"Coinciding with the most recent World of Warcraft patch (Tuesday, November 13, 2007), Blizzard has begun a more aggressive campaign with Warden. The changes to Warden effectively remove our ability as a community to police Blizzard's activities, and may lead to undetected violations of personal privacy, among other possibilities."

Here is the "plain english" version:
http://onwarden.blogspot.com/

The more technical read:
http://onwarden.blogspot.com/2007/11/storm-is-brewing.html

I can't say I like these developments. I can understand the reasons for encrypting what they are doing. But the side effect..... and law of unintended consequences.... may even be considered illegal. I encourage you to read about the new WoW Rootkit.

Slashdot also has a say on the matter:

http://it.slashdot.org/article.pl?sid=07/11/15/1611208

I find this outrageous. The code they could potentially put into Warden is now almost on a viral level. I keep a check on huerustics and this is certainly going too far.

I don't like the concept of ANY program with NO oversight. Sure, the encryption will be broken.... but I find this level of intrusion (or even the POSSIBILITY OF INTRUSION) to be far more than necessary for a GAME.

/me agrees

As has been stated by Lax (and proven by several communities) that Warden does not stop botters. The server-side detection methods are far more effective than the client-side methods have ever been. The new modifications to Warden effectively eliminate people who manipulate the game client on a packet level, leaving memory modification as the only *real* method for "hacking".

Personally I agree with Lax that Blizzard would never intentionally do anything to harm or infringe on its customers rights, however what they are doing sets a precedent. Companies in the future may not be as "secure" or trustworthy and this presents a huge problem with the users being less worried/concerned about their privacy.

If say America's Army (Made by the US government) distributed this software then there would be a world-wide outcry about it. I don't see why we should allow a corporation like Vivendi get away with it.

Making money is the ultimate motivator. Some random thoughts.

* Why would I make some of the FSW set-pieces be the best end-game pieces for shadowpriests for example?

* Why would I try to combat goldselling by adding a 5000G mount? Then continue to add new (expensive) flying mounts that you basically can just go out and purchase for gold.

* Why would I restrict access to some types of mobs? I don't have time to stand in line to grind fire elementals, and many others with me. I value my free time by the hour. I'd gladly pay 50g for a Primal Fire if it saved me half an hour.

* Why would I make the game so damn easy? And on top of that adding a powerful macrosystem to it?

Point is the longer it takes you to reach your goal, the more money I'll be making.

Gotta go to lunch...

I have nothing constructive to add except my support that this is a step too far.

I find some of the comments on the technical blog disparaging the author ludicrous and lets be honest here, ignorant of the larger implications :(

My first, glib, response is "I don't care what Warden does". I don't cheat, have no intention of cheating, and applaud absolutely any method that defeats those that do.

I find the potential wider implications discussed on the above linked-article quite thought-provoking though. I think it's probably a sign of the times, and simply signifies the re-drawing of long-existing battle lines.

The same argument has been applied to online DRM in the past, and for as long as businesses see the need to "protect" their property (now, there's an argument to be had........) there will be people willing to defeat it.

Interesting stuff. Not something I find myself getting outraged or excited about though :)

The same argument has been applied to online DRM in the past, and for as long as businesses see the need to "protect" their property (now, there's an argument to be had........) there will be people willing to defeat it.

This is completely un-related. DRM did not have the potential to forcibly insert a virus into your computer, Warden *could* now do so, circumventing all anti-virus protection because it already has a hook.

I don't think it will ever happen, but the point is that there shouldn't be a possibility of it happening.

The only people that the new Warden will currently effect is the botters who are using extremely low resource custom built clients that are spoofing warden and are transmitting commands to WoW servers on a packet level. I'd say there are maybe one or two bot-farms in the world that do this, hardly sufficient to potentially compromise the security of almost 9 million customers.

My first, glib, response is "I don't care what Warden does". I don't cheat, have no intention of cheating, and applaud absolutely any method that defeats those that do.


