more on Warcraft Game Maker in Spying Row

[David Farber <dave () farber net>]

Begin forwarded message:

From: James Seng <james () seng sg>
Date: October 31, 2005 7:39:43 PM EST
To: dave () farber net
Cc: Ip Ip <ip () v2 listbox com>
Subject: Re: [IP] Warcraft Game Maker in Spying Row

This is only part of the story.

The other part is Greg who posted the behavior of Warden on
rootkit.com actually posted the original and more comprehensive study
of it on the forums of wowsharp.net - a site that provides a (cheat)
bot World of Warcraft called WoW!Sharp. The fact is he is trying to
hack World of Warcraft.

The tug-of-war between Blizzard and wowsharp.net over the last couple
of months was pretty interesting to watch incidently. Originally, the
Warden is only a static client that scans for WoW!Sharp windows but
what finally stop wowsharp.net was a dynamic everchanging Warden which
is download on the fly to the user computer and with encrypted
end-to-end encryption preventing proxying hacks.

-James Seng

On 11/1/05, David Farber <dave () farber net> wrote:
> Begin forwarded message:
>
> From: Simon Li <simonli () gmail com>
> Date: October 31, 2005 2:55:56 PM EST
> To: dave () farber net
> Subject: (For IP?) Warcraft Game Maker in Spying Row
>
>
> Dr. Farber,
>
> This may be interesting to those who play games..
>
> http://news.bbc.co.uk/2/hi/technology/4385050.stm
>
>
> Warcraft game maker in spying row
> By Mark Ward
> Technology Correspondent, BBC News website
>
> Screenshot of dwarves on ram mounts from World of Warcraft, Blizzard
> Warden watches as gamers explore Warcraft's world
> Game maker Blizzard has been accused of spying on the four million
> players of World of Warcraft.
>
> Net activists branded software used to spot cheats "spyware" because
> it gathers information about the other programs running on players'  
> PCs.
>
> In its defence Blizzard said nothing was done with the information
> gathered by the anti-cheat software.
>
> And many players seem happy to have the software running if it cuts
> the amount of cheating in the game world.
>
> Home invasion
>
> The watchdog program, called The Warden by Blizzard, has been known
> about among players for some time.
>
> It makes sure that players are not using cheat software which can,
> for example, automatically play the game and build up a character's
> qualities.
>
> However, knowledge of it crossed to the mainstream thanks to software
> engineer Greg Hoglund who disassembled the code of The Warden and
> watched it in action to get a better idea of what it did.
>
> Screenshot of stone giant from World of Warcraft, Blizzard
> Warcraft players back Blizzard's anti-cheat system
> He found that it performed a quick analysis on other programs running
> on a PC to see if their characteristics match known cheating programs.
>
> But Mr Hoglund found that The Warden also scans the text in the title
> bars of any Window for any other program.
>
> Writing in his blog about what he found Mr Hoglund said: "I watched
> The Warden sniff down the e-mail addresses of people I was
> communicating with on MSN, the URL of several websites that I had
> open at the time, and the names of all my running programs."
>
> Mr Hoglund noted that the text strings in title bars could easily
> contain credit card details or social security numbers.
>
> Digital rights group The Electronic Frontier Foundation (EFF) branded
> The Warden "spyware" and said its use constituted "a massive invasion
> of privacy".
>
> The EFF said that it was not acceptable simply to take Blizzard's
> word that it did nothing with the information it gathered. It added
> that the Blizzard could get away with using The Warden because
> information about it was buried in licence agreements that few people
> read.
>
> Fair play
>
> Blizzard took to the forums on the central community site for World
> of Warcraft to defend itself and correct what it saw as
> "misinformation" about its actions.
>
> It said that The Warden did not gather any personally identifiable
> information about players only data about the account being used. It
> also re-iterated that the only thing done with data gathered was to
> look for evidence of hack or cheat programs.
>
> For their part many gamers seem happy to tolerate The Warden even
> though they acknowledged that it eroded their privacy to an extent.
>
> Jason Justice, speaking on behalf of members of the Low Red Moon
> guild, said many in its ranks supported the programs used by Blizzard
> if it kept the cheats out of the game.
>
> Pack shot from Diablo II, Blizzard
> Cheats spoiled the online version of Diablo II
> "The concern most have is that the program has the capability to read
> text from open programs, potentially compromising the privacy of some
> sensitive programs."
>
> "If someone is afraid of the program reading sensitive information
> from their programs, one possible solution is simply to not run any
> additional programs while playing World of Warcraft," he said, "which
> is certainly advisable from a performance standpoint to begin with."
>
> He told the BBC News website: "It is entirely Blizzard's
> responsibility to protect their intellectual property and the
> fairness of the game experience, and if they have code sophisticated
> enough to detect when a cheater is running illegal programs on their
> computer, they're doing a right good job of it."
>
> Paul Younger, one of the administrators on WoW community site
> worldofwar.net, said: "With cheating being a real concern to Blizzard
> I feel they have few options other than to check what people are
> running on their machines."
>
> "Blizzard have learnt since Diablo II that cheating can seriously
> hamper the enjoyment of a game," he said.
>
> Warcraft players debating the issue on the worldofwar.net forums
> seemed happy to have The Warden keeping an eye on what they are
> doing. Many said they trusted Blizzard not to exploit the information
> being gathered.
>
> Some pointed out that it would be hard for Blizzard to gather more
> useful information than they already have given that most use a
> credit card to pay the monthly fee to keep playing the game.
>
> For those worried by what The Warden does, Mr Hoglund has produced a
> program called The Governor that reports on what it is watching.
>
>
>
>
> -------------------------------------
> You are subscribed as james () seng cc
> To manage your subscription, go to
>   http://v2.listbox.com/member/?listname=ip
>
> Archives at: http://www.interesting-people.org/archives/interesting- 
> people/

-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/