Back in August, Elie Bursztein, the man in charge of Google's anti-abuse research team, detailed how he developed a tool to exploit Blizzard's popular collectible trading card game, Hearthstone. Bursztein gave a lengthy presentation on how he accomplished the hack during the Defcon 22 hacking conference in Las Vegas, but broke from convention by refusing to release his work online.
Ubisoft calls yesterday's story about a rootkit being found in Uplay false and blames "a coding error" for the security hole. Ubisoft denied the whole "rootkit" angle altogether. After quickly patching the Uplay software yesterday, the company issued a statement saying that a coding error was the cause of the software being able to launch any executable on a remote computer - a fact hackers demonstrated as a proof of concept this week.
Update: The BBC is reporting that Ubisoft has rushed to patch the exploit unearthed by a Google engineer in its Uplay DRM. The company also issued instructions for Uplay users:
"We recommend that all Uplay users update their Uplay PC application without a Web browser open," Ubisoft said. "This will allow the plug-in to update correctly. An updated version of the Uplay PC installer with the patch also is available from Uplay.com."
Not all hackers are out to destroy the universe. Recently, a "white hat" hacker going by the nickname "ManWitDaPlan" helped developer Trion Worlds fix a serious security hole in its massively multiplayer online game Rift mere hours after it became public knowledge. After becoming victim of account theft, ManWitDaPlan began investigating the problem and posted his findings on the official forum. Responding to ManWitDaPlan's forum post, Trion Worlds (Hartsman) admitted that RIFT was not 100 percent secure and that users should be wary of hackers and botnets exploiting the game.
Dutch website PS3-Sense claims that "a reliable source" has told them that all future PS3 game discs will contain a unique serial code that players will have to input into the system prior to launch. The source also claims that a similar system already exists on Sony’s PlayStation Network. The code will also make it so that a game can only be used on five different systems. This would serve as a way to keep a game from being resold more than five times, the Dutch site posits.
Naturally, Sony is not commenting on this story. PC gamers are very familiar with serial codes. They are now second nature to anyone that has bought a PC game in the last ten years. They have also proven to be ineffective in doing anything other than inconveniencing gamers.
In the event a cyber attack cripples the World Wide Web, seven members of a “chain of trust” have been given the responsibility of restarting the Internet, with each individual armed with a key.
The key holders include one member from each of the following countries: Britain, the U.S., Trinidad and Tobago, Canada, China, Burkina Faso and the Czech Republic.
According to PopSci.com, five of the seven would need to gather at a U.S. base with their keys in order to restart the Internet.
PopSci further described the keys:
The keys are actually smartcards that each contain parts of the DNSSEC root key, which could be thought of as the master key to the whole scheme. But it is interesting to know that there is a group of individuals out there that hold actual, physical keys that would reboot the Internet as we know it.
I'm a fan of the [gaming] ecosystem overall. I can see the positive in [used game trades], because I can see that what you then get is more and more people touching, playing, experiencing a game that they may not otherwise have access to.
I think you've got to try and extract some positive from it, and that's undoubtedly a good factor - a positive swirl of ecosystem that results. Clearly it's a reality, and certain retailers are very focused and spend a lot of time on it. It's good business for them.
I think things like premium downloadable content, and that kind of thing, will ultimately play a part in used games - and that's not me saying that it's a great way for us to try and minimise that. I think it will be a great enhancement to the way that people experience games. If some additional content is available via the Xbox Live service, for instance, that further enriches the game experience and might encourage folks to hang on their games for a bit longer.
GP: For showing a pro-consumer attitude on used game trades, we'll toss Chris a white hat...
Valve founder Gabe Newell did some outside-the-box musing during his DICE Summit keynote, reports Stephen Totilo of MTV Multiplayer.
Among other topics, Newell ripped DRM for games:
Newell believes that [DRM] that is presented as copy-protection gives a game a stink. It leaves customers unsure about how flexibly they can access their games. So they turn to pirates who offer games with fewer strings, he suggested. “There is evidence anecdotally that DRM is increasing piracy rather than decreasing piracy.”
Valve’s solution: battle the pirates by providing better services than the pirates do. The effectiveness of pirates, he said, is to get content to people who want it more swiftly and easily than the companies who make the content do. An outfit like Valve, however, can get provide even better service, even by doing something as intrusive as data-mining their customers’ computers — as long as they are transparent about it and can prove to the customer that taking such measures will make the customers’ games better.
