gamepolitics: Is Blizzard Spying on World of Warcraft Players?

Game Politics (

gamepolitics) wrote,
@ 2005-10-15 09:32:00

Is Blizzard Spying on World of Warcraft Players?

Is the world's most popular online role-playing game spying on its customers?

A troubling article on Rootkit indicates that World of Warcraft publisher Blizzard has a monitoring program in place that is capable of gathering all manner of non-WoW related data from its subscribers. While the author speculates that the software, warden client, which runs every 15 seconds, is designed to weed out WoW cheaters, it falls squarely into the category of spyware:

"I watched the warden sniff down the email addresses of people I was communicating with on MSN, the URL of several websites that I had open at the time, and the names of all my running programs, including those that were minimized or in the toolbar. These strings can easily contain social security numbers or credit card numbers, for example, if I have Microsoft Excel or Quickbooks open w/ my personal finances at the time... Next, warden opens every process running on your computer... I watched warden open my email program, and even my PGP key manager."

As one of more than four million WoW subscribers, GP ain't happy about this one. Thanks to Kotaku, where we came across this disturbing item.

UPDATE: A GP reader has clued us in that Blizzard has addressed this issue in their forums.

(Post a new comment)

	joshdavis271 2005-10-15 02:08 pm UTC (link)
	hmmm very supicious... (Reply to this)

	Bah shatterjack 2005-10-15 02:56 pm UTC (link)
	Only filthy cheating hackers would have a problem with Blizzard monitoring what they do outside of the game. Privacy is for commies! Seriously though, I expect Blizzard probably means well, but they really ought to back off. It would only take one instance of an unscrupulous tech monkey grabbing someone's credit card number for this thing to blow up in their faces. (Reply to this) (Thread)

	Re: Bah joshdavis271 2005-10-15 03:10 pm UTC (link)
	Yep, they only need to monitor cheat devices, they ncan lock those out every time there is one bmade. (Reply to this) (Parent)

	OOOLLLDDD tsknf 2005-10-15 03:51 pm UTC (link)
	Or at least I think so. Wasn't the Blizzard spy rumours reported at Gamespot and other places ages ago? Dnim ruoy ni era yeht! (Reply to this) (Thread)

Re: OOOLLLDDD
(Anonymous)
2005-10-15 03:57 pm UTC (link)

well if pgp is a password keeper, thats your fualt for thinking containing all your passwords in one little program is safe. secound i fully trust that blizzard knows what their looking for and what they shouldnt be looking at, lets just hope or request that in newer versions of these programs they will automatically filter out obvious things like soc number, credit card numbers and so forth, but i wouldnt mind them tracking where you inputed a credit card number, heck their agenst WOW content auctions from what i hear and some people try to sell game hacks for money online

(Reply to this) (Parent)

	Re: OOOLLLDDD gamepolitics 2005-10-15 03:59 pm UTC (link)
	actually, this is fairly new stuff. The original article was posted on Oct 5th. Kotaku just ran with it yesterday. (Reply to this) (Parent)(Thread)

	Re: OOOLLLDDD tsknf 2005-10-15 04:04 pm UTC (link)
	Hmm...So if Blizzard is spying on people via WoW, it makes the idea shoe laces are part of a penguin plot to conquer the world seem so much more believeable. (Reply to this) (Parent)(Thread)

	Re: OOOLLLDDD gamepolitics 2005-10-15 04:13 pm UTC (link)
	>>>>it makes the idea shoe laces are part of a penguin plot to conquer the world seem so much more believeable. I've always felt they were... (Reply to this) (Parent)

	Re: OOOLLLDDD joshdavis271 2005-10-15 04:21 pm UTC (link)
	Still, very suspicious. (Reply to this) (Parent)

	Re: OOOLLLDDD dthrax 2005-10-15 04:59 pm UTC (link)
	Warden was first discovered back a few months ago. It brought There was a huge blow up on the Blizzard boards about it. There are several bot sites that detail it's detection schemes and possible ways to get around it. http://www.wowsharp.net comes to mind. (Reply to this) (Parent)

	Proof? _fx_ 2005-10-15 04:03 pm UTC (link)
	I have heard of this 'warden client' before. I was just wondering if someone could post up some proof of its existance, and perhaps some information on how to find it yourself. (Reply to this) (Thread)

