Curse

dusanyu · Jul 14, 2009, 08:11 PM // 20:11

Allot of people from guild wars are drooling over Aion but lets look at a un-touted little feature of this game nProtect GameGuard this "anti cheting program acts like a root kit and preforms all sorts of maleware like activities such as hideing its own process, monitoring of your system memory, blocking calls to Direct X and other Windows APIs, places hooks into dll files, high risk of breakage in Windows 7 known braking of applications such as Google Chrome, SpeedFan, Eclispe, other drivers, Steam, and security tools that prevent the installation of root kits, and lastly add security ishues due to the fact that GameGuard can be compromised via client file modification. proof

see also this Facinating little thread from the Maple story forums another MMO that uses GameGuard

for for the more tech minded here is a log file from process guard 3.200 that shows what happens when you start a game protected by nProtect Game GameGuard

do your self a favor do not install Aion until NC soft removes Game Guard

Flopp Plopp · Jul 14, 2009, 11:32 PM // 23:32

im not very tech-minded at all so I don't rly know what you're talking about but anyway, I play aion on windows 7 and I use google chrome with no problems so far.

Resha · Jul 14, 2009, 11:33 PM // 23:33

Yep! I won't be playing Aion because of GameGuard now, that's for sure!

Killamus · Jul 15, 2009, 12:57 AM // 00:57

Eh, I'm curious if stuff like processguard allows the game to run anyways.

Doesn't matter, as 15$/month is pretty high, but still, I make a point of not playing games with these stupid anti-cheat tools that don't work.

Tarun · Jul 15, 2009, 01:57 AM // 01:57

GameGuard doesn't work anyways. It had issues with Vista when Vista came out too. Nothing new here. Move along.

Brett Kuntz · Jul 15, 2009, 02:45 AM // 02:45

Not to mention hacking a game with nProtect has always been very easy, even in 2000 haha. I have no idea who they are protecting and what they are being protected from, but it's never stopped me or anyone I know from cheating.

funkytoejams · Jul 16, 2009, 05:36 PM // 17:36

ive been taking part in the beta but after hearing this, i'll uninstall and wait to see if they remove game guard from the official release, ill prolly still play even if they dont remove it, but they are going to wipe everything between beta and official release so no point in slowing my computer down untill then anyway.

Brawn Over Brains · Jul 18, 2009, 12:31 PM // 12:31

Hmmm. Yeah, definately not buying that game!

Ryuujinx · Jul 20, 2009, 05:11 AM // 05:11

I can confirm the rootkit-ness.

Here's a copy/paste from the beta boards I made.

------------------------------

Ok, so I went and poked around my system some to see what I could find out about this iteration of gameguard.

And now I wish I hadn't.

Some things to note: The Process is unlisted in task manager, in addition to masking itself it masks aion. I don't like that.

Here's using openports to show the PID.

In addition I decided to poke around further and used APM.

I didn't like what I saw.

It hooks my Antivirus:

It hooks my media player:

It hooks vent:

It even hooks nyerknyerknyerknyerking paint:

What, pray tell, do you need to hook every process on my computer for? Why do you think you should be snooping around my IRC window, or my internet browser?

The only other MMOs I have installed are Guild wars, and world of warcraft.

Guild wars does not hide it's processes or hook every process on my system.
Neither does wow. So why does Aion feel the need to?

On the upside it's unhooking properly now as far as I can tell.

--------------------------

Yeah, not liking that. It's a pretty big turn off from the game.

Brett Kuntz · Jul 20, 2009, 06:20 AM // 06:20

WoW's Warden is just as bad. It watches what websites you visit, what you say in chat, etc. They're all a joke.

Ryuujinx · Jul 20, 2009, 10:02 AM // 10:02

Quote:

Originally Posted by Kuntz

WoW's Warden is just as bad. It watches what websites you visit, what you say in chat, etc. They're all a joke.

Incorrect. It has 2 stages, when you first open up the launcher it scans every program once and does a hash check against known banned programs, if it's found a popup comes up and states what's wrong.

After you log in, it only monitors wow's memory space.

Fril Estelin · Jul 20, 2009, 10:25 AM // 10:25

Quote:

Originally Posted by Ryuujinx

Incorrect. It hash 2 stages, when you first open up the launcher it scans every program once and does a has check against known banned programs, if it's found a popup comes up and states what's wrong.

After you log in, it only monitors wow's memory space.

Warden is as bad as Gameguard (a judgement that each people who want to play WoW or Aion has to make):
http://www.informit.com/articles/art...74291&seqNum=7

They can change it as they wish without asking you authorisation, they're protecting their game against you, because there are indeed players who will try to exploit it against you. Contrarily to what geeks think, a game company does not sell you the right to modify the game as you will, only sometimes they give you the ability to mod if that fits their business model.

I know how bad these two pieces of spyware are, but I'm ok with it because I know exactly how I'm going to use the games (installed GameGuard for Spellborn). Furthermore, anyone serious in security knows that a rootkit is fundamentally not any different from many privileged software out there (gaming keyboard or mouse SW), the only different is that it limits people in their ability to modify the game and potentially open them to the game company's spying, which is the core issue here.

But it's still "innocent until proven guilty" in this field. If big companies like Activision Blizzard or NCsoft do spy outside of a "reasonable" zone, it'll be known rather quickly, and reported widely.

zwei2stein · Jul 20, 2009, 11:17 AM // 11:17

GameGuard is cetrainly much worse than Warden, with running even if game was closed, being installed as device driver and interfering with Steam, Eclipse and FileZilla (considering Steam a hack, no less...).