GP: Nice... We're adding Gabe Newell to our list of game industry white hats who are keeping the most important person in the business - the game consumer - in mind.
Big Download is the latest beneficiary of Randy's insights. The site has posted a fascinating interview in which the PCGA head talks about the issue of piracy and PC games.
Most notably, Randy points out that, back in the day, piracy actually helped grow the PC industry:
I don't think that [those who protested Spore's DRM scheme] is anti-DRM as much as they are anti-Spore's approach to DRM. Their protest has been echoed many times on many gaming forums and the PCGA is listening...
If you ask [Valve and Stardock] about the rate of piracy for their games you may find that one has rampant piracy and the other has almost none. The PC Gaming Industry's history is littered with examples of startups (including Stardock and Valve) that actually benefitted from wide spread piracy to grow a market for their future titles.
Don't get me wrong, I am not advocating piracy... However, how would Quake, Doom, Starcraft, Counter-Strike, or Half-Life have been able to grow widespread brand recognition without a widespread network of gamers openly sharing these games. These titles (and many more) defined the industry. Personally, my first experience with a first person shooter was with Doom (back in the day) and I did not pay for it. Id Software turned the corner and has a very successful business built on the back of the early free/open source exchange of their games...
As a gamer who made his bones on the PC, one of the most encouraging developments of 2008 has been the launch of the PC Gaming Alliance, an association comprised of companies with a stake in the computer games market.
Beyond the formation of the PCGA, however, I'm encouraged by the outspokenness of its president, Randy Stude. In his day job Randy is the Director of Intel's Gaming Program Office. His love of PC gaming is evident and his eminently reasonable voice has given cheer to millions of PC gamers who sometimes feel like outcasts in an increasingly console-centric world.
Randy spoke with GP at length recently on a number of topics, including piracy, where PC gaming is heading and why you can't really play strategy games on an Xbox 360 or PS3.
GP: Randy, what's the outlook for PC gaming?
RS:The PC is leading the way when it comes to hardware innovation and business model innovation. When we released our Horizons research [in Leipzig] which shows the software revenues being generated for PC gaming, I think a lot of people were stunned to see how much revenue is being generated out of Asiain particular.
It shouldn’t be too stunning, I mean this trend has been underway of quite some time. Almost half of the $10.7 billion that are being generated in PC gaming software revenues are coming out of Asia. And this is a trend that obviously many of us who sell hardware are very well aware of because there’s a huge appetite for our technology in the Asian region - anywhere from Vietnam to Korea to China. Even Japan is taking off at this point for PCs and PC gaming.
The usual perception that the West has [is that the Asian market is primarily subscription-based] but it’s more like what Battlefield Heroes is going to be. Its more either pay-to-play, time-on-wire or micro- transactionsgaming where the game client itself is free but in order to advance and level up you need the assistance of certain in-game merchandise that you have to acquire. It’s the acquire vs. accumulate business model. Accumulating takes a lot longer, so most gamers will go for the acquire model.
A lot of these games are finding their way to the U.S. as well. I think the first AAA U.S. title will be the Battlefield Heroes game. Of course there’s Maple Story that’s already here as well as several other similar titles. I think Battlefield Heroes will blow it out for us in the West.
GP: So, will packaged games go away in favor of online distribution and browser-based games?
RS: I don’t think the PCGA is in a position to predict [whether the packaged titles will go away] necessarily, because there are those in the PCGA who rely on packaged goods as their primary source of revenue… I think it’s an important trend and one that several analysts are predicting that the consoles will follow shortly in terms of more content being distributed through the online stores for Nintendo, and Microsoft and Sony, direct to the hard drive of the console. (Hit the jump for more with PCGA's Randy Stude)
In the current environment, game publishers seem perfectly willing to push their customers around, especially when it comes to gaming on the PC.
That's why - as a long time PC gamer - the more I hear about the PC Gaming Alliance, the more enthusiastic I become.
While publishers like Electronic Arts need a lawsuit or three, along with a wave of bad publicity, to clue them into the fact that computer gamers don't want restrictive DRM on their games, the people at the PCGA are studying the piracy issue with an eye toward balancing the needs of publishers to turn a profit and consumers to enjoy a positive gaming experience on their PC.