Thing is, how can we now know that stopping cheaters is what Warden actually does? Sure, we think it's meant to do that, but we can no longer know. So how can any of us really be happy this is going to help stop botters and cheaters?

I should add i think Blizzard of course have good intention at heart. But i don't like having this sort of structure built up, it can then easily have it's purpose changed, and we will all be screwed.

how can we now know that stopping cheaters is what Warden actually does

I don't think we ever really knew that. In fact, looking at the available resources, I think it's safe to say that it never did that very effectively *because* it was so easily fooled.

Now it's not so easily fooled, I suspect it will stop more cheaters than it did before.

I'm playing devil's advocate a little here, because I'm not blind to the wider implications, but if I squint with one eye through my blinkers, I can actually see how this is a Good Thing for the game.

In terms of re-purposing Warden, I tend to go with common sense, dangerous though that is :)

Blizzard are not going to change the use of Warden because it makes no business sense to do so.

Somebody's going to crack the encryption soon, Blizzard will update it, it will get cracked again, ad infinitum, so in the very near future and intermittently for as long as Warden and similar programs exist, we (or at least those who are interested) will know exactly what's being sent.

I doubt they're kidding themselves into thinking that whatever information they collect will remain secret for long.

The worst possible thing that could happen is that Warden becomes in some way exploitable leaving 9+ million subscribers' machines vulnerable in some way, but that was always a risk.

as someone has has developed secure voip systems, day trading systems, and other secure real-time systems... i see no problem with encrypting the bandwidth. i have even heard of some companies encrypting the binary itself in order to secure the protocol and avoid memory monitoring (haven't figured that one out)

according to the various rants, the problem isn't that blizzard is downloading executable chunks and running them on your system whenever they want to analyze what you are doing... it's that they have encrypted the chunks and those looking to get around blizzards attempts at security are having trouble with it.

there are things happening at lower levels that should freak people out, but don't.

*shrug*

I guess what people are really worried about is the fact that anyone of Blizzards employees are now potentially in control of 9 million systems. Can Blizzard guarantee for the safety and privacy of my system? Of course they can't. You'll always have people who see opportunities in situations like this. Like noone ever heard of a corrupt banker.

Listen.. The only difference between Warden after 2.3 and Warden over the past 2 years is that they added a hash to encrypt the data going back and forth to prevent Lax from spoofing information to allow his bots to work without being detected.
He is pissed because his method has effectively been defeated while mmo glider continues to work.
If you seriously think Blizzard is going to steal your credit card numbers you have other issues anyway.
And you of all people Xzin I would have expected to pick up on the fact that Warden is in no way a root kit and that slashdot poster obviously has no clue what a root kit is.
Very few people actually know the inner workings of Warden because the only ones who care are those that make bots. Its easy for any of them to spread any rumor they want about it because no one would know the truth.

People really need to check their information before going and spreading false rumors.

I'm guessing there will be very few people who have that level of access, Additionally its more than likely that it will require several authorisation passwords before it will actually work. As ever though, it could happen.

I guess what people are really worried about is the fact that anyone of Blizzards employees are now potentially in control of 9 million systems. Can Blizzard guarantee for the safety and privacy of my system? Of course they can't. You'll always have people who see opportunities in situations like this. Like noone ever heard of a corrupt banker.

Do you really think 1 employee would be able to change this and distribute it to millions of people without Blizzard knowing? Not to mention then hide the data coming back. GM's cant even give out gold or items let alone distribute a warden hash thats going to steal everyones porn.

I now have something to contribute ;)

I think people are focusing too closely on Warden itself rather than the precedent that warden sets.

Also you shouldn't compare encryption between partners to be the same as delivering encrypted code which the EULA requires that the enduser be ignorant if its specific purpose.

I have never and have no intention of carrying out actions contrary to the EULA and TOS but even to me this functionality is like buying house insurance with a clause permitting the underwriter, at their discretion, to send a team around to your house for a purpose they refuse to disclose.

