Flight Sim Company Embeds Malware To Steal Pirates' Passwords (torrentfreak.com) 225
TorrentFreak: Flight sim company FlightSimLabs has found itself in trouble after installing malware onto users' machines as an anti-piracy measure. Code embedded in its A320-X module contained a mechanism for detecting 'pirate' serial numbers distributed on The Pirate Bay, which then triggered a process through which the company stole usernames and passwords from users' web browsers.
That's pretty funny (Score:3, Funny)
That's probably naughty, but hilarious.
Re:That's pretty funny (Score:5, Interesting)
I think the best anti-piracy measure that I've heard anyone take was a simulation game about video game development. If you were playing on a pirate copy, eventually sales for the virtual games you were developing as part of the sim would tank because of virtual in-game pirates not paying for copies. It was especially hilarious because people would complain about it on the developer forums and then have it explained to them. Utterly harmless (well outside of social embarrassment) and perhaps even effective at getting people to buy the game since they might have been able to play enough of it to decide if they'd like to spend money on it.
Re: (Score:3)
By naughty I did mean illegal. I heard of that one before. There was an article I read a few years ago listing all the in-game tricks to get the pirates, good read if you can find it.
Re: (Score:3)
This one
https://www.inverse.com/article/12807-the-13-most-hilarious-anti-piracy-traps-in-video-games [inverse.com]
Re: (Score:2)
Just because someone has done something illegal, doesn't give you the right to do something illegal yourself in response.
And thus ... license servers have once again been reinvented.
I don't disagree but I do have sympathy for those whose software has been pirated.
Re:That's pretty funny (Score:4, Informative)
But once it saw the other player with the same serial number, you were going to have to reinstall even if it never saw that player again.
Re: (Score:2)
Funny you mention that. When I first heard of it, I bought the game. I didn't download it or play it, I just bought it. And I explained to them why I did as well! ;)
Re: (Score:2)
I guess you can't follow threads. They bought a game mentioned upthread with a completely different anti-piracy mechanism.
Re: (Score:2)
The best one has to be "No Time To Explain"
If it's a "pirate" copy, everyone is wearing pirate hats
Re: (Score:2)
Actually a felony. Hence one order of magnitude worse than the piracy they claim to fight.
Re:That's pretty funny (Score:5, Funny)
Probably also illegal. Just because someone has done something illegal, doesn't give you the right to do something illegal yourself in response.
It works for Batman.
Re: (Score:2)
Re: (Score:2)
There's a funny screenshot here from Spyro : Enter The Dragon (Playstation) where a fairy tells you you're playing with a hacked copy and 'may experience problems'. Spyro : EOTD had a multiple checksum routines. If the pirates patched some but not all of them the game would crash
https://www.gamasutra.com/view... [gamasutra.com]
At one point Microsoft had an unkillable elite with a laser sword which wasn't actually a player - it was a software bot which targeted pirates (Halo?/XBox?)
Re: (Score:3)
The best anti-piracy measure I know of is a great product at a reasonable price.
Re:That's pretty funny (Score:4, Insightful)
Probably also illegal. Just because someone has done something illegal, doesn't give you the right to do something illegal yourself in response.
I think the best anti-piracy measure that I've heard
Is to try to turn them customers. DRM ultimately doesn't work, stealing passwords ultimately gets you sued out of existence (how do we know they aren't stealing passwords of paying customers) and it's been demonstrated time and time again that piracy fuels sales rather than taking them away.
The problem FlighSimLabs has is that they're charging $100 for something that isn't worth it.
Re: (Score:2)
Re: (Score:2)
Just because someone has done something illegal, doesn't give you the right to do something illegal yourself in response.
Yes, it does. One crime against me gives me complete and total license to do whatever I wish.
That reminds me, they're coming out with a remake of "Death Wish".
Re: (Score:2)
Making that movie was a crime.
Twice is double-crime!
Just wait till they remake the four sequels...
Re: (Score:2)
Or you forgot to use your sarcasm tag.
Re: (Score:2)
Well no wonder you have to do it more than once. That's why I installed rocket launchers.
Re: (Score:2)
Re: (Score:2)
Microsoft will probably still provide them with certification to allow installing with administrative privileges without warning, even though this company now has a proven track record of installing spyware.
Re: (Score:2)
Two wrongs (Score:3)
"âoe[T]here are no tools used to reveal any sensitive information of any customer who has legitimately purchased our products."
All others gave us explicit permission to all usernames and passwords entered in the the computer. It's in our EULA your honor, we committed no crime.
Re: (Score:2)
Did the pirated copy contain an EULA?
Re: (Score:2)
...also EULA is not binding in most jurisdictions
Not only that, computer crime is considered to have happened in the country of the target computer, not the attacker.