	Re: Proof? gamepolitics 2005-10-15 04:12 pm UTC (link)
	I'm certainly not tech enough to do it. Suggest you contact the original author at Toolkit... (Reply to this) (Parent)

	caf_pow 2005-10-15 04:14 pm UTC (link)
	have you sent this to bruce schneier? it'd be interesting to hear his perspective. i can see why they've done that they have (functionally) and would expect this info to be parsed only and not transmitted. that said, there must be a more elegant (and secure) solution than this (i am just not smart enough to think of it). (Reply to this) (Thread)

	gamepolitics 2005-10-15 04:26 pm UTC (link)
	Frankly, I wasn't aware of Scheiner until your post. Do you think this would be of interest to him? (Reply to this) (Parent)(Thread)

	caf_pow 2005-10-15 04:28 pm UTC (link)
	oh, he's the man! i'm undecided about how much of this is actually a security issue, but i would sure like to know if he has a better solution for retrieving the information relevant to blizzard. sending it to him couldn't hurt... (Reply to this) (Parent)

Wow, I'm disappointed in WoW

jabrwock
2005-10-15 04:16 pm UTC (link)

I understand Blizzard means well, but DAMN! This is Microsoft kind-of low.

Blizzard should be ashamed for doing something like this, and I hope someone finds a way to disable this "warden" app.

Then again, this completely illustrates the stupidity of how M$ Windows runs. It would need administrator access to pull this in the Mac OS X version of WoW, and you don't get that automatically, it would need to prompt you for a password.

(Reply to this) (Thread)

	Re: Wow, I'm disappointed in WoW ace_ofspade 2005-10-17 02:40 am UTC (link)
	Well it's their sandbox they can do this. Without them, the next best thing is E2. (Reply to this) (Parent)

Lesson on what a hash is

steamingturd
2005-10-15 04:18 pm UTC (link)

If you actually read the article on rootkit, you'll see that the person doing the analysis notes that when the Warden program scours various places on your computer for strings of text or the start of the code for certain programs, it first hashes those strings and then compares the hash to a table of hashes that Blizzard sends to your computer. If something matches, it only sends back to Blizzard information on which hash was matched.

A hash is a way of condensing a large piece of information into a smaller piece of information. You could generate a hash for this web page, for example - it might look something like "XHSS737XC7EALVM83J8JHY". Now, obviously, the vast bulk of the data on the web page is lost in the hashing process. In fact, hashing is irreversible - if somebody gives you a hash, you can't take the hash and regenerate the data it came from. But, the point of a hash is that the chances of taking two large pieces of data, hashing them, and having the hashes be the same is incredibly remote. That means that if you have a list of hashes, and you want to compare the hash of a piece of data to the hashes in the list, the chances of getting a false positive are puny. On top of that, the only information sent back to Blizzard is a flag indicating which, if any, of the hashes were matched. That means that absolutely zero personal information is transmitted back to Blizzard in any form.

This means that all this stuff about the Warden program sniffing personal data and passwords is just FUD ("Fear, Uncertainty, and Doubt") instigated by the person who wrote the article. Note that the article author is involved with the writing of the very hack/cheat programs that Blizzard is trying to detect. He has a vested interest in raising public sentiment to support him, so that he can continue cheating in WoW without getting banned. The cheat developers have already been banned at least once, showing that without transmitting personal information, the Warden program can catch cheaters and refer them to people at Blizzard for account action.

(Reply to this) (Thread)

	Re: Lesson on what a hash is gamepolitics 2005-10-15 04:23 pm UTC (link)
	Thanks for explaining that. GP makes no pretension to having code monkey skills. And did I really type "Toolkit" instead of "Rootkit" in my other reply here. oops. (Reply to this) (Parent)

	Blizzard post on the subject (Anonymous) 2005-10-15 07:06 pm UTC (link)
	You'd do well to read Blizzard's post on the subject, found here: http://forums.worldofwarcraft.com/thread.aspx?fn=blizzard-archive&t=33&p=1&tmp=1#post33 Additionally, the rootkit article was written by someone who writes various "chea" programs, obviously some for World of Warcraft. (Reply to this) (Thread)