As a side topic, how does Blizzard feel about UK's "The computer Misuse Act 1990" (http://www.opsi.gov.uk/acts/acts1990/Ukpga_19900018_en_1.htm)
specifically


1(1) A person is guilty of an offence if:

a) He/she causes a computer to perform any function with intent to secure access to any program or data held in a computer;
b) the access he intends to secure is unauthorized; and
c) he/she knows at the time when he causes the computer to perform the function that this is the case.

Without know what is being accessed how can you give authorisation for a program to access it?

and


3(1) A person is guilty of an offence if

a) he/she does any act which causes the unauthorized modification of the contents of any computer; and
b) at the time when he does the act he has the requisite intent and the requisite knowledge.

3(2) for the purposes of subsection 3(1)b above the requisite intent is an intent to cause a modification of the contents of any computer and by so doing

a) to impair the operation of any computer;
b) to prevent or hinder access to any program or data held in any computer; or
c) to impair the operation of any such program or the reliability of any such data.

3(3) the intent need not be directed at

a) any particular computer;
b) any particular program or data or a program or data of any particular kind; or
c) any particular modification or a modification of any particular kind.

3(4) For the purpose of subsection 1b above, the requisite knowledge is knowledge that any modification he intends to cause is unauthorized. 3(5) it is immaterial for the purposes of this section whether an unauthorized modification or any intended effect of it of a kind mentioned in subsection (2) above is, or is intended to be, permanent or merely temporary.

Polymorphic code is, by definition, modification of data on a computer system.

just some food for thought

Polymorphic code is, by definition, modification of data on a computer system.

So is the patch system :) The difference, I guess, is that we know when a patch is happening but we don't with Warden.

As you mooted, by playing the game, we have already agreed to the EULA (http://www.worldofwarcraft.com/legal/eula.html), which contains the following specific statement (my emphasis):


8. Patches and Updates. Blizzard may deploy or provide patches, updates and modifications to the Game that must be installed for the user to continue to play the Game. Blizzard may update the Game remotely, including, without limitation, the Game Client residing on the user's machine, without the knowledge or consent of the user, and you hereby grant to Blizzard your consent to deploy and apply such patches, updates and modifications.

That statement in itself covers them for delivering Warden updates and makes all such updates and accesses "authorised" for the purposes of the Act.

I am in no way a legal bod, and I don't set much store by forum discussions on legal issues because they're invariably wrong, but I would imagine that Blizzard would have had the EULA scrutinised by their own lawyers for enforcability in various territories.

Of course, the argument now is that we can't prove they're sticking to "updating the game". I personally think it's preposterous to suggest that they'd use it for anything other than the stated purpose and I've never bothered to prove that was the case anyway.

I remain totally unconcerned by all of this to be honest, and the more I think about it the less concerned I am.

Must be the Friday feeling ;)

I know I can't find out what Warden does right now. I know it's aimed at cheaters. I trust that Blizzard want to keep me as a customer and won't abuse whatever facility they have.

I choose to contine playing the game. If I didn't like it, I would choose not to.

For conspiracy theorists, I'd be more worried about what Microsoft put into their operating systems than what Blizzard put into our game client :)

Once again setting aside the wider issue (if indeed there is one), the bottom line is that this has absolutely no impact to me, my gaming or my boxing, and I'm very happy that cheaters are feeling so hard-done by.

/smug

My last comment on the subject is that everyone needs to realize that this is coming from a guy who programs bots for WoW. His method of avoiding detection was defeated so now he is trying to say that Blizzard will use Warden for other uses than it was intended. He is just trying to stir things up since he has been defeated.

Otlecs has it right and it's not even worth arguing over because whether or not it was an issue we cannot do anything other than stop playing WoW to avoid it.

My last comment on the subject is that everyone needs to realize that this is coming from a guy who programs bots for WoW. His method of avoiding detection was defeated so now he is trying to say that Blizzard will use Warden for other uses than it was intended. He is just trying to stir things up since he has been defeated.

