Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Ubisoft Uplay DRM Found To Include a Rootkit

samzenpus posted more than 2 years ago | from the a-little-something-extra dept.

Security 473

An anonymous reader writes "It has been discovered that the Uplay system Ubisoft uses to both check a game is legal and offer up gaming achievements, multiplayer, and additional content, actually contains a rootkit. The discovery was made by Tavis Ormandy, an information security engineer at Google, when he installed Assassin's Creed: Revelations on his laptop. He noticed that during the installation Uplay installed a browser plug-in that allows any website to gain access to your machine through a backdoor and take control of it.The plug-in can be classed as a rootkit because it is thought to allow continued privileged access to a machine without a user's consent."
Update: Ubisoft has released a statement saying it has issued a forced patch to correct the flaw in the browser plug-in for the Uplay PC application.

cancel ×

473 comments

Sorry! There are no comments related to the filter you selected.

under the DMCA any antivirus software can get sued (5, Interesting)

Joe_Dragon (2206452) | more than 2 years ago | (#40817191)

under the DMCA any antivirus software companies can get sued for remove or even marking this.

Re:under the DMCA any antivirus software can get s (5, Insightful)

MarioMax (907837) | more than 2 years ago | (#40817239)

under the DMCA any antivirus software companies can get sued for remove or even marking this.

On the other hand, Ubisoft is probably guilty of violating Federal wiretap laws.

Re:under the DMCA any antivirus software can get s (1)

h4rr4r (612664) | more than 2 years ago | (#40817279)

In what way?
You really think they did not include some fine print in the EULA about how the user was consenting to this?

Re:under the DMCA any antivirus software can get s (5, Insightful)

Anonymous Coward | more than 2 years ago | (#40817351)

You can't always waive your rights, even if you agree to it.

Re:under the DMCA any antivirus software can get s (5, Informative)

thePowerOfGrayskull (905905) | more than 2 years ago | (#40817439)

In what way?
You really think they did not include some fine print in the EULA about how the user was consenting to this?

An illegal action (not sure if this is or not) remains illegal, even if both parties agree to it.

Re:under the DMCA any antivirus software can get s (5, Informative)

History's Coming To (1059484) | more than 2 years ago | (#40817541)

Correct, in the UK at least, not sure about US law. For example, even if I agreed to work for less than minimum wage the employer is still breaking the law if they don't pay minimum wage, you can't sign away your legal rights. Also, they could be leaving themselves open to even bigger trouble - it could be argued that by doing this Ubisoft have taken responsibility for anything placed on the computer as a result and could be held legally responsible for anything found on it, such as malware or child porn.

Re:under the DMCA any antivirus software can get s (2, Insightful)

Sancho (17056) | more than 2 years ago | (#40817637)

But sometimes actions are illegal only if they are non-consensual. Agreeing to a EULA might be considered consent.

Re:under the DMCA any antivirus software can get s (4, Informative)

poetmatt (793785) | more than 2 years ago | (#40817451)

What, have you never heard of the sony rootkit? they were pretty damn close to getting sued for similar issues.

Fine print won't do anything to get around this. Just like every fine print says you indemnify the company - if there's a real issue, the judges will ignore the EULAs which have been deemed legally unenforceable anyway.

Re:under the DMCA any antivirus software can get s (1)

localman57 (1340533) | more than 2 years ago | (#40817527)

if there's a real issue, the judges will ignore the EULAs which have been deemed legally unenforceable anyway.

I think it is swinging more and more towards upholding the contract whenever possible, though. The Supreme Court recently upheld contract clauses forcing binding arbitration (removing your right to sue), and prohibiting class actions. (That's my understanding, anyway. IANAL).

Re:under the DMCA any antivirus software can get s (1)

pipatron (966506) | more than 2 years ago | (#40817771)

What, have you never heard of the sony rootkit? they were pretty damn close to getting sued for similar issues.

So you're saying they were actually not..

Re:under the DMCA any antivirus software can get s (5, Insightful)

Anonymous Coward | more than 2 years ago | (#40817601)

So? Ubisoft is a corporation, its not like anything bad is actually going to happen to them.

Under computer tresspass, Ubisoft are guilty. (0)

Anonymous Coward | more than 2 years ago | (#40817543)

Under computer tresspass, Ubisoft are guilty of several crimes.

Not really surprising. (5, Insightful)

Black LED (1957016) | more than 2 years ago | (#40817201)

It's reasons like this that I refuse to buy anything from Ubisoft.

Re:Not really surprising. (5, Insightful)

afidel (530433) | more than 2 years ago | (#40817257)

Yep, I own every HoMM game except VI due to the retarded DRM. I wish Steam had a filter button to remove anything with third party DRM so I wouldn't have to get my hopes up just to end up not buying a title due to publisher stupidity.

