|
|
| Author |
Message |
Tura
RealPoor Guru
Joined: 29 Oct 2003
Posts: 4865
Location: Raleigh, NC
|
 Posted: 10/28/05 - 10:28 Post subject: WoW = Spyware
|
|
|
http://www.rootkit.com/blog.php?newsid=358
This software is known as the 'warden client'. It is downloaded on the fly from Blizzard's servers, and it runs about every 15 seconds and is designed to verify compliance with a EULA/TOS.
Here is what it does, about every 15 seconds, to about 4.5 million people (500,000 of which are logged on at any given time). The warden dumps all the DLL's using a ToolHelp API call. It reads information from every DLL loaded in the 'world of warcraft' executable process space. No big deal.
The warden then uses the GetWindowTextA function to read the window text in the titlebar of every window. These are windows that are not in the WoW process, but any program running on your computer. Now a Big Deal.
I watched the warden sniff down the email addresses of people I was communicating with on MSN, the URL of several websites that I had open at the time, and the names of all my running programs, including those that were minimized or in the toolbar. These strings can easily contain social security numbers or credit card numbers, for example, if I have Microsoft Excel or Quickbooks open w/ my personal finances at the time.
From all this info Blizzard decides to ban you ... or not. For example, if you have a window titled 'WoW!Inmate' - regardless of what that window really does, it could result in a ban. If you can't believe it, make a dummy window that does nothing at all and name it this, then start WoW. It certainly will result in warden reporting you as a cheater.
|
|
|
Back to top
|
|
|
|
 |
Xanivin
Luke Warm
Joined: 12 Oct 2002
Posts: 275
Location: Warren, MI
|
|
Posted: 10/28/05 - 10:39 Post subject:
|
|
|
|
Thx Ircspy.com.
|
|
|
Back to top
|
|
|
|
|
halfbent
RealPoor Guru
Joined: 11 Oct 2002
Posts: 2944
Location: Kentwood, Mi
|
|
Posted: 10/28/05 - 11:24 Post subject:
|
|
|
|
Spyware is a pretty loose term. =\
|
|
|
Back to top
|
|
|
|
|
khrath
Guest
|
|
Posted: 10/28/05 - 11:30 Post subject:
|
|
|
does it send every windows name to blizzard, or does it scan for specific names and alert blizzard of their presence?
scanning names is no big deal, it's wether or not it sends that info back to them that matters.
|
|
|
Back to top
|
|
|
|
|
Occulis
RealPoor Jedi
Joined: 11 Oct 2002
Posts: 13293
Location: Moral Relativity Central
|
|
Posted: 10/28/05 - 11:39 Post subject:
|
|
|
|
I don't think you would be able to pay for the bandwidth of 250,000 simultaneous uploads of about 2kB of data every N seconds.
|
|
|
Back to top
|
|
|
|
|
Aviger
RealPoor Sensei
Joined: 11 Oct 2002
Posts: 1509
|
|
Posted: 10/28/05 - 11:49 Post subject:
|
|
|
i fail to see the problem...if it scanes ACTIVE programs all one would need to do is close all apps while playing Wow.
And seriously, who is running excell / browsers / accounting software while you are playing games on a regular basis.
Tab out to look up quests / send an msn sure. But actually typing in your CC info someplace while playing wow seems a bit odd to me 
|
|
|
Back to top
|
|
|
|
|
Occulis
RealPoor Jedi
Joined: 11 Oct 2002
Posts: 13293
Location: Moral Relativity Central
|
|
Posted: 10/28/05 - 12:01 Post subject:
|
|
|
| Aviger wrote: | i fail to see the problem...if it scanes ACTIVE programs all one would need to do is close all apps while playing Wow.
And seriously, who is running excell / browsers / accounting software while you are playing games on a regular basis.
Tab out to look up quests / send an msn sure. But actually typing in your CC info someplace while playing wow seems a bit odd to me |
So, as long as you aren't buying anything out of your wallet at the same time as them, it's okay for strangers to write down your credit card numbers?
|
|
|
Back to top
|
|
|
|
|
Aviger
RealPoor Sensei
Joined: 11 Oct 2002
Posts: 1509
|
|
Posted: 10/28/05 - 12:05 Post subject:
|
|
|
| Occulis wrote: | | Aviger wrote: | i fail to see the problem...if it scanes ACTIVE programs all one would need to do is close all apps while playing Wow.
