
Eventually the NSA will demand that Blizzard hand it all over and allow them to monitor you and Blizzard will let them and Blizzard customers won't care.
Thanks to eating disorders most chicks are reasonably good looking these days.
I was almost concerned that this was a big deal; then I realized this is just a problem for players using MS Windows... though I think it would be trivial for Blizzard to write a simple thread into WOW that could periodically scan the processlist on a Mac.
Those who laugh at you for you having a Mac.. are the people who constantly call you to fix their PC.
You would think that Vista's amazing and innovative security would prevent one task from sniffing like this quite easily. Obviously running WoW under Wine castrates this entire problem, though having significant downsides of its own.
How / Why Warden can grind through anything outside WoW's resources is a absolute flaw in Microsoft's product. Clearly some Microsoft Desktop/OS guru needs to step up and write a how-to to run WoW 'setuid' as a separate user and fix this problem.
members are seeing something, your seeing an ad
Blizzard has also been deleting posts from their forums... if they had nothing to hide why would they do that?
http://en.wikipedia.org/wiki/Root_kit
"subvert control of an operating system from its legitimate operators"
The Kruger Dunning explains most post on
Its encrypted, right ? So you cant see what they are collecting? This is so that when their crappy "Bot detecting" software catches non-botters, they can swear up and down that they have absolute proof that you were botting. It's like if the Prosecution claimed they had pictures of you killing someone, but never show them as evidence. complete bunk. I'm not defending botters, I'm attacking blizzard's practices. With this methodology of banning people, they can ban people who mess with their alts or their precious "MVP" Forum cronies, or the guilds that they've made special Company Contacts for. Sounds to silly to be true? Its happened.
Without telling anyone. I think that difference matters.
and this honestly doesnt concern me.
I wonder if they do the same for Europe. because there are quite stringent law on the right to know what is collected as info on you , and a right of rectification. Now granted this is usually for database but it could very well bite them very hard if people start making request (for example to the CNIL in France).
C. Sagan : A demon haunted world:
http://www.amazon.com/gp/product/0345409469/
visit randi.org
Seriously, you can carry on like it is some offense that Blizzard puts anti-cheat scanning code into there game but what privacy do you really expect playing an online game? The anti-cheat measures are similar to what Valve uses in VAC. Why no fist shaking at Valve? The scanning technology is similar to any anti virus software for Windows XP. Why no fist shaking at the AV vendors? Beyond all of that how much privacy do you really believe you have if you agree to use their software product. You can try to sue the pants off of Norton for scanning your super secret data and possibly modifying or reporting back to home (they do this if something is triggered as an anomoly) but the EULA says "If you use our software and service, you agree we must scan your data". If you agree to use the software, you agree to certain amount of intrusion. Now they may obscure the details on what is going on but to complain about it later is silly. You could rip out VAC from CS: Source, try to connect to a server that demands VAC, and it will kick you off (maybe ban you). One can scream "I don't want it to be scanning my programs and data!" which in that case the ones who run the server can go "Thats fine, but you won't play on our server without submitting to it".
Civil liberites is a serious topic that should never be taken lightly. However trying to parade Warden as some assult on it is silly. You are paying Blizzard the money for a game and acess to a Blizzard server to play a Blizzard game. None of this seems any more a threat to CL than what Norton or any number of online FPS games do every day. It isn't that "everyone is doing it so it is okay" as much as "you don't have much privacy running around in an online game".
Just run WoW in vmware or parallels or xen or whatever. Use that virtual environment only for that purpose. Oh ya, use a virtual environment for most things you do on line, like, uh, surfing the web.
For the right, to paaaarty!
Ok, this article is FUD, pure and simple. This program has the ability to look at the hard drive, and then send data back to the server.
OMG!!!! Big Brother is watching us! Smash the looms!
Like many others have stated, ANY program that you install on your computer can do this. Even an open source program can do this. Lets be honest with ourselves, when was the last time that you looked through ALL the source code before you installed that new Firefox, or ? I would hazard a guess on no one, but I'm sure that I would have a hundred people denouncing that statement whether it is true or not just on principal.
