Forgot your password?
typodupeerror
Privacy Role Playing (Games) Security

BBC Tells World About The Warden 573

Posted by Zonk
from the everyone-else-is-doing-it dept.
Anonymous Cowpat writes "The BBC is running a story about the Blizzard title World of Warcraft. Specifically an article about, 'The Warden', Blizzard's highly-invasive anti-cheating software, which some, including The EFF have labelled as spyware. Most of the people around here have probably heard of it by now, but it's interesting to see the story in the mainstream press and (at time of writing) on the front page of the BBC's technology news section, no less." From the article: "The watchdog program, called The Warden by Blizzard, has been known about among players for some time. It makes sure that players are not using cheat software which can, for example, automatically play the game and build up a character's qualities. However, knowledge of it crossed to the mainstream thanks to software engineer Greg Hoglund who disassembled the code of The Warden and watched it in action to get a better idea of what it did."
This discussion has been archived. No new comments can be posted.

BBC Tells World About The Warden

Comments Filter:
  • by Anonymous Coward on Tuesday November 01, 2005 @02:35PM (#13925616)
    The watchdog program, called The Warden by Blizzard, has been known about among players for some time. It makes sure that players are not using cheat software which can, for example, automatically play the game and build up a character's qualities.

    Yes, but who watches the watchers?

    For those worried by what The Warden does, Mr Hoglund has produced a program called The Governor that reports on what it is watching.

    Oh.

    Well in that case, who watches the watchers of the watchers? Hmmm? Answer me that ... if you can!
    • by Kenja (541830) on Tuesday November 01, 2005 @02:56PM (#13925828)
      "Well in that case, who watches the watchers of the watchers? Hmmm? Answer me that ... if you can!"

      I dont know... The coast guard?

    • of vigilantes (Score:4, Insightful)

      by Iriel (810009) on Tuesday November 01, 2005 @02:57PM (#13925831) Homepage
      Whatever happened to the good ol' days of Diablo 1 online when I had to use a hack for the sole purpose of disabling everyone else's hacks around me?
    • Re:The Watcher? (Score:5, Interesting)

      by Stripe7 (571267) on Tuesday November 01, 2005 @02:57PM (#13925833)
      It will not be long before M$ "Trusted computing platform" will be used instead of all these spyware. That will be a few years away. For now however the only way I would play WOW is on a seperate boot image. Create a boot image for WOW and keep all your personal stuff in another closed off boot image. It means you have to reboot if you want to do other stuff but given that most guys playing WOW play for hours at a time that will not matter too much. Hmm, anyone try to run WOW in a virtual machine partition?
    • by Rei (128717) on Tuesday November 01, 2005 @03:02PM (#13925892) Homepage
      To take out the Governor in case of abuse, they'll unleash wave after wave of Chinese Needle Snakes. Then, to get rid of the snakes, they'll use a fabulous type of gorilla that thrives on snake meat. Then - here's the beauty part - when wintertime rolls around, the gorillas will simply freeze to death.
    • by kinnunen (197981) on Tuesday November 01, 2005 @06:08PM (#13927783)
      "Who watches the watchers" is +5 Funny? WTF?
  • by Nick of NSTime (597712) on Tuesday November 01, 2005 @02:38PM (#13925639)
    In the next patch, all WoW character models will be updated with black suits bearing an individual number.
  • by sheepab (461960) on Tuesday November 01, 2005 @02:38PM (#13925643) Homepage
    This is a comment from someone who has dissected the Warden client:

    The warden then uses the GetWindowTextA function to read the window text in the titlebar of every window. These are windows that are not in the WoW process, but any program running on your computer. I watched the warden sniff down the email addresses of people I was communicating with on MSN, the URL of several websites that I had open at the time, and the names of all my running programs, including those that were minimized or in the toolbar. Once these strings are obtained, they are passed through a hashing function and compared against a list of 'banning hashes' - if you match something in their list, I suspect you will get banned.
    • by MindStalker (22827) <mindstalker@gmDALIail.com minus painter> on Tuesday November 01, 2005 @02:41PM (#13925668) Journal
      As other poster said, if you don't like it don't play the game. As well does it compare hashes client side? As long as its sending no information to blizzards server than "He's cheating!!" I really don't see why anyone cares what it sniffs.
      • As other poster said, if you don't like it don't play the game.
        An ridiculous defense of secret spying. "If you don't like it"... was Blizzard ever planning to reveal what it is?
        • by ildon (413912) on Tuesday November 01, 2005 @03:23PM (#13926076)
          It was quite clearly revealed, in all caps no less, in the updated EULA/TOS/whatever it is with the first patch to contain the warden. In fact it's pretty much the only capitalized section of the terms. Further, WoW doesn't make you agree to the terms every time you log in. Only when you install a patch and/or the terms are changed. So it's not like it's something you click through every time you login and learn to ignore. Plus it shows the date of the terms prominently at the top right corner. So if you see the date updated, you can know to read them for changes.

          Blizzard is not trying to hide anything, and never was.
      • As other poster said, if you don't like it don't play the game. As well does it compare hashes client side? As long as its sending no information to blizzards server than "He's cheating!!" I really don't see why anyone cares what it sniffs.

        That's good if you know this is in place.

        But, more importantly, this is hugely invasive and acts as if it is their right to inspect everything on your machine. It isn't their right -- their EULA might claim so, but I would tend to disagree.

        And, since they've already gone

      • I care what it sniffs because I didn't ask it to sniff anything. Blizzard may think that because I installed their game they have some sort of intrinsic right to run anything on my computer, but I don't think they do. They have the right to run game code. If they want to have a runtime anti-cheat app that's fine, but what they're doing is assuming that any time I'm on my computer I may be looking for cheats, so they're monitoring everything.

        Am I not allowed to read a web site that has linked to a cheat? Wha
    • So, in other words, all you need to do is make the cheating program come up with a random titlebar name every time it starts up? ;^)
      • Not quite, the depth that warden goes into checking everything on your system is nothing short of amazing, the report this guy made on the warden client go on to say this:

        Next, warden opens every process running on your computer. The alpha version subverted the method used by warden which was GetProcessNext.Every process is read from in this way. I watched warden open my email program, and even my PGP key manager. Again, I feel this is a fairly severe violation of privacy, but what can you do?
        • Again, I feel this is a fairly severe violation of privacy, but what can you do?

          You can stop playing the damn game. Blizzard has no reason to change their behavior until they've been hit in the pocketbook.
        • The first small bit of code is read from each running process, hashed, and compared to a list of hashes downloaded to the client. AFAIK, only code segments are scanned, not data segments and not the stack, which means that PGP privacy and other such niceties are not violated.

        • what can you do?

          Run your cheats on another program. Any stubs that it requires on your current computer can be implemented as system processes that WoW can't read anyway.

    • by Iriel (810009) on Tuesday November 01, 2005 @02:53PM (#13925795) Homepage
      Screw the quotes about what information it goes through. The bottom line is the cheat flags that it looks for and sends back. Here's the million dollar question for almost every application that gets flagged as having 'spyware'**

      Do you want to play a fair game and a have a good time, or will tin foil hats get the best of you because you feel like you have big secrets to hide from the world?

      ** Yes, I realize that a number of those claims can be well founed, but a lot of it is just paranoia.
    • While I don't completely agree with Blizzard's anti-cheating methods I can kind of understand why they are doing it. They can't stop the truly determined cheaters, however. What's going to stop me from whipping my favorite hex editor and changing a few window title strings in my cheat executables?
    • I'm a little confused by the spyware allegations, like the program is looking at what you're running, but so does a virus checker or task manager, are those spyware programs too?
      • I think a major difference is one of expectations. When I install a virus scanner and tell it to look for virus, I have an explicit understanding that it is going to examine all of my files for traces of a virus. When I run World of Warcraft (or any other game) I expect it to be crunching numbers for physics, graphics, etc, not snooping around my system. Not only that, but the virus scanner will report back to me and will not send out data unless I explicitly agree to that. What makes these anti-cheat p
  • nothing new (Score:5, Informative)