Re:Not really surprising. (3, Informative)

BigSlowTarget (325940) | more than 2 years ago | (#40817555)

I finally got HoMM VI despite DRM reservations on extreme sale and I have to say it wasn't worth it even for 90% off. They stripped all the strategy from the game and left it an empty advertising husk. Don't bother.

Re:Not really surprising. (5, Funny)

Polizei (1782856) | more than 2 years ago | (#40817311)

It's reasons like this I refuse to install any closed source binaries - besides the inbound and outbound firewall...

Re:Not really surprising. (0)

Anonymous Coward | more than 2 years ago | (#40817493)

besides the inbound and outbound firewall...

How ironic!

Re:Not really surprising. (2, Funny)

h4rr4r (612664) | more than 2 years ago | (#40817611)

You use a closed source firewall and are worried about what games are doing?

That seems pretty odd.

Re:Not really surprising. (1)

dehole (1577363) | more than 2 years ago | (#40817747)

Whoosh!

Re:Not really surprising. (2)

Black LED (1957016) | more than 2 years ago | (#40817679)

Meh. I will still give other companies the benefit of the doubt until they individually prove to be unscrupulous. I won't buy from Ubisoft, but I also won't let their actions taint my view of other non-open source developers.

Re:Not really surprising. (0)

Anonymous Coward | more than 2 years ago | (#40817453)

It is sad I know people who are sitting there happily playing Diablo 3 after I told them how much of a bitch the DRM is to the market place, all the problems it had and the problems it will continue to have, the problems it will have it they want to play it with no connection, etc.

NOPE, "oh come on, it's just a game"
Not the point. I have plenty of fun, non-intrusive DRM games I can be playing, equally majority of them being multiplayer.
No, let's play a game with game logic on a remote server.
I'd seriously rather play League of Legends. And that is the grindiest fest of all.

Re:Not really surprising. (4, Insightful)

localman57 (1340533) | more than 2 years ago | (#40817659)

happily playing Diablo 3 after I told them how much of a bitch the DRM is to the market place

That's the problem in a nutshell. If they're happy, either we aren't doing a good job making our point, or it really doesn't matter to them. Only one of two things will happen to make them change their minds. We have to make a case that they will be happier without DRM (in a way that is compelling enough that they will choose to be less happy in the short term to achieve it--By not playing Diablo, etc), or they have to get burned bad enough that the product itself makes them unhappy.

The problem, as I see it, is that most people just don't care, as long as it works. Most people aren't game historians, who worry about whether the authentication servers will still be there in 10 years. And for the small percentage of the people who actively fight against corporate interests, things like DRM take a backseat (and probably rightfully so) behind getting fucked by the banks, fucked by your health care provider, poisoned by local industries, etc.

If there is a technical issue that's on the public's front burner, it's Net Neutrality. And I'm ok with that. I can walk away from Ubisoft. But it's much harder to just say I'll do without the Internet.

Re:Not really surprising. (0)

Anonymous Coward | more than 2 years ago | (#40817579)

Let me add to that and say that it's because of such problems and others that I refuse to pay for any game that requires an internet connection to be played.

No special installers either.

Once we lose the ability to verify and control what a program (game) can access and what it cannot you're essentially allowing that program freedom to do all those things you were paranoid about.

Will it know how many hours you play?

Will it know which sites you buy through?

Will it find your porn?

Will it search your documents?

Will it access you emails?

I don't trust any of these companies with my data and information. Not any of these MMORPGs, not steam, not the friggin cinema registration facilities.

If you can help it, never give out any info you don't want to tell your parents, boss, wife, friend, government etc.

We all have a right to privacy and these companies continue to take a shit on our rights. Massive lawsuit in the works? I think so!

Re:Not really surprising. (4, Funny)

Anonymous Coward | more than 2 years ago | (#40817745)

"Will it find your porn?"

I dunno, a DRM scheme that found all my porn and automatically downloaded similar high def porn clips would be pretty useful. Would save me a lot of time on YouPorn.

Re:Not really surprising. (2)

u-235-sentinel (594077) | more than 2 years ago | (#40817723)

It's reasons like this that I refuse to buy anything from Ubisoft.

Agreed. The last time I purchased one of their games it ended up installing their DRM and screwed up my windows environment. I ended up reinstalling windows from scratch and throwing their game in the trash after I determined it was their software which compromised my machine (after weeks of troubleshooting).

It's not worth the trouble.

