Game Publishers Using Stealth P2P Clients

An anonymous reader writes "TorrentFreak has shed some light on the dark practice of installing stealth-mode P2P clients during game downloads and using unsuspecting gamers' PCs as 'bandwidth slaves.' The clients operate in the background and largely go unnoticed until problems arise that are caused by overactive uploading/seeding. While the Akamai NetSession Interface and Pando Media Booster are specifically called out, there appear to be other offenders as indicated in the comments left by TorrentFreak readers. A publisher called Solid State Networks is putting out a call for an industry-wide 'best practices' effort to promote transparency, control and privacy on behalf of gamers who are otherwise being abused for their bandwidth without their consent."

Re:Blizzard

[MareLooke]

And most importantly, Blizzard allows you to turn it off without hassle at all,

Re:Can we name names here?

[causality]

OK, I know that Blizzard uses BitTorrent, but they're fairly upfront about it.

Someone else has mentioned Dungeons and Dragons Online, but they again mention it.

I know for a fact that the Final Fantasy XIV Beta uses P2P but makes no mention of it (thanks, firewall!), but thanks to the NDA, I can't tell you about that. Or I could post AC.

So can we name names and make a list of companies that mislead customers about P2P and waste their bandwidth? We can start with:

SQUARE ENIX: Final Fantasy XIV (no indication)

Of course this wouldn't work for an MMORPG that inherently requires network access. In my case, the few Windows games I play are single-player and run well under WINE on my Linux machine. I don't trust them in the slightest. I'll detail some of the measures I take:

• I run Wine as a separate user account that isn't ever used for anything else.
• I use iptables (with --match owner) to prevent that account from having any sort of network access. It cannot even ping google.com.
• For several others reasons I use a PaX/Grsecurity kernel. It has an option that prevents normal users from seeing any processes except their own, which I use.

That last one was handy back when I played WoW since the need for some network access meant I couldn't fully use the second security measure. The WoW client has a piece of spyware intended as an anti-cheating device. It takes a list of all running processes on the computer as an attempt at detecting common cheat programs, like those that enable unauthorized automation of gameplay. It reports these results back to Blizzard.

With that feature of PaX/Grsecurity, that WoW client would only see itself and a few WINE-related processes (like wineserver and winedevice). On a more standard Linux system, any process belonging to any user can view every processes belonging to every user (as you can verify with the 'ps' command). I consider cheating to be Blizzard's problem. I didn't consider the processes I choose to run to be Blizzard's business, though I'm willing to reconsider if they ever give me a user account on their servers and let me see what I can see.

It's surprising in some ways and utterly unsurprising in others when I consider how much more control I have over these things with WINE and Linux than anyone running these games under real Windows. More than that, I have a much greater assurance that my control won't be undermined because at no point am I having to trust the good intentions of Blizzard or any other game company. Instead, I deny them everything and then allow them the few things I decide they have a legitimate need to do. This is how it should be. If that were the norm there would be no "stealth p2p clients".