Do us all a favour and read the article. Aditionally, Lax doesn't program bots. He simply provides a development platform which other people have provided a) a WoW API b) Bots and other scripts For. Obviously he is commercially interested, and he's already stated that he's pretty much got this nailed. Its just become a lot harder he won't quite know many many Algorithms blizzard is passing round at any one time. It simply means that the method of defining each algorithm with a "signiture" in ISXWoW will have to be rethought.

Do us all a favour and read the article. Aditionally, Lax doesn't program bots. He simply provides a development platform which other people have provided a) a WoW API b) Bots and other scripts For. Obviously he is commercially interested, and he's already stated that he's pretty much got this nailed. Its just become a lot harder he won't quite know many many Algorithms blizzard is passing round at any one time. It simply means that the method of defining each algorithm with a "signiture" in ISXWoW will have to be rethought.

I decided to look again since apparently things had changed since the last time I read it and noticed he decided to "clarify" his original post which was a huge QQ about privacy and his detection methods no longer working.

I still find it incredibly hard to believe that 1 employee within Blizzard would be able to put in code to steal personal information without it being noticed. You have to realize 1 person does not control the whole Warden project and to inject and hide that code as well as hide the data coming back would be incredibly hard. Not to mention he says that the only encrypted data is that coming from the server and not going out which means you could find what they are sending back if you really wanted to.

Lax is probably the most knowledgeable person on Warden outside of Blizzard so no doubt he knows what he is talking about but I still can't help but see this post motivated by the fact that he stands to lose money because of the changes.


On a side note.. how many of you are going to quit WoW because Warden might steal your personal data? If it was really a threat we would all be leaving.

blizzard has your name, address, credit card number, and I beleive a security passcode (mothers maiden name?) already.

They don't *need* to actively steal anything from the users, you've already given it freely to them.

And to the "invsaion of privacy" concerns - What are you hiding, and why are you hiding it on a computer plugged into the internet? Hmmm....?

I think that about sums it up.

I have no problem with this as all...

Basically, people that are trying to cheat/hack WOW can no longer make sure that WOW isn’t trying to install a virus/access our CC information (you know, the information they already have)....

That’s the only change.

I find it FAR more likely that a low level billing support for some company I pay with a credit card that makes slightly more than minimum wage will steal CC information (Or even the waiter/waitress at the local Steakhouse) than any problem will happen.

Not only do I not have a problem with it, but I'll also give it a /cheer.

Today’s Dilbert kind of fits...
http://dilbert.com/comics/dilbert/archive/images/dilbert2007113333116.gif

Common sense - You must have some level of trust for any program you install. I trust blizzard a LOT more than some other programs I have used in the past. (keyclone for example – I trust keyclone, but I trust Blizzard more)

His "plain english" version implies that while he does not have any reason to believe that Blizzard would misuse the Warden software (why mess with a good thing, after all), the current implementation could create points of access for people with not-so-noble intentions.

I would expect that Blizzard is very cautious about who is able to work with/on Warden and what is released, since they would be responsible for any damage the program does even if someone else was the culprit. With billions of dollars at stake (literally) I am hoping that they're neither so stupid or sloppy as to leave themselves vulnerable.

On the other hand, people can do some remarkably dumb things.

I think much of the problem lies with the perception of Blizzard, and thier poor history of communication with their player base...

Firstly, nothing was mentioned in the patch notes about Warden being updated. While I do understand that listing the changes to Warden would defeat the purpose of updating it, there's no reason not to notify players about it with a sinlge line description, something along the lines of "Warden updated with new anti-botting code". This would give Blizzard a level of transparency which would combat the fearmongers, and have the added bonus of making Blizz look like they are taking a tough stance on botters (+rep with their player base).

Instead they have done the worst thing - no official response and deleting threads on the forums that talk about it. They are creating the perception now that they are up to good, even if that is not the case.

They really need to stop treating the player base like two year-olds (even if a lot of them act like it). Like any relationship, good communication is one of the most important aspects - Bliiz really need to learn this IMO.