Is anyone actually surprised? (5, Insightful)

h4rr4r (612664) | more than 2 years ago | (#40817203)

Who is actually surprised?

This is the one thing that has me worried about Steam on linux. Using it in wine I can be fairly sure I have it limited to one user account and no real ability to mess with the machine, but when it installs natively who knows.

Re:Is anyone actually surprised? (1)

Yvanhoe (564877) | more than 2 years ago | (#40817315)

Virtualization becomes unavoidable.

OTOH, if it is not possible to install steam as a user, a good excuse will be necessary.

Re:Is anyone actually surprised? (4, Insightful)

NalosLayor (958307) | more than 2 years ago | (#40817403)

"Cheating"...it's the "terrorism" of the gaming world.

Re:Is anyone actually surprised? (2)

Jesrad (716567) | more than 2 years ago | (#40817715)

Cheating may be the terrorism of the online gaming world, it's the full-powers resolution of the offline single-player gaming world.

Re:Is anyone actually surprised? (3, Interesting)

jones_supa (887896) | more than 2 years ago | (#40817433)

I don't know if it's anymore there, but along C drive residing in '~/.wine/drive_c/' Wine has defaulted to mapping Z to '/'. So for some extra protection be sure to remove that. And in this case, just remember to move all the installers and stuff in the virtual C drive before starting them.

Re:Is anyone actually surprised? (4, Interesting)

bluefoxlucid (723572) | more than 2 years ago | (#40817499)

Wine doesn't run as root though (I tried, it actually screams and exits immediately). Wine has a mapping to $HOME that you need to remove though...

Re:Is anyone actually surprised? (2)

Sancho (17056) | more than 2 years ago | (#40817671)

So do you actually install it as a different user, or do you just feel warm and fuzzy that they can't modify your system, even though most of what you probably care about exists within your user account?

Even if you install it as a different user, you would need to log out of your main account every time (or, I suppose, run a secondary X server) as the rights required to display to your X server pretty much give full access to your account.

Enough with giving Windows a pass (-1)

Anonymous Coward | more than 2 years ago | (#40817207)

Can we stop calling them "computer" viruses when what we really mean is Windows virus? Also, can we stop calling it a "root" kit when it would be more aptly named an "Administrator" kit? Windows constantly gets a pass in the popular press using generic terms when the problems are very specific to the Windows platform. Yes, other OSs get malware but it is a drop in the bucket to the ocean of what is seen on Windows and it is disingenuous to mislead laypeople otherwise.

Re:Enough with giving Windows a pass (5, Insightful)

h4rr4r (612664) | more than 2 years ago | (#40817247)

This is software installed by the user on purpose, it is no flaw in windows that allowed it in. You could write software to do the same thing on any number of OSes.

I am no windows fan, but you can't blame them for this.

Re:Enough with giving Windows a pass (1)

Anonymous Coward | more than 2 years ago | (#40817301)

I am no windows fan, but you can't blame them for this.

See, there's a big part of the problem right there and you perfectly exemplify it. I wasn't "blaming" anyone I was merely pointing out an inconsistency between popular semantics and reality and how it is misleading to people that don't know any better. And you choose to retort with a very charged and misleading word thereby politicizing the discussion. And what does the truth have with being a "fan" of the operating system? I am a fan of what tool works for me. This isn't the world cup.

Re:Enough with giving Windows a pass (1)

Tridus (79566) | more than 2 years ago | (#40817467)

You want to call a generic thing a "Windows" virus instead of a "Computer" virus, and you're complaining about word choice?

What a fucking joke.

Re:Enough with giving Windows a pass (0)

Anonymous Coward | more than 2 years ago | (#40817553)

I can't imagine how it could be any more clear that this entire thread of discussion started by me referring to the specific malware discussed in the summary which is indeed Windows malware.

Re:Enough with giving Windows a pass (0)

Anonymous Coward | more than 2 years ago | (#40817539)

This is a browser plugin installed by the user, turd. It could have happened on any platform.

Re:Enough with giving Windows a pass (0)

Anonymous Coward | more than 2 years ago | (#40817705)

This is a browser plugin installed by the user, turd. It could have happened on any platform.

Maybe you are confused (possibly by virtue of being a 12 year old. Or maybe you are just a semi-sentient turd yourself) but it didn't happen on "any platform". It happened on Windows. Try to keep up.

Re:Enough with giving Windows a pass (2)

Old97 (1341297) | more than 2 years ago | (#40817477)

Steam also runs on Mac OS X and runs many of the same games from the same publishers. Does anyone know whether Ubisoft has done this on the Mac platform? I would think that they could since the admin is allowing the install in either case right?

