Allot of people from guild wars are drooling over Aion but lets look at a un-touted little feature of this game nProtect GameGuard this "anti cheting program acts like a root kit and preforms all sorts of maleware like activities such as hideing its own process, monitoring of your system memory, blocking calls to Direct X and other Windows APIs, places hooks into dll files, high risk of breakage in Windows 7 known braking of applications such as Google Chrome, SpeedFan, Eclispe, other drivers, Steam, and security tools that prevent the installation of root kits, and lastly add security ishues due to the fact that GameGuard can be compromised via client file modification. proof
see also this Facinating little thread from the Maple story forums another MMO that uses GameGuard
for for the more tech minded here is a log file from process guard 3.200 that shows what happens when you start a game protected by nProtect Game GameGuard
do your self a favor do not install Aion until NC soft removes Game Guard
Aion: The Root Kit
dusanyu
Flopp Plopp
im not very tech-minded at all so I don't rly know what you're talking about but anyway, I play aion on windows 7 and I use google chrome with no problems so far.
Resha
Yep! I won't be playing Aion because of GameGuard now, that's for sure!
Killamus
Eh, I'm curious if stuff like processguard allows the game to run anyways.
Doesn't matter, as 15$/month is pretty high, but still, I make a point of not playing games with these stupid anti-cheat tools that don't work.
Doesn't matter, as 15$/month is pretty high, but still, I make a point of not playing games with these stupid anti-cheat tools that don't work.
Tarun
GameGuard doesn't work anyways. It had issues with Vista when Vista came out too. Nothing new here. Move along.
Brett Kuntz
Not to mention hacking a game with nProtect has always been very easy, even in 2000 haha. I have no idea who they are protecting and what they are being protected from, but it's never stopped me or anyone I know from cheating.
funkytoejams
ive been taking part in the beta but after hearing this, i'll uninstall and wait to see if they remove game guard from the official release, ill prolly still play even if they dont remove it, but they are going to wipe everything between beta and official release so no point in slowing my computer down untill then anyway.
Brawn Over Brains
Hmmm. Yeah, definately not buying that game!
Ryuujinx
I can confirm the rootkit-ness.
Here's a copy/paste from the beta boards I made.
------------------------------
Ok, so I went and poked around my system some to see what I could find out about this iteration of gameguard.
And now I wish I hadn't.
Some things to note: The Process is unlisted in task manager, in addition to masking itself it masks aion. I don't like that.
Here's using openports to show the PID.
In addition I decided to poke around further and used APM.
I didn't like what I saw.
It hooks my Antivirus:
It hooks my media player:
It hooks vent:
It even hooks nyerknyerknyerknyerking paint:
What, pray tell, do you need to hook every process on my computer for? Why do you think you should be snooping around my IRC window, or my internet browser?
The only other MMOs I have installed are Guild wars, and world of warcraft.
Guild wars does not hide it's processes or hook every process on my system.
Neither does wow. So why does Aion feel the need to?
On the upside it's unhooking properly now as far as I can tell.
--------------------------
Yeah, not liking that. It's a pretty big turn off from the game.
Here's a copy/paste from the beta boards I made.
------------------------------
Ok, so I went and poked around my system some to see what I could find out about this iteration of gameguard.
And now I wish I hadn't.
Some things to note: The Process is unlisted in task manager, in addition to masking itself it masks aion. I don't like that.
Here's using openports to show the PID.
In addition I decided to poke around further and used APM.
I didn't like what I saw.
It hooks my Antivirus:
It hooks my media player:
It hooks vent:
It even hooks nyerknyerknyerknyerking paint:
What, pray tell, do you need to hook every process on my computer for? Why do you think you should be snooping around my IRC window, or my internet browser?
The only other MMOs I have installed are Guild wars, and world of warcraft.
Guild wars does not hide it's processes or hook every process on my system.
Neither does wow. So why does Aion feel the need to?
On the upside it's unhooking properly now as far as I can tell.
--------------------------
Yeah, not liking that. It's a pretty big turn off from the game.
