Warden and 'The Governor'

[Cypher]

No, they can't. Warden's memory scanning is a joke, its so severely under utilized. Scanning all read-only memory would **** up a lot of the private hacks that aren't using a warden bypass. Also, it would intimidate newcomers a lot more which is always a good thing.

Currently its just "don't modify any offsets on this list and you'll be safe". Sorry, but the only reasons I can see for that is laziness, or performance concerns (aka stupidity, because they obviously haven't actually tested scans like that and realized they're not noticeable at all).

[Inphared]

Well... I feel like a newb. When I did a scan before I didn't find anything but I did another scan of the threads and found one that had a bit of information in regards to warden.
I want to post this link incase anyone wants further information not discussed in this thread. http://www.mmowned.com/forums/wow-me...ere-start.html

[Apoc]

Yes you're right it is somewhat a joke in terms of implementation.

But is it laziness they have no code to stop people loading hacks or preventing people from playing with a modified game client? Even though these technologies exist already and are not difficult to implement, Blizzard still sticks with their old ways of absolute scans and extreme punishment against those caught.

The way I see it is now Warden has become a legal tool, they require absolute scans so they have statistics behind which hacks are being used. It's difficult for them to claim damages in a court room without numbers...

In this case warden 'is' spyware. Just because hacks sit in the gray area, Blizzard believe they have the right to scan your entire PC for anything they want, and persecute depending 'if' they find what they're looking for.

No. Blizzard believes they have the right to scan anything within their own process space. Which they do.

Get your head out of your ass. Blizzard *may* have been spyware back when it was actually reading window titles and process names, but it hasn't done that for what? 3 years?

Warden is polymorphic. You DO know what that means right? It can change whenever they damned well please, and they can allow it to do whatever they damned well please. However, they will not leave WoW's process space in doing so.

[MasterGold]

As written here:

http://www.mmowned.com/forums/wow-me...ml#post1468858

I wouldn't use model edits which are based on modifications on the following files



seems they care more about some lame "lets exchange campfire with dark portal model" hacks as on real problems.

Maybe they want to prevent those easy-gold-farming-and-cheating-in-bg but don't really care if you change the world for pleasure .

[Cypher]

Maybe they want to prevent those easy-gold-farming-and-cheating-in-bg but don't really care if you change the world for pleasure .

Did you even read his post?

He wasn't referring to cosmetic model edits as the "real problems".

[Cypher]

K. I'm sure you know a lot more about it than me.

I see what you did there.

Anyway, I know who you are so I'll address your concerns. (Sorry, but I disagree with you.)

"The way I see it is now Warden has become a legal tool, they require absolute scans so they have statistics behind which hacks are being used. It's difficult for them to claim damages in a court room without numbers..."

There's nothing stopping them from doing dual scans. Scan for specific hacks and count the numbers, but also do generic scans and ban off those too. You get the best of both worlds with practically zero downside (oh noez! an extra handful of precious cpu cycles! ).

"In this case warden 'is' spyware. Just because hacks sit in the gray area, Blizzard believe they have the right to scan your entire PC for anything they want, and persecute depending 'if' they find what they're looking for."

Even at its invasive point, its not like Warden sent back personally identifiable information. As long as the hashes are coming from their servers to me, and not the other way around, I don't see a problem. At any rate though, the phrase "entire PC" is a tad broad don't you think?

[amadmonk]

Of course, if someone really wanted to throw a wrench into this, they could broach the question of the dubious legality of shrink-wrap EULA's (the Glider case was a step back towards allowing ever-more-oppressive EULA's, but there's considerable pushback in the other direction, too).

Since the entire premise of the Warden is based upon the idea that "to license our software you have to agree to the EULA, and we can put ANYTHING in the EULA," this invites a one-sided and ever-increasing encroachment upon consumer rights in the name of protecting "intellectual property."

Of course, that being said, the net effect of Hoglund's hew and cry was, in my opinion, positive. Although it gave a lot of noobs a lot of bad ideas, it also had the effect of discouraging commercial bots and hacks (which is, imo, good -- bots and hacks are only really useful in that they make you "special" compared to other players... you can fly or whatever... and when EVERYONE can do it, it's not "special" anymore) and (important to a civil liberties wonk like me) letting Blizzard know that there are limits.

This last bit is important because while, true, what they're doing is not terribly invasive, there's nothing technical to stop Blizzard from getting super invasive. In fact -- since most people run most apps as admin/root due to lack of knowledge -- there's nothing technically stopping them from going a step further and saying "hey, you're a cheater! We'll wipe your hard disk!" The point isn't that they are, were, or will be actually doing that; the point is that there must be LIMITS, and the public hue and cry (and attendant threat of loss of income) alerted Blizzard (and hopefully others) to that fact. In its way, it was sort of like the Sony CD rootkit fiasco; it showed the intellectual property zealots that there must be a balance when protecting IP. Some things are simply more important than your IP.

I feel like the current situation is a good balance. Warden's scans are, it sounds like, fairly minimal, and mostly discourage the commercial bot-writers. Private bot-writers are still fairly safe if they have half a brain and do some reading (thanks for taking away some of my irrational fear btw Cypher). And Blizzard realizes that even though you're playing "their" game, there must be SOME limits on what they can and should do to protect it, even if they only understand that from a monetary, self-interested perspective.