    by interiot (50685) on Tuesday November 01, 2005 @02:39PM (#13925652) Homepage
    I really fail to see how this is any different from what other companies have done before. Half Life's Valve Anti-Cheat [wikipedia.org] system scanned the whole system. Punkbuster, etc. also scanned the system (but were third-party add-ons). The only difference here is that Blizzard didn't disclose that they would be probing further, but I don't see further probing as evidence that Blizzard is doing anything wrong.
    • That's exactly what I was thinking. Whether it's wrong or right, Blizzard isn't the first to have gone down this path. There really is little other recourse if you want a technological solution to the problem of cheaters.
    • Re:nothing new (Score:2, Insightful)

      by stanmann (602645)
      Punkbuster, HL2, etc all made it clear up front what was going on. Warden was stealth/sleazed in under the radar. Sort of like the latest Sony DRM/Rootkit. IF they want to prevent cheating, watch for behaviour patterns, NOT software running on *MY* computer.
      • This is MILES away from the Sony rootkit. The Sony rootkit causes prolonged irreversible damage (eg. constantly takes up 2% of your processor, always runs even when you're not playing the CD, opens up the possibility for new security holes, isn't removable by mere mortals).

        Blizzard's code doesn't cause any damage. Other companies have shown that this is needed, and is not malicious. Yes, they should have disclosed it, but that's their only failure.

        Even the techie guys on the podcasts are getting ruff

      • Re:nothing new (Score:4, Insightful)

        by Zathrus (232140) on Tuesday November 01, 2005 @03:02PM (#13925886) Homepage
        Warden was stealth/sleazed in under the radar

        Under whose radar? Blizzard announced that they were going to be doing this near the beginning of this year, and they've been reasonably upfront about it. There have been multiple forum postings as well.

        IF they want to prevent cheating, watch for behaviour patterns

        They do that as well. But, funny thing, guess which is more effective?

        And, frankly, the amount of whining and tin foil hat complaining going on over this is just ridiculous. They do not expose any private data at any point in time. The sniffing occurs only while you are playing the game, it does not negatively impact any other programs, all "gathered" data is hashed and compared purely on the client side, and only if the hashed data matches a list of "known bad" hashes is an indicator (again, only an indicator -- not the raw, unhashed data) sent back to Blizzard.

        If you want to complain, then complain about the possibility of false positives. Hash functions, by their very nature, do not ensure uniqueness. Multiple values will hash to the same value. I haven't seen a technical discussion of the hashing function, so it may be exceptionally rare, but it's still possible.

        And no, I don't play WoW or any other Blizzard game at this time. And I'm not a fanboy. I'm just tired of people blowing this out of proportion -- it just dilutes the response against real privacy/security threats.
    • by kcurtis (311610) on Tuesday November 01, 2005 @03:01PM (#13925878)
      Blizzard does say they will probe your computer.

      From Terms of Use:
      =================
      In order to assist Blizzard Entertainment to police users who may use "hacks," or "cheats" to gain an advantage over other players, you acknowledge that Blizzard Entertainment shall have the right to obtain certain information from your computer and its component parts, including your computer's random access memory, video card, central processing unit, and storage devices. This information will only be used for the purpose of identifying "cheaters," and for no other reason
      =================
      So they can look at anything in RAM, or even your hard drive. And you agree to this. As other posters note, you can either not play, or not run other apps, since they don't seem to scan your drives.

      I, for one, think Blizzard is doing something positive here, and the complainers are probably cheaters or farmers -- or non-players. Cheating ruins the experience for honest customers.
  • by GoodOmens (904827) on Tuesday November 01, 2005 @02:39PM (#13925654) Homepage
    Seems to be a growing trend to use spyware based programs by large company's to extract information so they can "prevent" hacks.

    GameGuard [wikibooks.org] used by NCSoft in Lineage2 [lineage2.com] is very similiar when it seems to create more problems then it solves.