Warden plays nice in comparsion and at least attempts to be a bit less dangerous (iirc, it sends only hashes out so its fairly safe as far as privacy is concerned).

Still, one has to wonder why they are even necesary ... few true exploits (bots mainly, but those are easy to foil otherwise.) are possible if server validates client input and client only serves as client.

Fril Estelin · Jul 20, 2009, 11:35 AM // 11:35

Quote:

Originally Posted by zwei2stein

Still, one has to wonder why they are even necesary ... few true exploits (bots mainly, but those are easy to foil otherwise.) are possible if server validates client input and client only serves as client.

Yeah but you're talking about the next-generation of MMOs, which funnily GW1 has a bit anticipated by checking a maximum number of things on the server while leaving the client to simply display.

Re Warden, I think Blizzard changed it after the 2005 discovery of how nasty it was.

Re GameGuard, the list of blocked appli is well-known:
http://en.wikipedia.org/wiki/NProtec...d_applications
(no virtualisation for Linuxers ;P)

Riot Narita · Jul 20, 2009, 12:02 PM // 12:02

Will not let Aion anywhere near my PC then.

"Innocent until proven guilty" is BS in my opinion. They're already guilty. I'm not going to deliberately allow a rootkit to install itself on my system... which then has the potential to cause problems for Windows, other software, maybe open up vulnerabilities to malware... on the basis of "give them the benefit of the doubt", or "hope this one's not as bad as Sony's", or "innocent until proven guilty".

Mind you, I despise the pay-to-play business model, so Aion would have to be The Most Spectacular Game Of All Time before I'd even think about it... but when it comes with free rootkit, I won't even think about it.

Fril Estelin · Jul 20, 2009, 12:19 PM // 12:19

Quote:

Originally Posted by Hissy

which then has the potential to cause problems for Windows, other software, maybe open up vulnerabilities to malware... on the basis of "give them the benefit of the doubt", or "hope this one's not as bad as Sony's", or "innocent until proven guilty".

Food for thought:
1) 3-4 years ago, Microsoft introduced twice spyware-like programs into Windows, yet you use it and "trust" them;
2) not all companies are like Sony...

You can choose to live the life you want, there's nothing wrong with distrusting ALL companies doing digital business, but the fact of the matter, as you're using a webforum, is that you HAVE to trust a few. Unless you exclusively use OSS, and read and recompile all source-code (but then you trust gcc, which also has rootkited versions...).

Ryuujinx · Jul 20, 2009, 12:24 PM // 12:24

Quote:

Nov 21, 2007

Old article, been updated since then supposedly. If it scanned every process actively while it's running, there would be a module of some kind loaded into the other processes. There is not. (I have checked myself)

Edit: I don't trust MS, but I accept that the alternative(linux) isn't very viable for most video games.

Edit Again: When did guru stop sucking? I never came here because it was like 5 minute page loads <_< (ok ok, exaggeration, but still)

Riot Narita · Jul 20, 2009, 01:15 PM // 13:15

Quote:

Originally Posted by Fril Estelin

Food for thought:
1) 3-4 years ago, Microsoft introduced twice spyware-like programs into Windows, yet you use it and "trust" them;
2) not all companies are like Sony...

And exactly which spyware-like programs did Microsoft introduce, that you think I am using and trusting?

Regardless - I don't blindly trust Microsoft. I don't install components I don't need, I disable unecessary services, I block Windows services and applications from accessing the internet unless it's really, really necessary to allow them. But beyond that - what choice do I have, realistically? Refusing Windows updates is more risky than accepting them.

The thing is with Aion - I have the choice and I'm fully in control.

As far as I'm concerned, anything that comes with a rootkit is Bad. I hope enough people avoid such software, that it becomes economic suicide to use them.

Quite apart from my objection to software messing with my system like that - imagine if all software came with its own rootkit... there would be rootkit wars going on every time you started up your PC, all fighting for control and grinding your PC to a halt... until a single winner emerged that would then disable all your other rootkit-dependant software :-P

It's just not a road I want to see software going down. "Sony-BMG needs to be strongly reminded that it doesn't own your computer, you do," said EFF Senior Staff Attorney Fred von Lohmann. NCSoft needs a similar reminder, and so does any other company considering schemes like this.

And no, not all companies are like Sony. Some are better... but some are worse.

zwei2stein · Jul 20, 2009, 02:32 PM // 14:32

Quote:

Originally Posted by Hissy

And exactly which spyware-like programs did Microsoft introduce, that you think I am using and trusting?

I guess none ... but then you'd be running Ubuntu and not Windows.

And not playing Aion, but Planeshift.

Quote:

Originally Posted by Hissy

As far as I'm concerned, anything that comes with a rootkit is Bad. I hope enough people avoid such software, that it becomes economic suicide to use them.

People don't know and people don't care. In fact, I learned about Warden from this thread, and I usually care about this kind of stuff.

Rootkits only cause outrage in nerd comunities and it stays there ... average user will not consider himself threatened by them because he is not paranoid enough, just like he can deal just fine with DRM and other shady stuff.

Unless someone screws up and rootkit starts hurting average user, corps have nothing to fear.

Ryuujinx · Jul 20, 2009, 02:42 PM // 14:42

Gameguard hurts the average user quite a bit actually. Aside from being notoriously bad for simply not working (hi2u error 114), it disabled my G15 applets, it messes with filezilla and it won't let me use chrome sometimes too. Hate it.