Slashdot Mirror
Ubisoft Uplay DRM Found To Include a Rootkit
An anonymous reader writes "It has been discovered that the Uplay system Ubisoft uses to both check a game is legal and offer up gaming achievements, multiplayer, and additional content, actually contains a rootkit. The discovery was made by Tavis Ormandy, an information security engineer at Google, when he installed Assassin's Creed: Revelations on his laptop. He noticed that during the installation Uplay installed a browser plug-in that allows any website to gain access to your machine through a backdoor and take control of it.The plug-in can be classed as a rootkit because it is thought to allow continued privileged access to a machine without a user's consent."
Update: Ubisoft has released a statement saying it has issued a forced patch to correct the flaw in the browser plug-in for the Uplay PC application.
Update: Ubisoft has released a statement saying it has issued a forced patch to correct the flaw in the browser plug-in for the Uplay PC application.
Because it's missing from the summary and also the linked article, here's the initial report: http://seclists.org/fulldisclosure/2012/Jul/375
Technically, rootkit is the wrong term. It doesn't insert itself into the system, and it cannot execute code with privileges. It's still a security hole big enough to swallow small countries.
Thanks. It seems however this is technically not a rootkit, but just a backdoor disguised as a browser plugin. It's not deeply embedded in the system and doesn't try to hide its existence. Still serious though.
In what way?
You really think they did not include some fine print in the EULA about how the user was consenting to this?
An illegal action (not sure if this is or not) remains illegal, even if both parties agree to it.
What, have you never heard of the sony rootkit? they were pretty damn close to getting sued for similar issues.
Fine print won't do anything to get around this. Just like every fine print says you indemnify the company - if there's a real issue, the judges will ignore the EULAs which have been deemed legally unenforceable anyway.
Correct, in the UK at least, not sure about US law. For example, even if I agreed to work for less than minimum wage the employer is still breaking the law if they don't pay minimum wage, you can't sign away your legal rights. Also, they could be leaving themselves open to even bigger trouble - it could be argued that by doing this Ubisoft have taken responsibility for anything placed on the computer as a result and could be held legally responsible for anything found on it, such as malware or child porn.
Please consider this account deleted, I just can't be bothered with the spam anymore.
I finally got HoMM VI despite DRM reservations on extreme sale and I have to say it wasn't worth it even for 90% off. They stripped all the strategy from the game and left it an empty advertising husk. Don't bother.
var x = document.createElement('OBJECT');
x.setAttribute("type", "application/x-uplaypc");
document.body.appendChild(x);
x.open("-orbit_product_id 1 -orbit_exe_path QzpcV0lORE9XU1xTWVNURU0zMlxDQUxDLkVYRQ== -uplay_steam_mode -uplay_dev_mode -uplay_dev_mode_auto_play")
And the price you pay for buying d3 is an endless pointless grind to gather loot, to sell to the vendor for a paltry few of the billion gold that you would need in order to have the gear strong enough to farm for actual items. Or you can go on the real money auction house and give blizzard an extra 15% of filthy lucre from the $500 to $2500 it will cost you to gear up for inferno act4.
Game sales are down for consoles maybe. With a bit of googling, you might find silly things like NVidia's 23% revenue growth attributed to PC gaming alone. And of course that Steam has 100% sales growth in 2012 over 2011. Oh and Diablo III selling like hotcakes. But hey, this profit growth is all because DRM is making people NOT buy games right?
uPlay update 2.0.4: 'Fix addressing browser plugin. Plugin now only able to open uPlay application.'
Well, that was fast.
You mean the EULA you are forced to agree to AFTER making the purchase? Null and void.
Seven puppies were harmed during the making of this post.
Which is incorrect. There was a class action suit, which Sony in the end settled.
Steam doesn't limit the number of installs I can perform. It doesn't require me to be always online. It doesn't stop me from running games under wine[1]. It doesn't restrict me to only one or a few downloads of my purchase. Steam may be DRM, but as things go it is pretty reasonable.
I have had games limit me to 10 installs. Games with cruddy DRM that can't possibly function under wine. Others let me only download them once. I have fortunately never had to deal with the always online crap, unless by its very nature it was necessary for the game (MMORPG's, for example).
[1] Yes, I actually game using wine, so that is of value to me. I only run Linux at home. It's a pain in the butt for gaming, but it's how I do it.
Might is the wrong word. EULA are court tested in the US. EULA are legally binding.
ProCD, Inc. v. Zeidenberg, 86 F.3d 1447 (7th Cir. 1996)
"The court held that Zeidenberg did accept the offer by clicking through. The court noted, "He had no choice, because the software splashed the license on the screen and would not let him proceed without indicating acceptance." The court stated that Zeidenberg could have rejected the terms of the contract and returned the software. The court, in addition, noted the ability and "the opportunity to return goods can be important" under the UCC."
I find being offended by me offensive.
EULA are court tested in the US. They're very much binding.
ProCD, Inc. v. Zeidenberg, 86 F.3d 1447 (7th Cir. 1996)
"The court held that Zeidenberg did accept the offer by clicking through. The court noted, "He had no choice, because the software splashed the license on the screen and would not let him proceed without indicating acceptance." The court stated that Zeidenberg could have rejected the terms of the contract and returned the software. The court, in addition, noted the ability and "the opportunity to return goods can be important" under the UCC."
I find being offended by me offensive.
In the US, there are very, very few restrictions in this area, and you can legally waive your rights to damn near anything, as consumer protection laws are all but nonexistent.
Check out my world simulator thingy.
As we have seen, US isn't the world and it's EU that's currently championing consumer rights in the Western world. And in here, you can't waive rights through a simple click-through quite as easily. In many cases, you cannot waive them at all.
The fact that Ubi rushed to fix the problem so fast tells you just how risky someone high up thought this is.
Which is a perfect example of how the rich and powerful live by a different set of laws. If I put a root kit on Sony's computer, you'd better believe I'd have felony charges filed against me. If Sony puts a root kit on my computer, all they have to do is pay off some state AGs.
Give me Classic Slashdot or give me death!
Verified that the SOE Web Installer plug-in for Firefox is installed by the Everquest 2 Updater (I'm guessing their other games will install it as well).
Verified by updating the game (my wife hadn't updater her machine yet) with Firefox open-- Game Updater hung until I closed down Firefox--Plug-in is installed once Game updater was finished. I made sure it was NOT installed before updating the game.
Much like the music CDs, I guess Sony cannot be trusted even after a class-action for doing the same sort of shit.