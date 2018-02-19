Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Posted by msmash
TorrentFreak: Flight sim company FlightSimLabs has found itself in trouble after installing malware onto users' machines as an anti-piracy measure. Code embedded in its A320-X module contained a mechanism for detecting 'pirate' serial numbers distributed on The Pirate Bay, which then triggered a process through which the company stole usernames and passwords from users' web browsers.

  • That's pretty funny (Score:2, Interesting)

    by ArtemaOne ( 1300025 )

    That's probably naughty, but hilarious.

    • Re:That's pretty funny (Score:5, Interesting)

      by alvinrod ( 889928 ) on Monday February 19, 2018 @03:14PM (#56153844)
      Probably also illegal. Just because someone has done something illegal, doesn't give you the right to do something illegal yourself in response.

      I think the best anti-piracy measure that I've heard anyone take was a simulation game about video game development. If you were playing on a pirate copy, eventually sales for the virtual games you were developing as part of the sim would tank because of virtual in-game pirates not paying for copies. It was especially hilarious because people would complain about it on the developer forums and then have it explained to them. Utterly harmless (well outside of social embarrassment) and perhaps even effective at getting people to buy the game since they might have been able to play enough of it to decide if they'd like to spend money on it.

      • By naughty I did mean illegal. I heard of that one before. There was an article I read a few years ago listing all the in-game tricks to get the pirates, good read if you can find it.

      • Just because someone has done something illegal, doesn't give you the right to do something illegal yourself in response.

        And thus ... license servers have once again been reinvented.

        I don't disagree but I do have sympathy for those whose software has been pirated.

      • Best one I ever saw was on Operation Flashpoint. In network play, if it saw another player with the same serial number, it would work fine for an hour or so, then start randomly crashing, slowly getting worse. A reinstall would fix it. It was kind of cool that you could get a quick 2 player game up, but then you were stuck with a reinstall.
        But once it saw the other player with the same serial number, you were going to have to reinstall even if it never saw that player again.

      • Re: (Score:2)

        by pegr ( 46683 )

        Funny you mention that. When I first heard of it, I bought the game. I didn't download it or play it, I just bought it. And I explained to them why I did as well! ;)

        • I give up. Why did you? Because you think it is a good idea to take the passwords of a parent of a kid who used a "pirated" serial number on their computer? Pretty idiotic.

          • I guess you can't follow threads. They bought a game mentioned upthread with a completely different anti-piracy mechanism.

      • Nope.
        The best one has to be "No Time To Explain"
        If it's a "pirate" copy, everyone is wearing pirate hats :D

      • Re: (Score:2)

        by gweihir ( 88907 )

        Actually a felony. Hence one order of magnitude worse than the piracy they claim to fight.

      • Probably also illegal. Just because someone has done something illegal, doesn't give you the right to do something illegal yourself in response.

        It works for Batman.

      • There's a funny screenshot here from Spyro : Enter The Dragon (Playstation) where a fairy tells you you're playing with a hacked copy and 'may experience problems'. Spyro : EOTD had a multiple checksum routines. If the pirates patched some but not all of them the game would crash

        https://www.gamasutra.com/view... [gamasutra.com]

        At one point Microsoft had an unkillable elite with a laser sword which wasn't actually a player - it was a software bot which targeted pirates (Halo?/XBox?)

    • Re: (Score:2)

      by mwvdlee ( 775178 )

      Microsoft will probably still provide them with certification to allow installing with administrative privileges without warning, even though this company now has a proven track record of installing spyware.

    • The Copyright Act actually permits this as long as they use the stolen credentials to buy exactly one license seat for the flight sim and then set the user's home page to this video [youtube.com].

  • I hope they get finger-cuff banged by simultaneous lawsuits and hacking.

    WTF idiot company

  • Attempting to combat piracy with stupidity probably won't work, but ya never know so, hey! Let's try it!!

  • Wonder how much of this goes on? (Score:1)

    by Anonymous Coward

    Just got to wonder how much of this is happening and has not been discovered as yet?

  • Two wrongs (Score:3)

    by fred911 ( 83970 ) on Monday February 19, 2018 @04:07PM (#56154130)

    "âoe[T]here are no tools used to reveal any sensitive information of any customer who has legitimately purchased our products."

    All others gave us explicit permission to all usernames and passwords entered in the the computer. It's in our EULA your honor, we committed no crime.

  • FBI/CIA job as real pilots pay for sims.
    So it's some punk kid who thinks it's fun to crash planes or it's the people who don't need to learn how to land.