Re:Enough with giving Windows a pass (-1)

Anonymous Coward | more than 2 years ago | (#40817673)

Steam also runs on Mac OS X and runs many of the same games from the same publishers. Does anyone know whether Ubisoft has done this on the Mac platform? I would think that they could since the admin is allowing the install in either case right?

If proper use of the term root kit were used in the context of what Ubisoft has done here, this confusion would be avoided. Administrator kit? Windows. Root kit? OS X.

Re:Enough with giving Windows a pass (5, Insightful)

SharpFang (651121) | more than 2 years ago | (#40817749)

Wait, not really.

You install a computer game
The game claims to install counterfeiting and cheat protection
What you also get in the bundle without consenting is a backdoor/rootkit

This is the very definition of a trojan.

Re:Enough with giving Windows a pass (3, Insightful)

Impy the Impiuos Imp (442658) | more than 2 years ago | (#40817307)

You think a backdoor couldn't be installed on Linux? The person voluntarily ran an installer executable. The sky is the limit when you do that. Heck, it came from a big company as official product, giving the social engineering aspect a boost -- people just clicked approve approve approve on all Windows' carefully-engineered install blockers.

Which, IIRC, don't even exist on Linux. Or maybe you're a Mac fan. Guess what? See above re: running an executable from a trusted source.

Re:Enough with giving Windows a pass (-1, Offtopic)

Anonymous Coward | more than 2 years ago | (#40817397)

You think a backdoor couldn't be installed on Linux?

Read what I said. I said that using the term root kit was inappropriate terminology when you are talking about Windows. Windows doesn't have a root user by default and won't have one period unless you specifically create one which is out of the scope of the discussion entirely. When you use generic terms to refer to something that has implicit specificity 99.99999 percent of the time, it is misleading. Note the fact that you yourself point out the flaw in the semantics by using the real generic term "backdoor" which if we are talking about the risk as it relates to all platforms is appropriate. The summary uses the specific term root which applies to a lot of platforms with the specific exception of the one that is actually under discussion. Then you use the generic term to defend the mistake. Irony.

Re:Enough with giving Windows a pass (-1)

Anonymous Coward | more than 2 years ago | (#40817465)

STFU AC

Re:Enough with giving Windows a pass (3, Funny)

GuldKalle (1065310) | more than 2 years ago | (#40817389)

Can we stop calling them "Computer" games when what we really mean is Windows game? Linux constantly gets a pass in the popular press using generic terms when the entertainment is very specific to the Windows platform. Yes, other OSs get games but it is a drop in the bucket to the ocean of what is seen on Windows and it is disingenuous to mislead laypeople otherwise.

And don't worry, if Ubisoft ever makes a game available on linux, this is what you'd see:
[sudo] password for AC:

disagree - computer games they are (0)

poetmatt (793785) | more than 2 years ago | (#40817475)

What do you think android and ios are? hint: not windows Are they gaming platforms? Well, look at the gaming profits from them: astronomical.
Meanwhile steam trying to invigorate linux means that people will recognize that a computer is a computer, and the OS doesn't matter. We already have enough issues with the million genres of games, now you want to double/triple/quadruple them by saying it's by OS? We don't do this with consoles. We define it by hardware. PS3/Sony/etc. We don't refer to it by SonyOS or whatever it's called. A computer is a computer.

Re:Enough with giving Windows a pass (0)

Anonymous Coward | more than 2 years ago | (#40817643)

Can we stop calling them "Computer" games when what we really mean is Windows game?

Er, get with the times, grampa. People have been calling them PC games for the last few years. And since the Mac vs. PC commercials pretty much sealed PC as a specific term for Windows computer it's a non-issue. As far as conflating this with proper semantics in the area of security I think that maybe you have your priorities a bit skewed. Interestingly this article is the intersection of the two though.

That's awesome (5, Interesting)

the_Bionic_lemming (446569) | more than 2 years ago | (#40817231)

I started boycotting several manufacturers over the games that required a constant online connection. I can't wait to tell my buddy that thinks that the boycott is stupid how his system is rooted (again)!

Re:That's awesome (1)

Guspaz (556486) | more than 2 years ago | (#40817545)

The problem is that if you try to boycott every game publisher or developer that does stupid things like this, you'll shortly end up boycotting almost every company.

Re:That's awesome (1)

Anonymous Coward | more than 2 years ago | (#40817665)

The problem is that if you try to boycott every game publisher or developer that does stupid things like this, you'll shortly end up boycotting almost every company.

I think it is about time we as consumers do boycott every big company, so we can get back to actually being served fairly and receive good products without they try to screw us over in any possible way just to get as much money from us all.

