Page 7 of 20 FirstFirst ... 3456789101117 ... LastLast
Results 91 to 105 of 293
  1. #91
    Contributor
    Reputation
    217
    Join Date
    Sep 2012
    Posts
    95
    CoreCoins
    1

    Trade Feedbacks

    Status
    n/a
    Positive
    0 (0%)
    Negative
    0 (0%)


    Donate to Remove Ads, Get ShoutBawx - Elite Forum Access
    Quote Originally Posted by _Mike View Post
    Good job! I'll give you the promised rep a bit later. I already gave you for the OP so I can't do it again yet
    Finding it was satisfactory enough! Thanks for the confirmation

  2. #92
    Contributor
    Reputation
    308
    Join Date
    Apr 2008
    Posts
    545
    CoreCoins
    8

    Trade Feedbacks

    Status
    n/a
    Positive
    0 (0%)
    Negative
    0 (0%)
    Quote Originally Posted by Sendatsu View Post
    Finding it was satisfactory enough! Thanks for the confirmation
    Now do a filter to extract it from a live screenshot I have no clue on image filtering or I would try it myself

  3. #93
    Contributor
    Reputation
    217
    Join Date
    Sep 2012
    Posts
    95
    CoreCoins
    1

    Trade Feedbacks

    Status
    n/a
    Positive
    0 (0%)
    Negative
    0 (0%)
    Quote Originally Posted by _Mike View Post
    There's also the ECC which I haven't bothered looking at which in the watermark seems to start directly after the 11 chars of the account name, whereas in the client memory the account name is padded with zeroes to 64 bytes length.
    So that's what it was :P

    And it's really odd they'd use 64 bytes to represent an 11 character (max) username.. unless it's based on the maximum email address size that battle.net is using now for its usernames.

  4. #94
    Member
    Reputation
    3
    Join Date
    May 2007
    Posts
    42
    CoreCoins
    26

    Trade Feedbacks

    Status
    n/a
    Positive
    0 (0%)
    Negative
    0 (0%)
    Quote Originally Posted by _Mike View Post
    Your bit pattern is off. The first 16 bits should be "10001100 00001100" which results in the ASCII characters "10".
    Your method of text decoding is also slightly wrong. Or actually the method is correct, but it requires an additional "decoding" step before. And only the account name itself is actual text, the rest are binary numbers which would make no sense to try to view as text. Except maybe to look for patterns but personally I prefer hex numbers for that.
    Compare 10001100 to the bit pattern of the character '1' and it should be fairly obvious what you need to do before sending it to the text decoder.

    You also don't need that big of an image area for testing. You can crop to one of the 352x240 rectangles and only read the first 1408 bits or 88*2 bytes. I'm assuming the double size of the payload is because of the added ECC but I haven't looked at it in detail. After that it just repeats the same pattern over and over again. (3 times per rectangle * 11 rects for a total of 33 repetitions)

    Bits should be read in this order:
    Code:
    1    49
    2    50
    .     .
    .     .
    48   96
    Try starting out by reading and decoding those 16 bits by hand first so you're sure you understand the process before you work on a full image. There's also the ECC which I haven't bothered looking at which in the watermark seems to start directly after the 11 chars of the account name, whereas in the client memory the account name is padded with zeroes to 64 bytes length.
    Ah, derp! I actually was reading it correctly the FIRST time i coded it, but then my converter was wrong so it didn't appear properly, and I was trying to fix it by messing with the bit pattern. I was wondering why it wasn't making any sense. I'm getting this now:

    Code:
    100011000000110011101100011011000010110001001100100011000110110010011100110001001000110010010011101011001011001001111110101101111101100110100101011010011010011111101001001011010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000110111010100101011010001111111101011000100110011001101101101000001100011011011101101100000100101001110010000010011000011000011001100000100111110100111000000000000000000000000000000000000000011010110001010011100111001011001110110001101000110010100110010111011000111101101011000010000000000000000000000000000000000000000000000000000000000000000111111111111110011110000000000001111111101010011011111110011110011100011001101011110001110111001111101110110111010001100000011001110110001101100001011000100110010001100011011001001110011000100100011001001001110101100101100100111111010110111110110011010010101101001101001111110100100101101000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000011011101010010101101000111111110101100010011001100110110110100000110001101101110110110000010010100111001000001001100001100001100110000010011111010011100000000000000000000000000000000000000001101011000101001110011100101100111011000110100011001010011001011101100011110110101100001000000000000000000000000000000000000000000000000000000000000000011111111111111001111000000000000111111110101001101111111001111001110001100110101111000111011100111110111011011101000110000001100111011000110110000101100010011001000110001101100100111001100010010001100100100111010110010110010011111101011011111011001101001010110100110100111111010010010110100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001101110101001010110100011111111010110001001100110011011011010000011000110110111011011000001001010011100100000100110000110000110011000001001111101001110000000000000000000000000000000000000000110101100010100111001110010110011101100011010001100101001100101110110001111011010110000100000000000000000000000000000000000000000000000000000000000000001111111111111100111100000000000011111111010100110111111100111100111000110011010111100011101110011111011101101110
    However, how do you get 10 from 10001100 00001100? I can't seem to get that from the pattern...

    EDIT: C# has byte order backwards, silly me. Got it working now! Full pattern in ASCII is
    107642169#15MJ52mrksv107642169#15MJ52mrksv107642169#15MJ52mrksv
    You can use this http://www.mediafire.com/?2r5hu1jsjcg533c to see the watermark on processed images (isolated to be perfect with _Mike's patch, turned to black & white as allesist has done. Ignore patch option)

    I wonder why blizz has done this kind of watermarking though... it's pretty much impossible to retrieve something from a normal screenshot that will give you a proper data set. To even get it working we needed a perfect screenshot that had the watermark applied to a blank image, which isn't viable for most images. What would be the point on having such a useless watermark? Doing the sharpen trick gives you the watermark pattern, but no reliable information could come out of it.
    Last edited by eldavo1; 09-11-2012 at 07:31 AM.

  5. #95
    Contributor (ノಠ益ಠ)ノ彡ɹǝɥɔʇɐM Winsane's Avatar
    Reputation
    206
    Join Date
    Oct 2010
    Posts
    350
    CoreCoins
    72

    Trade Feedbacks

    Status
    n/a
    Positive
    0 (0%)
    Negative
    0 (0%)
    Quote Originally Posted by eldavo1 View Post
    I wonder why blizz has done this kind of watermarking though... it's pretty much impossible to retrieve something from a normal screenshot that will give you a proper data set. To even get it working we needed a perfect screenshot that had the watermark applied to a blank image, which isn't viable for most images. What would be the point on having such a useless watermark? Doing the sharpen trick gives you the watermark pattern, but no reliable information could come out of it.
    A software that knows exactly where the pixels are and knows the pattern ect, doesn't need to sharpen an image to find the data.

  6. #96
    Private
    Reputation
    72
    Join Date
    Jun 2012
    Posts
    13
    CoreCoins
    8

    Trade Feedbacks

    Status
    n/a
    Positive
    0 (0%)
    Negative
    0 (0%)
    Quote Originally Posted by Sendatsu View Post

    Do note that this covert watermarking has been going on since, at least (!), 2010 (Patch 4+) so you may want to delete/remove from the public domain all your post-Cataclysm screenshots captured by WoW.
    I've got screenshots from early WotLK (November 26th 2008.) that have these patterns in them. I haven't found anything in any BC screenshots, so it seems they started doing this with the release of WotLK.

  7. #97
    Member
    Reputation
    2
    Join Date
    Jul 2012
    Posts
    2
    CoreCoins
    0

    Trade Feedbacks

    Status
    n/a
    Positive
    0 (0%)
    Negative
    0 (0%)
    Perhaps that's a way of recognizing/monitoring accounts which might relate to exploits. But then again, how many people which have posted exploits with screenshots at ownedcore.com have been banned ever since cataclysm started?