Re: (Score:3)
All others gave us explicit permission to all usernames and passwords entered in the the computer. It's in our EULA your honor, we committed no crime.
In most countries the EULA cannot supersede the law and people cannot sign away their legal rights
Also computer intrusion crime is considered to have happened in the country where the target computer is, not where the attacker was at the time
FBI/CIA job as real pilots pay for sims (Score:2)
FBI/CIA job as real pilots pay for sims.
So it's some punk kid who thinks it's fun to crash planes or it's the people who don't need to learn how to land.
Re: (Score:2)
The first Flight sim I ever had, I would take the plane as high as possible, then dive and see if I could break the sound barrier on the way down. Or extend the flaps at extreme speed, and tear the wings off.
I doubt a computer could count how many time I crashed the 737 into the twin towers, trying to fly between them in level flight. Or how many times I crashed into the river trying to fly under the bridge in MS flight sim.
Strangely, I am not n
Cuphead (Score:2, Interesting)
Re: (Score:2)
It's a class issue: power over the users is unjust (Score:4, Insightful)
The lesson is you and your son have been had, taken advantage of by a system intent on deceiving you.
The chief underlying problem here is proprietary (non-free, user-subjugating) software. Software you're not allowed to run, inspect, modify, or share (also known as 'software freedom'). Proprietary software is licensed and distributed to keep you from running the program despite doing normal maintenance, software meant to keep you from treating your friends as friends by sharing a copy, inspecting the program to see what it does, and distributed to prevent you from modifying your copy the program should you wish to for any reason.
I experienced something quite similar with the Commodore 64: A video game called Elite on the C-64 had an anti-copying scheme so clumsy and prone to problems it drove me to understand what was really going on. Today we'd properly call this DRM—digital restrictions management [gnu.org] (expanded that way because I take the side of the user class, not the publisher class) which was only visited upon those who obtained their copy of the program in a way the publisher found acceptable. Typically this meant buying a copy, but I later came to understand some copies were distributed gratis. The packaged game came with media, a manual, and a flat plastic device with a see-through window. The device could be bent so it resembled a table like an inverted letter "U". On starting the game, the user was shown some blocky image that looked incomprehensible. When the plastic device was folded, placed on the monitor at the proper distance (via the "legs" of the device), and peered through one could see the blocky image turn into something readable. If I recall correctly, the readable image was a page number reference in the manual one was expected to look up and type in the proper word to get past this stage of the loading program.
After I did this a couple of times it dawned on me that those who engage in filesharing and treating friends like friends (sometimes propagandistically called "pirates [gnu.org]") never have to put up with this. Only the people who used the publisher-distributed copy did. And most of those users had paid for this treatment.
Those who shared copies were doing us all a favor: they let us try programs before buying a copy, they let us run copies that didn't have what we now call DRM; the anti-copying code had been stripped away. They let us have copies that one could copy in an ordinary fashion, no need for special copiers (such as "nibblers", or any copier that knew how to get past the errors which were deliberately added to the disk to defeat the standard file and disk copiers). There was no need to work around the issue by using audio tapes instead of disks (since audio tapes didn't have copy-prevention added to the media). These so-called "pirates" were doing us a service, a service I might have paid for if offered the opportunity to pay a publisher for a headache-free copy of the program.
Later I obtained a memory snapshotting cartridge called "Isepic" which let me make my own copy of the RAM-resident portion of the game. Isepic produced a copy which loaded faster, never prompted me for the manual lookup, and played identically to the other copy loaded from the distributor's media (no surprise there, it was the same code being loaded into memory). I never loaded the distributor's media again. But this got me to thinking about all the other programs (not just games) that treated the users this way across all the computers I had used. And I began to realize that this was a scam perpetrated on the people who treated the publishers the best. We were literally exchanging our money for being treated badly. And this harm pushed on the users was indiscriminate, just like the flight simulator company did here.
There was one more issue to wrestle with: proprietary software. This was an issue even the filesha
More criminal than the pirates (Score:5, Insightful)
These people should go to prison for criminal hacking. In many penal codes what they did is at least one order of magnitude worse than piracy.
Federal Pound-Me-In-The-Ass Prison or equiv in EU (Score:5, Insightful)
Re: (Score:2)
I hope they don't have a good lawyer and are utterly destroyed.
Re: (Score:2)
Re: (Score:2)
Note to FlightSimLabs management: Just because you broke the law does not make it legal for your prison cellmate to assrape you.
-
Re: (Score:2)
Where's the charges? (Score:3)
Code embedded in its A320-X module contained a mechanism for detecting 'pirate' serial numbers distributed on The Pirate Bay, which then triggered a process through which the company stole usernames and passwords from users' web browsers.
