Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Quick Links
TCoS should ditch its rootkit...
This discussion has been closed.
It looks like you're new here. If you want to get involved, click one of these buttons!
Comments
Thanks for starting this thread Agent Smith. I can't find the nnptNT2.sys file even though I should be able to see hidden files. I doubt it was deleted, since the GG files where left in the TCOS folder.
Look in your TCOS folder under bin/client/GameGuard. Didn't uninstall on my system. It also left entries in the registry. I'm not making this up.
I'm glad its gone. I only ran it twice.
<a href="http://www.nerdtests.com/ft_nt2.php">;
<img src="http://www.nerdtests.com/images/badge/nt2/5fa219b6cc0da63b.png"; alt="NerdTests.com says I'm an Uber Cool Light-Weight Nerd. What are you? Click here!">
</a>
AgtSmith obviously doesn't use Microsoft Windows. Clearly, since there is a decade or so history of actual critical vulnerabilities and proven security issues in every single release they have had then he must certainly be using a more secure OS. After all, if the mere possibility of a security issue in GameGuard exists, then it would be sheer foolishness to run something as dangerous and unsafe as Microsoft Windows.
- RPG Quiz - can you get all 25 right?
- FPS Quiz - how well do you know your shooters?
I finally found the gameguard drivers in C:windowsSysWOW64, not in C:windowssystem32 as the registry key referenced. I suppose windows looks in syswow64 if its not in system32.
<a href="http://www.nerdtests.com/ft_nt2.php">;
<img src="http://www.nerdtests.com/images/badge/nt2/5fa219b6cc0da63b.png"; alt="NerdTests.com says I'm an Uber Cool Light-Weight Nerd. What are you? Click here!">
</a>
I really want to play this game but the fact the game is so bugg outside I can't help but wonder how it is inside, if I ever get there.
The official downloader for the free 2 weeks doesn't work. I'm told to either restart and try again or dl from elsewhere which has the same results. The site uses the same downloader and the FilePlanet download ends abruptly with me being unable to repair the files. Good grief!
Wouldn't something anti-cheating like GameGuard basically require something like a rootkit?
If it ran in open memory it would just be modded immediately by hackers.
Not if done correctly Ariel, like PunkBuster - but for a quick, cheap, and dirty way (what the heck, users have no choice and most don't even know) it 'works' - of course the really ridiculous thing about GameGuard is there are so many hacks out there to get around it that for the most part it is useless.
And bvewwer, wow is short for Windows on Windows, it is part of the Windows 32 bit emulation in Windows x64 variants, so for some apps not running 64bit code they are emulated in different locations (files and registry) in certain cases.
And for all the ‘you use Windows so that is far worse people’, give me a break. If you are even just moderately computer literate and watch out for crap like GameGuard and the like Windows is extraordinarily reliable and even secure. Of course with the attitudes displayed by some of the naive in this thread it is no wonder they have so much trouble with their computer being secure and/or reliable. If Apple or Linux had half the install base (and in Apple's case even 150th the hardware/software ecosystem) a couple thing would be true; problems would be far, far more rampant and computers would be anywhere near the household items they are today.
--------------------------------
Achiever 60.00%, Socializer 53.00%, Killer 47.00%, Explorer 40.00%
Intel Core i7 Quad, Intel X58 SLi, 6G Corsair XMS DDR3, Intel X-25 SSD, 3 WD Velociraptor SATA SuperTrak SAS EX8650 Array, OCZ 1250W PS, GTX 295, xFi, 32" 1080p LCD
AgntSmith,
First, I wanted to say that I think what you tried to do was pretty cool. I have been in IT for a very long time and I think I can see where you are coming from. I have read every single post in this thread because, as someone else mentioned, it was an interesting example of social dynamics. After reading the entire thread, one thing I noticed is that you let yourself be baited way too much my people that had no clue what they were talking about (which I often find myself doing). I wanted to try and see if I could simplify this for those that just aren't getting what you are saying:
1. GG is NOT malicious software. That implies intent and there is no way for any of us to know that for sure. So although intent has nothing to do with this dicussion, we'll default with the assumption that GG's intent is to be an AC application.
2. GG behaves like a rootkit. You have done an great job defining what a rootkit is and anyone that wants to argue that point is doing so just to argue and not to further their understanding or to get a point across. Enough evidence exists to prove that GG employs behavior seem in rootkits, whether we can call it that or not at issue.
