Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

BBC Tells World About The Warden

Zonk posted more than 8 years ago | from the everyone-else-is-doing-it dept.

Privacy 573

Anonymous Cowpat writes "The BBC is running a story about the Blizzard title World of Warcraft. Specifically an article about, 'The Warden', Blizzard's highly-invasive anti-cheating software, which some, including The EFF have labelled as spyware. Most of the people around here have probably heard of it by now, but it's interesting to see the story in the mainstream press and (at time of writing) on the front page of the BBC's technology news section, no less." From the article: "The watchdog program, called The Warden by Blizzard, has been known about among players for some time. It makes sure that players are not using cheat software which can, for example, automatically play the game and build up a character's qualities. However, knowledge of it crossed to the mainstream thanks to software engineer Greg Hoglund who disassembled the code of The Warden and watched it in action to get a better idea of what it did."

cancel ×

573 comments

Sorry! There are no comments related to the filter you selected.

The Watcher? (5, Funny)

Anonymous Coward | more than 8 years ago | (#13925616)

The watchdog program, called The Warden by Blizzard, has been known about among players for some time. It makes sure that players are not using cheat software which can, for example, automatically play the game and build up a character's qualities.

Yes, but who watches the watchers?

For those worried by what The Warden does, Mr Hoglund has produced a program called The Governor that reports on what it is watching.

Oh.

Well in that case, who watches the watchers of the watchers? Hmmm? Answer me that ... if you can!

Re:The Watcher? (0)

Anonymous Coward | more than 8 years ago | (#13925687)

The watchers of the watchers of the watchers. Duh.

Re:The Watcher? (0)

Anonymous Coward | more than 8 years ago | (#13925690)

Umm... spyware*... umm adware* and google**? *Does not technically educated users. **Does not apply to everyone.

Re:The Watcher? (4, Funny)

Kenja (541830) | more than 8 years ago | (#13925828)

"Well in that case, who watches the watchers of the watchers? Hmmm? Answer me that ... if you can!"

I dont know... The coast guard?

of vigilantes (3, Insightful)

Iriel (810009) | more than 8 years ago | (#13925831)

Whatever happened to the good ol' days of Diablo 1 online when I had to use a hack for the sole purpose of disabling everyone else's hacks around me?

Re:The Watcher? (4, Interesting)

Stripe7 (571267) | more than 8 years ago | (#13925833)

It will not be long before M$ "Trusted computing platform" will be used instead of all these spyware. That will be a few years away. For now however the only way I would play WOW is on a seperate boot image. Create a boot image for WOW and keep all your personal stuff in another closed off boot image. It means you have to reboot if you want to do other stuff but given that most guys playing WOW play for hours at a time that will not matter too much. Hmm, anyone try to run WOW in a virtual machine partition?

Oblig. Simpsons (0, Redundant)

spuke4000 (587845) | more than 8 years ago | (#13925890)

Lisa: Yes, but who will police the police? Homer: I dunno. Coast guard?

Re:The Watcher? (4, Funny)

Rei (128717) | more than 8 years ago | (#13925892)

To take out the Governor in case of abuse, they'll unleash wave after wave of Chinese Needle Snakes. Then, to get rid of the snakes, they'll use a fabulous type of gorilla that thrives on snake meat. Then - here's the beauty part - when wintertime rolls around, the gorillas will simply freeze to death.

I'M CRAZY ANONYMOUS FIRST POSTER MAN (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#13925617)

now give me some candy!

Montreal? (1)

montreal!hahahahah (880120) | more than 8 years ago | (#13925629)

hahhahahahhah!

Oh, and you fail it. Only the CRAZY SPOON HEAD has rights to FP.

Can I get this for online poker? (0, Offtopic)

davidwr (791652) | more than 8 years ago | (#13925633)

I'm tired of losing to the poker robot overlords [slashdot.org] .

Re:Can I get this for online poker? (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#13925727)

-1 Offtopic?!?!?

A guy makes a joke based on losing to computers, in an article about computers playing games, and this is offtopic?!?!?

ummm..ok (1, Interesting)

Anonymous Coward | more than 8 years ago | (#13925634)

so if you dont like it -- DONT PLAY THE FUCKING GAME YOU MORONS. when enough people dont play the game, blizzard will get the message. real good.

Re:ummm..ok (-1, Troll)

jcrash (516507) | more than 8 years ago | (#13925657)

So, you would say it is ok for the Police to come search you house to make sure you have no drugs, stolen goods, kidnapped 3yr olds - anytime they want? Just because you are against druids, stealing and kidnapping doesn't mean that would be a good thing.

Re:ummm..ok (1)

Southpaw018 (793465) | more than 8 years ago | (#13925683)

Yeah, dude, but this isn't a legal situation. If the cops busted into your house "just to check," you'd have grounds for a lawsuit hefty enough to retire. On the other hand, if you don't like what's going on with the game, then you don't play it.

Re:ummm..ok (1)

Luigi30 (656867) | more than 8 years ago | (#13925740)

They already do that, with the logic that if he refuses, he's hiding something, so they come in anyway.