If any individual was found to be installing this kind of malware on remote computers, they would be charged with all kinds of computer hacking crimes, just as a start.
Where's the criminal charges? This company needs to be made example of, this kind of behavior is utterly unacceptable.
Re: (Score:2)
Were I them, and it legal, I would... (Score:2)
Re: (Score:2, Interesting)
Exactly. That's why I install bombs in all the cars I sell. If the car is started without the original key, it blows up! What could POSSIBLY go wrong?
Re: (Score:3)
Re: (Score:2)
Re:Meh (Score:5, Interesting)
I remember many years ago I purchased The Sims for my wife. The install wouldn't work. I called tech support and they told me that it sounded like what happens when someone removed a pirated version and tried to install the official copy. I just said Yeah, that's what I did. They seemed to appreciate my honesty and willingness to pay for it and helped me clear the registry of the offending entries that let me install the legit copy.
Re: (Score:2)
EA's DRM is so screwed up and invasive, it's been known to cause hardware such as optical drives to quit working.
Re: (Score:2)
Or worse, the activation process is so cumbersome that you pirate as a workaround, despite having paid for it.
Re: (Score:2)
Re: (Score:2)
Talk to Microsoft about that one, back in the mid to late 90's a rumor went out about MS doing mass delete on illegal installs. To the point where sales in China started to hit new high's. Personally, I don't see an issue with the mass delete, crash the system with a bad dll but taking passwords, that seems wrong.
Re: (Score:2)
Re: (Score:2)
Well, from what I do recall, it was a specific Chinese language pack that got the thumping. But you might be right it was about 20 years or so ago. I guess you can say MS gave away the drugs for free to establish market share.
Re: Meh (Score:2)
Re: (Score:3, Insightful)
> You copy some electrons harmlessly therefor you deserve your real world information stolen, potentially to real harm.
News flash, but piracy doesn't harm anyone. It's either people that wouldn't have paid anyway, and thus not a loss, or people that use piracy as a demo and end up paying BECAUSE of it.
That's true for some people but clearly not true for everyone; clearly not true for the majority of people either. I know lots of people who pirate material to avoid having to pay. Not many people PAY for something they have already. And, even if that were to occur isn't it up to the owner of that intellectual property to decide?
If you stole a TV set from Walmart and told the cops you were going to go back and pay for it later if you liked it you wouldn't get much sympathy. Or if you snuck into a cinem
Re: (Score:3)
Don't steal.
I agree with everything you said... minus that. I don't like seeing copyright infringement described as stealing. It is certainly depriving a copyright holder of revenue you may or may not have given them... But you have stolen nothing from them. You have breached their statutory rights to control copies of something they made. There was no theft.
Re: (Score:2)
But you have stolen nothing from them.
Using this argument, the flight sim company has not stolen any usernames or passwords. No problem?
Re: (Score:2)
Just because my argument is simply insisting on using the correct words doesn't mean it's no problem. That's disingenuous of you to claim.
Re: (Score:2)
That's disingenuous of you to claim.
I replied to your argument that you disagreed with the OP. If the only argument you had was with the word "stolen", then it was specious. I assume you intended something more substantial, and that's why I ASKED (see the question mark?) if you thought it was "no problem".
Re: (Score:2)
I assumed your question mark was rhetorical. That's my bad. I apologize for assuming you were just being an ass.
Re: Meh (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Don't steal.
I agree with everything you said... minus that. I don't like seeing copyright infringement described as stealing.
But you see copying passwords as stealing? Odd.
Re: (Score:2)
Re: (Score:2)
Putting words in peoples' mouths? Odd.
I wasn't commenting on your words, but on what you deliberately omitted to say. Even.
Re: (Score:2)
Re: (Score:2)
I deliberately omitted saying that I see copying passwords as stealing? I think you over-thought that one, chief.
And you didn't think at all, heh? Yeah, easier that way.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
In c
Re: (Score:2)
Re: (Score:2)
(though the most recent one by the EU found that cinema sales in the first week of a summer blockbuster release were the exception).
You mean the things that make hundreds of millions in a weekend? Cry me a river.
Re: (Score:2)
Re: (Score:2)
There have been a bunch of studies that show that piracy doesn't harm sales
That's really an impossible thing to prove. I think there has been a lot of coincidental evidence with music that that might be the case but not with other formats unless I've missed it.
Music is different than movies or games though as you tend to listen to it many times over many years. A movie you may only watch once or twice, games, you'll probably play a lot to begin with, but once you've completed it, most won't go back to it. Music is probably re-consumed more than any other digital media and may
Re: (Score:2)
If you stole a TV set from Walmart and told the cops you were going to go back and pay for it later if you liked it you wouldn't get much sympathy... Don't steal.
