Blizzard crossing the line?

Blizzard has employed "Warden", a well known program that polices the use 3rd party programs such as bots or cheats, in their popular World of Warcraft game. Up until recently, privacy researchers have been able to keep tabs on the program's actions to make sure it isn't any cause for concern. However, with the November 13th, 2007 update to World of Warcraft, Blizzard has inserted a cryptographic hash function into Warden, making it near impossible for anyone to track what the company is using it for. This isn't to say Blizzard is going to steal your information but all it would take is a rogue employee getting laid off and using anger as his fuel to slip in some code and get your personal information. To add insult to injury, Blizzard has been deleting forum posts without reply.

View: Full Story @ onwarden Blog

Report a problem with article
Previous Story

UltraDefrag 1.2.2

Next Story

I.B.M. to Push 'Cloud Computing,' Using Data From Afar

20 Comments

Commenting is disabled on this article.

So you're telling me a ****ed off employee needed this software to access the information that was already sitting in a database somewhere in the company? stop being so paranoid about this kind of thing, they don't care about your personal info, it's not that valuable, nobody cares.

It sounds like Warden does the same thing as Punkbuster and Valve Anti-Cheat. And that's fine with me. Cheaters and resource farmers should be caught and remove from games.

toadeater said,
WoW players have nothing of value in their RAM. Blizzard already has their credit cards.

Exactly - but Elvis is alive regardless...

I'm far more concerned about what Warden is doing to my system resources while I'm playing than I am worried about Blizzard knowing all of the twisted porn I look at while tabbed out.

As long as they're upfront about it I don't see a problem. I mean, if you know going in and you still go in then thats on you at that point..if this isn't illegal that is. If it hurts business they'll rethink it I'm sure.

I never moved in in the first place. The idea that I'd pay to play a game online is preposterous to me, MMO or not. If I buy a game, I don't wanna keep paying someone for the privilege of playing it.

Croquant said,
I never moved in in the first place. The idea that I'd pay to play a game online is preposterous to me, MMO or not. If I buy a game, I don't wanna keep paying someone for the privilege of playing it.

Thank you! I've said that to people before and they'd call me cheap, lol. It's annoying. I'm on the exact same page as you.

RiVaLSSJ said,

Thank you! I've said that to people before and they'd call me cheap, lol. It's annoying. I'm on the exact same page as you.

Meh, I can afford to go to Sonic or Dairy Queen once a month. That said, which would I rather do? Pay for me and my girlfriend to eat something that's gone after 30 minutes? Or gameplay that lasts a month? :huh:

Well, at least she agrees with me, hah.

Though, the relativity of this has nothing to do with Warden.

Doubtful it will actually be a threat.
What proof do they have that it even can insert a malicious program?
AFAIK, all Warden does is check for programs that jerks use to automate their WoW client and ruin the game for the rest of us.
My guess is the hash function is to stop programs from working around Warden.

I agree with lothodon, they already have my name and CC info. What do I care?

BTW, I read the full article, it's just full of paranoid delusions
"Given the fact that the randomly generated hash algorithm can be replaced at Blizzard's sole discretion with any other algorithm, including ones that retrieve and use personal, private and/or otherwise confidential information, with only their server to be required to know about the changes, this should be considered a very scary thing for the rest of us."
Do you REALLY think they'd be that stupid?

And I'm no cryptography expert, but once you make a big hash like that, isn't it near impossible to know what was used to create it in the first place w/o knowing every bit of info that went into making the hash and the algorithm?

AnalogRival said,
Doubtful it will actually be a threat.
What proof do they have that it even can insert a malicious program?
AFAIK, all Warden does is check for programs that jerks use to automate their WoW client and ruin the game for the rest of us.
My guess is the hash function is to stop programs from working around Warden.

I agree with lothodon, they already have my name and CC info. What do I care?

BTW, I read the full article, it's just full of paranoid delusions
"Given the fact that the randomly generated hash algorithm can be replaced at Blizzard's sole discretion with any other algorithm, including ones that retrieve and use personal, private and/or otherwise confidential information, with only their server to be required to know about the changes, this should be considered a very scary thing for the rest of us."
Do you REALLY think they'd be that stupid?

And I'm no cryptography expert, but once you make a big hash like that, isn't it near impossible to know what was used to create it in the first place w/o knowing every bit of info that went into making the hash and the algorithm?

Exactly, Warden was made to check the RAM for programs that may be trying to hook into WoW; It just so happens that anything you've went to recently would also be in RAM. It doesn't mean they're looking at your personal data.