Re:ummm..ok (4, Insightful)

east coast (590680) | more than 8 years ago | (#13925711)

So, you would say it is ok for the Police to come search you house to make sure you have no drugs, stolen goods, kidnapped 3yr olds

The difference is that you have the right to private property, WoW has the right to deny you access to THEIR private property based on their own criteria. If this you feel this criteria is too invasive then, by all means, do not use their software/services.

This is like drug testing, you have the right to choose not to work for an employeer that does drug testing, you do not have the right to change their policy on drug testing.

Re:ummm..ok (2, Insightful)

theRiallatar (584902) | more than 8 years ago | (#13925723)

Different entirely. You're agreeing to play the game, and even paying explicitly. Read the EULA/ToU and you'll see the Warden outlined plain as day. The Warden doesn't even report back to Blizzard what it sees unless a match is found. Blizzard asks "Do you see or ." and Warden answers either yes or no. If you want to use a public service analogy, a better fit would be "Do you want the Police to search the bags of everyone boarding an airplane to make sure noone's brought any bombs (hacks) onboard?" I think the answer would be a resounding freaking yes, and if you don't like it, don't fly.

Re:ummm..ok (2, Insightful)

Wingchild (212447) | more than 8 years ago | (#13925743)

So, you would say it is ok for the Police to come search you house to make sure you have no drugs, stolen goods, kidnapped 3yr olds - anytime they want? Just because you are against druids, stealing and kidnapping doesn't mean that would be a good thing.

No, I wouldn't say that's a good thing - but the rules are different out here. In the US the citizenry is guaranteed a certain measure of privacy and protection from egregious law enforcement by way of the Constitution. We have Amendments that protect against unlawful search and seizure, we have Amendments that guarantee a certain due process, etc.

When you go to a foreign country, these rules do not apply. If you traveled to Spain, your United States civil rights would hold no water. You would be operating under the legal system of the region you were traveling into.

So what on earth makes you think that the rules that govern US law enforcement apply, in any way, to whatever virtual world it is that WoW runs under?

Blizzard built that environment from the ground up. They invested time, money, and countless man hours to make it into something real. They invited players like you to step in and enjoy their creation. Some jackasses feel the need to bend and break the few rules that exist. I feel Blizzard is entitled to end cheating by any means necessary.

It is their product.

As always, if you don't like how they enforce their rules, you are welcome to take your dollars elsewhere. Just don't make the mistake of thinking that you have some right to tell them how to run their show.

Re:ummm..ok (1)

XXIstCenturyBoy (617054) | more than 8 years ago | (#13925762)

They do for some parole criminals. I mean, Blizzard just assume that everyone wanna cheat. And knowing hardcore MMORPG player, they might not be wrong. Your analogy is not perfect anyway, as you can choose not to play the game if you don't like that policy (or for some asshat statement like the parent poster). But if life was that the police could search you place every other weeks, stopping living might not be an option.

I'm sure that the number of new players they get based on the interest in a cheat free game (or disgust for a concurent game riddled by cheaters) will outstrip the number of people leaving the game because they feel spied upon.

Judging by the web site you link in your profile, i'm surprised you would be against bot detecting software.

Re:ummm..ok (3, Funny)

crabpeople (720852) | more than 8 years ago | (#13925820)

"Just because you are against druids"

damn right i am! they have a very quick flash heal/regen spell and also can turn into beast form which will rival a warriors tanking. not to mention the very annoying "root" spell. i dont even think you can blink out of root anymore. savages...

i think i speak for everyone when i say nerf teh druids!

No man is just a number (5, Funny)

Nick of NSTime (597712) | more than 8 years ago | (#13925639)

In the next patch, all WoW character models will be updated with black suits bearing an individual number.

Re:No man is just a number (0)

Anonymous Coward | more than 8 years ago | (#13925696)

Finally! Someone else who's heard of The Prisoner (yeah, I'm sure that's a rarity on /.) That was my Hallowe'en costume and all it got was "Nice jacket. What are you supposed to be?"

Be seeing you!

Re:No man is just a number (1)

Le Marteau (206396) | more than 8 years ago | (#13925802)

That was my Hallowe'en costume

Hallowe'en??? Is that what they call it in Hawai'i?

Re:No man is just a number (1)

hal2814 (725639) | more than 8 years ago | (#13925859)

Ooooh, double referce bonus. Not only is The Prisoner [imdb.com] referenced, but since we're talking about "Warden," Patrick McGoohan also plays a warden in Clint Eastwood's version of Escape from Alcatraz [imdb.com] . Nice.

Not Again (1, Insightful)

stanmann (602645) | more than 8 years ago | (#13925642)

This is the same sort of nonsense that almost sunk Everquest, except the Everquest API only scanned the task manager for names. This does that and also scans for running process "signatures". Yet another reason not to play WoW. Goes right along with needing a Credit card for a "free trial".

Re:Not Again (3, Insightful)

Southpaw018 (793465) | more than 8 years ago | (#13925667)

Something tells me that disdain for providing your credit card info earlier than you'd like isn't what's preventing you from playing WoW, and neither is The Warden.

