PDA

View Full Version : WoW - Is Blizzard invading your privacy?



beef
11-04-2005, 09:39 PM
Invasion of privacy? I'd say so. Whether it catches cheaters or not, it's Spyware.


http://www.eff.org/deeplinks/archives/004076.php

A New Gaming Feature—Spyware
October 20, 2005
Rejoice gaming fans, for the latest new “feature” of Blizzard Entertainment’s smash hit multi-player online videogame World of Warcraft is here! No, it’s not a new Sword of Destruction or Staff of Power—it’s spyware! Yes, unbeknownst to many gamers, World of Warcraft now has an unwanted special feature—a hidden program called “Warden” that snoops gamers’ computers looking for any "unauthorized third-party program" that “enables or facilitates cheating of any type.”

According to Greg Hoglund, co-author of "Exploiting Software, How to Break Code," this hidden program opens every process on a gamer’s computer, from email programs to privacy managers, and sniffs email addresses, website URLs open at the time of the scan, and the names of all running programs—whether or not those programs, emails, or websites could conceivably have anything to do with hacking.

Blizzard calls this an “anti-cheating system.” We call it a massive invasion of privacy.

Blizzard has scrambled to come up with three responses to the widespread criticism:

Response 1: Warden doesn’t collect personal information, so what’s the problem?

Well, problem one is that gamers have no choice but to accept Blizzard’s word on that. More importantly, if Hoglund is right, Blizzard has a pretty skewed idea of privacy—we can look at your personal info, but if we don’t collect it there’s no invasion? Hardly. We also wonder how Blizzard’s executives would feel if we searched their homes, wallets, and bank accounts and read their letters and emails but didn’t write down anything we found.

Response 2: Everyone’s doing it. Blizzard points out that many companies use hack-scanning programs.

We all learned the problem with that reasoning from Mom (“If all of your friends jumped off a bridge…”).

Response 3: Read the EULA. Blizzard advises gamers of its intent to invade in its terms of service. “People should read contracts,” says Blizzard rep John Lagrave.

True enough—people should read contracts. But here’s the really depressing part of this story—companies like Blizzard know few people read the terms of service and end-user license agreements that pop-up when they install new software or create new accounts, and fewer still have the time, patience, and knowledge to parse the legalese. Without some constraints on what a company can hide within these massive legal tomes, more and more companies will learn that they can invade our electronic privacy for any reason they wish—as long as they disclose it somewhere in the fine print. The cost of such a practice over time is not only access to our personal and private information but also control over our personal computers and devices. Then we really will be prisoners to the Wardens of the networked world.

UPDATE: Want to see what Warden is reading? Greg Hoglund has released a program, which he calls "The Governor," that "watches the activities of World of Warcraft, and clearly reports which data is being read from other processes."

Alfster
11-04-2005, 09:50 PM
If I cared then I wouldn't be able to play WOW

Back
11-04-2005, 11:26 PM
There is nothing on my machine that I would not show to anyone. Your point?

beef
11-05-2005, 12:42 AM
The point? There wasn't one, I thought it was an interesting piece of information.

Spyware is as well liked as SPAM. I guess you guys welcome it on your machines. I don't...and was surprised to hear that Blizzard was doing that.

Numbers
11-05-2005, 02:03 AM
Eh, as long as they're not about to sell my information out to anybody or start sending me personalized advertisements, I don't have a problem with it. Just as long as it ONLY runs when WoW's running, doesn't fuck with my registry, and doesn't hog much memory.

I have a much larger problem with what Sony pulled with their rootkits.

Odups
11-05-2005, 05:25 AM
Seriously, this is posted like every damn day on the WoW forums. Is there no escaping this damn spam? Arg!

Parkbandit
11-05-2005, 07:32 AM
Originally posted by Backlash
There is nothing on my machine that I would not show to anyone. Your point?

I am absolutely floored by this response from you Backlash.

I am at a loss of words. Are you ok?

Parkbandit
11-05-2005, 07:34 AM
If Warden stops little fuckstains from hacking and abusing bugs, then I'm all for it. I say kudos to Blizzard.

Skirmisher
11-05-2005, 10:18 AM
Yet another reason not to play WoW.

Just let them put a camera in your house while they are at it as long as they promise not to film anything.
:down:

Gan
11-05-2005, 10:34 AM
Originally posted by Parkbandit

Originally posted by Backlash
There is nothing on my machine that I would not show to anyone. Your point?

I am absolutely floored by this response from you Backlash.

I am at a loss of words. Are you ok?

Me too. I was expecting a huge imflammatory retort in kind as to the Federal ID program.

Ironic.

beef
11-05-2005, 11:00 AM
Originally posted by Skirmisher
Yet another reason not to play WoW.

Just let them put a camera in your house while they are at it as long as they promise not to film anything.
:down:
Oh, I wasn't saying not to play WoW. I do think it's something that most WoW players don't know and do think it's worth the time to send an email to Blizzard voicing your disapproval (if you disapprove).

Maybe I'm just a paranoid freak, but I don't like anyone or any company peeking at what I'm doing. Not that I'm doing anything wrong, it's the principle.

And agreed on the comment about Sony. The funny thing is, you can use rootkit to bypass WoW's Warden program. Link below:
http://www.securityfocus.com/brief/34

I'm all for getting rid of cheaters, but I think it should be done on the server side, not with Spyware. For the record, I don't even play WoW...

[Edited on 11-5-2005 by beef]

Gan
11-05-2005, 11:32 AM
I wonder if we can get the ACLU and moveon.org involved...

