Re: Re: Re: Blizzard's official response? (fwd)

["Mary Landesman" <mlande () bellsouth net>]

Well, I don't know. Chuck's comments seem deliberately evasive. But when I
read through the back and forth in the Rootkit blog posts, I don't see
confirmation that Greg actually witnessed data being sent. Here's one
example:

http://www.rootkit.com/board.php?thread=4631&did=edge358&disp=4631&closed=1

If the method is what I think it is, comparing hashes client-side without
actually transmitting that data to Blizzard (aside from the 'this account
needs to be blocked), then it doesn't seem to be too drastically different
than a scanner.

Of course, if the data - even in hash form - is collected and sent to
Blizzard, then that's an entirely different matter and, in such a case, I
agree with Greg's assertion that it would amount to spyware.

I'm just not convinced (yet). But very curious.

-- Mary

----- Original Message ----- 
From: "security curmudgeon" <jericho () attrition org>
To: <dailydave () lists immunitysec com>
Sent: Thursday, October 13, 2005 10:26 PM
Subject: [Dailydave] Re: Re: Blizzard's official response? (fwd)



Forgot to include the second mail which verifies that they do receive some
type of information, and where he refers to rootkit.com folks as 'random
blog posters'.

---------- Forwarded message ----------
From: chucks.support () blizzard com
To: jericho () attrition org
Date: Thu, 13 Oct 2005 16:07:40 -0700
Subject: Re: Re: Blizzard's official response?

Hello,

Because it would jeopardize our attempts to thwart those that would
attempt to take advantage of our servers, I can not give out information
about what system information is obtained. I can also not start to refute
what a random person has posted on a Blog. Anything beyond what I have
already said is more of a legal issue than anything else so I would
recommend contacting our legal department if you have any more questions.

Technical support cannot provide answers to legal questions.  Any
questions should be directed via mail to:

Blizzard Entertainment
Attn: Legal Department
P.O. Box 18979
Irvine, CA 92623

Be sure to include all of your contact information (name, address,
telephone number, email address).

Best regards,



Regards,
Chuck S.
Technical Support
Blizzard Entertainment
http://www.blizzard.com/support

If you reply, please include all previous text and files related to this
e-mail.




-----Original Message-----
From: jericho () attrition org security curmudgeon
To: chucks.support () blizzard com
Sent: 10/13/2005 9:55:43 AM
Subject: Re: Blizzard's official response?

: The information in that article is false.
:
: Blizzard has always taken an aggressive stance against cheating in our
: games, and this measure, as discussed clearly in our Terms of Use, is an
: example of our efforts to protect legitimate players and the integrity
: of the game service from those attempting to gain an unfair advantage
: through the use of hacks. As stated in the Terms of Use, the information
: we obtain is solely for the purpose of identifying cheating in World of
: Warcraft, and for no other reason. Please note that we do not share this
: information with anyone outside of Blizzard.

You say the article is false, then say Blizzard takes an aggressive stance
against cheating, and suggest that much of the article is true. Does the
client capture information from window titles? Is the list it compares
that information to stored in the WoW client or the Blizzard server? Is
the information transmitted to Blizzard for comparison?

You say "the information we obtain.." and "that article is false". That
said, what information does Blizzard capture from the customer machine?
Who at Blizzard has access to this information?