Sony DRM and Blizzard's Warden

[mundane]

Slashdot linked to an article relating to Sony's DRM and its interaction with Blizzard's anti-cheating program:

World of Warcraft hackers using Sony BMG rootkit
Published: 2005-11-03

Want to cheat in your online game and not get caught? Just buy a Sony BMG copy protected CD.

World of Warcraft hackers have confirmed that the hiding capabilities of Sony BMG's content protection software can make tools made for cheating in the online world impossible to detect. The software--deemed a "rootkit" by many security experts--is shipped with tens of thousands of the record company's music titles.

Blizzard Entertainment, the maker of World of Warcraft, has created a controversial program that detects cheaters by scanning the processes that are running at the time the game is played. Called the Warden, the anti-cheating program cannot detect any files that are hidden with Sony BMG's content protection, which only requires that the hacker add the prefix "$sys$" to file names.

Despite making a patch available on Wednesday to consumers to amend its copy protection software's behavior, Sony BMG and First 4 Internet, the maker of the content protection technology, have both disputed claims that their system could harm the security of a Windows system. Yet, other software makers that rely on the integrity of the operating system are finding that hidden code makes security impossible.

Taken from Security Focus
Courtesy of ./

 

[Malladine]

heh, Sony, the publisher of everquest 2, is responsible for programming that subverts Blizzard's (the makers of world of warcraft) scanning program, making it easier for hacking to take place in the latter game.

 

[mugs]

Haha... I don't doubt Blizzard will be able to fix the issue though.

 

[cKGunslinger]

And rootkit that can "hide" dll's from the OS and its hooks would work against Warden. Sony's just conveniently comes on $12.99 CDs at your local music shop.

 

[Genx87]

This goes for any malware process. I have a feeling many malware and spyware process's and maybe even virus's will start hiding in folders with the $sys$ prefix.

Sony may have a huge legal issue on their hands over this one. They have opened up millions of consumers computers to a major security hole.

Not to mention the ethic's issued brought up with installing an application that is invisible to almost everything, undeleteable to 99% of avg users, and if deleted in an incorrect way renders your CD-ROM drive useless.

 

[BladeVenom]

Blizzard should sue Sony.

 

[blurredvision]

Wow, this thread has 5 replies already, and no one has wanted to burn Microsoft at the stake yet. Sounds to me like MS needs to fix this ASAP, if possible, and be done with it. Although, I'm not quite sure what the $sys$ thing is, so it might not be fixible without a major overhaul.

 

[Nothinman]

Wow, this thread has 5 replies already, and no one has wanted to burn Microsoft at the stake yet. Sounds to me like MS needs to fix this ASAP, if possible, and be done with it. Although, I'm not quite sure what the $sys$ thing is, so it might not be fixible without a major overhaul.

That's because MS isn't at fault at all. Sony's rootkit uses a kernel level driver and once you install something at that level virtually anything is possible. Atlhough the software won't work on Windows for AMD64 because that build of Windows doesn't allow system call hooking because the hardware can be used to protect the memory pages. Hell why not take it once step further and sue Intel for not producing CPUs that support no-exec pages earlier.

 

[Markbnj]

[That's because MS isn't at fault at all.]

Well, they sort of are. Too many people routinely run their accounts with administrator priveleges, without which I think it would be a lot harder to get a kernel-level driver hooked in, or at least harder to get it hooked in silently. This is mostly a problem of historical dimensions, and Microsoft's share of blame is countered by the fact that they have always kept the systems backward compatible. They could have introduced Win95 with a security model that made it impossible to sneak a driver onto a system, but it would have broken so much older stuff.

 

[Seeruk]

Originally posted by: Markbnj
[That's because MS isn't at fault at all.]

Well, they sort of are.

Ummm no they are not - to listen to the cd you have to install the software. To install the software you have to be logged on as an admin.... just as you would in just about any OS including Linux & Mac OSX

 

[blurredvision]

Originally posted by: Nothinman

Wow, this thread has 5 replies already, and no one has wanted to burn Microsoft at the stake yet. Sounds to me like MS needs to fix this ASAP, if possible, and be done with it. Although, I'm not quite sure what the $sys$ thing is, so it might not be fixible without a major overhaul.

That's because MS isn't at fault at all. Sony's rootkit uses a kernel level driver and once you install something at that level virtually anything is possible. Atlhough the software won't work on Windows for AMD64 because that build of Windows doesn't allow system call hooking because the hardware can be used to protect the memory pages. Hell why not take it once step further and sue Intel for not producing CPUs that support no-exec pages earlier.

Hey, I put the disclaimer that I didn't know what the $sys$ thing was, which indicated I was talking out of my ass. I don't know the innards of an OS, so I probably shouldn't have posted at all.

 

[Malak]

Originally posted by: BladeVenom
Everyone should sue Sony.

