Blizzard Seeks to Block User Rights, Privacy

An anonymous reader writes "In the overlooked case between Blizzard and MDY Industries, the creator of the WoWGlider bot, Blizzard is arguing that using any programs in conjunction with the World of Warcraft constitutes copyright violation. Apparently accessing the copy of the game client in RAM using another program infringes upon their rights. Under that logic, users do not even have the right to use anti-virus software in the event that the game becomes infected. Furthermore, Blizzard's legal filings downplay the role of their Warden software, which actively scans users' RAM, CPU, and storage devices (and potentially sensitive data) and sends information back to Blizzard to be processed."

Re:WTB 1x[Clue] PST

[cfulmer]

The theory is that Blizzard allows the user to load World of Warcraft into his computer only if they follow the EULA, including the part about not using programs like WoWGlider. By using WoWGlider, the user is not following the EULA, so they do not have permission to run WoW. Since running the program makes a copy of it in computer memory and since the user does not have permission to do so, that copy in memory is an infringement.

In that way, it's just like the GPL: "You do not have to follow this license, but nothing else gives you permission to use the software."

The claim against MDY is of vicarious infringement -- the company isn't doing the infringing itself, but it is helping others to do so, and profiting from it.

Re:WTB 1x[Clue] PST

[Bogtha]

Since running the program makes a copy of it in computer memory and since the user does not have permission to do so, that copy in memory is an infringement.

At least in the USA, it is not copyright infringement to copy software for the purpose of using it. 117. Limitations on exclusive rights: Computer programs: [copyright.gov]

(a) Making of Additional Copy or Adaptation by Owner of Copy. -- Notwithstanding the provisions of section 106, it is not an infringement for the owner of a copy of a computer program to make or authorize the making of another copy or adaptation of that computer program provided:

(1) that such a new copy or adaptation is created as an essential step in the utilization of the computer program in conjunction with a machine and that it is used in no other manner, or...

Re:Why not make a policy?

[Anonymous Coward]

The issue is they give out those 14 day free accounts, and the Chinese farmers use those to bot and farm till they are banned and make another free account.

Tial accounts cannot use the auction house, cannot trade gold or items with other players, have a limit of 10 gold and a maximum character level of 20. So no. Farmers of any nationality do not use them to bot or farm.

Even if they were able to by pass the trading restrictions on a trial account the 10 gold limit would make it pointless. A high level character can obtain much greater amounts of gold far more easily. So farming gold via the traditional methods is more productive.

Even more productive still is the method of pretexting/keylogging an established account, vendoring everything they have that can be vendored from every character they have, and then mailing the gold off to be bounced around so many times Blizzard gets tried of trying to trace it all.

Re:I have the right

[smallfries]

While this is all true and good they are not banning the defendant. He hasn't violated their terms and conditions as he is not playing the game. They are trying to sue him for copyright infringement because he makes and sells a bot. The pdf is quite interesting (although it uses the worst font I've ever read) and it sounds like he has a very tight case. Mainly because Vivendi are misrepresenting their position - they thought that a threat to file suit would make him fold. Instead it seems like he has explained the details of the case to a lawyer pretty well, and the document that he has filed seems to tear their case apart.

As far as cheating goes - bots for grinding in MMO games are an interesting case. This isn't an aimbot that helps you beat other players, or improves your abilities. It doesn't hack the client into thinking that you have more gold / resources that you really do. It just takes the tedious repetitive actions in the "game" and plays them through. It's an autopilot. The real question for me: is a game that requires an autopilot actually fun enough to play?

(I would say no, but given that he's made a profitable business out of it, lots of people must say yes).

Re:Noone bothers to see what Warden Does

[Anonymous Coward]

On the PC, it receives three lists of checksums and compares them against the titles of open window handles on the current desktop, process names, and specific signatures matched against the contents of the first block of process memory of concurrent processes running under the same username. It also checks for processes running a debugger hook on the WoW process, and for TDI (network stack) hooks.

If there is no match, it simply gives an all-clear (which is not a constant packet, but which is calculated from the checksums somehow).

If there is a match, it uploads the unhashed details; date and time, active character and account and any other active accounts in other WoW instances, the window titles, process names, addresses of the signature match if present, the WoW servers being connected to, the WoW client version and locale, Windows username, IP address and MAC address of each network adapter, the language setting of Windows, a hash of the CPUID data, a hash of the Windows product key, the screen resolution and graphics card data returned by the 3D engine, a hash of the serial number of the Windows system disk and the full path from which WoW is being run.

The server determines what to do from there, and if the match is confirmed true. It can tell the client to exit, or not to exit, and it can give a localised warning.

I don't know about the Mac client, or even if the Mac client has (or needs?) a Warden.

Fine with me. Perfectly good anti-cheat.

Re:Elaboration?

[2short]

You are entirely correct. I'm not sure how to elaborate except by mocking the original poster, but I'll give it a try:

The creators of the first non-IBM PC BIOS had one team decompiling/inspecting/reverse engineering the code and writing up documents describing how it worked. Then a toatlly seperate team that never saw the original wrote a functional replacement based on those specs. This was carefully documented so they could prove they weren't copying the code, just duplicating the functionality. Similar procedures have been used in other less famous cases.