Except in this case walmart still have their TV and when they do sell it (a copy of it at least) they can still spin off and sell essentially infinitely more copies with next to no additional production cost.
I don't really disagree with what you're saying but don't label illegal copying as stealing because while similar on the surface they really aren't the same thing.
Re: (Score:2)
I don't really disagree with what you're saying but don't label illegal copying as stealing because while similar on the surface they really aren't the same thing.
I won't disagree that there are subtle differences between the two; but it is still theft in my (and many people's) mind. You are "stealing" potential revenue from the company. The difference is the theft is intangible rather than tangible.
Whether you call it theft or not is semantics really; language interpretation.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
USB dongles still are a thing. The compiler I was using needed one.
There are ways to lock down software without resorting to installing a password stealer on all your customer's computers and promising only to run it if a certain set of keys is entered.
Re: (Score:2)
Which is insane. I mean the PCI card was the dongle. What good with their software do anyone without the hardware? I've seen this sort of idiocy in the science instrumentation niche also. They sell a half a million dollar instrument and then require a dongle. Insane. But I guess everyone wants to cash checks.
Re: (Score:2)
That's to keep out clones. Without the dongle the Chinese would have gray market PCI cards for cheap.
Re: (Score:2)
Embed the dongle on the card. That's all you have to do. The software reads the license key off the card and operates appropriately.
We have USB analyzers and other hardware where the license was embedded in the hardware itself. This mean it could be moved between people's computers and used as needed. When you bought a software upgrade, you ran a program and it programmed the nice license into the hardware, and was available to everyo
Re: (Score:2)
Re:Too Late (Score:5, Insightful)
I have to wonder how they intend to use illegally obtained information in a court case without getting the case thrown out.
I mean, they installed hacking tools on someone's computer, and then the judge has to trust they didn't plant the evidence?
Re: (Score:3)
Re: (Score:2)
Pro-Tip: They didn't.
It's all about blackmail.
sheesh, these people failed kindergarten (Score:2)
But cross me, and I'll CUT you!
Re: (Score:2)
Re: (Score:3)
This is a situation where corporations are conveniently not people. So no one person will truly be held accountable.
Re: (Score:2)
As to the sony rootkit, it was in a gray area of the law, so it would take somebody with more lawyers they can throw than sony can to win that kind of lawsuit.
Re: (Score:3)
As to the sony rootkit, it was in a gray area of the law, so it would take somebody with more lawyers they can throw than sony can to win that kind of lawsuit.
This is utterly not a grey area. This is clearly an attempt to commit fraud, identity theft, and intrusion into a remote computer without permission. Every single person in that company who had anything to do with this needs to be dragged in to criminal court and charged with numerous felonies.
Completely unacceptable. No company should be allowed to get away with this. This company needs to be made example of.
This is one of those rare instances where I actually wish I was a lawyer with prosecutor-powers
Re: (Score:2)
Make this an "undamaging part of the software" you provide to someone who isn't a commoner (banks, pharma, The Mouse, etc) and see how long it takes before a judge says your shit "accessed stuff".
That's pretty much all it takes to weaponize the CFAA, if you can afford it.
Whether or not someone pays (your backpedaling at the end) for a Licensed Measuring Stick Operator doesn't change the height.
Re: (Score:2)
Re: It's not illegal. (Score:2)
Re: (Score:2)
So a civil copyright violation is met with committing a felony under the computer fraud and abuse act?
Re: (Score:2)
some pirates are upset that somebody tried to hack them?
Sounds to me like actual paying customers are upset, not Somalis trying to eke a living.
only EXECUTED on systems running stolen software
That would explain all the AV flags it caused.
Do not run to the police for somebody trespassing on your lawn when you are a serial killer/robber.
But do run to the police if, while trespassing, you see a murder.
STOP PIRATING OTHER PEOPLE'S STUFF. Become a civilized human being.
These are not connected.
The only reason normal users of tech are continually facing DRM and other garbage is that people like these whining crybaby jerks are stealing stuff.
That's not the case. If nothing else, normal users of tech historically paid a certain amount for software and used a certain amount of software and those amounts were never the same.
But apart from that, software copyright infringement does not justify rootkits, system damaging DRM or ind
Re: (Score:2)
You can prove these pirates were poor Somalis?
For that comment alone you just demonstrated your lack of qualifications for this conversation.
Meaningless snark to disguise no civilized answer.
..with this one confirming it.
You fail to understand my points. I can't be arsed putting them into words of one syllable; I don't trust you to understand them even then.
You also haven't justified illegal hacking against alleged pirates, so you're a miserable failure on all fronts. oops.
Re: (Score:2)
And you *know* the answer is nobody. The crime was committed by a corporation, and not against a politician.
Re: I challenge you to a maintenance contest! (Score:2)