    In fact GameGuard does not block one single hack I know of for Lineage .....

    • There's no reason the problems they create can't be solved.

      And there is absolutely a solid need for anti-hack programs like this. When you can hook into the DirectX .dll's to provide easy wall-hacking to games, that's a problem. When you can otherwise get in between .dll's or execute code in the game's process, then that causes Counterstrike to become a huge haven for script kiddies. Yes, you own your computer, and we don't Microsoft's Next-Generation Secure Computing Base to lock you of your own compu

  • The Warden? (Score:5, Funny)

    by loconet (415875) on Tuesday November 01, 2005 @02:41PM (#13925663) Homepage
    BBC Tells World About The Warden

    Why is BBC telling the world about my girlfriend..
  • Waaaah (Score:5, Funny)

    by Aexia (517457) on Tuesday November 01, 2005 @02:42PM (#13925672)
    Blizzard sucks because they didn't prevent cheating in Diablo 2!

    Waaaah!

    Blizzard sucks because they prevent cheating in World of Warcraft!

    Waaaah!
    • Re:Waaaah (Score:2, Insightful)

      How about blizzard sucks because they can't write code that is secure enough to not require invasive anti-cheat measures?
    • by Surt (22457)
      While this is funny, the proper solution of course is to design a game in which client side cheating is impossible. While challenging, this is not at all impossible. Most of diablo 2's more serious problems were server side bugs. The only significant client side problems were loot/exp bots, a reflection of a design problem that we should have (and could have, but no one would listen to me) done better.
  • Torn.. (Score:5, Interesting)

    by raeler (463406) on Tuesday November 01, 2005 @02:42PM (#13925676) Journal
    I'm torn between my love for sticking it to cheaters, and my hate for spyware. I suffered through the speedhacks and scripters in UO, and every time the developers thought about a process scanner the players went nuts and the idea was dropped. In WoW you sign the terms of conduct each time there's a new patch, so technically you agree to let this warden thing run in the background. Is WoW a better game because of it? Probably.

    There are already some big problems with ebay gold farmers.. I'd rather they had to sit at the computer to make their gold, rather than just running a script.
    • "There are already some big problems with ebay gold farmers.. I'd rather they had to sit at the computer to make their gold, rather than just running a script."

      You mean, you'd rather have had them pay a pittance to a room full of workers than just running a script.
    • by Gr8Apes (679165)
      The real issue is to create a game that has good gameplay, not the rather sordid and boring task of collecting "Super Vampire Slayer Sword +3", only to find out a week later that there's now a "Super Duper Vampire Slayer Sword +4 that also makes coffee in the morning", which, btw, costs 3 times as much. Coincidently, tomorrow, all mobs (mobiles, otherwise known as monsters or nasty things out to kill or abuse you) will only be attackable by +4 weapons....

      That's the crap that makes MMORPGs boring and prone t
  • As a player .. (Score:5, Insightful)

    by Frag-A-Muffin (5490) on Tuesday November 01, 2005 @02:43PM (#13925680) Homepage
    of more than one multiplayer online game, I have to say, cheaters playing the same game as you suck. Have you ever played CS with cheaters? Really doesn't make it fun at all. Although I'm not 100% thrilled at HOW they're preventing cheaters, so far, they have proven to be not-that-evil(TM). For now, maybe because I like WoW so much, I will give them the benefit of the doubt.
  • Oh for pitty's sake. (Score:5, Interesting)

    by GearheadX (414240) on Tuesday November 01, 2005 @02:44PM (#13925693)
    The sad thing is, this whole deal was started because one of the WRITERS for the very programs that the Warden was sniffing around for discovered how he kept getting caught and started to whine loudly and constantly.

    Consider the source.
    • Well, I have to disagree with you a bit, or at least, what I perceive to be underwriting your comment. I don't think people who write these kinds of tools that Blizzard is trying to stop are necessarily bad.