Re:That's awesome (1)

the_Bionic_lemming (446569) | more than 2 years ago | (#40817675)

I still play MOO and Xcom. I have more than enough games to keep me happy.

I'll spend the extra money on beer instead.

Re:That's awesome (4, Interesting)

oneandoneis2 (777721) | more than 2 years ago | (#40817737)

As somebody who hasn't bought (or pirated) any games in about a decade (other than a few of the Wii Lego series) I have to say that the only downside of boycotting all modern games is that you have to find something to do with all the extra free time and money.

Re:That's awesome (1)

Torvac (691504) | more than 2 years ago | (#40817681)

i just dont pay for their games anymore. most pirated copies come without the intrusive drm stuff.

All DRM is rootkit (1)

d3ac0n (715594) | more than 2 years ago | (#40817237)

While it may not fit the dictionary definition, IMHO ANY software that allows someone to delete/alter/lock up something on my machine without my permission is essentially a rootkit. DRM fits that definition, thus "All DRM is rootkit".

nevertheless, glad to see people calling out companies for particularly egregious behavior in the DRM realm.

Re:All DRM is rootkit (0)

Anonymous Coward | more than 2 years ago | (#40817291)

I disagree. If it doesn't phone home and can be easily removed at any time, and is honest about its existence, it is not a rootkit. I still choose not to allow it onto my computer, but that's my choice.

My main issue is game companies lying and deceiving customers. DRM crippled software should require prominent disclosure and clear removal instructions so that customers can make informed choices.

Re:All DRM is rootkit (5, Insightful)

Anonymous Coward | more than 2 years ago | (#40817369)

IMHO ANY software that allows someone to delete/alter/lock up something on my machine without my permission is essentially a rootkit.

DRM does not allow someone to "delete/alter" anything. It only "locks up" in the crypto sense, as DRM is basically crypto code. I dislike DRM, but will defend a software company's right to encrypt their software, and even allow them to require an Internet connection to "unlock/decrypt" that software so that it can be used. This is their choice, and in that respect, "buyer beware". Vote with your cash.

OTOH, installing a rootkit which allows possible unauthorised access to my machine, by the company or any other 3rd party without specific permission for each and every access??? They deserve to be fined out of existence by every legal system on the planet.

Re:All DRM is rootkit (4, Insightful)

Dog-Cow (21281) | more than 2 years ago | (#40817535)

A rootkit is software that allows root access without (further) exploiting the OS/software on the machine. The software itself may do nothing at all beyond that, and it's still a rootkit.

Conversely, software which reformats your harddrive is not a rootkit if it doesn't grant root access. Even if it itself is running as root!

So, your definition is crap. You've basically made up your own just so you can hate on DRM. It's stupid because DRM is crap even without this misguided rationalization.

Re:All DRM is rootkit (1)

Smauler (915644) | more than 2 years ago | (#40817649)

While it may not fit the dictionary definition, IMHO ANY software that allows someone to delete/alter/lock up something on my machine without my permission is essentially a rootkit.

Erm... all software alters something on your computer without your explicit permission. What do you want, a prompt asking you to allow individual bits to be written to RAM?

The post: (5, Informative)

Fwipp (1473271) | more than 2 years ago | (#40817249)

Because it's missing from the summary and also the linked article, here's the initial report: http://seclists.org/fulldisclosure/2012/Jul/375 [seclists.org]

Not a rootkit, but a backdoor (2, Informative)

Anonymous Coward | more than 2 years ago | (#40817407)

Thanks. It seems however this is technically not a rootkit, but just a backdoor disguised as a browser plugin. It's not deeply embedded in the system and doesn't try to hide its existence. Still serious though.

Re:The post: (1)

IamTheRealMike (537420) | more than 2 years ago | (#40817417)

So, er, the story would be better described as might be a rootkit, except that the given exploit hasn't actually been tested at all? What if something that prevents it from working was missed?

If there's a security bug in what they're doing, they need to fix it. Same as any other software. The given post is hardly evidence of anything though.

Re:The post: (1)

jones_supa (887896) | more than 2 years ago | (#40817473)

Seems that it's possibly just an insecurely written browser plugin rather than an intentional rootkit.

Re:The post: (0)

Anonymous Coward | more than 2 years ago | (#40817515)

Reading that, I doubt the backdoor was an intentional exploit... it looks like something meant for their lab that they didn't take out.

Torchs and Pitchforks are authorized (2, Insightful)

Anonymous Coward | more than 2 years ago | (#40817255)

Any time a rootkit is found the perpetrators should be (metaphorically) strung up.

It's hard to find a car analogy for this, but I can try: it's like a car dealer keeping a copy of your key for personal use. It's just unacceptable and so far outside of proper ethics that even the corporate sycophants should find it troubling.