If you are going to play an online game, I have what may be a shocking revelation for you... You are sending data from your PC to their server. If this is unacceptable to you, then you have 2 choices. 1) Whine incessantly about it, and/or 2) stop playing it.
The spirit of this program in question is to stop cheaters. Online games that care about this have similar programs. This is a classic measure, counter measure story. The cheaters do one thing, the programmers create a counter measure, the cheaters find a workaround. Rinse and repeat.
I for one, welcome our new Blizzard overlords.
I do not see any indication anywhere that this:
1. Hides itself from the user.
2. Remains on the system even after World of Warcraft is uninstalled.
So while privacy concerns may be valid, I don't see how this is a "rootkit."
"You spoony bard!" -Tellah
As a very casual WoW player (I only have 1 level 70 main toon and I only just started raiding Karazhan), I'm glad that Blizzard is doing what they can to combat botting. On another toon of mine I just got into a guild where one of the guys was talking about how his friend had botted 75,000 honor during AV weekend. That pretty much pissed me off. I don't care too much because I'm not playing the game in any sort of competitive manner, but it kind of irks me.
I'd really like to see something like Warden being used to combat the problem of aimbots and wallhacks in FPS games. I stopped playing FPS games all together because of that issue.
Found this on the WoW forums, thought it was good enough to pass along.
Hole #1: The 'community driven tools used to police Warden' mentioned in the article are not designed to 'police' Warden. They are designed to map out every action Warden performs on your system for the purposes of bypassing Warden. I'd post the reference links here, but that's a suspendable offense. You can fairly easily navigate through the original post for links to the software developer's site(s).
Hole #2: The 'privacy' issue is being raised due to the capacity for misuse present in the Warden software. The reality is that someone would have to rebuild Warden with a new algorithm specifically designed to snoop private data. Note that the original author makes no comment on how a developer would go about doing this, only that it could be done.
Hole #3: You have already given Blizzard enough information to steal your identity, ruin your credit, disrupt your financial stability, etc. What other possible information could they need to gather from your machine to ruin you?
Hole #4: The final blow to this argument... The only reason this issue is so 'big' in the 'community' is because the software developers have not (yet) found a way to bypass the new security measures. Warden has been through dozens of upgrades since it was released, but the 'community' didn't make a peep because the changes were visible to them, they could continue bypassing the security measures. These people don't care about Warden being on your machine, or what Warden can do with your information. They care about the fact that they can't bypass Warden anymore, and that's why the posts are going up all over the place.
Do yourself a favor, read up on Logical Fallacies, here's a good link to get you started. http://www.nizkor.org/features/fallacies/. #36 describes a 'Red Herring' argument, uniquely applicable in this situation. To be specific, there is no security implication as Blizzard is going to be performing the same scans that they have been for the last two years. If you have trusted them this long there is no reason to not trust them now. The true issue is the transparency of the Warden product, which has the bot-makers all butthurt.
- Curacao, Ravenholdt realm
Isn't blizzard sending out patches every now and then when you start the game? Any of these patches could contain code to access files on your system and send data back to the servers. I don't see what's new here, more then that it's now a process called Warden instead of wow.exe (or whatever it may be called).
Hey! That's my sig you're smoking there!
It would be especially easy with a number of online poker systems to use an emulation layer like Qemu to get a virtual machine running the original game and then "observe and interact" with it automatically. I'm betting its not that hard to make card recognition software :)
(how long until captchas are included to show the contents of your hand?)
- Michael T. Babcock (Yes, I blog)
Quest: Lunch.
Collect 3 hams, return to butcher.
Collect 5 turkey, bring to Nargold Queefbeater in Stormblaughw.
Purchase 1 loaf Sourdough +1
Reward: Delicious, Choose one:
1 - Club Sandwich - +5 vit for 3 hours
-or-
1 - Broodwich - +50 mana, -20% HP for 3 hours
Accept Quest?