Brett Kuntz
WoW's Warden is just as bad. It watches what websites you visit, what you say in chat, etc. They're all a joke.
Ryuujinx
Quote:
|
Originally Posted by Kuntz
WoW's Warden is just as bad. It watches what websites you visit, what you say in chat, etc. They're all a joke.
|
After you log in, it only monitors wow's memory space.
Fril Estelin
Quote:
|
Originally Posted by Ryuujinx
Incorrect. It hash 2 stages, when you first open up the launcher it scans every program once and does a has check against known banned programs, if it's found a popup comes up and states what's wrong.
After you log in, it only monitors wow's memory space. |
http://www.informit.com/articles/art...74291&seqNum=7
They can change it as they wish without asking you authorisation, they're protecting their game against you, because there are indeed players who will try to exploit it against you. Contrarily to what geeks think, a game company does not sell you the right to modify the game as you will, only sometimes they give you the ability to mod if that fits their business model.
I know how bad these two pieces of spyware are, but I'm ok with it because I know exactly how I'm going to use the games (installed GameGuard for Spellborn). Furthermore, anyone serious in security knows that a rootkit is fundamentally not any different from many privileged software out there (gaming keyboard or mouse SW), the only different is that it limits people in their ability to modify the game and potentially open them to the game company's spying, which is the core issue here.
But it's still "innocent until proven guilty" in this field. If big companies like Activision Blizzard or NCsoft do spy outside of a "reasonable" zone, it'll be known rather quickly, and reported widely.
zwei2stein
GameGuard is cetrainly much worse than Warden, with running even if game was closed, being installed as device driver and interfering with Steam, Eclipse and FileZilla (considering Steam a hack, no less...).
Warden plays nice in comparsion and at least attempts to be a bit less dangerous (iirc, it sends only hashes out so its fairly safe as far as privacy is concerned).
Still, one has to wonder why they are even necesary ... few true exploits (bots mainly, but those are easy to foil otherwise.) are possible if server validates client input and client only serves as client.
Warden plays nice in comparsion and at least attempts to be a bit less dangerous (iirc, it sends only hashes out so its fairly safe as far as privacy is concerned).
Still, one has to wonder why they are even necesary ... few true exploits (bots mainly, but those are easy to foil otherwise.) are possible if server validates client input and client only serves as client.
Fril Estelin
Quote:
|
Originally Posted by zwei2stein
Still, one has to wonder why they are even necesary ... few true exploits (bots mainly, but those are easy to foil otherwise.) are possible if server validates client input and client only serves as client.
|
Re Warden, I think Blizzard changed it after the 2005 discovery of how nasty it was.
Re GameGuard, the list of blocked appli is well-known:
http://en.wikipedia.org/wiki/NProtec...d_applications
(no virtualisation for Linuxers ;P)
Riot Narita
Will not let Aion anywhere near my PC then.
"Innocent until proven guilty" is BS in my opinion. They're already guilty. I'm not going to deliberately allow a rootkit to install itself on my system... which then has the potential to cause problems for Windows, other software, maybe open up vulnerabilities to malware... on the basis of "give them the benefit of the doubt", or "hope this one's not as bad as Sony's", or "innocent until proven guilty".
Mind you, I despise the pay-to-play business model, so Aion would have to be The Most Spectacular Game Of All Time before I'd even think about it... but when it comes with free rootkit, I won't even think about it.
"Innocent until proven guilty" is BS in my opinion. They're already guilty. I'm not going to deliberately allow a rootkit to install itself on my system... which then has the potential to cause problems for Windows, other software, maybe open up vulnerabilities to malware... on the basis of "give them the benefit of the doubt", or "hope this one's not as bad as Sony's", or "innocent until proven guilty".
Mind you, I despise the pay-to-play business model, so Aion would have to be The Most Spectacular Game Of All Time before I'd even think about it... but when it comes with free rootkit, I won't even think about it.