Re:Torchs and Pitchforks are authorized (1)

Nadaka (224565) | more than 2 years ago | (#40817593)

Any time a rootkit is found the perpetrators should be (metaphorically) strung up.

It's hard to find a car analogy for this, but I can try: it's like a car dealer keeping a copy of your key for personal use. It's just unacceptable and so far outside of proper ethics that even the corporate sycophants should find it troubling.

metaphorically? I think they should be literally strung up.

allows any website to gain access to your machine (0)

Anonymous Coward | more than 2 years ago | (#40817269)

ANY website????

No wonder game sales are slumping... (4, Insightful)

dryriver (1010635) | more than 2 years ago | (#40817271)

Game sales are seriously down in 2012 compared to previous years. I am willing to bet that at least partially, this is because of the Steam/Origin/UPlay DRM garbage game publishers force you to install. ------- The game industry needs to take a long, hard look at the way it treats paying customers. Instead of the "we force xyz conditions on you" mantra practiced today, the industry needs to switch to "the buyer is always right". This means that the industry will need to listen to what game buyers want, and no longer IMPOSE completely unnecessary and counterproductive terms & conditions on the paying gamer. -------- This will probably never happen... The industry is run by money-oriented suits & beancounters who don't really care about making good games. But it would definitely have been nice to see, even if for just one day, the industry actually listening to what its customers want. --------- Maybe Kickstarter.com can help fix this mess. The 24 game projects that have been funded with Kickstarter will all be delivered sometime in 2013. And then we will see if the "Crowdfunded Games" can serve as a replacement for buying games from the big Multi-Billion Dollar game publishers. ------

Re:No wonder game sales are slumping... (2)

N0Man74 (1620447) | more than 2 years ago | (#40817459)

Game sales are seriously down in 2012 compared to previous years. I am willing to bet that at least partially, this is because of the Steam/Origin/UPlay DRM garbage game publishers force you to install.

I can't speak for everyone, but it has influenced by buying. The number of game publishers that I boycott keeps growing, and my game buying keeps decreasing. I used to buy 20 - 30 games a year. This past year, I might have bought 2. Though, to their credit, I pirate a lot less also! I haven't pirated a game in 3 years.

Now, I just find other ways to spend my time other than video games. The funny thing is, I've found new hobbies that are more social, more personally rewarding, and make me less interested in video games.

So, maybe all this garbage is a good thing... Not for publishers of course! They are shooting themselves in the foot! But for the rest of us, maybe losing a few video games isn't so bad.

Re:No wonder game sales are slumping... (0)

drinkypoo (153816) | more than 2 years ago | (#40817461)

Game sales are seriously down in 2012 compared to previous years. I am willing to bet that at least partially, this is because of the Steam/Origin/UPlay DRM garbage game publishers force you to install.

I'm willing to bet that it's mostly because of the slumping economy worldwide, or anyway, apparently everywhere but Dubai.

Re:No wonder game sales are slumping... (0)

Anonymous Coward | more than 2 years ago | (#40817469)

Meh. It's much more due to the fact that the next console generation is years late, and in the meantime very few games want to innovate, even on PC.

Re:No wonder game sales are slumping... (3, Interesting)

Tridus (79566) | more than 2 years ago | (#40817491)

Based on what data? NPD says that game sales are slumping, but NPD's numbers are shit. They're based on retail sales at big stores. They're of little to no use when tracking the growth areas of the gaming market: anything digital. Game sales are likely not down at all, just people buying shiny disks at Walmart.

Besides that, 2012 has featured a lot of big name letdowns compared to 2011. The fall season will likely do better.

Re:No wonder game sales are slumping... (5, Informative)

dc29A (636871) | more than 2 years ago | (#40817711)

Game sales are down for consoles maybe. With a bit of googling, you might find silly things like NVidia's 23% revenue growth attributed to PC gaming [technologizer.com] alone. And of course that Steam has 100% sales growth [eurogamer.net] in 2012 over 2011. Oh and Diablo III selling like hotcakes. But hey, this profit growth is all because DRM is making people NOT buy games right?