[Yes] [No]
Wow, you might need a couple extra layers of tin foil. And try laying off the lead paint. :)
Programs can do whatever the hell they want when you agree to the EULA and install them. "Rights" have nothing to do with videogames.
This is the usual Slashdot liberal hippie "let's make an issue out of nothing to make ourselves feel enlightened" story.
"Sufferin' succotash."
The Mac version of WoW has no Warden -- despite recent threats (http://www.macworld.com/news/2007/10/31/trojan/index.php), the state of malware (and more importantly, cheat-ware) on Mac OS X is such that it's not worth Blizzard's time to reimplement the Warden concept on a completely different OS architecture.
I'm sorry, what? The comments regarding cryptography in this summary absolutely baffle me (and IAAC!).
"what is being checked is now completely encrypted"
"Now Blizzard has a tool that is encrypted"
What is this shit even supposed to mean? It's gibberish. How can you encrypt "what you are checking"? The only thing that can be encrypted is data, not bloody actions or their subjects or the developers intentions. "Blizzard has tool that is encrypted"? What, they wrote a program and then encrypted the executable? Congratulations, now they can't run the program because it is a pile of random bits.
Seriously, you're just making this shit up, and on a site supposedly for nerds this shouldn't be stood for. I'm surprised nobody else has mentioned it yet.
The blog featured in the article has a conflict of interest. Lavishsoft sells software products for multi-boxing, so it's just on the ethical side of botting. But, that blog does contain the article http://onwarden.blogspot.com/2007/08/heuristics-and-your-one-unbanned.html But not quite a company selling botting software. --Krelnor P.S. It's not a root kit, for god's sake. At worst, it would be a trojan included in WoW.
So your position is that the US is neither more, nor less moral than Iraq under Saddam Hussein.
Wonderful.
By the way, if you want to know why torture is wrong, ask someone in an intelligence service. It gives you nothing reliable compared to other means of gathering intelligence, and furthermore must be double checked anyway if you need reliability. It's the worst way to get information out of someone because not only will they tell you what they think you want to hear, but torture closes off any other avenues of interrogation because nothing can be worse and the subject is now utterly hostile.
Torture is carried out purely as punishment, nothing more. Only fools rely on it for intelligence.
If you run Warcraft inside its own instance of Wine, there is much less chance that it will have access to your private data.
those rtards! :)
Help Me! I'm trapped in the tubes! Oh noes! Here comes a internet!
1. Sony/BMG does a rootkit and /. goes nuts flipping into hate mode, Blizzard does it and /shrug.
2. How long before some agency realises Blizzard has what amounts to a 9 million+ botnet/spy that can control/interrogate machines even in places like China? Wonder what they'll do...I wonder if China even realises WoW/Warden can do that, I doubt they'd be that impressed either...
Oh no, they could get your name, address, and credit card information!
"Knowledge is power. Power corrupts. Study hard. Take over the world."
1 Partition for Gaming
1 Partition for tooling around in Assembler (MinuetOS)
1 Partition for Internet
1 Totally separate computer for older games that won't work properly on newer OS/Hardware combos + emulation.
And let's not forget the TI 99/4A console for the real oldschool fun!
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
It has been a long time I moderated, but if I remember the FAQ, -1 overrated or +1 underrated are usually not for comment at the 0/1 threshold but for already rated comments. It make no sense thus to mod the above as overrated. Troll, Off topic, and other negative comment would have been far better than an "overrated" (over rated against ... what ?).
C. Sagan : A demon haunted world:
http://www.amazon.com/gp/product/0345409469/
visit randi.org
cause I am kinda hungry, I have been playing for three days straight, and I am tired. Must get more gold for epic flyer, and more rep for the Ultr4L33t3k
How much is your data worth? Back it up now.
Don't forget, One partition to rule them all, and w/ pron to blind them...
How much is your data worth? Back it up now.