How would we have known anyway TO opt out? They didn't exactly announce it openly.

Read the ELUA.. If you don't like the terms than don't play. It's clearly stated what they can do if you agree. Sure it's not specific information about Warden but it does cover it.

As for updated the player base on Warden updates it would completely defeat the purpose. First of all it in no way affects the game itself so it doesn't really fit in with the patch notes and second they don't want botter's to know it's been updated because that would alert them and allow them to attempt to avoid being detected.
It would be like alerting the police before you goto rob a bank..

While I remain suspicious of anything like this that's hidden, I'm fairly sure Blizzard isn't planning anything nefarious with it. There's a breakover point where my paranoia becomes justified but I don't think this makes it there yet. Also, someone will figure out how to break this soon enough and things will return to bidniss as usual. :P

Imagine if all the software producers do the same thing as Blizzard. Allova sudden you have 15-20 corporations with encrypted unrestricted access to your computer....How long before the ad campaings become REALLY tailormade? This may not be exactly about Blizzard, but it sure as hell is about "opening that door".

If I had programmed Warden and knew that on a lonely nightshift I could tap into any system, do what I wanted, exit clean and cover my trail - I would.

One single person will not be able to "hax0r Warden" Blizzard will have X layers of protection surrounding warden and its distribution. What concerns me is the precedent this sets for companies. It gives off a certain moral ambiguity which is what really concerns me. Blizzards distinct lack of honesty about the subject is also extremely worrying. Whilst they do have a right to protect their property, they also have a duty to protect their users.

Blizzard told everyone about Warden when it was first released. They have no reason to alert botters about changes that are made. You guys also assume that there is no protection for the users. Do you know how Blizzard codes Warden or how it is actually run server side? All anyone knows it was is on the client side.

You have no clue what they are doing to protect us from potential malicious code and are making assumptions that there are no safeguards in place to prevent it.

This is why these posts are pointless.. There are about 3-4 people outside of Blizzard that really know anything about Warden and they only know the client portion. There is no reason to post these "OMG THEY ARE STEALING INFORMATIONS!!!" threads to worry people about things they don't need to.

Not to mention this isn't the first time Xzin has posted something unrelated to multi-boxing in the general forums that has turned into an opinionated flame fest. Please move this shit out of here.

Talk about over reaction.

First, just exactly what could they take off their system that would give them any more information about you that you did not voluntarily give up when you registered your accounts?

Second, they already tell you what they are looking for.

Third, the registry worries are unfounded because just by loading certain windows DLLs the registry gets read. That would be outside of their control.

Fourth, you don't have to play the game. Quit.

Fifth, you probably gave up more information just buying the hardware and software to support your addiction.


If anything, that tinfoil hat twit did what he wanted, got lots of hits on his page and made some money off of it. Twisting words and insinuating threat is a great way to stir up the ignorant.

Hell I bet many of the people bitching about what Warden does don't practice good computer security in the first place (not aimed necessarily at people here).

You have no clue what they are doing to protect us from potential malicious code and are making assumptions that there are no safeguards in place to prevent it.

I don't think anyone realistically believes this is even a possibility. Blizzard have shown in the past that they are highly responsible, hell, GM's can't even create items without having someone else authorise it. Its not as if they'd apply a diffrent "unsecure" method to one of the most integral core aspects of WoW.


This is why these posts are pointless.. There are about 3-4 people outside of Blizzard that really know anything about Warden and they only know the client portion. There is no reason to post these "OMG THEY ARE STEALING INFORMATIONS!!!" threads to worry people about things they don't need to.

/me sighs
The problem is not that Blizzard is stealing info, spying on us, whatever. The problem is that there is the potential to do so. As such this also sets a precedent for other companies. Blizzard will probably never do anything to harm or mislead users, thats not to say the next lot won't.

As far as people not knowing "jack shit" about what goes on serverside, thats very true, we only have the client-side info. But then again, people made emulated servers using only stuff that was "located client-side". The only diffrence being is that the emulated servers are not 1/100th as complicated as the live servers, what with all the auditing and security procedures set in place.