3. Your entire point is to inform people of the security threat GG exposes them to because of the way it works, the level of access it grants itself and the documented exploits that could be used to take advantage of it.
Now, for the poster that kept asking for you to document at least 1 case of some one actually using one of those exploits to cause harm to a computer system I have one question; Do you leave your front door wide open every night until someone can provide you with hard proof that a you could be robbed? I know that is an extreme comparison, but the entire computer security industry is based on trying to PREVENT damage. By your logic, you shouldnt update your OS until something takes advantage of a security hole. It makes no sense to me. If I know I have software that has known issues, works in a shady way and could be used to take advantage of my system, I would get rid of it on the spot. That said, I completely admit that this would be MY reaction. As stated before, it is a risk, or a threat. There is no way to be sure that GG will never become compromised, just as there is know way to know that it will. We have to accept the fact that some people are happy living in complete ignorance of what is running on their computers, some people are fine knowing that they are running crap software but don't see the risk as significant, and there are others (like us) that like make sure that our systems are not running software like this when possible.
Finally, this is for Faust:
does... typing... like this... make you better.... than everyone esle?
Out of the entire thread, you probably contributed the least. For all of your posts, you said nothing. You made accusations and called the OP into question regarding what he knows or does not know, yet you did not provide a single shred of ANYTHING that could have been mistaken for an intelligent thought. And when I say that you contributed the least, I am counting the guy that only posted a "." in his reply. I hate singling anyone out, but after reading this entire threat, I just couldnt help myself.
No I would keep my door locked as I know that it is a demand for the insurance. Not that it will make impossible, or even harder, to get into the house, or for that matter get out of the house. I could just simply acknowledge that I keep the door locked to keep visitors/"event" thiefs out.
On the other hand chaninging or picking a lock for the door and someona says, that lock i useless change it, I would like to see if they have some validity to what they are saying. There is few locks that can't be forced or picked (I don't know how to describe it). Where on the scale is it so extremely poor that it makes me have to change it? Is the lock poor because it makes it harder to get in but very easy to get out. I mean go in through a small window and then by easy lock up the door from inside and with ease eascape with larger valuables.
So by that logic I really should employ a security guard in the end, or not turn on my computer.
I'm so broke. I can't even pay attention.
"You have the right not to be killed"
My $0.02:
Smith is right in the fact that GG can be a very dangerous program when used in a malicious way. He is also correct in labeling it as spyware and as a rootkit.
Perhaps someone should just make a tiny little virus that inserts itself into GG ( and this can be done quite easily, I assure you ) and does nothing more than crash your computer for fun. Of course then everyone who swears it's a benign, harmless, little app will then swear they thought it was evil from the beginning once they're watching their computers ( including your Macs', dear Apple fanbois ) do all sorts of amazing things ( like deleting your WINDOWS folder among other similarly important folders and files ) due to GG, and therefore any incorporated virus, having root access.
Of course, people always say I'm overreacting when I begin to rant because some lame ass game developer has their game/mmo default install to C:/
The fact that noone has done it yet does not mean it won't be. it simply means noone has found a profitable enough reason to do it yet.
Or maybe they have. GGs' very own ability to shut out processes such as anti-virus aps could also very well mask any nefarious activity of a small, cleverly placed and sparingly used virus.
Do you think nProtect would announce their GG was hacked and/or targeted by a virus? Sure, they want to lose the money naive sucker game developers pay them for their "security".
All in all people, Smith came here to try to alert you to potential problems with this software. Whether or not you take those warnings seriously is up to you. Maybe you're right and no one will ever decide to use GG as a way to say "HI SUCKERS" to its install base ( miracles happen, after all ).
wow Agtsmith...
So many old accounts here with minimal post counts have come out to support you at once!
Crazer1 2005/ 3 posts
Christopher8 2005/ 2 posts
Bvewwwer 2006/ 6 posts
It's like, well I dunno.. it's like they are the same person or something... Maybe I am just paranoid, but y'know.. makes me wonder with how easy it is to create alt accounts to agree with one's self when very few others actually are and all.
I am sure this isnt the case though... that would be quite an obsessive and scary thing to do... right? I mean... to make a stack of alt accounts and only use them to promote one's own threads and give it an air of popular support?
extra ... included in this post just to make me feel special
Vesa... You might want to check your tin foil hat for leaks...
