Violation of Security/Privacy...

J Greely baylisa at jgreely.com
Tue Oct 11 19:16:53 PDT 2005 

On Oct 11, 2005, at 1:28 PM, Jennifer Davis wrote:
> Interesting articles here:
> http://www.alternet.org/columnists/story/26402/
> www.rootkit.com/blog.php?newsid=358

As smoking guns go, these lack both smoke and guns. Nothing about
visible performance hits on your machine, nothing about uploading
PII to their servers, just a fairly simple scan of running processes
for known hacks, and a few heuristic methods for identifying the
processes to scan.

> In summary, it appears that Blizzard is doing some interesting things
> with looking at process/files running on the system to keep people  
> from
> breaking the EULA.

Could be worse. They could still be using the old Diablo cheat-checker
that not only lost all your save files when you reconfigured your  
machine
in just about any way, but also when Daylight Savings Time started.

Of course, the simple solution to this problem is to turn on fast user
switching and run the game from another account that has limited
privileges. That way it won't have permission to read any processes,
files, or memory that might contain personal or confidential  
information,
and all of your applications are a click away. Since WoW doesn't ship
with any setuid root binaries, that'll lock it down pretty securely.

Oh, wait, you're not playing WoW on a Mac, are you? Glad I am.

A careful reading of the ToS suggests two conditions under which you
agree to allow them to acquire information from your machine:
     - scanning RAM and process table for known hack programs.
     - collecting system identification information to hash into
       a unique identifier (hopefully less prone to error than
       the mess used in Diablo 1.0).

The ToS and the linked articles suggest that no PII leaves your system,
which is exactly what I'd expect from a company that needs to keep a
few million people happy or risk losing their monthly fees.

> Now I'm wondering about other software companies attaching this  
> kind of
> spyware into their software.

Look for any software that includes an "activation" system. Since it's
not running on one of those vaporware trusted computing platforms, its
method is going to look pretty similar to Blizzard's.

> and _stealing_ my system resources gets me kind of angry.

I note that the text mentioning the hack scanner is in ALL CAPS, and you
must scroll through the ToS to the end every time it's updated and click
the Accept button.

Never mind that the chances of this code visibly degrading your system
performance are somewhere between 'slim' and 'none'. I see no evidence
in the linked articles supporting this claim, and no one in my guild
has experienced any such slowdown after a patch (Mac or PC).

-j

More information about the Baylisa mailing list