Re:Not Again (1)

stanmann (602645) | more than 8 years ago | (#13925724)

I went through all 13 steps of installing the free trial included in PCGamer 2 months ago up to the point where it asked for my credit card info. Given Blizzard's historic inability to keep hackers at bay, I don't want my credit card info stored on their server. In point of fact, I don't want my credit card info stored on anyone's server, which is why I'm glad I can turn billing of on EQ(for example) and have to re-enter my payment info the next time I wish to play. It doesn't make *MY* life easier to allow you to keep my payment info. It makes your life easier, and it also allows you to keep me paying if I forget to turn off my sub(something Iive done before which led to my current way of doing business).

Re:Not Again (1, Insightful)

Anonymous Coward | more than 8 years ago | (#13925790)

go buy a gamecard with cash and stop crying.

Re:Not Again (0)

Anonymous Coward | more than 8 years ago | (#13925872)

Not too sure about him, but cost is keeping *me* away. I'd love to play it, but the game itself and the online fee are too much for me right now. ; (

Re:Not Again (1, Informative)

AviLazar (741826) | more than 8 years ago | (#13925691)

Goes right along with needing a Credit card for a "free trial".

A legit reason for a credit card is to make it harder for someone to just continue to get free trials by utilizing different e-mail accounts.

Re:Not Again (2, Insightful)

stanmann (602645) | more than 8 years ago | (#13925769)

Why should someone getting multiple free trials be a problem?? The "account key" should be the distinguishing factor there. And a free trial that is limited to 2Gold and level 20 isn't likely to be abused by someone wanting to chain free trials.

Re:Not Again (5, Insightful)

Buzz_Litebeer (539463) | more than 8 years ago | (#13925819)

People agree to this when they sign up for the service. This is the only method to stop cheating, and thats to be invasive.

The current top anti cheat for medal of honor allied assault is a third party program that makes the warden look like a freaking panzy on what it does.

It checks memory to verify there are no spyware signatures, verifies all files before they run, locks the files, runs its own explorer shell so that a person cant alt tab and run things. The game can only be executed within the context of the anti cheat software, the hardware is checked to make a key that can be bannable even if the person re-installs or reformats.

It locks the memory of itself, and the MOHAA software.

Even at that point it isnt good enough, it also launches two other executables with similar protections built in that check each other to make sure that none of the executables is being shut down or altered by an outside program.

People have to agree with this, because nothing else works, if you slip in one area, they write a cheat to exploit it. You slip in another area you get a cheat in another area. If you dont validate all files, even files with odd extensions, they write a kernal thingy that goes around it.

Cheaters have too many dedicated fucktards trying to ruin the games for everyone else.

When you sign up for World OF WarCraft, or use another type of anti cheat, you are saying that you agree to this kind of thing because you want to participate.

In sports, umpires can watch the players and make sure that they arent cheating, in on-line games the umpires have to get right on the computer. AS LONG as those people only use information required to successfully stop a cheater (IE they arent going in and finding out what programs you have installed in your registry and uploading your outlook e-mail book etc...) then what is their to complain about?

All of the stuff where it scans the URL of web sites, and views peoples MSn etc.. thats all tertiary to what its doing. It is scanning those because it is showing up as open windows processes, there is nothing for the anti cheat program to use to determine that the open windows ARENT cheats, until it checks there names to see if it matches the signature.

I dont think people realize just how clever cheaters can be. One of the cheats turned in for MOHAA involved using a bug with MSN and video drivers for ATI. If a notification was up, you could see through the walls!

Then people wonder at the lengths anti cheat software is beggining to take.

Re:Not Again (2, Informative)

Dachannien (617929) | more than 8 years ago | (#13925862)

SOE's problem was that they didn't notify the players about any sort of scanning. The WoW EULA includes notification, in all caps and in easy-to-read language, that they will perform these scans when you play the game. Since SOE's woes, gold selling (i.e., selling in-game gold for real cash) has become a pox upon MMOGs, and players are much more acutely aware of the misdeeds of other people in the game because of it, to the point where most players are happy to let Blizzard run these scans if it means that cheaters will be caught and banned.

I've been following this... (4, Informative)

sheepab (461960) | more than 8 years ago | (#13925643)

This is a comment from someone who has dissected the Warden client:

The warden then uses the GetWindowTextA function to read the window text in the titlebar of every window. These are windows that are not in the WoW process, but any program running on your computer. I watched the warden sniff down the email addresses of people I was communicating with on MSN, the URL of several websites that I had open at the time, and the names of all my running programs, including those that were minimized or in the toolbar. Once these strings are obtained, they are passed through a hashing function and compared against a list of 'banning hashes' - if you match something in their list, I suspect you will get banned.

Re:I've been following this... (4, Insightful)

MindStalker (22827) | more than 8 years ago | (#13925668)

As other poster said, if you don't like it don't play the game. As well does it compare hashes client side? As long as its sending no information to blizzards server than "He's cheating!!" I really don't see why anyone cares what it sniffs.

Re:I've been following this... (1)

TheSpoom (715771) | more than 8 years ago | (#13925702)

So, in other words, all you need to do is make the cheating program come up with a random titlebar name every time it starts up? ;^)

Re:I've been following this... (1)

sheepab (461960) | more than 8 years ago | (#13925730)

Not quite, the depth that warden goes into checking everything on your system is nothing short of amazing, the report this guy made on the warden client go on to say this:

Next, warden opens every process running on your computer. The alpha version subverted the method used by warden which was GetProcessNext.Every process is read from in this way. I watched warden open my email program, and even my PGP key manager. Again, I feel this is a fairly severe violation of privacy, but what can you do?

