Here is the article posted directly from the website listed above, I appologize if this has been posted before but I did not find anything in my searching of the forums. Just wondered with the large WoW player base here what everyone thought about Blizzard using "spyware" to find out if you are commiting bannable offenses.
quote:
hoglund writes:
I recently performed a rather long reversing session on a piece of software written by Blizzard Entertainment, yes - the ones who made Warcraft, and World of Warcraft (which has 4.5 million+ players now, apparently). This software is known as the 'warden client' - its written like shellcode in that it's position independant. It is downloaded on the fly from Blizzard's servers, and it runs about every 15 seconds. It is one of the most interesting pieces of spyware to date, because it is designed only to verify compliance with a EULA/TOS. Here is what it does, about every 15 seconds, to about 4.5 million people (500,000 of which are logged on at any given time):The warden dumps all the DLL's using a ToolHelp API call. It reads information from every DLL loaded in the 'world of warcraft' executable process space. No big deal.
The warden then uses the GetWindowTextA function to read the window text in the titlebar of every window. These are windows that are not in the WoW process, but any program running on your computer. Now a Big Deal.
I watched the warden sniff down the email addresses of people I was communicating with on MSN, the URL of several websites that I had open at the time, and the names of all my running programs, including those that were minimized or in the toolbar. These strings can easily contain social security numbers or credit card numbers, for example, if I have Microsoft Excel or Quickbooks open w/ my personal finances at the time.
Once these strings are obtained, they are passed through a hashing function and compared against a list of 'banning hashes' - if you match something in their list, I suspect you will get banned. For example, if you have a window titled 'WoW!Inmate' - regardless of what that window really does, it could result in a ban. If you can't believe it, make a dummy window that does nothing at all and name it this, then start WoW. It certainly will result in warden reporting you as a cheater. I really believe that reading these window titles violates privacy, considering window titles contain alot of personal data. But, we already know Blizzard Entertainment is fierce from a legal perspective. Look at what they have done to people who tried to make BNetD, freecraft, or third party WoW servers.
Next, warden opens every process running on your computer. When each program is opened, warden then calls ReadProcessMemory and reads a series of addresses - usually in the 0x0040xxxx or 0x0041xxxx range - this is the range that most executable programs on windows will place their code. Warden reads about 10-20 bytes for each test, and again hashes this and compares against a list of banning hashes. These tests are clearly designed to detect known 3rd party programs, such as wowglider and friends. Every process is read from in this way. I watched warden open my email program, and even my PGP key manager. Again, I feel this is a fairly severe violation of privacy, but what can you do? It would be very easy to devise a test where the warden clearly reads confidential or personal information without regard.
This behavior places the warden client squarely in the category of spyware. What is interesting about this is that it might be the first use of spyware to verify compliance with a EULA. I cannot imagine that such practices will be legal in the future, but right now in terms of law, this is the wild wild west. You can't blame Blizz for trying, as well as any other company, but this practice will have to stop if we have any hope of privacy. Agree w/ botting or game cheaters or not, this is a much larger issue called 'privacy' and Blizz has no right to be opening my excel or PGP programs, for whatever reason.
-Greg
It's not something people hear about.
quote:
A thousand monkeys at a thousand typewriters couldn't ever match Legonaire:
ArticleHere is the article posted directly from the website listed above, I appologize if this has been posted before but I did not find anything in my searching of the forums. Just wondered with the large WoW player base here what everyone thought about Blizzard using "spyware" to find out if you are commiting bannable offenses.
This is identical in application to what punk buster and VAC do.
--Satan, quoted by John Milton
quote:
Bloodsage wrote:
I haven't read the EULA recently, but I'll bet, if this is true, that it specifically authorizes them to do this. . .so everyone has explicitly authorized them to do it.
Yes, but one could say it could be considered an illegal act... and aren't contracts for an illegal act null and void?
quote:
Mightion Defensor impressed everyone with:
Hmmm... wouldn't framerate and responsiveness be better if the game wasn't doing all that every 15 seconds?