Fixed

 

[everman]

*devil's advocate*
So we should be able to sue developers because bugs in their software cause system vulnerabilities? This wouldn't be limited to just "evil corporations" like Sony, we could sue anyone for software bugs. There are bugs in every program, we'll have class action lawsuits against everyone.
/devil's advocate

yes / no?

 

[YoshiSato]

Originally posted by: everman
*devil's advocate*
So we should be able to sue developers because bugs in their software cause system vulnerabilities? This wouldn't be limited to just "evil corporations" like Sony, we could sue anyone for software bugs. There are bugs in every program, we'll have class action lawsuits against everyone.
/devil's advocate

yes / no?

If the "bug" was intentional yes, sue em. If the bug was known about before the release of the software and the company has a "fix it later" way of doing business sue em.

The same thing happens with hardware. Look at the firestone tire issue. There was a flaw they did not fix, people died and they got sued.

Look at the Ipod Nano suits. There was a flaw, apple said screw you it's not our problem and people are now suing because of it.


If Joe blow writes a program and does some how create a security hole in the system he should not be sued. If there is a reasonable amount of time in which the hole is discovered(say 12 months) he should patch the problem. If he doesn;t he can open him self up to a lawsuit. If Joe blow did know about the hole before release or created the hole on purpose he's open to a law suit from day 1.

An Ex Post Facto fix does not undo the prior fraudlant act.

If someone breaks into your house, steels some stuff and then desides to turn him self in and return the items he's still going to jail.

 

[YoshiSato]

Originally posted by: cKGunslinger
And rootkit that can "hide" dll's from the OS and its hooks would work against Warden. Sony's just conveniently comes on $12.99 CDs at your local music shop.

Wow, Sony may have tried to blow smoke up the consumers rears with the "Fix" which does nothing but unhides the files. It does not remove the wares, however I am sure companies like Blizzard may sue big time because of this.

Sony, your really screwed now.

 

[Nocturnal]

LOL that would be awesome of Blizzard sued Sony.

 

[BigPoppa]

What would Blizzard sue about? Their invasive anti-cheat tool (it looks at more than it should) no longer works as well as they hoped?

 

[Nothinman]

Hey, I put the disclaimer that I didn't know what the $sys$ thing was, which indicated I was talking out of my ass. I don't know the innards of an OS, so I probably shouldn't have posted at all.

And isn't that the point? You're screaming that people should be suing MS but you don't have a clue as to why?

 

[YoshiSato]

Originally posted by: BigPoppa
What would Blizzard sue about? Their invasive anti-cheat tool (it looks at more than it should) no longer works as well as they hoped?

Well given that P2P networks are reponsible for how people use their software and network. Sony is responsible for creating and distrubiting an application that can be use to bypass a "security application".

 

[CKent]

I've been boycotting Sony products for years. Can't help but grin at the "omg, how could they?" I'm seeing in all the threads about this on the forums I visit... as though their lack of ethics is something new :laugh:

 

[blurredvision]

Originally posted by: Nothinman

Hey, I put the disclaimer that I didn't know what the $sys$ thing was, which indicated I was talking out of my ass. I don't know the innards of an OS, so I probably shouldn't have posted at all.

And isn't that the point? You're screaming that people should be suing MS but you don't have a clue as to why?

Woah, woah. I never screamed anything, THIS IS SCREAMING. I never said anything about sueing anyone, I just said if it was MS's problem, they needed to get it fixed ASAP.

Now you're the one talking out of your ass. Damn, this board is so asinine, you can't even admit that you shouldn't have posted without someone trying to look holier than thou and making up sh!t.

 

[ArmchairAthlete]

Hah, so now Warden basically just spies on the innocent while the cheaters run free.

 

[PsharkJF]

It appears the WoW warden couldn't stop the prisonbreak in cell block SONYROOTKIT

 

[Nothinman]

Woah, woah. I never screamed anything, THIS IS SCREAMING. I never said anything about sueing anyone, I just said if it was MS's problem, they needed to get it fixed ASAP.

You said " Wow, this thread has 5 replies already, and no one has wanted to burn Microsoft at the stake yet" which implies that you think people should start attacking MS, which implies suing them since there's nothing else anyone could do about it.

 

[blurredvision]

Originally posted by: Nothinman

Woah, woah. I never screamed anything, THIS IS SCREAMING. I never said anything about sueing anyone, I just said if it was MS's problem, they needed to get it fixed ASAP.

You said " Wow, this thread has 5 replies already, and no one has wanted to burn Microsoft at the stake yet" which implies that you think people should start attacking MS, which implies suing them since there's nothing else anyone could do about it.

Nice job! /applause You single handedly managed to use the word "implies" twice in your thread that is meant to attack me. /more_applause The term of burning a company at the stake is sort of like a witch hunt, where I thought that the anti-MS population here would be coming after MS and their OS, not saying someone should sue them.

I was wrong with what I posted in the first place, I admitted it, and said I shouldn't have even posted. What more do you want from me?