Re:I've been following this... (1)

kin_korn_karn (466864) | more than 8 years ago | (#13925806)

Again, I feel this is a fairly severe violation of privacy, but what can you do?

You can stop playing the damn game. Blizzard has no reason to change their behavior until they've been hit in the pocketbook.

Re:I've been following this... (1)

Dachannien (617929) | more than 8 years ago | (#13925807)

The first small bit of code is read from each running process, hashed, and compared to a list of hashes downloaded to the client. AFAIK, only code segments are scanned, not data segments and not the stack, which means that PGP privacy and other such niceties are not violated.

Re:I've been following this... (1)

mayhemt (915489) | more than 8 years ago | (#13925755)

I know a turn around for this...

1.open up couple of postings from slashdot (particularly MS Vs Linux or office apps discussions...) & the API would be in sniffing process for like 2 days...
2. the host of banned list will get /.ed finally with all the validations od ./ users in a big loooop
3. ???
4. Profit!!!

Re:I've been following this... (3, Insightful)

Iriel (810009) | more than 8 years ago | (#13925795)

Screw the quotes about what information it goes through. The bottom line is the cheat flags that it looks for and sends back. Here's the million dollar question for almost every application that gets flagged as having 'spyware'**

Do you want to play a fair game and a have a good time, or will tin foil hats get the best of you because you feel like you have big secrets to hide from the world?

** Yes, I realize that a number of those claims can be well founed, but a lot of it is just paranoia.

Re:I've been following this... (1)

Glog (303500) | more than 8 years ago | (#13925850)

While I don't completely agree with Blizzard's anti-cheating methods I can kind of understand why they are doing it. They can't stop the truly determined cheaters, however. What's going to stop me from whipping my favorite hex editor and changing a few window title strings in my cheat executables?

Re:I've been following this... (2, Insightful)

alphaseven (540122) | more than 8 years ago | (#13925877)

I'm a little confused by the spyware allegations, like the program is looking at what you're running, but so does a virus checker or task manager, are those spyware programs too?

The Warden... (1)

vykor (700819) | more than 8 years ago | (#13925649)

I hope your character isn't a Night Elf named Illidan Stormrage.

Re:The Warden... (1)

JonTurner (178845) | more than 8 years ago | (#13925775)

I'm just hoping they don't ban a character named "Violated" or /. will never hear the end of it.

Re:The Warden... (1)

Olix (812847) | more than 8 years ago | (#13925808)

Damn, that guy is the coolest ever... (link) [blizzard.de]

nothing new (5, Informative)

interiot (50685) | more than 8 years ago | (#13925652)

I really fail to see how this is any different from what other companies have done before. Half Life's Valve Anti-Cheat [wikipedia.org] system scanned the whole system. Punkbuster, etc. also scanned the system (but were third-party add-ons). The only difference here is that Blizzard didn't disclose that they would be probing further, but I don't see further probing as evidence that Blizzard is doing anything wrong.

Re:nothing new (1)

starwed (735423) | more than 8 years ago | (#13925697)

That's exactly what I was thinking. Whether it's wrong or right, Blizzard isn't the first to have gone down this path. There really is little other recourse if you want a technological solution to the problem of cheaters.

Re:nothing new (2, Insightful)

stanmann (602645) | more than 8 years ago | (#13925751)

Punkbuster, HL2, etc all made it clear up front what was going on. Warden was stealth/sleazed in under the radar. Sort of like the latest Sony DRM/Rootkit. IF they want to prevent cheating, watch for behaviour patterns, NOT software running on *MY* computer.

Re:nothing new (1)

interiot (50685) | more than 8 years ago | (#13925794)

This is MILES away from the Sony rootkit. The Sony rootkit causes prolonged irreversible damage (eg. constantly takes up 2% of your processor, always runs even when you're not playing the CD, opens up the possibility for new security holes, isn't removable by mere mortals).

Blizzard's code doesn't cause any damage. Other companies have shown that this is needed, and is not malicious. Yes, they should have disclosed it, but that's their only failure.

Even the techie guys on the podcasts are getting ruffled over this, but I don't know why. It's not really a black mark against Blizzard.

Re:nothing new (3, Insightful)

Zathrus (232140) | more than 8 years ago | (#13925886)

Warden was stealth/sleazed in under the radar

Under whose radar? Blizzard announced that they were going to be doing this near the beginning of this year, and they've been reasonably upfront about it. There have been multiple forum postings as well.

IF they want to prevent cheating, watch for behaviour patterns

They do that as well. But, funny thing, guess which is more effective?

And, frankly, the amount of whining and tin foil hat complaining going on over this is just ridiculous. They do not expose any private data at any point in time. The sniffing occurs only while you are playing the game, it does not negatively impact any other programs, all "gathered" data is hashed and compared purely on the client side, and only if the hashed data matches a list of "known bad" hashes is an indicator (again, only an indicator -- not the raw, unhashed data) sent back to Blizzard.