This game runs well enough on most systems anyway. I assure you my framerate doesn't drop every 15 seconds..
quote:
Mightion Defensor startled the peaceful upland Gorillas by blurting:
Yes, but one could say it could be considered an illegal act... and aren't contracts for an illegal act null and void?
But it would only be illegal if they did it without permission. If you invite someone to scan your computer, it's not illegal.
--Satan, quoted by John Milton
quote:
There was much rejoicing when Bloodsage said this:
But it would only be illegal if they did it without permission. If you invite someone to scan your computer, it's not illegal.
True I guess until I am able to read the EULA/TOS again they are probably more then within their right to scan my computer, I have no problem with this because I do not hack nor do I have any files that I would be worried about Blizzard knowing they exist, but I am definately going to be more carefully about what other programs or windows I have open while playing WoW.
Even if the information is not being stored after it is retrieved, I am not comfortable enough with the fact that general or personal information might be floating back and forth from my computer to a Blizzard server. Not being very knowledgable in this aspect of computers I don't know who or what might be able to grab information like that. Legonaire fucked around with this message on 10-12-2005 at 03:53 PM.
quote:
Bloodsage spewed forth this undeniable truth:
But it would only be illegal if they did it without permission. If you invite someone to scan your computer, it's not illegal.
Of course courts may be more tolerant with something less severe like the example in this thread.
quote:
Tarquinn stopped beating up furries long enough to write:
While I agree with you in principle, that's not how law is interpreted as far as I know. Inviting someone to do something illegal to you does not make it legal. Think for example of euthanasia.Of course courts may be more tolerant with something less severe like the example in this thread.
AFAIK, there's no law against scanning stuff on someone's computers, just doing so without proper permission.
quote:
Kegwen wrote their words upon the rocks;
This game runs well enough on most systems anyway. I assure you my framerate doesn't drop every 15 seconds..
The only time (in my humble opinion) framerate cannot be improved further is when it bumps up against the monitor refresh rate one hundred percent of the time no matter what is happening. 
With vsync on, of course. I can't stand the sight of tearing.
quote:
Vallo's account was hax0red to write:
AFAIK, there's no law against scanning stuff on someone's computers, just doing so without proper permission.
That I do not know.
quote:
Kegwen had this to say about the Spice Girls:
Yeah, you better keep that "All My Personal Information Including Passwords, Social Security Number, Credit Card Numbers, etc.doc" file closed or the internet bogeyman might take them
Does this mean I should change the pass code on my luggage from 1,2,3,4 ?
So why? Why are you still Legonaire? Lashanna fucked around with this message on 10-12-2005 at 05:01 PM.
quote:
Lashanna had this to say about Cuba:
At first I gave you the benefit of the doubt and assumed that maybe you're a Lego enthusiast, and serve in the Lego Legions, but that would be a Legonnaire.So why? Why are you still Legonaire?
Way back when I first started playing MMORPG's, EQ was the first game I played, I wanted the name Legionnaire so I could run around crushbone and scare people, but alas the name filter foiled me and I have had this name ever since. Funny how a name sticks with you after so long. ? 
quote:
Maradon! wrote this then went back to looking for porn:
Am I the only one that has no problem with this at all?
I'm a privacy nut, but as long as it's just checking hashes and not returning any information beyond the fact that it found a program that matches XXX I can't really find a good argument against it beyond general frustration that the software on the computer I'm supposed to own is more and more doing whatever the hell it wants with the damn thing. If it started to transfer actual memory dumps or anything back that would of course be intolerable.
Edit: Although their supposed method for finding cheats is supremely retarded. I don't even know how to program all that well but I'd probably manage to randomly change the title bar of a program on stratup with a Windows API reference. Mod fucked around with this message on 10-12-2005 at 07:07 PM.
quote:
Check out the big brain on Maradon!!
