Also on AOL
- Autos
- Technology
- Lifestyle
- Gaming
- Finance
- Entertainment on AOL
- Lifestyle on AOL
- Sports on AOL
- Travel on AOL
- More on AOL
Featured Galleries
Joystiq
© 2013 AOL Inc. All rights Reserved. Privacy Policy | Terms of Use | Trademarks | AOL A-Z HELP | About Our Ads
Reader Comments (Page 1 of 1)
5-20-2009 @ 7:15AM
Halfabee said...
I honestly still can't even figure out what the tracker app is named. And whats with the .EXE! filetype? Vista has no idea what to do with it. Everything is installed to my WoW Addons folder and is working fine ingame otherwise though :B
Reply
5-20-2009 @ 7:17AM
Alex Ziebart said...
Wherever you find a ! at the end of a filename, just rename the file and remove the !, it shouldn't be there. Where there's a ! at the beginning of a filename, leave it. That SHOULD be there.
Confusing, I know. We'll fix it on our end soon.
5-20-2009 @ 3:20PM
brittwilson said...
@Alex Ziebart
But WHY is there any .EXE files in this addon??? This is the biggest no-no for security, and it makes your addon a target for someone to try to screw with it to put in a virus or a keylogger, then redistribute it either by themselves, or with a attack against your servers.
I think your idea is nifty, but keeping account mine is far more important to me.
5-20-2009 @ 3:42PM
AyaJulia said...
@brittwilson: How do you expect the addon to get its collected data to wow.com? Addons aren't allowed to interface on their own with any outside program.
The exe file is what you use to upload your achievements/in-game blog entries/other crap to your profile. It has to be there, or the data simply sits on your computer, doing nothing.
5-20-2009 @ 4:11PM
brittwilson said...
@AyaJulia
Before anyone gets all mad, I am not trying to tarnish the integrity of WoW.com or anything like that, I am just doing my duty in pointing out things that I see as dangerous.
I'm understand the technical reason of why they chose an .EXE to be used to do their thing, but it is not the only way. They did it this way to make it easy and automated. They very well could have made everything export to a file, which you then uploaded to your WoW.com account, much like GuildLaunch does with their addon that tracks professions and gear of the members of your guild. Bottom line is, it is not NECESSARY to use an .EXE, its just the easier, unsafer way.
Now granted, their addon could be tracking something I dont know about that absoltuley has to be don't this way, but I doubt it.
The point I am trying to make is that this site, totally 100% all about World of Warcraft, distributing an addon that includes an .EXE file, is going to be a very probable target for malicious attack, by changing the .EXE to have some thing bad in it and trying to redistribute, or they might try attacking the WoW.com servers to get their version in to make WoW.com unknowingly distribute something bad in their addon.
And as a site that has had many articles about addons and security, that has before clamored that you should never find . EXE files in your addons and to be extremely wary of ones that do, I think it is a bit startling that they themselves now have an addon, and didn't even think to explain to the common populous as to WHY they need a .EXE and how they are keeping the addon users safe.