Its more likely that since this is now 20 plus pages long(and thus tends to show up on the front page more often) that its just attracted their attention.
Correctly like Punkbuster? You got to be kidding right? Why don't you get a hold of noskill and ask him how great PunkBuster is. These security programs are no more than low level anti hack cleints to stop the not so smart hackers. I re-edited because this is just getting to be a redundant thing. Quit googling and give up.
I am an avid reader of this site and browse the forums often. I created my account a very long time ago. I have a low post count because i rarely find that anything i have to say could contribute/help what has already been said, that and also because most threads end up with people making wild suggestions like, i dont know, the OP having 4yr old accounts just waiting in the wings in case he feels he needs someone to agree with him. There is nothing i can do to disprove your accusation. The only think i can say is that if you look at my 3 posts (I dont even you know if you can see a user's previous post history) you can plainly see that i have a completely different writing style than AgntSmith's. In any case. My post count only speaks to my reluctance to participate in discussions that go nowhere and have nothing of value to add. I said what i wanted to say, made my points and i still have not seen anyone ague their validity.
No I would keep my door locked as I know that it is a demand for the insurance. Not that it will make impossible, or even harder, to get into the house, or for that matter get out of the house. I could just simply acknowledge that I keep the door locked to keep visitors/"event" thiefs out.
On the other hand chaninging or picking a lock for the door and someona says, that lock i useless change it, I would like to see if they have some validity to what they are saying. There is few locks that can't be forced or picked (I don't know how to describe it). Where on the scale is it so extremely poor that it makes me have to change it? Is the lock poor because it makes it harder to get in but very easy to get out. I mean go in through a small window and then by easy lock up the door from inside and with ease eascape with larger valuables.
So by that logic I really should employ a security guard in the end, or not turn on my computer.
You actually illustrate the point i was trying to make very well. I dont believe that you are trying to argue the facts about GG and the way it behaves, you are questioning the risk factor and it's importance to you. Which is completely valid from my point of view. Also, your logic is quite sound with regards to my open door analogy. The point is, to you, the risk that GG poses is not worth worrying about. But, to others that risk is a cause for concern. What the OP was trying to do, in my opinion anyway, was to inform the players of the risk and let them decide what to do about it. At least that is what I got from all of this.
If it is so easy to do, why hasn't it been done yet? Or do you really content that it has been done but GG keeps it hush hush so that you won't know? If that's the case, then why haven't all these linked security sites posted that it has been done instead of possibly may be done? As for viruses, do some research. Very few have been created for profit. Most have been created sheerly out of ego or malice.
Look, no one here is saying GG is bulletproof or that it's impossible for something to go wrong with it. If you read the thread, you have one side saying that there's no documentation of an actual threat having occurred and that they are comfortable with the choice they have of using it to play certain games or just not playing those games.
On the other hand, you have a side that has said the company that makes it is evil and unscrupulous. They say those willing to allow the program on their machine are foolish and giving up freedoms just to play a game.
Agt isn't just trying to create awareness. He's an alarmist with a crusade against a product. He has a long history of this, WbC, and you are one of the several he has sucked into his agenda.
- RPG Quiz - can you get all 25 right?
- FPS Quiz - how well do you know your shooters?
Vesa... You might want to check your tin foil hat for leaks...
Its more likely that since this is now 20 plus pages long(and thus tends to show up on the front page more often) that its just attracted their attention.
Your suggesting to me that people don't have alt accounts on this forum then? That they don't use them to support their own points and bump their own posts?
Very well said, Templarga.
- RPG Quiz - can you get all 25 right?
- FPS Quiz - how well do you know your shooters?
Every game that uses GG gets threads like this, but this won't change things.
For better or worse this is the method chosen to help protect the game. For those saying it was Acclaim that added it to the game, you should know that the EU version had it before we did. So I ask, was it Frogster Interactive, Mindscape or Acclaim that forced them to have it?
There is a lot of real information, the behavior of the GG and how it works... and a lot of misinformation, that GG is a "malicious root kit".
Ultimately it boils down to this... If you are not comfortable playing a game with GG, then don't play it. It's that simple.