If you want to complain, then complain about the possibility of false positives. Hash functions, by their very nature, do not ensure uniqueness. Multiple values will hash to the same value. I haven't seen a technical discussion of the hashing function, so it may be exceptionally rare, but it's still possible.

And no, I don't play WoW or any other Blizzard game at this time. And I'm not a fanboy. I'm just tired of people blowing this out of proportion -- it just dilutes the response against real privacy/security threats.

Pertinent quote from "Terms of Use" (5, Informative)

kcurtis (311610) | more than 8 years ago | (#13925878)

Blizzard does say they will probe your computer.

From Terms of Use:
=================
In order to assist Blizzard Entertainment to police users who may use "hacks," or "cheats" to gain an advantage over other players, you acknowledge that Blizzard Entertainment shall have the right to obtain certain information from your computer and its component parts, including your computer's random access memory, video card, central processing unit, and storage devices. This information will only be used for the purpose of identifying "cheaters," and for no other reason
=================
So they can look at anything in RAM, or even your hard drive. And you agree to this. As other posters note, you can either not play, or not run other apps, since they don't seem to scan your drives.

I, for one, think Blizzard is doing something positive here, and the complainers are probably cheaters or farmers -- or non-players. Cheating ruins the experience for honest customers.

Much Like GameGuard .... (5, Interesting)

GoodOmens (904827) | more than 8 years ago | (#13925654)

Seems to be a growing trend to use spyware based programs by large company's to extract information so they can "prevent" hacks.

GameGuard [wikibooks.org] used by NCSoft in Lineage2 [lineage2.com] is very similiar when it seems to create more problems then it solves.

In fact GameGuard does not block one single hack I know of for Lineage .....

Re:Much Like GameGuard .... (1)

interiot (50685) | more than 8 years ago | (#13925750)

There's no reason the problems they create can't be solved.

And there is absolutely a solid need for anti-hack programs like this. When you can hook into the DirectX .dll's to provide easy wall-hacking to games, that's a problem. When you can otherwise get in between .dll's or execute code in the game's process, then that causes Counterstrike to become a huge haven for script kiddies. Yes, you own your computer, and we don't Microsoft's Next-Generation Secure Computing Base to lock you of your own computer. But most of us also want reasonably playable multiplayer games where 99+% of people aren't able to cheat.

Re:Much Like GameGuard .... (0)

Anonymous Coward | more than 8 years ago | (#13925774)

But most of us also want reasonably playable multiplayer games where 99+% of people aren't able to cheat.

I'd rather wallhack...

Re:Much Like GameGuard .... (1)

GoodOmens (904827) | more than 8 years ago | (#13925839)

The thing though with MMORPG if you study how hacking type programs work there is no easy way to detect client side on what hacking programs are on your computer.

I can think of just about every single major hack for the above mentioned game that easily side steps GameGuard. They even have complety third party clients for the game that completly side step GameGuard entirely and instead are somehow emulating the authenication method it uses.

A much easier solution and much less troublesome for the user would be to develop server side detection methods that would attempt to analize player behavior and attempt to make a logical choice on if its a human or a machine (And then of course have a human detect if it is really a bot or a player).

Doing above is much easier then you think as I have done similiar data mining on computer log files to filter out machine users from human users to detect when a human was wrongly using a machine account. Granted my above method is aimed more at a MMORPG enviroment where you already have GameMasters on hand that can go and look at a player to see if he is cheating or not so mileage may vary.

Sources (0, Offtopic)

LucBorg (853592) | more than 8 years ago | (#13925656)

Why is it that almost more and more news items on slashdot are derived from the BBC?

Offtopic, I know.

Re:Sources (1)

klingens (147173) | more than 8 years ago | (#13925671)

Cause the NYT lost the last vestiges of decent journalism the last few years.

Re:Sources (1)

jspectre (102549) | more than 8 years ago | (#13925735)

'cause they don't feel like rehashing the canned "news stories" posted up in american news sources. nevermind the fact we're always "discovering" that some american reporter/news outlet "didn't check their facts/sources" or *gasp* "wrote a fake story!"

Re:Sources (2, Informative)

Carewolf (581105) | more than 8 years ago | (#13925744)

Because the online version of BBC news is getting better and better, and they have decent technology news, like NY Times and unlike CNN.

Re:Sources (2, Funny)

mopslik (688435) | more than 8 years ago | (#13925757)

Why is it that almost more and more news items on slashdot are derived from the BBC?

Pfff, that's typical Slashdot Euro-centrism for you. Why are all of us North Americans constantly pushed to the side? Please, submitters, you must realize that the Internet != Britain.

The Warden Sucks! (0)

Anonymous Coward | more than 8 years ago | (#13925658)

The executable randomly pops up an excel spreadsheet and forces you to manage the finances of Blizzard's nefarious illegal schemes and the only way you can escape is through a sewer line.

The Warden? (4, Funny)

loconet (415875) | more than 8 years ago | (#13925663)

BBC Tells World About The Warden

Why is BBC telling the world about my girlfriend..

Re:The Warden? (1)

majikenny (827364) | more than 8 years ago | (#13925761)

A /.'er has a girlfriend? Of course thats newsworthy!