  8. #98
    Corporal
    Reputation
    9
    Join Date
    Sep 2011
    Posts
    21
    CoreCoins
    0

    Trade Feedbacks

    Status
    n/a
    Positive
    0 (0%)
    Negative
    0 (0%)
    Sendatsu are you sure the first screenshot is dated 2010 and not earlier?
    I dont know anything about this and am deeply impressed with the amount of research that went into this by you guys and now you have a working method to decipher it.
    This is amazing but on the other hand scary.

    My thoughts on this are like someone stated earlier the only use Blizzard has with this is tracking NDA. It makes no sense in context with screenshots despite NDA tracking or busting some explorers. And I don't think explorers are a problem that Activision Blizzard is willing to put that much effort into because they hurt no one.
    However like you stated there is a connection between Activision and a company that specializes in watermarks.
    As we all know Activisions intention over all is MONEY. The most obvious reason in my eyes is market research.

    May I ask you to check screenshots from other online games? Diablo 3 comes to mind.


    Edit: just read this

    Quote Originally Posted by McYawgi View Post
    I've got screenshots from early WotLK (November 26th 2008.) that have these patterns in them. I haven't found anything in any BC screenshots, so it seems they started doing this with the release of WotLK.
    This is what I expected. 2008 Blizzard merged with Activision!!!!
    Last edited by biervertrieb; 09-11-2012 at 06:40 AM.

  9. #99
    Contributor
    Reputation
    308
    Join Date
    Apr 2008
    Posts
    545
    CoreCoins
    8

    Trade Feedbacks

    Status
    n/a
    Positive
    0 (0%)
    Negative
    0 (0%)
    I made a little tool for those who want to play around or experiment with the watermarks. Only works for the current (16016) 32-bit windows client.

    https://dl.dropbox.com/u/12654979/WatermarkTool.rar
    Hopefully it'll work without you guys needing to have visual studio installed, dunno what the dependencies are. It does require .net 4.5 though, mainly because I can't figure out how to target earlier versions
    Excuse the semi-ugly UI, but it isn't obfuscated so you should be able to use something like reflector to rip the logic and make your own if you feel like it.
    And don't complain about the sometimes messy code. The debugger is a work in progress

  10. #100
    Legendary

    CoreCoins User


    Reputation
    724
    Join Date
    May 2008
    Location
    Here
    Posts
    627
    CoreCoins
    4281

    Trade Feedbacks

    Status
    n/a
    Positive
    0 (0%)
    Negative
    0 (0%)
    Quote Originally Posted by McYawgi View Post
    I've got screenshots from early WotLK (November 26th 2008.) that have these patterns in them. I haven't found anything in any BC screenshots, so it seems they started doing this with the release of WotLK.
    I can confirm for example build 3.0.2.8885 (Aug 27 2008) already has this watermarking stuff.

  11. #101
    Contributor
    Reputation
    308
    Join Date
    Apr 2008
    Posts
    545
    CoreCoins
    8

    Trade Feedbacks

    Status
    n/a
    Positive
    0 (0%)
    Negative
    0 (0%)
    Quote Originally Posted by Winsane View Post
    A software that knows exactly where the pixels are and knows the pattern ect, doesn't need to sharpen an image to find the data.
    Correct, but the watermark pixels are blended with the real pixels so you'd still need to filter them out somehow.

  12. #102
    Retired Noggit Developer
    schlumpf's Avatar
    Reputation
    752
    Join Date
    Nov 2006
    Location
    Germany (DE)
    Posts
    2,770
    CoreCoins
    16

    Trade Feedbacks

    Status
    n/a
    Positive
    0 (0%)
    Negative
    0 (0%)
    Quote Originally Posted by Sendatsu View Post
    So, schlumpf and Master674, if I understand correctly:


    strcpy(m_ClientStamp.accountName, s_accountName) ==> they copy our account name which is either alphabetic (pre-bnet) or numeric (post-bnet), so we're looking for a string


    WowTime::WowEncodeTime(&m_ClientStamp.gameTime, g_clientGameTime); ==> they copy the current realm time

    WowTime::WowEncodeTime(&v4, LODWORD(g_clientGameTime_ptr)); ==> low-order double-word (4 bytes) so the seconds are not included, and we're looking for a number


    m_ClientStamp.current_realm = m_CurrentRealmAddr; ==> they copy the information of the realm

    m_ClientStamp.current_realm.Normalize(); ==> and then normalize it somehow

    m_ClientStamp.current_realm.addr = 0xF3FFF00u; ==> plus the IP address of the realm (right?), does this mean they use this to track private servers? o.o


    return &ClientServices::m_ClientStamp; ==> do they record anything else apart from the above?