Not to mention this isn't the first time Xzin has posted something unrelated to multi-boxing in the general forums that has turned into an opinionated flame fest. Please move this shit out of here.

Its a general forum. Its highly related to WoW. Noone is forcing you to click on the link to this post. If you don't like whats being said either don't bother reading anymore or just STFU. A lot of people will think that this is a highly important discussion, others won't give a shit, its not for you to decide what WE can and can't talk about.

Talk about over reaction.

First, just exactly what could they take off their system that would give them any more information about you that you did not voluntarily give up when you registered your accounts?

You miss the point. Entirely.


If anything, that tinfoil hat twit did what he wanted, got lots of hits on his page and made some money off of it. Twisting words and insinuating threat is a great way to stir up the ignorant.

Its a great way yes, a better way would be to post detailing several of the scans, giving examples and demonstrating what could potentially be injected into Warden.

This is why these posts are retarded.. Its just become people arguing over essentially nothing.

And for the record this is a general forum about dual-boxing and this post doesn't fit that.

here is something to be more afraid of (from another forum)


Not making this up. In an official statement from Seagate themselves, they admit that there was malicious code released on a certain line of hard drives that actually attempts to steal account information from a select few set of games World of Warcraft being one of them, and sending the data to an actual server in China.

CHECK YOUR RECENT HARD DRIVE PURCHASES!!


Official statement (some links were taken out of this article. If you have one of these hard drives, visit the site and they can provide you with downloads to rid your hardware of malicious code):

http://www.seagate.com/www/en-us/support/downloads/personal_storage/ps3200-sw

One single person will not be able to "hax0r Warden" Blizzard will have X layers of protection surrounding warden and its distribution. What concerns me is the precedent this sets for companies. It gives off a certain moral ambiguity which is what really concerns me. Blizzards distinct lack of honesty about the subject is also extremely worrying. Whilst they do have a right to protect their property, they also have a duty to protect their users.


Precedent? Blizzard isn't even the first game company to scan you for malicious programs. Hell at least Blizzard does their best to scan for keyloggers.

If it REALLY CONCERNS YOU then quit.

Damn, as I posted elsewhere you give up more personal information just buying stuff at the store on on the net.

Your trash can is probably more threatening to you than anything a game company can come up with.

They are providing a service. If you don't like the rules and such that come with it go elsewhere. It is just that easy

here is something to be more afraid of (from another forum)


Not making this up. In an official statement from Seagate themselves, they admit that there was malicious code released on a certain line of hard drives that actually attempts to steal account information from a select few set of games World of Warcraft being one of them, and sending the data to an actual server in China.

CHECK YOUR RECENT HARD DRIVE PURCHASES!!


Official statement (some links were taken out of this article. If you have one of these hard drives, visit the site and they can provide you with downloads to rid your hardware of malicious code):

http://www.seagate.com/www/en-us/support/downloads/personal_storage/ps3200-sw

The chinese are out to get us.

FFS. Blizzard are however the first ones to attempt to covertly scan, hiding and hashing everything. THIS IS THE PROBLEM. This is the point I am trying to get across.

As for it being a General forum, yes, well done, its not exclusively about dual-boxing, its about multi-boxing and all things WoW, or would you care to be more anal about that?

FFS. Blizzard are however the first ones to attempt to covertly scan, hiding and hashing everything. THIS IS THE PROBLEM. This is the point I am trying to get across.

As for it being a General forum, yes, well done, its not exclusively about dual-boxing, its about multi-boxing and all things WoW, or would you care to be more anal about that?

This is still a worthless thread so yes.

And for the record this is a general forum about dual-boxing and this post doesn't fit that.

For the record, the thread was started by one of the forum admins/moderators, and someone who contributes alot to these forums and the community, this forum is essentially for whatever they say it's for. This post fits that.

