Spyware is everywhere and as the net has grown, we have learned to be cautious to the point of paranoia against anything that might be a distributor of these malicious software, anything from e-mails to free or paid software. But how cautious do you need to be to be totally safe? What happens when corporations you trust, corporations overflowing with goodwill break all their trust and decides to go behind customers backs, planting spyware without notice? Thomas has allready written in his blog about the rootkit hidden in Sony’s copyprotected records. This time I write about the game company Blizzard.
With every game a bestseller and truckloads of fans, the company has plenty of goodwill to spend. In late 2005 Greg Hoglund, an engineer and Blizzard fan, discovered a spyware hidden in Blizzards latest success World of Warcraft. The spyware checked every program Hoglund had opened while running the game, it checked e-mail adresses of people on MSN, titles of word documents, even minimized applications, everything. Blizzard allready had it covered from a legal point of view though, as a small fine print in the EULA. Hoglund started to blog about his discoveries and the news (noone had apparently read and understood the EULA) soon reached the official forums of the game. The reactions wasn’t however what you’d expect. After some displeased grunting and a promise from Blizzard to not use the information for anything that would violate privacy, the players accepted the intrusion. At the time World of Warcraft had around 4,5 million users. Today that number exceeds 8,5 million. Have people gone numb and ignorant? Apparently peoples trust in some companys are limitless. Blizzard stated that the reason they employed the spyware was to make sure noone cheated in the game. Wouldn’t it then be easy to limit the spyware’s search area around executable files?
Nevermind the good will of the company or their original intended purpose for the spyware. In every case where spyware is used, the information gathered could be used in a way that we do not approve of. To trust blindly in a company and never question their methods can in my opinion never be a good thing.
As a funny sidenote, people have now found a way to work around Blizzard’s spyware och run cheating programs undetected. The hackers ironically used Sony’s infamous spyware/rootkit in order to mask their programs. The procedure is simple, just put your files in the right folder and add $sys$ to the filename. The trick is on you Blizzard!
No comments:
Post a Comment