Fril Estelin
Quote:
|
Originally Posted by Hissy
which then has the potential to cause problems for Windows, other software, maybe open up vulnerabilities to malware... on the basis of "give them the benefit of the doubt", or "hope this one's not as bad as Sony's", or "innocent until proven guilty".
|
1) 3-4 years ago, Microsoft introduced twice spyware-like programs into Windows, yet you use it and "trust" them;
2) not all companies are like Sony...
You can choose to live the life you want, there's nothing wrong with distrusting ALL companies doing digital business, but the fact of the matter, as you're using a webforum, is that you HAVE to trust a few. Unless you exclusively use OSS, and read and recompile all source-code (but then you trust gcc, which also has rootkited versions...).
Ryuujinx
Quote:
| Nov 21, 2007 |
Edit: I don't trust MS, but I accept that the alternative(linux) isn't very viable for most video games.
Edit Again: When did guru stop sucking? I never came here because it was like 5 minute page loads <_< (ok ok, exaggeration, but still)
Riot Narita
Quote:
|
Originally Posted by Fril Estelin
Food for thought:
1) 3-4 years ago, Microsoft introduced twice spyware-like programs into Windows, yet you use it and "trust" them; 2) not all companies are like Sony... |
Regardless - I don't blindly trust Microsoft. I don't install components I don't need, I disable unecessary services, I block Windows services and applications from accessing the internet unless it's really, really necessary to allow them. But beyond that - what choice do I have, realistically? Refusing Windows updates is more risky than accepting them.
The thing is with Aion - I have the choice and I'm fully in control.
As far as I'm concerned, anything that comes with a rootkit is Bad. I hope enough people avoid such software, that it becomes economic suicide to use them.
Quite apart from my objection to software messing with my system like that - imagine if all software came with its own rootkit... there would be rootkit wars going on every time you started up your PC, all fighting for control and grinding your PC to a halt... until a single winner emerged that would then disable all your other rootkit-dependant software :-P
It's just not a road I want to see software going down. "Sony-BMG needs to be strongly reminded that it doesn't own your computer, you do," said EFF Senior Staff Attorney Fred von Lohmann. NCSoft needs a similar reminder, and so does any other company considering schemes like this.
And no, not all companies are like Sony. Some are better... but some are worse.
zwei2stein
Quote:
|
Originally Posted by Hissy
And exactly which spyware-like programs did Microsoft introduce, that you think I am using and trusting?
|
And not playing Aion, but Planeshift.
Quote:
|
Originally Posted by Hissy
As far as I'm concerned, anything that comes with a rootkit is Bad. I hope enough people avoid such software, that it becomes economic suicide to use them.
|
Rootkits only cause outrage in nerd comunities and it stays there ... average user will not consider himself threatened by them because he is not paranoid enough, just like he can deal just fine with DRM and other shady stuff.
Unless someone screws up and rootkit starts hurting average user, corps have nothing to fear.
Ryuujinx
Gameguard hurts the average user quite a bit actually. Aside from being notoriously bad for simply not working (hi2u error 114), it disabled my G15 applets, it messes with filezilla and it won't let me use chrome sometimes too. Hate it.
Lord Sojar
Eventually, companies will be sued for information leaks regarding these invasive and "malicious" programs.
There is a reason I am not able to install games on my workstation...
There is a reason I am not able to install games on my workstation...
Brett Kuntz
Quote:
|
Originally Posted by Ryuujinx
Incorrect. It has 2 stages, when you first open up the launcher it scans every program once and does a hash check against known banned programs, if it's found a popup comes up and states what's wrong.
After you log in, it only monitors wow's memory space. |
Lord Sojar
Quote:
|
Originally Posted by Kuntz
I have watched a video where one of the guys who maintains Rootkit.com demonstrates Warden watching what websites you visit and what you type on forums/chat. It's in the "Gold farming MMO's" 1 hour long video that was at that conference.
|
Do you realize how illegal that would be? Oh yes, HORRIBLY ILLEGAL. People would sue Blizzard into the ground for that. Don't believe everything you see.