    Thanks for the listings!


    PS: Any lawyer here able to tell us if it's even legal to add a secret watermark with account info in the screenshots, without mentioning it in the ToS, and then using it to track the actions of the users and identify the private servers they may use?

    PS2: I know the ToS mentions that they can communicate our info back to Blizzard, but the user assumes they will use a safe channel via battle.net, not our screenshots that we share with the world, unaware of their secret contents.

    PS3: I know that private servers are illegal to run, but it is probably also illegal to track them down using ambiguous methods such as this. It's like bugging everyone's phone in advance just in case they ever think of trying something against the law. Oh, wait.
    The code shows: They copy the account name, the realm / game time, the realm IP.

    This holds for official and private servers. The normalization is irrelevant, 0xF3FFF00u seems to be some end-identifier instead of the addr, which would be useless anyway.

    So yes, they can track your account on a private server. They can't track anything else.

  13. #103
    Contributor
    Reputation
    217
    Join Date
    Sep 2012
    Posts
    95
    CoreCoins
    1

    Trade Feedbacks

    Status
    n/a
    Positive
    0 (0%)
    Negative
    0 (0%)
    Hello guys, I'll respond to all:

    Quote Originally Posted by schlumpf View Post
    The code shows: They copy the account name, the realm / game time, the realm IP.

    This holds for official and private servers. The normalization is irrelevant, 0xF3FFF00u seems to be some end-identifier instead of the addr, which would be useless anyway.

    So yes, they can track your account on a private server. They can't track anything else.
    Thank you for re-confirming this. So we have agreed on: account name/id, realm time (to the minute) and realm IP address.

    Quote Originally Posted by TOM_RUS View Post
    I can confirm for example build 3.0.2.8885 (Aug 27 200 already has this watermarking stuff.
    Quote Originally Posted by McYawgi View Post
    I've got screenshots from early WotLK (November 26th 2008.) that have these patterns in them. I haven't found anything in any BC screenshots, so it seems they started doing this with the release of WotLK.
    Quote Originally Posted by biervertrieb View Post
    Sendatsu are you sure the first screenshot is dated 2010 and not earlier?
    Thank you all for looking into this. I took another, harder, look into my old screenshots and I could indeed find it myself before 2010. I updated the introductory post to say that this covert watermarking has been confirmed, by multiple sources, to be going on since, at least (!!), 2008 (Patch 3+), which is the year Blizzard was acquired by Activision.

    Quote Originally Posted by _Mike View Post
    Correct, but the watermark pixels are blended with the real pixels so you'd still need to filter them out somehow.
    Yes indeed, you'd have to use really smart recovery algorithms and methods, like the ones that Digimarc has been patenting for two decades now: http://www.ownedcore.com/forums/worl...ml#post2490910 (Looking inside your screenshots)

    Our "space invader" white pixel, as I called it, seems to be dating back to 1998 (!! US patent #6104812, figures 2-12) when it was still just a dot, so all this watermarking is certainly not new. The current problem with this action though, is the fact that not only we weren't informed this was going on, but since we were kept in the dark we were unwillingly endangering our account and realm id every time we shared a screenshot for the past 4 years.

    This may not sound like much to some, but think that if someone (outside Digimarc) has found out about this, they could already be using it to identify which account holds which characters and perhaps stalk and annoy its user, or maybe even help perpetrators choose their phishing victims with a more targeted approach.

