Blizzard's new Warden, and our privacy
by Mike Schramm 
Nov 15th 2007 at 3:28PM
Tech community Slashdot is going mad over a little present Blizzard apparently included with patch 2.3 this week: a brand new version of Warden (the program Blizzard uses to check for hacks, bots, and keyloggers) that they say effectively gives Blizzard total control over our computers. The technical stuff is a little hard to understand, but apparently Warden is what's called a "polymorphic program"-- that means that it actually hides from anyone looking at it exactly what it's doing and which files it's changing with a random code. Obviously, Blizzard wants to keep the program's activities secret from attackers-- if a hacker knows what Warden does, then he can more easily avoid it.In previous versions of Warden, this randomization was "easy to predict," but Slashdot is saying that the new version effectively hides from even the user exactly what Blizzard is doing on your computer. Now, there is no clear reason why Blizzard would want to do anything bad with your computer-- odds are that this new software is the most effective version they've yet developed at making sure you can play the game without fear of hacks or keyloggers, and that's all they want to do with it.
But you should know that, according to "Captain Kirk," who wrote this article, Blizzard effectively has access to anything and everything on your computer, and can now edit or retrieve information at will without even you knowing what has happened. There's no reason not to trust Blizzard-- they're a high profile company with a long reputation of developing great software. But if a wayward employee at Blizzard wanted to steal your private information from your computer, or install a virus or malware on your PC, we're being told that this program will let them do it without your knowledge. You agreed to this-- it's in Section 14 of the Terms of Use-- and so it's up to you whether you trust Blizzard with your computer or not.
WoW Insider has contacted Blizzard and asked them to clarify the situation if necessary-- we'll let you know if we hear anything from them.
Filed under: Analysis / Opinion, Blizzard, News items
Reader Comments (Page 1 of 4)
Thunderhide Nov 15th 2007 3:34PM
Greeeeeaaaaaaaaaat.
MIrina Nov 15th 2007 3:34PM
Time for people to pull out the good old [Tin Foil Hat].
Glen Larkins Nov 15th 2007 3:36PM
"There's no reason not to trust Blizzard-- they're a high profile company with a long reputation of developing great software."
Yea, that's exactly why they faced a class action lawsuit when Starcraft came out and they got busted for sending back private information they had absolutely no need for. Bottom line is, this is my computer, and you have no right to do secret things on it, regardless of what you put in a EULA or ToS. Neither of those documents are legally binding either.
Scylloga Nov 15th 2007 3:35PM
You agreed to it. End of discussion, if you dont trust them then cancel your account. On their end Im sure there is plenty checks and balances that has to happen before they can just "retrieve" your info.
I am slso quite sure that the legal team has considered the possiblity of a pissed employee trying to infect the customers pc's and have looked at all the legal responsibilities and obligations should something happen and the cause be linked back to their "Warden" progrm.
Joshua Ochs Nov 15th 2007 3:37PM
It has to be said - the most effective protection against keyloggers, trojans, etc, is to get a Mac. They simply do not exist (and no matter how much people keep spreading FUD that someday they might, it doesn't change the fact that it still hasn't happened all these years). WoW runs fabulously on Mac OS X. (Need Windows? Dual boot or virtualize.)
Richard Nov 15th 2007 3:41PM
"There's no reason not to trust Blizzard-- they're a high profile company with a long reputation of developing great software..."
Riiiiight.
Tell that to all the people who had rootkits installed on their computers by using Sony products.
Sony - high profile company with a long reputation of developing great products.
Sorry, the OP clearly has very little understanding of how high level executives think in large corporations... if they can find a reason to mine personal data from your computer to profit, and there's little recourse to them, they'll take it 100% of the time.
Blizzard needs to be open on this disgusting piece of spyware.
(And this is a preemptive STFU to all you "you agreed to it" fanbois - If you don't stand up for your privacy rights, even if you have "nothing" to hide, one day, you WILL find those rights have up and vanished.)
Ktok Nov 15th 2007 3:41PM
Bah, rampant paranoia is all it is. I have absolutely no problem with this. If it kept botters and hackers out of my game, I’d ship a pint of blood to Blizzard along with my monthly subscription.