Of course, the people Blizard is complaining about certainly aren't copying the code, as they aren't even trying to make a replacement. They are trying to make their code interoperate with Blizzards, which is clearly protected, despite the undesirability of that interoperation to many.

Blizzard is probably trying to enforce some EULA deal where the right to copy the software (by installing and/or running it) is only granted if you "agree" not to reverse-engineer it. I find that legally dubious, and I'm only guessing that's the deal, because that would bring the story into the ballpark where a really flexible-minded lawyer might advance the theory with a straight face. Claiming copyright violation for looking at RAM and not copying anything is not in that ballpark.

Blizzards right on this one.

[Nysco]

The point isn't so much that it's a violation of copyright, but it is a direct violation of the TOU and EULA. WoW is a fantastically engineered game, but keeping the game fun and balanced means that they have to keep out all of the bots and trainer programs. The glidebot does the grind part of the game for you. But the grind is part of the game. If you don't want to sit through that part, you shouldn't be playing WoW in the first place. The bot enables users to level faster than people who actually play the game the way it was intended to be played, by actually sitting at your keyboard. To bring my rant to an end...Blizzard is trying to stop any bots that play the game for you, and for VERY good reasons. I don't care if it's copyright or not, Blizzard stated that intent in their EULA and the glidebot should be grounded.

Reverse engineering is not illegal.

[gillbates]

Reverse engineering is not illegal.

It may be a violation of the terms of the EULA, but it is not illegal, and it is not a violation of copyright, or the DMCA. (Standard Disclaimer: IANAL).

Furthermore, I would argue that a computer owner cannot legally be stopped from looking at their own machine. For example, what if WoW was being used (surrepetitiously) to traffic child porn? Would the WoW EULA be a legal defense for the owner of the computer? That he was contractually prevented from looking at his own system, therefore he can't be liable for whatever the police find on his computer?

I don't think these arguments would hold sway in a court of law. While Blizzard does have a right to ensure that people don't use their computers to cheat, they don't have a right to prevent a user from looking at their own machine, or modifying the contents thereof.

Really, the problem is the manner in which Blizzard designed their game. Had it been built using a secure architecture from the outset, these drastic measures wouldn't be necessary. Yes, cheaters suck. But, had Blizzard followed the simple mantra, never trust the client, they wouldn't be in this fix and we could all get on with gameplay without the attendant invasion of privacy.

What next? Am I going to setup a special PC just for gaming, and use another one for all of my other, private business? As part of my work, I deal with my employer's private, confidential information. I cannot have a software program peeking in on me from time to time; it would be a breach of my duty to safeguard my employer's data.

Blizzard needs to understand that users expect their machines to be private. If their program invades this privacy, my only option is to refrain from buying it. I'll have to play other games, which would be a shame.

Re:Regardless....

[fotbr]

No, WoW gets that way in the drag from around 30 to 50 ish. Maybe not quite to 10 hours, but if you're running solo quests and grinding its not uncommon for a level to take 6+ hours, longer if, as you say, you explore a lot.

It looks like 60-70 will also be that way. Yeah, its nice you can pull 40k - 50k XP/hour solo, but when you have 500,000+ XP to the next level, its going to take a while.

Re:Bots vs. anti-virus

[trianglman]

Actually, the "Do not disassemble" clauses (or reverse engineer) overstep the bounds of copyright. If I purchase a product, it is mine to do with as I please. Copyright, patents, etc. only come into effect if I in turn try to sell the same product (a copy) or a product that does the same thing and uses some of the code (patent infringement). Court rulings have revoked the power of this clause and technically they don't actually mean anything.

A good article on EULAs overstepping their legal authority is on the EFF website [eff.org]. #3 is the pertinent part to this discussion.

Re:No, it's allowed by the purchase

[KiahZero]

Check yours.

MAI Systems Corp. v. Peak Computer, Inc., 991 F.2d 511 (9th Cir. 1993). This case, and the subsequent amendment of the US Code, has prompted a whole bunch of linguistic and legal fun regarding whether software users are purchasers or licensees, and what constitutes an "intended use." Regardless, a copy in RAM is considered sufficiently "fixed" to constitute a "copy" under the meaning of the term in federal law.

Re:Elaboration?

[2short]

"I didn't know that looking at copyrighted code in your possession could constitute infringement"

It can't. You cannot infringe on copyright except by copying something. You may not have called the other poster ignorant, but I will. He continues to be wrong about what Phoenix (the BIOS guys) did and why. One of their two teams absolutely opened up the "box", read the source code, etc. Those guys could have then gone and written their own BIOS without directly copying anything, and it would not have been infringement. But it would have been impossible to *prove* they didn't copy the code just by remembering it. So instead they wrote up their own detailed description of what the thing did, and passed that off to an entirely seperate team that wrote the new code.