Brett Kuntz
Quote:
|
Originally Posted by Rahja the Thief
Do you realize how illegal that would be? Oh yes, HORRIBLY ILLEGAL. People would sue Blizzard into the ground for that. Don't believe everything you see.
|
Lord Sojar
Quote:
|
Originally Posted by Kuntz
|
Right, so Warden doesn't monitor anything external to WoW. As he clearly discussed, it involves hashing. That's it...
Tarun
Quote:
|
Originally Posted by Rahja the Thief
Do you realize how illegal that would be? Oh yes, HORRIBLY ILLEGAL. People would sue Blizzard into the ground for that. Don't believe everything you see.
|
Lord Sojar
Quote:
|
Originally Posted by Tarun
It's pretty common knowledge and it's not illegal when you agree to their EULA that allows them to check into these things.
|
Warden isn't a welcomed addition by any means, but... it isn't as terrible as some people make it out to be. However... Gameguard is pretty awful...
Faer
Quote:
|
Originally Posted by Rahja the Thief
Gameguard is pretty retarded and useless, and NCSoft is retarded for using it for Aion.
|
AmbientMelody
Lol, I was going to give this game a try but never knew it utilises GameGuard ...
From my experience GG is just a cheap excuse for no in-built security measures used in most of f2p mmo's ... and it's terrible. Hoggs up PC to state of malfunction after alt-tabbing from game, resides in memory injected in processes even when you quit game, disconnects you from the game when it 'thinks' you are cheating and causes tons of problems with updating/patching the game. Basically GameGuard is an invite for all kinds of amateur hackers ...
It doesn't make sense, NCSoft told they are going to release only AAA+ titles now, don't they take game security seriously? I'm not going to take them serious either ...
PS. Waiting for invasion of bots and speedhackers on Aion servers, going to have a good read soon enough
From my experience GG is just a cheap excuse for no in-built security measures used in most of f2p mmo's ... and it's terrible. Hoggs up PC to state of malfunction after alt-tabbing from game, resides in memory injected in processes even when you quit game, disconnects you from the game when it 'thinks' you are cheating and causes tons of problems with updating/patching the game. Basically GameGuard is an invite for all kinds of amateur hackers ...
It doesn't make sense, NCSoft told they are going to release only AAA+ titles now, don't they take game security seriously? I'm not going to take them serious either ...
PS. Waiting for invasion of bots and speedhackers on Aion servers, going to have a good read soon enough
Abedeus
I don't understand, why Aion is being blamed.
It's every game with Gameguard, from Aion, through Lineage 2 to Ragnarok Online.
And blocking GG is about 10 minutes of work.
http://img403.imageshack.us/img403/6628/beztytuujgb.jpg
Ding ding ding no GameGuard.
It's every game with Gameguard, from Aion, through Lineage 2 to Ragnarok Online.
And blocking GG is about 10 minutes of work.
http://img403.imageshack.us/img403/6628/beztytuujgb.jpg
Ding ding ding no GameGuard.
AOD_EaSyKiLL
Quote:
|
Originally Posted by Abedeus
I don't understand, why Aion is being blamed.
It's every game with Gameguard, from Aion, through Lineage 2 to Ragnarok Online. And blocking GG is about 10 minutes of work. http://img403.imageshack.us/img403/6628/beztytuujgb.jpg Ding ding ding no GameGuard. |
Killamus
Quote:
|
Originally Posted by AOD_EaSyKiLL
GG also hides it's own processes, so you don't truly know it isn't still running.
|
There's also several programs out there that already do this.
On another note: I'd like to see how you did this Abeduis.
Ryuujinx
Quote:
|
Originally Posted by Kuntz
|
Quote:
| Sep 3, 2007 |
Quote:
|
Originally Posted by Killamus
It's childsplay to write a program to detect all processes, hidden or not. Even if they're hidden from the user, it's impossible to hide them from the system unless you attach them to different processes, which is also very easy to detect. Although a bit more of a pain via programming.
There's also several programs out there that already do this. On another note: I'd like to see how you did this Abeduis. |