Re:No wonder game sales are slumping... (1)

Baloroth (2370816) | more than 2 years ago | (#40817717)

Maybe Kickstarter.com can help fix this mess. The 24 game projects that have been funded with Kickstarter will all be delivered sometime in 2013. And then we will see if the "Crowdfunded Games" can serve as a replacement for buying games from the big Multi-Billion Dollar game publishers. ------

A replacement? If they could, indie games already would (to some people, they already are). That is essentially what all the Kickstarter games are: indie games which are crowdfunded rather than self-funded (allows developers with less financial security in, and helps give peace of mind to all of them). While I love indie games (some of them being superior to the AAA titles in many ways), they do not serve as a 100% replacement for me, and I'm guessing not to most people. A game like Skyrim is simply too big and costs too much to be crowdfunded, and I love games like that and will by no means give them up simply because of DRM like Steam (now, if it was like Origin or UPlay or "always-on connection", I might reconsider, but Bethesda has a history of fairly sane DRM. Oblivion used a simple CD check, and Fallout 3 didn't have any on the game proper, though the launcher used Securom for some insane reason).

Re:No wonder game sales are slumping... (2)

Registered Coward v2 (447531) | more than 2 years ago | (#40817729)

I also have changed my game buying habits. I regularly buy HumbleBundle games even if I don't play them just to support developers who treat customers right. Steam? Only when they have one of their $9.95 sales on a game I really want, such as Civ 5. So I guess there is a price point where I put up with DRM but not at the price developers want to charge.

Re:No wonder game sales are slumping... (1)

Rexdude (747457) | more than 2 years ago | (#40817757)

If you ask me, the idea is to kill off PC gaming in this manner so that everyone's forced to use a console where everything is locked down by definition.

Once again... Loud and clear. (0)

Anonymous Coward | more than 2 years ago | (#40817295)

FUCK UBISOFT!

Whew (1)

An Ominous Coward (13324) | more than 2 years ago | (#40817297)

Glad I stuck to my Ubisoft (and EA and Blizzard) boycott even in the face of the big Steam Summer Sale. Here's hoping more gamers will stick to their principles and force developers into customer-friendly behavior, though sadly it seems that most people prefer to boycott companies just until a new title is released...

Re:Whew (1)

somersault (912633) | more than 2 years ago | (#40817455)

I didn't even have to think about it as I was gaming on consoles for the last few years. Now that I'm also doing PC gaming again.. I've found that I don't really care any more unfortunately, as long as it doesn't go so far as to fuck up my PC.

Anyway, I don't think this is a "rootkit", is it? It's a browser plugin. It should be described as malware. I thought a rootkit was something that got so deep into your system that it basically patched OS/kernel functions to hide its presence?

Re:Whew (0)

Anonymous Coward | more than 2 years ago | (#40817519)

Boycotts are heavy to carry.

Steam feature request (1)

Anonymous Coward | more than 2 years ago | (#40817321)

Hide/ban games by publisher

Not a rootkit, but... (5, Informative)

Kdansky (2591131) | more than 2 years ago | (#40817355)

Technically, rootkit is the wrong term. It doesn't insert itself into the system, and it cannot execute code with privileges. It's still a security hole big enough to swallow small countries.

Re:Not a rootkit, but... (4, Informative)

canajin56 (660655) | more than 2 years ago | (#40817581)

Rootkits are about avoiding detection while granting somebody else the ability to execute arbitrary code remotely. Although it's a deviation from the origin of the name, there's no requirement that a rootkit have root access. Ring 3 rootkits are still considered rootkits, and that includes this one, which is essentially a DLL injection into the browser, if one that's not hidden from the user, just made to seem harmless. That is, if you see that there is a uPlay plugin after you install uPlay, you might assume that's to interface between their store and their DRM, rather than having a built-in browser like Steam has. You probably wouldn't think it's there to execute arbitrary code from any website that wants to. When they talk about "privileged access" to your system, they mean the philosophical "privileged access", which is access that nobody else has. Executing arbitrary code is privileged access, because only the local user is supposed to be able to do that. It doesn't mean "root access". At any rate, I don't think privilege escalation is tricky on Windows.

Stupid question? (-1)

EzInKy (115248) | more than 2 years ago | (#40817401)

Who in their right minds still runs an operating system that allows something like this? This is 2012 for $insert_favorite_diety_here sake! Everybody should know by now that anything requiring root/admin access to a machine is highly suspect. Certainly even Window's has done away with the reboot anytime you install anything mentality by now, right?

Re:Stupid question? (1)

Tridus (79566) | more than 2 years ago | (#40817533)

Home users tend to blindly say yes whenever an installer wants to do something (or a virus wants to do something, for that matter). Changing the OS won't fix that unless the OS is highly locked down (ala iOS).

Re:Stupid question? (1)

EzInKy (115248) | more than 2 years ago | (#40817621)

So it is still a matter of education then? I thought most people by now were aware that giving access to their computer was akin to giving access to their wallet?

Re:Stupid question? (2)

kyrio (1091003) | more than 2 years ago | (#40817591)

So, what does your moronic comment have to do with an installer, that the user has run, adding a plugin to your browser?