      I've played a few MMO games, and many of them are very repetitive. I myself have considered trying to write some macroing programs, because hey, I'm paying for the time, and I believe in automation. :) Besides, trying to write something to automate such a complicated game system as most MMOs provide

      • by Dachannien (617929) on Tuesday November 01, 2005 @03:06PM (#13925917)
        and there is nothing morally wrong with using them

        You agree not to cheat. Then you cheat anyway. What's not immoral about that?

      • "I've played a few MMO games, and many of them are very repetitive. I myself have considered trying to write some macroing programs, because hey, I'm paying for the time, and I believe in automation. :) Besides, trying to write something to automate such a complicated game system as most MMOs provide is a nontrivial, and tempting, challenge (for me). "

        But, this software also keeps hacks, cheats and duping programs at bay. Those are the true things that ruin games such as diablo 2. You can macro all day an
  • I know they are a god like organization here on /., but them calling this anti-cheating software "spyware" is just plain stupid. You don't like the software? It ain't all that hard to cancel you subscription and uninstall the software. There, you aren't being spied on. You can't tell Blizzard what to do with their servers just because you don't like it. Either use the free market and don't use the software or shut up.
    • The software in question checks a lot of things, none of which are known to the user. From TFA:

      I watched the warden sniff down the email addresses of people I was communicating with on MSN, the URL of several websites that I had open at the time, and the names of all my running programs, including those that were minimized or in the toolbar.

      Now, if this thing told you up front that it was doing all of this, it would be simply an anti-cheating program. But it doesn't. It does all of this without not

      • "Now, if this thing told you up front that it was doing all of this...
        Therefore, it is spying on you actions without your knowledge. Software + spying = spyware."


        For it to be spying, it would need to be dialing home with your info info. Which it doesn't. Furthermore, it is not without your knowledge... or it shouldn't be, if you read and understood the EULA, which you indicated that you had when you installed the game.
        • Well, I actually don't play the game so I haven't read the EULA. But I really have to wonder - does the EULA mention all the screwy stuff that this client checks? I'm guessing not since someone had to disassemble the sucker to find out what all this thing does.

          Mind you, I'm not against it at face value. I just think that consumers should be able to make informed decisions. If the EULA says the client software will probe your IM and figure out your friend's email addresses and you install anyway, then

    • You don't like the software? It ain't all that hard to cancel you subscription and uninstall the software.

      And that's the crux of the problem. The EFF's point is that the software is snuck in under the radar -the user is prevented from making that choice. All that's needed is for Blizzard to be up-front with what they're doing. Let the user decide.
  • by praksys (246544)
    ...is lack of notification. Blizzard should just be upfront about the fact that the Warden watches everything else your machine is doing while the game is running, and that people who are worried about privacy should (a) not run anything else while the game is running or (b) not play the game.
  • Should have been named the Panopticon. A warden can watch only one person at a time. The Panopticon was designed to watch all prisoners at all times, without that prisoner's knowledge.

    Either way, F that. Either the software makers tells me exactly what the hell they're doing within very well-defined boundaries, or their anti-cheat code never gets installed. So what's allowable? Watch the gameplay for typical cheats/exploits? Yeah, sure. Take snapshots of the video buffer? Yeah, for the game window. Snapshot
  • I play Second Life exclusively online, so I don't run into this sort of thing. There's no leveling, etc, so running a cheat bot is kinda dumb. On the other hand there's a lot of intrigue and politics in the exchange of Linden dollars that kills the atmosphere of SL for me sometimes. Most if not all cheating for advancement is for monitary gain. It's always funny when real world politics and cash corrupts a purely fantastical plane that doesn't even exist. Does that speak to eternal human nature, or is
  • The Warden for Mac? (Score:2, Interesting)

    by darkCanuck (751748)

    When will "The Warden" get released for my iMac?

    Actually, in all seriousness, I assume this is built into the Mac version as well? Overall, I don't care. I'm glad there's no (less?) cheating and I don't run anything else when I play anyhow.

  • by Red Flayer (890720) on Tuesday November 01, 2005 @02:48PM (#13925745) Journal
    FTA: "[The EFF] added that the Blizzard could get away with using The Warden because information about it was buried in licence agreements that few people read."