	Re: Blizzard post on the subject gamepolitics 2005-10-15 07:43 pm UTC (link)
	I always take my hyperbole with salt. And a side of onion rings. Seriously, though. Thx for that WoW posting. Adding it to the story. Ya know, I usually don't have this much trouble when I borrow a story from Kotaku. So it's Kotaku's fault. That dirty Kotaku... (Reply to this) (Parent)(Thread)

	Re: Blizzard post on the subject joshdavis271 2005-10-15 07:47 pm UTC (link)
	yea lets all point and blame kotaku. shall I call them out dennis :) (Reply to this) (Parent)(Thread)

	Re: Blizzard post on the subject gamepolitics 2005-10-16 03:34 pm UTC (link)
	Nah. I'll let them know, because this other info we're hearing is important and should be commented. (Reply to this) (Parent)

	Blizzard post on the subject (Anonymous) 2005-10-15 07:11 pm UTC (link)
	You'd do well to read Blizzard's post on the subject, found here: http://forums.worldofwarcraft.com/thread.aspx?fn=blizzard-archive&t=33&p=1&tmp=1#post33 Additionally, the rootkit article was written by one who writes various programs to hack games such as WoW. Take some of the hyperbole with a grain of salt. (Reply to this) (Thread)

	Re: Blizzard post on the subject jr5440 2005-10-16 03:02 pm UTC (link)
	Agreed, lets slow down a bit here and not jump to conclusions, JR http://www.world-of-warcraft-gold.com (Reply to this) (Parent)

	Typical sothasil 2005-10-15 08:21 pm UTC (link)
	The only people who have to worry about this is the cheaters, which is why those people are spreading half-truths and whole lies. If it looks like an anti-cheating measure, the majority's happy, and the cheaters aren't. If it looks like an invasion of privacy, everyone's angry, and the cheaters revel in the trouble they've caused. Age-old tactic for hackers/cheaters. (Reply to this) (Thread)

	Re: Typical joshdavis271 2005-10-15 08:28 pm UTC (link)
	I see, but still it is suspicious. (Reply to this) (Parent)(Thread)

	Re: Typical sothasil 2005-10-15 08:47 pm UTC (link)
	Blizzard would be in deep shit if they were collecting personal information, they can't afford to do that. And they can't afford to reveal their methods to cheaters/hackers either. (Reply to this) (Parent)

(Anonymous)
2005-10-16 03:15 am UTC (link)

I think it is important to note a few things

a) the author of the original article is a well known individual in the hacking scene and the author of several hacking and cheating tools for Blizzard games, some of which are sold for cash on certain things. So while his fears for the average user's privacy are heartening, chances are that he has a secondary, not so noble agenda.

b) Software like Punkbuster or even Mythic's Dark Age of Camelot has been doing exactly this for a while now. If anything Blizzards implementation is protective of the player's privacy as it doesn't send any information back to blizzard, with the potential exception of *hashed* text. A hash is a one way process, it is not possible to retrieve the hashed original text, it can just be used to compare it to a list of known signatures.

c) Like games containing Punkbuster, Blizzard has disclosed that they are monitoring the client for cheats and hacks on their boards and in their EULA. Like going into a shopping mall and reading the "security cameras on premise" sign, the user has the chance to decide himself if the measure is intrusive or not.

d) Reading PGP process memory is pointless and only mentioned as FUD by the person who wrote the article. PGP is designed to not keep cleartext information in RAM.

In the end it is clear that the individual who wrote the article is hoping to damage Blizzard because they are starting to seriously hurt his business. Not that it matters tho, because in the end there are two factions - those who play WoW and want to play it cheat free and don't give a damn about some hashed window titles being compared to a list of cheats - and those who don't play it and are ah so protective of the poor peoples privacy who are enjoing the game and don't care about it.

(Reply to this) (Thread)

	gamepolitics 2005-10-16 03:34 pm UTC (link)
	Good stuff. (Reply to this) (Parent)

	Ahhhhh.. ace_ofspade 2005-10-17 02:41 am UTC (link)
	My kind of newspost, not a Jack in sight... (Reply to this)

	chicito21154 2005-10-18 08:41 pm UTC (link)
	This is what they actually do, they scan your characters (not your computer) to make sure you dont have any bot/hack programs installed that are used in World of Warcraft (Reply to this)

Username:		Create an Account Forgot your login or password? Login w/ OpenID
Password:
	Remember Me
	English • Español • Deutsch • Русский…

About

Help

Get Involved

Legal

Store

LJ Labs