(EDIT: forgot to post this, but there are alot of parallels between Warden and the increasingly-ridiculous DRM we all deal with on a daily basis. The root philosophy is the same: you're (listening to/watching/playing) something of MINE, so I can do (literally) ANYTHING to stop you from doing that in a way that might hurt my profits. We all gotta step back a bit from that edge, as a society, and respond by saying "well, no, some things are not acceptable, even to protect your precious intellectual property." And then decide what is unacceptable. And yes, I'm talking about regulation here )

[Cypher]

Of course, if someone really wanted to throw a wrench into this, they could broach the question of the dubious legality of shrink-wrap EULA's (the Glider case was a step back towards allowing ever-more-oppressive EULA's, but there's considerable pushback in the other direction, too).

Since the entire premise of the Warden is based upon the idea that "to license our software you have to agree to the EULA, and we can put ANYTHING in the EULA," this invites a one-sided and ever-increasing encroachment upon consumer rights in the name of protecting "intellectual property."

Of course, that being said, the net effect of Hoglund's hew and cry was, in my opinion, positive. Although it gave a lot of noobs a lot of bad ideas, it also had the effect of discouraging commercial bots and hacks (which is, imo, good -- bots and hacks are only really useful in that they make you "special" compared to other players... you can fly or whatever... and when EVERYONE can do it, it's not "special" anymore) and (important to a civil liberties wonk like me) letting Blizzard know that there are limits.

This last bit is important because while, true, what they're doing is not terribly invasive, there's nothing technical to stop Blizzard from getting super invasive. In fact -- since most people run most apps as admin/root due to lack of knowledge -- there's nothing technically stopping them from going a step further and saying "hey, you're a cheater! We'll wipe your hard disk!" The point isn't that they are, were, or will be actually doing that; the point is that there must be LIMITS, and the public hue and cry (and attendant threat of loss of income) alerted Blizzard (and hopefully others) to that fact. In its way, it was sort of like the Sony CD rootkit fiasco; it showed the intellectual property zealots that there must be a balance when protecting IP. Some things are simply more important than your IP.

I feel like the current situation is a good balance. Warden's scans are, it sounds like, fairly minimal, and mostly discourage the commercial bot-writers. Private bot-writers are still fairly safe if they have half a brain and do some reading (thanks for taking away some of my irrational fear btw Cypher). And Blizzard realizes that even though you're playing "their" game, there must be SOME limits on what they can and should do to protect it, even if they only understand that from a monetary, self-interested perspective.

(EDIT: forgot to post this, but there are alot of parallels between Warden and the increasingly-ridiculous DRM we all deal with on a daily basis. The root philosophy is the same: you're (listening to/watching/playing) something of MINE, so I can do (literally) ANYTHING to stop you from doing that in a way that might hurt my profits. We all gotta step back a bit from that edge, as a society, and respond by saying "well, no, some things are not acceptable, even to protect your precious intellectual property." And then decide what is unacceptable. And yes, I'm talking about regulation here )

You might wanna look into the Bragg vs Linen Labs case.

[Dragonshadow]

Is it true that the mac version of wow has no warden?

[Cypher]

Is it true that the mac version of wow has no warden?

I have not looked in a long time but from my very vague memory there is a small version there that is mainly to raise the bar for people attempting clientless bots (so you can't fudge your way out of warden requests/responses by faking yourself as a mac).

[Azinroth]

say wut? dont get this at all :O

[BoogieManTM]

I have not looked in a long time but from my very vague memory there is a small version there that is mainly to raise the bar for people attempting clientless bots (so you can't fudge your way out of warden requests/responses by faking yourself as a mac).

The last version I saw (was a while ago too) - was just a shell, it didn't do any scans. all it did was handle the very bare minimum of the protocol. Could've been to prevent clientless, but I doubt it.


Or they were just too damn lazy to write an exception for mac :P - They could do some basic memory scans on the Mac, and maybe an API call or two - maybe they intend to even more now (with pocketgnome gaining in popularity)

[jjaa]

I do not have enough reverse engineering/Mac programming experience to check for myself (or confirm) the existence of warden, but the general consensus is that warden does not exist on a Mac (in a form that deserves recognition). The reasoning behind this is that in order to perform any of the required tasks. Warden would need to call functions that require root privileges, E.g. task_for_pid. To get root privileges WoW would need to request an admin login. WoW does not do this so people believe that warden does not exist.

As I said but, I do not have enough experience to confirm these assumptions. So don’t take my word! :P

[Cypher]

I do not have enough reverse engineering/Mac programming experience to check for myself (or confirm) the existence of warden, but the general consensus is that warden does not exist on a Mac (in a form that deserves recognition). The reasoning behind this is that in order to perform any of the required tasks. Warden would need to call functions that require root privileges, E.g. task_for_pid. To get root privileges WoW would need to request an admin login. WoW does not do this so people believe that warden does not exist.

As I said but, I do not have enough experience to confirm these assumptions. So don’t take my word! :P

Surely though it could look for modifications to its own process with a simple use of the address-of operator and a pointer dereference. Just because scanning outside its own process requires root doesn't mean the warden client isn't there.

[jjaa]

Surely though it could look for modifications to its own process with a simple use of the address-of operator and a pointer dereference. Just because scanning outside its own process requires root doesn't mean the warden client isn't there.

Yes that is true. I think warden is not aggressive on a mac because the user base is not large enough, and the warden guy is lazy. :P.

Although I must point out that if some form of warden (or an improved version) was implemented on mac, the main reason would be to catch bots, like pocketgnome. Those more aggressive scans would require functions that need root privileges (I think). Simple scans like checking the names of processes could be done, but they would be easy to bypass and hence pointless for blizzard to implement.