Old News (1)

c_woolley (905087) | more than 8 years ago | (#13925664)

Blizzard shouldn't be using anything invasive, we all know that. People shouldn't be cheating, we all know that. World of Warcraft churns out a lot of money and people are relying on the software team to make sure that people's time spent playing can actually mean something to that person. Some people play the game pretty seriously and put a lot of time into their character. These people should not feel their efforts are for naught. On the flip side, Blizzard has no right to monitor what software I have on my (or anyone else's) computer. I am pretty sure that if someone wanted to bring this to a court, Blizzard would be paying for it.

Re:Old News (1)

ifwm (687373) | more than 8 years ago | (#13925728)

"I am pretty sure that if someone wanted to bring this to a court, Blizzard would be paying for it."

Nope, you're completely wrong. It's in the EULA, so if you play, you agree to it.

Re:Old News (1)

PapaSmurf88 (926050) | more than 8 years ago | (#13925737)

I doubt it Im sure that they have already got some of the best legal minds running threw all the loop holes to make this perfectly legal

Waaaah (4, Funny)

Aexia (517457) | more than 8 years ago | (#13925672)

Blizzard sucks because they didn't prevent cheating in Diablo 2!

Waaaah!

Blizzard sucks because they prevent cheating in World of Warcraft!

Waaaah!

Re:Waaaah (2, Insightful)

Clay Pigeon -TPF-VS- (624050) | more than 8 years ago | (#13925768)

How about blizzard sucks because they can't write code that is secure enough to not require invasive anti-cheat measures?

Re:Waaaah (1)

Surt (22457) | more than 8 years ago | (#13925783)

While this is funny, the proper solution of course is to design a game in which client side cheating is impossible. While challenging, this is not at all impossible. Most of diablo 2's more serious problems were server side bugs. The only significant client side problems were loot/exp bots, a reflection of a design problem that we should have (and could have, but no one would listen to me) done better.

Re:Waaaah (1)

BushCheney08 (917605) | more than 8 years ago | (#13925880)

Remember kids, the moral of the story is that Blizzard sucks no matter what. ; )

Poor Taco (-1, Offtopic)

The Bungi (221687) | more than 8 years ago | (#13925674)

First they make him change his name [slashdot.org] and now they're installing spyware on his Mac. What's next? A monthly charge? Oh the humanity!

Torn.. (5, Interesting)

raeler (463406) | more than 8 years ago | (#13925676)

I'm torn between my love for sticking it to cheaters, and my hate for spyware. I suffered through the speedhacks and scripters in UO, and every time the developers thought about a process scanner the players went nuts and the idea was dropped. In WoW you sign the terms of conduct each time there's a new patch, so technically you agree to let this warden thing run in the background. Is WoW a better game because of it? Probably.

There are already some big problems with ebay gold farmers.. I'd rather they had to sit at the computer to make their gold, rather than just running a script.

As a player .. (4, Insightful)

Frag-A-Muffin (5490) | more than 8 years ago | (#13925680)

of more than one multiplayer online game, I have to say, cheaters playing the same game as you suck. Have you ever played CS with cheaters? Really doesn't make it fun at all. Although I'm not 100% thrilled at HOW they're preventing cheaters, so far, they have proven to be not-that-evil(TM). For now, maybe because I like WoW so much, I will give them the benefit of the doubt.

Rookit Blog Link (1)

sfranklin (95470) | more than 8 years ago | (#13925681)

http://www.rootkit.com/blog.php?newsid=358 [rootkit.com]

This is where I originally heard about this, from Greg's blog. I don't see this link on the BBC article, so I figured I'd post it.

Oh for pitty's sake. (5, Interesting)

GearheadX (414240) | more than 8 years ago | (#13925693)

The sad thing is, this whole deal was started because one of the WRITERS for the very programs that the Warden was sniffing around for discovered how he kept getting caught and started to whine loudly and constantly.

Consider the source.

Why I don't support the EFF (2, Insightful)

antifoidulus (807088) | more than 8 years ago | (#13925706)

I know they are a god like organization here on /., but them calling this anti-cheating software "spyware" is just plain stupid. You don't like the software? It ain't all that hard to cancel you subscription and uninstall the software. There, you aren't being spied on. You can't tell Blizzard what to do with their servers just because you don't like it. Either use the free market and don't use the software or shut up.

You've missed the point (1)

Weaselmancer (533834) | more than 8 years ago | (#13925824)

The software in question checks a lot of things, none of which are known to the user. From TFA:

I watched the warden sniff down the email addresses of people I was communicating with on MSN, the URL of several websites that I had open at the time, and the names of all my running programs, including those that were minimized or in the toolbar.

Now, if this thing told you up front that it was doing all of this, it would be simply an anti-cheating program. But it doesn't. It does all of this without notifying the user. Therefore, it is spying on you actions without your knowledge. Software + spying = spyware.

Re:Why I don't support the EFF (0)

Anonymous Coward | more than 8 years ago | (#13925861)

I think the point is that maybe Blizzard doesn't make it apparently obvious there is monitoring software included with the game. Like most software, the label spyware usually denotes that they are doing it while trying to keep this fact hidden from you (whether it's obscuring it deep within the EULA or some other place)..

Disclaimer: I've never played WoW, so I don't know if that is true in this case, but wanted to bring up that distinction just in case.