:thinking:

[Edited on 11-5-2005 by Ganalon]

Apotheosis
11-05-2005, 01:12 PM
Frankly, I think that is a bad move. I do not like that at all. Human nature dictates that this can and will be abused.

What if, you had an e-mail statement from your bank? What if a disgruntled employee at Blizzard decides to take advantage of this "hack"?

Ebondale
11-05-2005, 01:56 PM
It may be spyware but Blizzard didn't put it on our machines for malicious intent. They simply don't want to comprimise the integrity of the game by allowing people to play with programs similar to ShowEQ.

I'd much sooner trust spyware that Blizzard puts on my machine than many other companies out there.

Skirmisher
11-05-2005, 04:17 PM
Originally posted by Yswithe
Frankly, I think that is a bad move. I do not like that at all. Human nature dictates that this can and will be abused.

What if, you had an e-mail statement from your bank? What if a disgruntled employee at Blizzard decides to take advantage of this "hack"?

Ding ding ding.

We have a winner.

Nieninque
11-05-2005, 07:39 PM
Originally posted by Skirmisher

Originally posted by Yswithe
Frankly, I think that is a bad move. I do not like that at all. Human nature dictates that this can and will be abused.

What if, you had an e-mail statement from your bank? What if a disgruntled employee at Blizzard decides to take advantage of this "hack"?

Ding ding ding.

We have a winner.

Shirley you jest?

WHen I have finished with my bank and log out, it prompts me to close my browser. Now, Im no computer genius, but what that tells me is that there is a security risk in logging off and not closing the browser.

Now if someone, not only has multiple browser windows open, but also a game window with known spyware operating as part of it, whilst they are using their internet banking, the only thing that person is a winner in, is dicksplash of the year.

Edited for quoting mistakes

[Edited on 6-11-05 by Nieninque]

Gan
11-05-2005, 07:56 PM
I think that scenario was more in line with the folks who did NOT know that WoW had spyware in it... and were multi-tasking and doing banking, reading sensitive emails, or other things while having the game up.

I know I do a lot of things while having the Gemstone window open, banking is only one of them.... work, email, browsing the PC.

Not to mention those of us who have the gaming software loaded onto work systems with policies that are leinent enough to allow this to be on there for personal use 'after hours of course', I know my sys admin would have a fit if he knew there was spyware knowingly onboard a work system. Since he's a gamer he doesnt mind us having games onboard, especially for those of us who travel and use the systems for personal use.

I'd say this is a bad move on Blizzard's part... although I'm guessing that the number of folks who will either modify their online behavior because of it or quit WoW alltogether will be minimal. The primary rule is, if you dont like it, dont play it. Thats been the Simu mantra for quite a while now, and they dont have spyware imbedded into their gaming software that we know of.

Drew2
11-05-2005, 08:47 PM
Originally posted by Nieninque
Shirley you jest?


Rofl. Shirley does jest!

But, SURELY, you just with that spelling.

Back
11-05-2005, 08:50 PM
Tell you what. If I still played WoW I would HOPE they hacked me. Then I would sue Blizzard for millions, win, travel like a playboy, get a doctorate, give money to the arts and needy, and retire a happy well-sexed, well-educated philanthropist.

Skirmisher
11-05-2005, 08:53 PM
I do not jest.

And stop calling me Shirley. :D

And I do not know that the software installed by Blizzard will only function through my browser as it snoops through my computer.

Assuming I had installed it of course.

Nieninque
11-06-2005, 03:11 AM
Originally posted by Tayre

Originally posted by Nieninque
Shirley you jest?


Rofl. Shirley does jest!

But, SURELY, you just with that spelling.

It was a joke from Airplane, Tayre...Skirm got the joke :P

btw I love posts as spelling corrections that have spelling mistakes in them.

AnticorRifling
11-07-2005, 12:15 AM
Originally posted by Tayre

Originally posted by Nieninque
Shirley you jest?


Rofl. Shirley does jest!

But, SURELY, you just with that spelling.

Next time write jest instead of just, Tayre. Way to suck. :cool:

Daniel
11-07-2005, 12:55 AM
Originally posted by Backlash
Tell you what. If I still played WoW I would HOPE they hacked me. Then I would sue Blizzard for millions, win, travel like a playboy, get a doctorate, give money to the arts and needy, and retire a happy well-sexed, well-educated philanthropist.


Ding.

I don't sell drugs off my computer and all my bank accounts have protection against identity theft so why the fuck would I care.

Someone wants to steal my identity? Sure, it takes me about 20 minutes to challenge it as I keep close track of all my transactions and accounts.

Parkbandit
11-07-2005, 07:28 AM
Just because WoW installs a program that looks for some specific cheat programs, doesn't automatically mean that now WoW has access to all of your personal banking information, porn collection and bookie results.

Tsa`ah
11-07-2005, 08:23 AM
I look at it like this.

WoW, and most games like it, are far more complex than muds. In order to exploit a mud, you have to find the bugs or hack the server. That's just not the case with a graphic game. You just have to hack the program on your computer. A teak here and a tweak there and you have an unfair advantage.

There's the annoying advantages, like some of us have experienced with players like Invidious, and then there are the advantages that crank out e-bay gold and accounts. Those type of advantages just wreck a gaming environment.

If Blizz adds on a sniffer that checks for hacks and third party utilities ... more power to them. I really don't give a crap unless they start selling profiled info about me and my e-mail address to spammers.

Latrinsorm
11-07-2005, 05:08 PM
The actual line from Airplane is "Surely you can't be serious." "I am serious... and stop calling me Shirley."