Dailydave mailing list archives
Re: Re: Re: Blizzard's official response? (fwd)
From: pbb <pbb () 65535 com>
Date: Mon, 17 Oct 2005 14:38:40 +0100
Couldn't this open things up to someone writing a program that doesn't show up as a windows but has something on the banned list in the window title. Embed it in some kind of talent point calculator or other tempting tool and get 1-2 million addicts to run it effectively getting 1/2 the subscribers banned and making Blizzard lose $300 million/yr as well as a great deal of repuation.
I'd consider it like these DOS blackmailers too where the anti-cheating mechanism could be abused to ban accounts. I guess they don't care, weren't there MANY accounts banned in D2 with people using hacked items (even though many had bought the items in game and had not cheated.) I play WoW (I have no life now) and I don't like cheating (why reduce the fun of a game) but I'm always worried about automated banning and the chance of innocents being punished.(guilty until proven ..... just guilty no proof.)
Paul. Mary Landesman wrote:
Well, I don't know. Chuck's comments seem deliberately evasive. But when I read through the back and forth in the Rootkit blog posts, I don't see confirmation that Greg actually witnessed data being sent. Here's one example: http://www.rootkit.com/board.php?thread=4631&did=edge358&disp=4631&closed=1 If the method is what I think it is, comparing hashes client-side without actually transmitting that data to Blizzard (aside from the 'this account needs to be blocked), then it doesn't seem to be too drastically different than a scanner. Of course, if the data - even in hash form - is collected and sent to Blizzard, then that's an entirely different matter and, in such a case, I agree with Greg's assertion that it would amount to spyware. I'm just not convinced (yet). But very curious. -- Mary----- Original Message ----- From: "security curmudgeon" <jericho () attrition org>To: <dailydave () lists immunitysec com> Sent: Thursday, October 13, 2005 10:26 PM Subject: [Dailydave] Re: Re: Blizzard's official response? (fwd) Forgot to include the second mail which verifies that they do receive some type of information, and where he refers to rootkit.com folks as 'random blog posters'. ---------- Forwarded message ---------- From: chucks.support () blizzard com To: jericho () attrition org Date: Thu, 13 Oct 2005 16:07:40 -0700 Subject: Re: Re: Blizzard's official response? Hello, Because it would jeopardize our attempts to thwart those that would attempt to take advantage of our servers, I can not give out information about what system information is obtained. I can also not start to refute what a random person has posted on a Blog. Anything beyond what I have already said is more of a legal issue than anything else so I would recommend contacting our legal department if you have any more questions. Technical support cannot provide answers to legal questions. Any questions should be directed via mail to: Blizzard Entertainment Attn: Legal Department P.O. Box 18979 Irvine, CA 92623 Be sure to include all of your contact information (name, address, telephone number, email address). Best regards, Regards, Chuck S. Technical Support Blizzard Entertainment http://www.blizzard.com/support If you reply, please include all previous text and files related to this e-mail. -----Original Message----- From: jericho () attrition org security curmudgeon To: chucks.support () blizzard com Sent: 10/13/2005 9:55:43 AM Subject: Re: Blizzard's official response? : The information in that article is false. : : Blizzard has always taken an aggressive stance against cheating in our : games, and this measure, as discussed clearly in our Terms of Use, is an : example of our efforts to protect legitimate players and the integrity : of the game service from those attempting to gain an unfair advantage : through the use of hacks. As stated in the Terms of Use, the information : we obtain is solely for the purpose of identifying cheating in World of : Warcraft, and for no other reason. Please note that we do not share this : information with anyone outside of Blizzard. You say the article is false, then say Blizzard takes an aggressive stance against cheating, and suggest that much of the article is true. Does the client capture information from window titles? Is the list it compares that information to stored in the WoW client or the Blizzard server? Is the information transmitted to Blizzard for comparison? You say "the information we obtain.." and "that article is false". That said, what information does Blizzard capture from the customer machine? Who at Blizzard has access to this information?
Current thread:
- Re: Blizzard's official response? (fwd) security curmudgeon (Oct 13)
- <Possible follow-ups>
- Re: Re: Blizzard's official response? (fwd) security curmudgeon (Oct 13)
- Re: Re: Re: Blizzard's official response? (fwd) Mary Landesman (Oct 13)
- Re: Re: Re: Blizzard's official response? (fwd) pbb (Oct 17)
- Re: Re: Re: Blizzard's official response? (fwd) Mary Landesman (Oct 13)