As for the Pando media booster, it works as a Peer to Peer client to help speed up the download process for the massive 3+gig download of the client. The client is also available here on MMORPG and on File Planet... and I'm sure a few other places.
I'm the Historian and I've seen change.
http://www.thehistorian.org
http://twitter.com/Historian
http://www.myspace.com/_historian
Neither Pando Media Booster or Gameguard are spyware...end of discussion.
Quick question from an ignorant. Ive long since uninstalled this game from my computer, is Gameguard still lingering around my hard drive?
GameGuard isn't spyware, not is it necessarily malicious in itself. It is essentially a rootkit, however, whether it's malicious or not.
GameGuard attempted to shut down my security software (Comodo), which forced a conflict and instantly rebooted my computer. GameGuard should never attempt to disable legitimate security software. If it was able to do so succesfully, the system would be more vulnerable to risks, especially when connected via broadband. That's unacceptable and is specifically why the conversation isn't "over". Likewise, if an individual manually disables securty in order to play a game, then that system is at risk while the connection to the internet is open. Granted, that's the user's fault, but the root cause is GameGuards incompatibility with legitimate security applications (Kapersky, AVG and Comodo users have reported problems).
So, while GameGuard may not be malicous in itself, it's deployment is intrusive, it's activities are suspect and, ultimately, it can lead to compromised systems.
Your analogies about a car crash are wrong. You said "Do not drive a car, you might have a wreck.". A more fitting analogy would be:
The dealer installed code into your car's on-board computer. That code prevents XX percent of drivers from from speeding excessively, which is good. Unfortunately, depending what features you have in your car, the code might also disable your car's traction control, which could cause you to crash.
~Ripper
I read most of this and from what I got out of it is the op is not saying it is good or bad he is just informing the public about the program. I agree with 1 thing it should uninstall when you uninstall the game. Why it would stay installed after you uninstall has me questioning things about it. I think his point is that the program should be uninstalled when the game uninstalls and be easy for people like me to uninstall that are limited with knowledge about computers.
Is this stopping me from playing TCOS? No not really as I have been debating it since before it realeased. If something bad happens then it will. If I want to do something then I generally do, as with most people the burned hand teaches best. I am playing another mmo for right now and I will wait for a while before I try out TCOS. There are many things I read that I like about the game.
I do thank you AgntSmith for informing me about the program.
Most likely, yes. Look back a few pages I list the files you need to search for and remove from the system folder and the registry entries (be careful though if you are not comfortable with such things).
On GameGuard you are simply wrong. By definition GameGuard is both a rootkit and spyware as the definitions make no allowance for intent, good or bad.
From a recent US-CERT (United States Computer Emergency Readiness Team) report:
Spyware is one type of malicious software (malware) that collects information from a computing
system without your consent. Spyware can capture keystrokes, screenshots, authentication
credentials, personal email addresses, web form data, internet usage habits, and other personal
information. The data is often delivered to online attackers who sell it to others or use it
themselves for marketing or spam or to execute financial crimes or identity theft.
Software installed after the user has read and agreed to a clear privacy policy or to an End-User
License Agreement (EULA) that describes the software’s data collection activities does not meet
the definition of spyware. It is your responsibility to carefully read such polices and agreements
to make sure you understand and agree with their terms.
Since GameGuard installs without user consent and with no EULA or Privacy Policy it is clearly properly classified as Spyware even without proof or even suspision that nProtect does anything it shouldn't with the data collected. Now, semantics aside, I think the term rootkit applies most accurately as the classifies the methodology and technology in use by GameGuard. In and of itself the term rootkit is not a bad thing in terms of the origin of the term, back in the Unix days a rootkit was simply a tool an admin used to gain root access, often remotely, for doing legitimate work. It is only of late that the technologies and methods have been used for more unscupulous things.
I agree, PMB seems innocuous and while I think a commercial venture like a pay to play MMO should host its own files that is a small thing in the scope of things. PMB installs and uninstalls properly and the user is informed fully they are installing it so no foul there.
--------------------------------
Achiever 60.00%, Socializer 53.00%, Killer 47.00%, Explorer 40.00%
Intel Core i7 Quad, Intel X58 SLi, 6G Corsair XMS DDR3, Intel X-25 SSD, 3 WD Velociraptor SATA SuperTrak SAS EX8650 Array, OCZ 1250W PS, GTX 295, xFi, 32" 1080p LCD