I love it when people mention warden and spazz out.

This is partially why I don't play anymore. Blizzard has gotten this elitist attitude because of how popular the game has gotten. Greed and power can only lead to corruption if used improperly.

ok, i hate doing this but...

any chance you could have someone rewrite this in with even a little closer to proper english? this was difficult to read. and the comment about blizzard stealing your information, THEY ALREADY HAVE IT! duh, your paying them monthly for the game already.

what i would be more worried about than warden is some ****ed off employee raiding the billing department.

privacy researchers just wanted something to bitch about, as did i.

Blizzard has been using a program called "Warden" to police 3rd party program use in their popular game World of Warcraft. Until recently, privacy researchers have been able to track what information Warden was monitoring. A recent update has added a cryptographic hash function causing the privacy researchers to go up in arms about what Blizzard "might" use this software to track in the future without anyones knowledge. Blizzard has deleted forum posts about this issue.

less paranoia, although i bet it's less interesting now.

It doesn't matter if it's a threat or not. Warden is an invasive piece of malware and Blizzard has no right to monitor any of your personal activity outside of data passed between the client and the server.

Also, players have the right to quit, but Blizzard knows the nature of addicts; abuse them all you want, because they'll come back for more. Blizzard spent the first couple of years ignoring customer complaints and have only recently added functions that people had been asking for since beta (guild banks, better UI options, fixes for long-standing bugs).

Unwonted said,
It doesn't matter if it's a threat or not. Warden is an invasive piece of malware and Blizzard has no right to monitor any of your personal activity outside of data passed between the client and the server.

Also, players have the right to quit, but Blizzard knows the nature of addicts; abuse them all you want, because they'll come back for more. Blizzard spent the first couple of years ignoring customer complaints and have only recently added functions that people had been asking for since beta (guild banks, better UI options, fixes for long-standing bugs).

so blizzard is abusing addicts? hmm, seems like they are in a business to make money and doing very well at that. legal crack i guess. they do have a right to monitor their software though, being the servers that host world of warcraft with warden provided it's within the TOS the user has agreed to. i'd hardly call it malware however, as you or the privacy researchers have no proof it's monitoring your personal activity at all. paranoid perhaps? i hear that's a common trait among addicts.

Unwonted said,
It doesn't matter if it's a threat or not. Warden is an invasive piece of malware and Blizzard has no right to monitor any of your personal activity outside of data passed between the client and the server.

Also, players have the right to quit, but Blizzard knows the nature of addicts; abuse them all you want, because they'll come back for more. Blizzard spent the first couple of years ignoring customer complaints and have only recently added functions that people had been asking for since beta (guild banks, better UI options, fixes for long-standing bugs).

actually, blizzard has every right to monitor a lot more than that as anyone playing wow has agreed to the terms of use (http://worldofwarcraft.com/legal/termsofuse.html) and section 14 of that states blizzard can access a lot more than just the information passed between the client and server.

if you don't like it you don't have to play.

also, to say that they have ignored the complaints of the users until the last patch is pretty ridiculous.

1: server crashes daily. - fixed (i haven't experienced a server crash in i'd say over a year now).
2: maintenance downtime. - semi-fixed (maintenance occurs less frequently and has been replaced with a simple server restart for a lot of weeks).
3: pvp not being as rewarding as pve. - fixed (arena/bg rewards are quality now).
4: 'casual' vs 'hardcore' complaints. - semi-fixed (heroic instances, more instances, daily quests, etc...).
5: 30-50 leveling slow. - fixed (the hinterlands, dustwallow marsh quest hubs, less exp now to level).
6: not enough raid content. - fixed (blackwing lair, aq20, aq40, zg, naxx, 4 dragons, azuregos, all added after release - za just added for level 70 raid content with the sunwell also scheduled for release before wotlk).
7: honor system sucked. - fixed (no more spending 20 hours a day pvp'ing to get high warlord/grand marshal).

those are just the major things i can think of not to mention all of the little fixes for those bugs that you also say they ignore.

call me a fanboy or whatever, but at least i have backing to my 'outlandish' claims.

http://out-fox-the.net/wow-warden-client/
All I'm saying is that this (and more, now that the data is being hidden) is what all WoW players are getting. Does punkbuster monitor your browsing habits? Warden is just a couple of popups away from being the same as malware of the late 90s.

Sure, perfect privacy is a myth, but it doesn't mean people should resign themselves to apathy and give it up when they don't need to.