    Didn't read the license agreement? Sorry, but that's not Blizzard's problem. It would be nice if Blizzard had made it more obvious that they would be doing this.

    But you know what? Tough titties, you agreed to it.

    That said, it's good that people are drawing attention to this -- maybe next time around, Blizzard will be faced with losing revenue should they try to implement the same kind of solution.

    What MMORPGs need to do is implement better server-side analysis to identify cheaters. Difficult? Yes. Expensive? Yes. But probably less difficult and less expensive that losing craploads of clients, and hiring craploads of lawyers. Then they won't need to have the invasion clause in the license for their games.

    Spread the word, and maybe we won't have to deal with this next time.
    • Didn't read the license agreement? Sorry, but that's not Blizzard's problem. It would be nice if Blizzard had made it more obvious that they would be doing this.

      But you know what? Tough titties, you agreed to it.


      And that's exactly how the majority of spyware out there gets installed. Is it OK for Blizzard, but not OK for a P2P or web utility company to do?
    • it's good that people are drawing attention to this -- maybe next time around, Blizzard will be faced with losing revenue should they try to implement the same kind of solution.

      Actually, it may raise revenue because I, for one, like the idea. It's not real spyware and it's keeping some script kiddies from twinking. That's fine in my book and frankly I'd feel better about playing a game where the attitude of the host(s) was more "we keep a level playing field for our users" then the "we got your cash now,
    • "What MMORPGs need to do is implement better server-side analysis to identify cheaters. Difficult? Yes. Expensive? Yes. But probably less difficult and less expensive that losing craploads of clients, and hiring craploads of lawyers. Then they won't need to have the invasion clause in the license for their games."

      I'm sure that there are lots of things that Blizzard does server side to detect cheating. The problem is, their view of cheating is broad enough that it cannot be completely detected server side.
  • by Dachannien (617929) on Tuesday November 01, 2005 @02:49PM (#13925752)
    By definition, spyware sends back personal information concerning the user. Warden does no such thing, even going by the analysis of Hoglund (the author of a rootkit.com article, and a developer of cheat software for WoW). Hoglund uses FUD to scare the reader into believing that WoW is snooping around their e-mail addresses and IM friends list, but in actuality, the first thing Warden does when it scans a string is to hash it, thus removing all personally-identifiable information. It compares the hashes to a list of hashes sent from Blizzard's servers, and sends a notification to Blizzard if a hash matches one on the list. That's the only information it sends back.

    Yes, it does scan window titles, and yes, coincidentally, those window titles may contain URLs or e-mail addresses. But Warden only works with hashes of those strings and doesn't phone them home. The paranoid can easily close other windows while running WoW (or, for that matter, uninstall), but the majority of the game-playing public wants anti-cheat measures in place.

    Note that this anti-Warden crusade is perpetrated by people who will benefit financially if Blizzard is humiliated into discontinuing the use of Warden. The folks over at WoW!Sharp, the most well-known cheating/botting program for WoW, were selling subscriptions to their software, right up to the point where Warden caught them using their cheat software and led to them being banned. They realized that if they continued selling subscriptions to their software, they could be sued, so they released it as open-source, essentially to shove the problem of liability off onto their users.

    If Warden were discontinued, they would, quite literally, be back in business.

    • What I can barely understand is: how hard can this be to dodge?

      Warden strategy: hash window titles.
      Defeated by randomizing the window title.

      Warden strategy: hash running processes' file image.
      Defeated by modifying the executable during launch.

      Seriously, assuming blizzard is unwilling to demand that all running processes be terminated before play, how can they possibly expect to beat the cheaters. Frankly, I don't understand why the cheaters don't just try about 10% harder, they'd be unbeatable.
    • Your logic and insight are not welcome here!

      Don't you know that this is Slashdot, everyone has to go off half-cocked and just condemn Blizzard for trying to stop anything like cheating.

      Next you'll hear that some of the authors of the cheat codes put the code into open-source, so that Slashdot will have a headline "Blizzard against open source!"