Re:Why I don't support the EFF (1)

shotfeel (235240) | more than 8 years ago | (#13925894)

You don't like the software? It ain't all that hard to cancel you subscription and uninstall the software.

And that's the crux of the problem. The EFF's point is that the software is snuck in under the radar -the user is prevented from making that choice. All that's needed is for Blizzard to be up-front with what they're doing. Let the user decide.

Only problem here... (1, Redundant)

praksys (246544) | more than 8 years ago | (#13925709)

...is lack of notification. Blizzard should just be upfront about the fact that the Warden watches everything else your machine is doing while the game is running, and that people who are worried about privacy should (a) not run anything else while the game is running or (b) not play the game.

"the warden" is a misnomer (1)

JonTurner (178845) | more than 8 years ago | (#13925715)

Should have been named the Panopticon. A warden can watch only one person at a time. The Panopticon was designed to watch all prisoners at all times, without that prisoner's knowledge.

Either way, F that. Either the software makers tells me exactly what the hell they're doing within very well-defined boundaries, or their anti-cheat code never gets installed. So what's allowable? Watch the gameplay for typical cheats/exploits? Yeah, sure. Take snapshots of the video buffer? Yeah, for the game window. Snapshots of the whole desktop? NO way. Keylogger? Hell no.

Of course, this is going on faith (or what the game maker tells us) since, without reverse engineering (surely a violation of DMCA?) no one but the maker knows what the code can do and there's no technological way to enforce limits on the roles the software performs.

DotNet has some degree of component permissions but nothing this fine-grained. I want more control over my PC. Not less. I want each app playing in it's own well-controlled sandbox.

In short, on my system I want to be The Warden, to prevent apps like "The Warden" from watching *me*.

Re:"the warden" is a misnomer (1)

theRiallatar (584902) | more than 8 years ago | (#13925815)

The problem is, Windows doesn't have well-controlled sandboxes. If Blizzard could get WoW to run completely isolated, inaccessible by any other processes or memory hooks, they'd do it, and the whole Warden point would be moot.

Once money enters the game... (1)

Nijika (525558) | more than 8 years ago | (#13925721)

I play Second Life exclusively online, so I don't run into this sort of thing. There's no leveling, etc, so running a cheat bot is kinda dumb. On the other hand there's a lot of intrigue and politics in the exchange of Linden dollars that kills the atmosphere of SL for me sometimes. Most if not all cheating for advancement is for monitary gain. It's always funny when real world politics and cash corrupts a purely fantastical plane that doesn't even exist. Does that speak to eternal human nature, or is this just a product of the times we live in?

Blizzard screw their customers.... (-1, Troll)

ActionJesus (803475) | more than 8 years ago | (#13925729)

why does this not suprise me?

Im not trying to troll: ive played WoW, and its a really good game. But blizzard see their gamers as money funnels, nothing else. And it shows.

A collectable card game?
Releasing an expansion before the bugs in the main game are even nearly done?
Their piss poor customer service? (forums, or the "fantastic" ask slashdot they gave)
The fact that on my server, getting a response from a GM in less than a week was a good thing? (not unique to my server)

And now theyre scanning your computer for anything they dont like.

Like i said, good game. But i quit WoW some time ago, and unless they actually decide to start treating players as more than stupid walking money, im not going back.

Definite article (1)

obli (650741) | more than 8 years ago | (#13925731)

It added that the Blizzard could get away with using The Warden because information about it was buried in licence agreements that few people read.

"Warden" instead of "the warden" is a grey zone, but it's definitely not "the Blizzard"

The Warden for Mac? (2, Interesting)

darkCanuck (751748) | more than 8 years ago | (#13925738)

When will "The Warden" get released for my iMac?

Actually, in all seriousness, I assume this is built into the Mac version as well? Overall, I don't care. I'm glad there's no (less?) cheating and I don't run anything else when I play anyhow.

Spilt milk, but make some cheese from it (3, Insightful)

Red Flayer (890720) | more than 8 years ago | (#13925745)

FTA: "[The EFF] added that the Blizzard could get away with using The Warden because information about it was buried in licence agreements that few people read."

Didn't read the license agreement? Sorry, but that's not Blizzard's problem. It would be nice if Blizzard had made it more obvious that they would be doing this.

But you know what? Tough titties, you agreed to it.

That said, it's good that people are drawing attention to this -- maybe next time around, Blizzard will be faced with losing revenue should they try to implement the same kind of solution.

What MMORPGs need to do is implement better server-side analysis to identify cheaters. Difficult? Yes. Expensive? Yes. But probably less difficult and less expensive that losing craploads of clients, and hiring craploads of lawyers. Then they won't need to have the invasion clause in the license for their games.

Spread the word, and maybe we won't have to deal with this next time.

Re:Spilt milk, but make some cheese from it (1)

GearheadX (414240) | more than 8 years ago | (#13925786)

Hit the nail on the head here. The notification of the Warden WAS given, in the EULA. If you don't read all of the terms of the contract you're signing, you have no right to whine about it later.

Re:Spilt milk, but make some cheese from it (1)

Red Flayer (890720) | more than 8 years ago | (#13925817)

Furthermore, you entered the contract under false pretenses, since you signed that you read and understood the agreement.