Ben Kuchera of Ars Technica interviews outspoken PCGA head Randy Stude:
I don't think [piracy is] getting worse, as much as it's getting easier. As broadband has gotten more prolific the issue has been exacerbated... The PCGA will take up the challenge of piracy, not to assume the responsibility that [game publishers lobby] the ESA has taken on... rather the PCGA would like to address the methodology that publishers might be able to take to solve, or to do a better job trying to solve, the piracy challenge for their substantial investments in content.
I think [in the Spore DRM revolt] gamers wanted to make their voices known; it was the equivalent of the Boston tea party... [PC Gamers] don't buy one machine, stick it in the corner, hook it up to the TV, and play it forever. We play on multitudes of machines, and we want the same rights an Xbox 360 purchaser has, to move the game to whatever machine we want to play on.
We [at PCGA] are the guardians of the PC as a platform for gaming. We need to make sure there is an environment where publishers are not afraid to invest tens of millions of dollars in developing great gaming experiences.
PCGA members include hardware types like Dell, INtel, nvidea, AMD, Acer and Antec, as well as Microsoft and Activision.
Consumer-friendly PC publisher Stardock is working on a non-intrusive copyright protection scheme for PC games, according to Edge Online.
Citing an interview with CEO Brad Wardell, EO reports that Stardock is developing the solution for other publishers. GamePolitics readers will recall that Wardell and Gas Powered Games head Chris Taylor released the controversial Gamers Bill of Rights during PAX 2008.
It seems that major PC game publishers were unwilling to sign onto the Bill of Rights, however. While not naming names, Wardell commented on the publishers' reluctance:
While Stardock doesn't put copy protection on its retail games, the fact is that most publishers are never going to agree to do that. So the publishers are telling us, 'Put your money where your mouth is. Why don't you guys develop something that you think is suitable that would protect our IP, but would be more acceptable to users?'
We're investigating what would make users happy to protect their needs, but also provide some security for the publishers. ... We're actually developing a technology that would do that.
Wardell stopped short of terming his new project a form of DRM:
The problem with 'DRM' is that it's so loosely defined... Stardock's products use activation, and I wouldn't say that it's DRM. We're just verifying if you're real customer... We want that [game user] license to be yours, not per machine... It's not your machine buying the game. It's you...
Publishers should have the right to be stupid [about DRM] if they want. That's their right. And it's the right of the consumer to choose not to buy.
The revision addresses the need for more specific wording in order "to get to a place that most users and most publishers can agree on." In addition, Wardell examined the common complaints regarding controversial DRM practices, breaking them down into legitimate, borderline, and illegitimate categories.
He also noted that while Stardock will continue to release titles with no DRM, owners will need to download meaningful updates directly from Stardock. The CEO further revealed that Stardock will soon add "IP protection services" to its digital distribution platform Impulse "so that publishers at least have an alternative to methods like SecureROM, Tages or Steamworks. As a practical matter, most game publishers who want to protect their IP have few options right now."
"There is no solution to the issue of protecting intellectual property (IP) that will satisfy all parties," explained Wardell. "There are customers who will accept nothing less than publishers acquiescing to a quasi-honor system for purchasing software. That doesn't work."
Among what Wardell sees as legit consumer gripes:
They don't want the copy protection to interfere with their enjoyment or use of the software or game.
If a program wants to have a limited activation system, then it needs to provide a way to de-authorize other computers (ala iTunes).
A program should not be installing drivers or other hidden files on the system that use system resources.
Activation-based DRM means that if the publisher goes out of business or simply stops supporting their content that the customer can no longer use their legally purchased item.
Having an arbitrarily low limit on personal activations makes the program feel like it's being rented.
Requiring the user to always be online to play a single-player game. Though we do think publishers have the right to require this as long as they make it clear on the box.
Wardell visited GamePolitics yesterday to respond to concerns about the Gamer's Bill of Rights voiced by PC Gamer editor-in-chief Kristen Salvatore.
Gamer-friendly PC publisher Stardock (Sins of a Solar Empire) has released what it is terming the "Gamer’s Bill of Rights" at PAX.
The company calls the document:
...a statement of principles that it hopes will encourage the PC game industry to adopt standards that are more supportive of PC gamers. The document contains 10 specific “rights” that video game enthusiasts can expect from Stardock as an independent developer and publisher that it hopes that other publishers will embrace...
the objective of the Gamer’s Bill of Rights is to increase the confidence of consumers of the quality of PC games which in turn will lead to more sales and a better gaming experience.