Buckshot Nov 15th 2007 3:43PM
I thought they were done with warden when they allowed interspace to be used after the first set of bannings. Write better code, patch exploits, don't rootkit us ($ony jr.)
Speaking of such, I saw a 70 orc hunter last night with his pet out while sitting on his mount. Tried, but could not duplicate.
hpavc Nov 15th 2007 3:44PM
There needs to be a write up by a windows os guru on how to run wow in a separate chroot jail in vista. Its as simple as that.
Urthal Nov 15th 2007 3:48PM
Whatever keeps the game cheat/hack free.
KC Nov 15th 2007 3:48PM
So Blizzard can steal my pr0n? Great, first they nerf me, now they are stealing my pr0n :(.
tmklein Nov 15th 2007 3:48PM
to Joshua Ochs/#5
i'm a mac user, don't get cocky. there have been trojans for OS X already. one recently. but a trojan requires that you actually install it and open it and use it, which then, imo, is your fault. currently there are no self replicating trojans or viruses, and keyloggers certainly exist, but not in the way that they do for windows and are much, much harder to come by in the first place.
the bottom line is use your machine responsibly no matter what OS you use and don't be stupid with what you click on, download, or run.
Halite Nov 15th 2007 3:49PM
@ #8 - I actually did that the other day (pre patch even). I was mounted in a battleground and when it ended, I popped into Shattrath mounted - and then my pet appeared beside me.
I haven't tried to recreate it, but I can't think of anything else that was different. I'm rarely mounted at the end of a BG, especially on my hunter.
Shawn Nov 15th 2007 3:52PM
I trust Blizzard. But do I trust that they can keep anyone and everyone from misusing Warden? It seems to me that having a program that can control 9 million computers makes a pretty tempting target for people with some very bad intentions.
Scruffy Nov 15th 2007 3:49PM
DEY BE STEELIN' MAH CREDDIT CAHRD NUMBORZ
Oh, wait, I pay with a credit card.
Mixx Nov 15th 2007 3:52PM
It has to be said - if you think macs are immune to this stuff you are living in the past. As both a mac & a pc owner (I play on my pc) i can tell you that mac viruses and attacks are here now, not something that may pop up in the future. Articles on how to protect OSX from these types of malicious attacks are appearing all over the web, if you are worried about security I suggest taking a look.
As for the warden, I'll deal with it. If Blizzard screws up I'll start a frivolous class action lawsuit against them..... the American dream lives......
before you blast me, yes I'm American, it's a joke, sort of.....leave your troll bait at the door :P
chinasky Nov 15th 2007 3:54PM
I don't mind what they are doing, it's a private company who has limited interest in poking around in your data for anything other than details relevant to protecting the games integrity. Let's face it, you may all think you are delicate unique snowflakes with valuable personal data, but to Blizzard, they just see a ton of snow.
Besides, if you do not operate under the general assumption that your data is already being monitored on a number of levels (apart from Blizzard) then you are probably already reckless with data integrity to begin with. Hardware and software monitoring by Blizzard is the least of your problems.
Xtek Nov 15th 2007 4:45PM
The people who say "Don't play the game then" honestly need to just give it up. I don't even play the game and I've been telling people about this left and right.
It can happen and will happen if companies like Blizzard are not regulated by 3rd parties. Take for example the recent Seagate incident. Not only that... to those people that keep saying "Stop crying" ... "Don't play then". If it's not a big deal answer me this.
Why does Blizzard keep deleting threads that don't break their TOU for forums that reguard to this topic? Eh?
SeiferTim Nov 15th 2007 3:57PM
Hmm... that could explain why 10 minutes after logging on to the new patch (AddOns and WTF folders, etc completely cleared), my computer memory usage spiked to 100% and then crashed...
Glen Larkins Nov 15th 2007 4:03PM
*And to those who really think that this keeps them safe from keyloggers, here's a newsflash, warden isn't even on your computer, it downloads from blizzard and is activated...AFTER you've already logged in (hence after the keylogger has grabbed your password and probably sent it back)