Not spyware, but there is a reason this won't die (5, Informative)

Dachannien (617929) | more than 8 years ago | (#13925752)

By definition, spyware sends back personal information concerning the user. Warden does no such thing, even going by the analysis of Hoglund (the author of a rootkit.com article, and a developer of cheat software for WoW). Hoglund uses FUD to scare the reader into believing that WoW is snooping around their e-mail addresses and IM friends list, but in actuality, the first thing Warden does when it scans a string is to hash it, thus removing all personally-identifiable information. It compares the hashes to a list of hashes sent from Blizzard's servers, and sends a notification to Blizzard if a hash matches one on the list. That's the only information it sends back.

Yes, it does scan window titles, and yes, coincidentally, those window titles may contain URLs or e-mail addresses. But Warden only works with hashes of those strings and doesn't phone them home. The paranoid can easily close other windows while running WoW (or, for that matter, uninstall), but the majority of the game-playing public wants anti-cheat measures in place.

Note that this anti-Warden crusade is perpetrated by people who will benefit financially if Blizzard is humiliated into discontinuing the use of Warden. The folks over at WoW!Sharp, the most well-known cheating/botting program for WoW, were selling subscriptions to their software, right up to the point where Warden caught them using their cheat software and led to them being banned. They realized that if they continued selling subscriptions to their software, they could be sued, so they released it as open-source, essentially to shove the problem of liability off onto their users.

If Warden were discontinued, they would, quite literally, be back in business.

OMG! Spyware - What else is there? (1)

governorx (524152) | more than 8 years ago | (#13925754)

You think thats bad. Try buying quake4, choosing not to install punkbuster on installation. Finishing the game (after the game kills my Ti500, btw radeon 9800 works nice and its dualhead). Deciding to play online. Find out you cant join without punkbuster. Cant find punkbuster install. Find a line in a the help file that reads like this:

"To install punkbuster you need to uninstall and reinstall quake 4."

Sry pal. Thats 4 cds, I rather not spend another hour re-installing it.

This is why I got into win32 app dev. So that I had some idea of wtf programs im running on my computer are doing (excluding linkages that i cant control). Sry, MMORPG is flawed because people cheat, people will look to cheat, and people enjoy cheating. MMORPG includes people. QED.

I rather run a safe box offline and play a single player title with an excellent story. Because, game developers, story is important not graphics.. makes we want to break out ff6 or chronotrigger and give 'em another go.

Re:OMG! Spyware - What else is there? (1)

drmarcj (807884) | more than 8 years ago | (#13925868)

Sry, MMORPG is flawed because people cheat, people will look to cheat, and people enjoy cheating. MMORPG includes people. QED. Yeah, I guess it's like in real life: there two kinds of people who cheat: (A) folks who are jerks who think they can get away with it; and (B) folks who think that everyone else is cheating and they need to 'even the odds'. As a college professor I have first hand experience with both mindsets. The minority are in category "a", but they wreck it for the rest of us because they cause reasonably honest people to decide to join catgory "b". If you want cheating not to happen, you make it hard for people in category A to do their thing. It does involve balancing rights of privacy, meaning that people are going to have to make the decision to either play the game and get spied on, or not play. If anything, Blizzard's sin in this case is they weren't sufficiently informative with their users about the extent of the spying they were doing (before you shell out the $50 for the game etc.) But ultimately anti-cheating measures, like police officers, are a necessary evil.

Doesn't that violate EULA? (1)

Lead Butthead (321013) | more than 8 years ago | (#13925756)

I am under the impression that most EULA prohibits disassembly of the software binaries. Whether or not the EULA is enforceable however is another matter..

Hyperbole (4, Insightful)

phorm (591458) | more than 8 years ago | (#13925822)

Hoglund noted that the text strings in title bars could easily contain credit card details or social security numbers.

Since when would a site submit a URL in the title? I assume this is for sites which don't have a <TITLE> tag, and just display the URL as the title. Even in that case, any website that submits a document with such information in the GET string is asking for trouble. It would allow it, among other things, to be viewed in the document history etc.

We need to stop jumping every perceived violation. There seems to be a witch-hunt on for privacy/security violators, and often the assumptions of what 'could' create a security risk falls into the realm of pretty silly...

Who uses/trusts downloadable cheating programs? (1)

wgaryhas (872268) | more than 8 years ago | (#13925848)

This is why you don't use download cheating programs, you make them yourself and don't share them so that the name of your program isn't in their hash.

How ironic. (0)

Anonymous Coward | more than 8 years ago | (#13925863)

2 feet behind me I have two computers running a meph bot on diablo ^-^.

Holy Grail 2 (5, Insightful)

moviepig.com (745183) | more than 8 years ago | (#13925865)


A cheater-robot gets caught because it plays a game better than any human could... right? So then, the real challenge for a human player is to be mistaken for a machine... a kind-of reverse Turing test...

Why no bots? (1)

Grendel Drago (41496) | more than 8 years ago | (#13925866)

Y'know, I'm real fuzzy on why users can't use bots to do the endless level grind. I mean, Progress Quest [progressquest.com] would be way, way, way less fun if I had to click on a little box for every enemy I slew...
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>