Of the Bill of Rights, Stardock CEO Brad Wardell commented:
As an industry, we need to begin setting some basic, common sense standards that reward PC gamers for purchasing our games. The console market effectively already has something like this in that its games have to go through the platform maker such as Nintendo, Microsoft, or Sony. But on the PC, publishers can release games that are scarcely completed, poorly supported, and full of intrusive copy protection and then be stuck on it.
Chris Taylor, CEO and founder of Gas Powered Games, expressed support for the Bill of Rights, which Stardock enumerates as:
Gamers shall have the right to return games that don’t work with their computers for a full refund.
Gamers shall have the right to demand that games be released in a finished state.
Gamers shall have the right to expect meaningful updates after a game’s release.
Gamers shall have the right to demand that download managers and updaters not force themselves to run or be forced to load in order to play a game.
Gamers shall have the right to expect that the minimum requirements for a game will mean that the game will play adequately on that computer.
Gamers shall have the right to expect that games won’t install hidden drivers or other potentially harmful software without their consent.
Gamers shall have the right to re-download the latest versions of the games they own at any time.
Gamers shall have the right to not be treated as potential criminals by developers or publishers.
Gamers shall have the right to demand that a single-player game not force them to be connected to the Internet every time they wish to play.
Gamers shall have the right that games which are installed to the hard drive shall not require a CD/DVD to remain in the drive to play.
GP: While this would more properly be termed the PC Gamer's Bill of Rights, we have to say, Bravo, Stardock!
Wonderkarp: Actual Thing, Never Proven :P We All Know That You Dont Need Evidence For Something To Be Real, Huh.01/25/2015 - 9:40am
Conster: Ah, that explains it - since the second thing you named is an actual thing, I wasn't sure if you were being sarcastic.01/25/2015 - 7:39am
Wonderkarp: Conster, I was quoting Anita Sarkeesian01/24/2015 - 10:39pm
ZippyDSMlee: odd its not wanting to post half the time 0-o01/24/2015 - 10:21pm
ZippyDSMlee: test01/24/2015 - 10:21pm
Conster: Wonderkarp: did the US actually bomb Japan back to traditional values? My history lessons were eurocentric, so I wouldn't know.01/24/2015 - 9:39pm
ZippyDSMlee: effect like confusion,ect. QTEs are a gimmick that can easily be shallow because you are looking to mess with conditioned responses and nothing messes with them more than random gameplay changes..01/24/2015 - 7:58pm
ZippyDSMlee: Wonderkarp: They tried to be natural with God Of Wars QTE’s, sometimes it felt random which I hate the most in QTEs. The way you interface with gameplay (press X to get X result) should never rely on randomly generated mechanics unless it’s a status01/24/2015 - 7:57pm
Andrew Eisen: I've passed your comment on.01/24/2015 - 5:45pm
Neo_DrKefka: Hey GamePolitics staff can you guys work out the way the ads are delivered via mobile? Sometimes any attempt to do anything on this site automatically forwards you to download "Flappy bird" on a shady site or another thing. It just hijacks my Safari01/24/2015 - 3:47pm
Wonderkarp: I feel like the only good QTEs were the ones in the God of War series. I dont know why though.. maybe its the visceral carnage01/24/2015 - 1:13pm
ZippyDSMlee: prh99: QTEs are dumb I ever understood the need for them outside being cheap and wanting to pad mechanics with scripted events that use only a few buttons.01/24/2015 - 12:58pm
Infophile: And a more detailed breakdown of expenses here: http://imgur.com/L46SUMw01/24/2015 - 12:42pm
Infophile: For anyone still complaining about where the funding for Tropes vs. Women went: https://www.dropbox.com/s/q4z6qa561roidh5/femfreq_annualreport2014.pdf?dl=0 (page 16) Not that this will actually stop claims of fraud, but it's good to have a counter.01/24/2015 - 12:38pm
prh99: Linux kernel patch breaks Witcher 2. Apparently it was a wrapped Windows version instead of native port. http://m.slashdot.org/story/21270301/24/2015 - 11:12am
prh99: I am not a fan of QTEs. Toggle joystick to break away from an enemy is ok...01/24/2015 - 12:26am