http://news.bbc.co.uk/1/hi/technology/4385050.stm By Mark Ward Technology Correspondent BBC News website 31 October 2005 Game maker Blizzard has been accused of spying on the four million players of World of Warcraft. Net activists branded software used to spot cheats "spyware" because it gathers information about the other programs running on players' PCs. In its defence Blizzard said nothing was done with the information gathered by the anti-cheat software. And many players seem happy to have the software running if it cuts the amount of cheating in the game world. Home invasion The watchdog program, called The Warden by Blizzard, has been known about among players for some time. It makes sure that players are not using cheat software which can, for example, automatically play the game and build up a character's qualities. However, knowledge of it crossed to the mainstream thanks to software engineer Greg Hoglund who disassembled the code of The Warden and watched it in action to get a better idea of what it did. He found that it performed a quick analysis on other programs running on a PC to see if their characteristics match known cheating programs. But Mr Hoglund found that The Warden also scans the text in the title bars of any Window for any other program. Writing in his blog about what he found Mr Hoglund said: "I watched The Warden sniff down the e-mail addresses of people I was communicating with on MSN, the URL of several websites that I had open at the time, and the names of all my running programs." Mr Hoglund noted that the text strings in title bars could easily contain credit card details or social security numbers. Digital rights group The Electronic Frontier Foundation (EFF) branded The Warden "spyware" and said its use constituted "a massive invasion of privacy". The EFF said that it was not acceptable simply to take Blizzard's word that it did nothing with the information it gathered. It added that the Blizzard could get away with using The Warden because information about it was buried in licence agreements that few people read. Fair play Blizzard took to the forums on the central community site for World of Warcraft to defend itself and correct what it saw as "misinformation" about its actions. It said that The Warden did not gather any personally identifiable information about players only data about the account being used. It also re-iterated that the only thing done with data gathered was to look for evidence of hack or cheat programs. For their part many gamers seem happy to tolerate The Warden even though they acknowledged that it eroded their privacy to an extent. Jason Justice, speaking on behalf of members of the Low Red Moon guild, said many in its ranks supported the programs used by Blizzard if it kept the cheats out of the game. "The concern most have is that the program has the capability to read text from open programs, potentially compromising the privacy of some sensitive programs." "If someone is afraid of the program reading sensitive information from their programs, one possible solution is simply to not run any additional programs while playing World of Warcraft," he said, "which is certainly advisable from a performance standpoint to begin with." He told the BBC News website: "It is entirely Blizzard's responsibility to protect their intellectual property and the fairness of the game experience, and if they have code sophisticated enough to detect when a cheater is running illegal programs on their computer, they're doing a right good job of it." Paul Younger, one of the administrators on WoW community site worldofwar.net, said: "With cheating being a real concern to Blizzard I feel they have few options other than to check what people are running on their machines." "Blizzard have learnt since Diablo II that cheating can seriously hamper the enjoyment of a game," he said. Warcraft players debating the issue on the worldofwar.net forums seemed happy to have The Warden keeping an eye on what they are doing. Many said they trusted Blizzard not to exploit the information being gathered. Some pointed out that it would be hard for Blizzard to gather more useful information than they already have given that most use a credit card to pay the monthly fee to keep playing the game. For those worried by what The Warden does, Mr Hoglund has produced a program called The Governor that reports on what it is watching. _________________________________________ Earn your Master's degree in Information Security ONLINE www.msia.norwich.edu/csi Study IA management practices and the latest infosec issues. Norwich University is an NSA Center of Excellence.
This archive was generated by hypermail 2.1.3 : Wed Nov 02 2005 - 22:25:04 PST