      This is Slashdot dude...don't try to explain things to these idiots because they've already made up their mind and their minds say "Blizzard Bad! Bad Blizzard!".
  • I am under the impression that most EULA prohibits disassembly of the software binaries. Whether or not the EULA is enforceable however is another matter..
  • Hyperbole (Score:5, Insightful)

    by phorm (591458) on Tuesday November 01, 2005 @02:56PM (#13925822) Journal
    Hoglund noted that the text strings in title bars could easily contain credit card details or social security numbers.

    Since when would a site submit a URL in the title? I assume this is for sites which don't have a <TITLE> tag, and just display the URL as the title. Even in that case, any website that submits a document with such information in the GET string is asking for trouble. It would allow it, among other things, to be viewed in the document history etc.

    We need to stop jumping every perceived violation. There seems to be a witch-hunt on for privacy/security violators, and often the assumptions of what 'could' create a security risk falls into the realm of pretty silly...
  • Holy Grail 2 (Score:5, Insightful)

    by moviepig.com (745183) on Tuesday November 01, 2005 @03:00PM (#13925865) Homepage

    A cheater-robot gets caught because it plays a game better than any human could... right? So then, the real challenge for a human player is to be mistaken for a machine... a kind-of reverse Turing test...
  • Y'know, I'm real fuzzy on why users can't use bots to do the endless level grind. I mean, Progress Quest [progressquest.com] would be way, way, way less fun if I had to click on a little box for every enemy I slew...
  • Of course when people are not available to play 24/24 they don't want to be idle, they want to progress in the game. Forbidding botting is absurd. They should instead INCLUDE botting in the game by providing scripting facilities to players when they are away. Of course you'll tell me, not everyone knows how to write script... that is true. But many scripts could be exchanged between players, software that produce script with a wizard could appear etc. They should embrace it, not fight it.
  • by Spy der Mann (805235) <spydermann.slash ... m ['ail' in gap]> on Tuesday November 01, 2005 @03:06PM (#13925924) Homepage Journal
    This is what PHP programmers have known for a LONG time.

    Just as you can hack some javascript to prevent validation, what makes them think we can't run some remote control software whose client happens to run on... *GASP* your own machine!

    But what are they gonna do next? Introduce captchas into the game every 5 minutes?

    No, sir. The answer is changing THE GAME RULES (the equivalent of validating user input in the server, not the client) so that quick advancement is not done. i.e. restrict repetitive training to N hours, and such.

    Trying to control the client is nonsense.
    • You have to have a number of things done on the client, otherwise it just gets too slow. One of the mandidates for a game like this is that it works over nearly all connections, including those with very high latency and very low bandwidth. That being the case, if you take a pure "don't trust the client" approach, you find that you can't effectively communicate what you need to for the game to work.

      You can see this in old games like QuakeWorld. Your client does very little other than render the graphics, it
  • Paranoia (Score:5, Insightful)

    by SilentJ_PDX (559136) on Tuesday November 01, 2005 @03:10PM (#13925959) Homepage
    Mr Hoglund noted that the text strings in title bars could easily contain credit card details or social security numbers. ... even though he knows that - in the astonishingly massive world of Windows commercial software, shareware and freeware - there's not a single program out there that does this.

    Mr. Hoglund is an idiot.
  • "Mr Hoglund noted that the text strings in title bars could easily contain credit card details or social security numbers."

    are you joking me? sure title bars COULD contain that data, but i think anyone here would be hard pressed to find an actual example of that happening.

    if some company website or program is too ignorant to keep a CC or SSN off the title bar, they probably have a lot more problems on their hands.

    ALSO, is it just me or is the EFF going a little nuts here? i'm a firm believer in fre
  • by Nom du Keyboard (633989) on Tuesday November 01, 2005 @03:38PM (#13926214)
    They ought to just develop a World/Server where all the hacks can play against each other and see who hacks best. Even the people with the hacks themselves might find that more interesting.

You don't have to know how the computer works, just how to work the computer.

Working...