Am I the only one that has no problem with this at all?
Normally I don't agree with the whole "if I'm not doing anything wrong why is it a problem?" stance, but in this case I have no problem with it at all.
Maradon, Mod, and I all agree on a topic like this.
--Satan, quoted by John Milton
Considering the amount of battle.net hacking that's gone on in all their previous games, I can see why Blizzard goes to such extremes. This is their first Pay2Play game, and they need to make sure the security is a hell of a lot tighter than it was in previous games. A small program like this would have eliminated 90% of the hacks in WC3, TFT, Diablo 2, etc... but the need wasn't as great there.
That's how I see it, at least 
I'm fine with them checking; I don't cheat, I got nothin' to hide.
Except my porn.
quote:
Khyron had this to say about the Spice Girls:
This is their first Pay2Play game, and they need to make sure the security is a hell of a lot tighter than it was in previous games.
They're doing a shitty job then. There's working dupes, macros, warp programs, radar programs, etc. They've been doing the scanning for a bit now and haven't stopped these programs, and it is unlikely they will ever do so.
That said, I don't see a problem with it. Arguements over similar programs have occured in the past, but they're legal if you agree to the EULA (cursed things that they are). If certain information is sent back it would be illegal under some state laws, but it is unlikely that particular information is being sent. If you don't like it, don't play WoW or play on an emulated server.
quote:
Bloodsage wrote this stupid crap:
Pay up your life insurance; I think the end of the world is nigh.Maradon, Mod, and I all agree on a topic like this.
Another one in the agreement column here too.
I'm also aware that EQ2, MxO, PlanetSide, and SWG (all SOE, surprise, surprise..) have similar programs.. and would not be surprised if all the other MMOs have something very similar as well.
quote:
Talonusing:
They're doing a shitty job then. There's working dupes, macros, warp programs, radar programs, etc. They've been doing the scanning for a bit now and haven't stopped these programs, and it is unlikely they will ever do so.
I've heard lots of people saying this, but I'm seriously skeptical that any of them have ever actually tried to USE a cheat.
People said this about EQ1, but it was incredibly rare to come across a working cheat and when you did it was easy to detect and people wound up getting banned. Same thing with WoW - sure, the odd cheat exists, but it's rare, unpredictable, and easily detected. I personally know four people who have been banned for using BG cheats and speed hacks.
However, if they snuck something in the EULA that I missed and 'allows' them to do this (however questionable I still think it is) I have no real recourse. I agreed to allow it.
quote:
Maradon!'s account was hax0red to write:
I've heard lots of people saying this, but I'm seriously skeptical that any of them have ever actually tried to USE a cheat.
A good number of people were banned for using the instant level 1-12 warp exploit months ago. A friend of mine made several hundred dollars selling gold to IGE using the warp cheat to farm in DM before it was fixed. He never got banned before quitting. A member of my younger brother's guild made a couple thousand the same way and never got banned either. Radar isn't as bad as it was in DAoC, but it exists. Exploits... well, its hard to even consider exploiting cheating anymore. That's pretty damned wide spread in general. Emulated servers (not really a cheat, but meh) are quite popular outside America.
Cheating isn't exactly wide spread, other than exploits, but it exists. There's a lot of exploits and programs out there. Don't kid yourself thinking there isn't any cheating going on.
Edit: And this is just in WoW. Looking at radar use in DAoC (virtually the only cheating that ever went on in DAoC period, but it was and still is widespread) and you can't seriously say cheating doesn't exist. Hell, even I used radar in DAoC for a bit. Never got banned, and nobody really cared. Talonus fucked around with this message on 10-12-2005 at 08:49 PM.
quote:
NullDevice startled the peaceful upland Gorillas by blurting:
And it seems this is NOT a recent development
quote:
. . .just thrust me. . .
Pure. Comedy. Gold.
--Satan, quoted by John Milton