Re:Stupid question? (2)

bluefoxlucid (723572) | more than 2 years ago | (#40817627)

RPM and DEB packages run arbitrary Bash scripts as pre-install/post-install during package installation, with full rights to alter the entire system. Gentoo ebuilds use a sandbox prelinked object that prevents writes into the system--it overlays the sandbox through libc function calls, writing new files to a separate directory tree and reading them from the real filesystem if they don't exist in that tree--but you can easily escape this by making direct syscalls.

Making a secure package manager is hard. When you install anything, it gets free reign of your system as root. From there you could even insert kernel modules if you wanted.

you know what... I blame myself... (1)

Anonymous Coward | more than 2 years ago | (#40817405)

I bought D3. I knew there will be a price to pay for showing the top execs that you can get away with screwing users with silly restrictions...

Re:you know what... I blame myself... (0)

Imagix (695350) | more than 2 years ago | (#40817557)

Let's see.. Descent 3... Doom 3.... wonder which one you're referring to?

Re:you know what... I blame myself... (4, Informative)

Nadaka (224565) | more than 2 years ago | (#40817663)

And the price you pay for buying d3 is an endless pointless grind to gather loot, to sell to the vendor for a paltry few of the billion gold that you would need in order to have the gear strong enough to farm for actual items. Or you can go on the real money auction house and give blizzard an extra 15% of filthy lucre from the $500 to $2500 it will cost you to gear up for inferno act4.

this sounds familiar (3, Interesting)

slashmydots (2189826) | more than 2 years ago | (#40817411)

Rootkit = hidden from the file structure of an OS, typically by intercepting explorer display calls. So it's not that but definitely a trojan, as it is a game on the outside and secret remote control browser plugin on the inside. By the way, there is no such thing as a hidden browser plugin. IE9 pops up and says that there's a new browser plugin and asks to enable it or not. Does it get around this? I think Firefox is a little more inviting to whatever the hell wants to hop in, as is Chrome, but no matter what, you can see all add-ons listed in all 3 browsers.

By the way, if you're thinking "hmmm, where have I heard Ubisoft news before?" they used a hacker team's no-CD crack, as-is, in one of their official updates to Rainbow 6 Vegas 2 to solve a problem with the game calling their own legit CD a fake CD.

Firefox will block this plugin shortly (0)

Anonymous Coward | more than 2 years ago | (#40817495)

The security team have already assigned the job [mozilla.org]

Re:this sounds familiar (0)

Anonymous Coward | more than 2 years ago | (#40817577)

"All FIVE browsers"

FTFY

And they wonder... (5, Insightful)

mycroft16 (848585) | more than 2 years ago | (#40817485)

And they wonder why there is piracy of video games. Seems quite obvious to me. "Buy game and get a rootkit installed on my machine, compromising my system's security or get the game from pirates without that."

I dont care. I dont buy ubisoft games new. (0)

Anonymous Coward | more than 2 years ago | (#40817567)

Aside from the fact they just shitting out the same franchises over and over, I dont like that they constantly use DRM that is intrusive. I dont support companies that A) Use and DRM, B) Start pimping dlc for games before they come out or soon as they launch. So I dont ever buy a ubisoft game new at a store, I buy them used off amazon marketplace or on ebay because I refuse to support that company with my money. Id rather give that money to the game selling the game used so it can go in their pocket and some game developer/publisher that shits on its paying customers.

But intrusive drm only means Ill pirate your game for my pc or Ill buy it on a console used.

Capcom, bethesda, ubisoft, EA, activision and a few others never get my money because I only buy their products used.

The evil JS: (5, Informative)

nthitz (840462) | more than 2 years ago | (#40817571)

var x = document.createElement('OBJECT');
x.setAttribute("type", "application/x-uplaypc");
document.body.appendChild(x);
x.open("-orbit_product_id 1 -orbit_exe_path QzpcV0lORE9XU1xTWVNURU0zMlxDQUxDLkVYRQ== -uplay_steam_mode -uplay_dev_mode -uplay_dev_mode_auto_play")

that's no rootkit... (1)

rickb928 (945187) | more than 2 years ago | (#40817653)

That's my remote management console !

Prosecute? (3, Interesting)

MattW (97290) | more than 2 years ago | (#40817687)

I'm going to contact my Congresspeople, and ask them to ask the Department of Justice to investigate and prosecute any violation of wiretapping and/or computer crime laws which may have occurred.

"Without a user's consent?" (1)

Guppy06 (410832) | more than 2 years ago | (#40817775)

Have you taken a good, long look at the license agreement yet?

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>