    Quote Originally Posted by bojax View Post
    Perhaps that's a way of recognizing/monitoring accounts which might relate to exploits. But then again, how many people which have posted exploits with screenshots at ownedcore.com have been banned ever since cataclysm started?
    You see, the exploiters are the just the small fishes in the big pond of Blizzard. They could indeed be using this to pinpoint bugs presented in screenshots and then fix them or perhaps ban a user for a while. But the "big fishes" that Blizzard is interested in are a) people who release information against their NDA (because they paid them) and b) people who maintain, and profit from, private servers (because they probably make them lose money): basically, people they can sue.

    It is important to note that after 2008, when Activision took over, private servers started dropping like flies (Blizzard legal targets private servers) which eventually led to the amazing $88 million dollars lawsuit they won (http://www.gamasutra.com/view/news/2...rver_Owner.php). I am not saying they shouldn't have protected their intellectual property but the important factor one should consider is that: if they used illegal (covert) methods of tracking these private servers[/B], by "bugging" all WoW users to act as their "unaware informants", while at the same time endangering their privacy and security http://www.ownedcore.com/forums/worl...ml#post2496404, then you see how this whole case could take a completely different turn...
    Last edited by Sendatsu; 09-12-2012 at 11:01 PM.

  14. #104
    Innovation & Emulation My CoreCoins User Title

    stoneharry's Avatar
    Reputation
    1308
    Join Date
    Sep 2007
    Location
    Great Britain
    Posts
    4,019
    Blog Entries
    6
    CoreCoins
    149

    Trade Feedbacks

    Status
    n/a
    Positive
    0 (0%)
    Negative
    0 (0%)
    Quote Originally Posted by Sendatsu View Post
    You see, the exploiters are the just the small fishes in the big pond of Activision. They could indeed be using this to pinpoint bugs presented in screenshots and then fix them or perhaps ban a user for a while. But the "big fishes" that Activision Blizzard is interested in are a) people who release information against their NDA and b) people who maintain, and profit from, private servers: basically, people they can sue.

    It is important to note that after 2008, when Activision took over and apparently installed this secret watermark without mentioning it in the End user license agreement, private servers started dropping like flies (Blizzard legal targets private servers) which eventually led to the amazing $88 million dollars lawsuit they won (Gamasutra - News - Blizzard Wins $88M Judgment Against WoW Private Server Owner). I am not saying they shouldn't have protected their intellectual property but the important factor one should consider is that: if they used illegal (covert) methods of tracking these private servers, by "bugging" all WoW users to act as their "unaware informants", while at the same time endangering their privacy and security in the name of profit, then you see how this whole case can take a completely different turn...
    Be careful not to follow a slippery slope argument.

    I very much doubt this is in place to create targets to prosecute - especially as they did not profit from the case you describe and because it only led to that after they ignored the C&D letters. (DId not profit as the person being prosecuted only made estimated $2 million profit so how could he pay the full $88 million - blizzard would have paid a lot in legal fees).

  15. #105
    Sergeant
    Reputation
    46
    Join Date
    Jun 2008
    Location
    RU
    Posts
    47
    CoreCoins
    25

    Trade Feedbacks

    Status
    n/a
    Positive
    0 (0%)
    Negative
    0 (0%)
    Quote Originally Posted by TOM_RUS View Post
    I can confirm for example build 3.0.2.8885 (Aug 27 200 already has this watermarking stuff.
    looked through my screens and tried to find some clear readings of watermarks
    so i got
    WoWScrnShot_120907_014454 - it's possible to see it but not clear (date September 12 2007) Patch 2.1.3
    WoWScrnShot_012308_224421 - clear watermark ( Jan 23 2008 )
    Last edited by sn4rk; 09-11-2012 at 09:20 AM.

 

 
Page 7 of 20 FirstFirst ... 3456789101117 ... LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
All times are GMT -4. The time now is 04:16 PM. Powered by vBulletin® Version 4.2.0
Copyright © 2014 vBulletin Solutions, Inc. All rights reserved. Resources saved on this page: MySQL 5.88%
vBulletin Optimisation provided by vB Optimise (Pro) - vBulletin Mods & Addons Copyright © 2014 DragonByte Technologies Ltd.
Digital Point modules: Sphinx-based search