And seriously, who is running excell / browsers / accounting software while you are playing games on a regular basis.
Tab out to look up quests / send an msn sure. But actually typing in your CC info someplace while playing wow seems a bit odd to me |
So, as long as you aren't buying anything out of your wallet at the same time as them, it's okay for strangers to write down your credit card numbers? |
you miss my point.
In your analogy, i meant if you are buying something and put your credit card away, THEN someone looks over your shoulder, they aren't going to see anything..
If you close ALL OTHER APPS <--- before playing WoW, they cant see anything (if i read the article right where it only scans ACTIVE programs in memory, if its scans your HD for shit ok you have a point)
|
|
|
Back to top
|
|
|
|
|
Occulis
RealPoor Jedi
Joined: 11 Oct 2002
Posts: 13293
Location: Moral Relativity Central
|
|
Posted: 10/28/05 - 12:11 Post subject:
|
|
|
I got your point, but we disagree on the fundamental part: Invading privacy is bad. Closing apps to prevent people from invading your privacy is bad.
I actually endorse what Blizzard is doing. It's one of the only ways to check for cheaters, and hopefully that's all they are using it for. That is definite not all they can use it for, though.
|
|
|
Back to top
|
|
|
|
|
Aviger
RealPoor Sensei
Joined: 11 Oct 2002
Posts: 1509
|
|
Posted: 10/28/05 - 12:17 Post subject:
|
|
|
| Occulis wrote: | I got your point, but we disagree on the fundamental part: Invading privacy is bad. Closing apps to prevent people from invading your privacy is bad.
I actually endorse what Blizzard is doing. It's one of the only ways to check for cheaters, and hopefully that's all they are using it for. That is definite not all they can use it for, though. |
i guess you are right though, invasion of privacy is bad.
I just didn't agree where teh writer of the article made it seem like they scoured your computer for personal info.
There is a potential for great misuse. which is bad
PS: i started playing wow now with a window open saying "Blizzard, please stop stealing my porn!"
|
|
|
Back to top
|
|
|
|
|
Occulis
RealPoor Jedi
Joined: 11 Oct 2002
Posts: 13293
Location: Moral Relativity Central
|
|
Posted: 10/28/05 - 12:33 Post subject:
|
|
|
hahah that's funny
I should make a DLL called BLIZZARDSNOOPSME and... er... well, nevermind. I'd probably get banned again 
|
|
|
Back to top
|
|
|
|
|
halfbent
RealPoor Guru
Joined: 11 Oct 2002
Posts: 2944
Location: Kentwood, Mi
|
|
Posted: 10/28/05 - 12:33 Post subject:
|
|
|
|
All it does it scan window titles, and active processes, not the contents of any window open. If it sees an empty notepad window with WoW!Radar as the document name, you get flagged, even tho it's not even the program.
|
|
|
Back to top
|
|
|
|
|
Yanbik
RealPoor Sensei
Joined: 28 Jan 2003
Posts: 1575
|
|
Posted: 10/28/05 - 14:53 Post subject:
|
|
|
|
hence why wowsharp and just about any other botting program made it so you can change the process name and window to anything you want.
|
|
|
Back to top
|
|
|
|
|
halfbent
RealPoor Guru
Joined: 11 Oct 2002
Posts: 2944
Location: Kentwood, Mi
|
|
Posted: 10/28/05 - 17:05 Post subject:
|
|
|
|
Yep. =)
|
|
|
Back to top
|
|
|
|
|
Occulis
RealPoor Jedi
Joined: 11 Oct 2002
Posts: 13293
Location: Moral Relativity Central
|
|
Posted: 10/28/05 - 17:51 Post subject:
|
|
|
|
Hmm! What are the advantages to running those? If you're not going to use runspeed hacks (like I see paladins doing all the time), then why bother? No reason to get caught because you want to know there's an enemy 15 feet behind you.
|
|
|
Back to top
|
|
|
|
|
halfbent
RealPoor Guru
Joined: 11 Oct 2002
Posts: 2944
Location: Kentwood, Mi
|
|
Posted: 10/28/05 - 21:07 Post subject:
|
|
|
|
Only thing I've ever used was the WoW!Sharp fishing bot.
|
|
|
Back to top
|
|
|
|
|
|
|