    • Who doesn't think it is fun to crash planes? (In simulation)
      The first Flight sim I ever had, I would take the plane as high as possible, then dive and see if I could break the sound barrier on the way down. Or extend the flaps at extreme speed, and tear the wings off.
      I doubt a computer could count how many time I crashed the 737 into the twin towers, trying to fly between them in level flight. Or how many times I crashed into the river trying to fly under the bridge in MS flight sim.
      Strangely, I am not n

  • I challenge you to a maintenance contest! (Score:1)

    by Anonymous Coward

    Let's see which distribution of the game fixes the bug (i.e. eliminates or disables the malware) the fastest: the next pirate version of the game, or the one that you buy from the lawful publishers?

    I predict that pirates will perform the maintenance faster. And then the lesson being taught to this game's players will be: remember to pirate instead of buying.

    But maybe my prediction is wrong. The game publisher is going to need to be amazingly fast in order to prevent sending the "you should pirate" message

  • Cuphead (Score:2, Interesting)

    by Anonymous Coward
    My 10 year old spent some of his money on a download of Cuphead from the Windows store a few months ago when it came out (so paid full price). After a Windows update it stopped working completely, crashing out shortly after the splash screen. After an hour or two of trying to debug this, I found the torrented repack worked just fine, and he has been using that since. Not sure what the lesson there is.

    • Re: (Score:1)

      by Anonymous Coward

      Buy it on Steam.

    • Buy it on gog.com for a DRM free install

    • The lesson is you and your son have been had, taken advantage of by a system intent on deceiving you.

      The chief underlying problem here is proprietary (non-free, user-subjugating) software. Software you're not allowed to run, inspect, modify, or share (also known as 'software freedom'). Proprietary software is licensed and distributed to keep you from running the program despite doing normal maintenance, software meant to keep you from treating your friends as friends by sharing a copy, inspecting the progra

  • I had to crack a legitimately bought copy of GTA IV because of the steam+windows live+social club idiocy.

  • More criminal than the pirates (Score:4, Insightful)

    by gweihir ( 88907 ) on Monday February 19, 2018 @06:37PM (#56154862)

    These people should go to prison for criminal hacking. In many penal codes what they did is at least one order of magnitude worse than piracy.

  • Federal Pound-Me-In-The-Ass Prison or equiv in EU (Score:5, Insightful)

    by Randseed ( 132501 ) on Monday February 19, 2018 @08:05PM (#56155162)
    So in summary: 1) FlightSimLabs just destroyed their company by intentionally inserting malware into a product they were charging for. 2) FSL was asked on their forums about it when various antivirus programs identified their product as malware. They responded by saying "turn off your AV software." 3) FSL transmitted the material over an open HTTP stream. 4) The server that they have stored this stolen information on is itself secured in a very piss-poor manner. (RDP is open for God's sake.) 5) As this was intentional, and not a mere "bug," it can theoretically be prosecuted in the U.S. as a felony. (Read: Quality time in Federal pound-me-in-the-ass prtison.) 6) Even if merely incompetent, their failure to secure the data they stole is itself criminal in the EU. 7) I guarantee you that they cannot prove that at no time was any of their unencrypted HTTP steams intercepted, NOR can they prove that their obviously insecure server was not comproimised, meaning: 8) How do we know that this wasn't intentional to steal information and go sell to identity thieves? They charge $100 by identity theft. https://www.fidusinfosec.com/f... [fidusinfosec.com] Oh, where did I get #8? That's the only logical reason they would have stolen the data in the first place. It doesn't do shit for piracy. I hope these assclowns have a good lawyer.

    • I hope they don't have a good lawyer and are utterly destroyed.

    • Re: (Score:2)

      by nnull ( 1148259 )
      No sympathy here. Some of these flightsim developers have some of the most absurd anti-piracy practices and forum rule requirements which would make privacy advocates head spin *cough* PMDG *cough*. Complain and they ban you. It's almost as bad as some of these HAM software tool developers who ban you from ever using their software again for saying anything bad about them.

  • Where's the charges? (Score:3)

    by duke_cheetah2003 ( 862933 ) on Monday February 19, 2018 @09:54PM (#56155468) Homepage

    Code embedded in its A320-X module contained a mechanism for detecting 'pirate' serial numbers distributed on The Pirate Bay, which then triggered a process through which the company stole usernames and passwords from users' web browsers.

    If any individual was found to be installing this kind of malware on remote computers, they would be charged with all kinds of computer hacking crimes, just as a start.

    Where's the criminal charges? This company needs to be made example of, this kind of behavior is utterly unacceptable.