I think I'd have more belief in Blizzards high ideals if more was done to stop bots and gold selling which go hand in hand. While periodically people are banned in large numbers it doesn't happen often enough.

Blizzard told everyone about Warden when it was first released.

No, actually, they didn't. It had to be discovered and decoded. You know what they say about the best intentions....... it's a lot easier to fall over the edge when you are right next to it than a mile away.


Not to mention this isn't the first time Xzin has posted something unrelated to multi-boxing in the general forums that has turned into an opinionated flame fest. Please move this shit out of here.

If you don't like my opinions or being kept abreast of the direct AND indirect changes to the boxing community (better OR worse) then go elsewhere. I have spent a tremendous amount of time and effort distilling information for the community and not EVERYTHING is going to be embraced by everybody. That's life. I try to keep away from botting or other explicit topics that Bliz frowns upon. I don't and have never botted but I like to understand how things work. This community, at times, fosters frank discussions and open and honest exchanges of opinion. I believe people should be kept informed of what is going on and if that winds up being controversial then so be it.

The world we live in is not all rainbows and candy canes. If you want that, I suggest you post to the official WoW forums. If you have something meaningful to contribute then I (and others) welcome the discussion. But please don't troll the forums accusing people who have greatly contributed to this community of making inappropriate posts.

Technically this has absolutely nothing to do with boxing aside from it being about the game that most of us box in. The discussions within also don't touch boxing, and the only relevant way it would touch boxing is if blizzard decides to use warden to target boxers. It fits more in MMORPG general discussion, but it doesn't seem like posts get moved around here much, not that they need to considering there aren't many off topic threads here, and the few that do come up(like this one) are of interest to the people in said forum.

These forums are loosely moderated, and it seems to work well as is. As long as there isn't a bias that this gets to stay in this forum section just because xzin posted it I don't see any reason why it shouldn't be here.

Now to get back on topic...

Before you can log in after each patch you have to accept the tos and elua, which pretty much says you have to trust blizzard with running unknown(to you) code on your computer. The only change here is that now it is harder to figure out what it does for those who break the rules.

Was there anything stopping blizzard from running 'bad code' before 2.3, other than it being easier to detect?

There was nothing that was stopping them. The diffrence between now and then, was that prior to 2.3 this was being "policed" by the Botting communities. It is now more difficult as Blizzard can pretty much introduce a new scan/malicious code more "unnoticably" this is due to everyones hashed scans looking diffrent. Where-as before everyone's looked the same, despite their being many diffrent scans. We knew before that Warden worked in-process, although now it makes it a lot more difficult to know what its actually doing.

There was nothing that was stopping them. The diffrence between now and then, was that prior to 2.3 this was being "policed" by the Botting communities. It is now more difficult as Blizzard can pretty much introduce a new scan/malicious code more "unnoticably" this is due to everyones hashed scans looking diffrent. Where-as before everyone's looked the same, despite their being many diffrent scans. We knew before that Warden worked in-process, although now it makes it a lot more difficult to know what its actually doing.

Having the botting communities 'police' the game they are trying to cheat in is like asking burglars to make sure everyone locks their doors.

As someone has said before this is more about the increased difficulty botters now have to make a) their software work and b)sure they don't get caught. Than it is about Blizzard (a well known big business, who can't just dissappear if their system is used for illegal activities) using encryption to send data back to their servers.

In fact if you for a moment ignore the reason Warden exists you could say that they are being good to their customers by encrypting their details before sending them over an in effect open data stream.

If any other group of WoW fans with a few exceptions (tin foil hat brigade) had found this out there wouldn't have been this outcry, Warden is a piece of software that is intended to make the game a leveller playing field for those of us who don't run 'illegal' third party apps.

Perhaps it sets a precedent, perhaps not. I don't think people are going to leave the game in droves and that would be the only way that Blizzard could be encouraged to remove this version of Warden.

Was there anything stopping blizzard from running 'bad code' before 2.3, other than it being easier to detect?

Yes, the fact that you could detect it. Now, for the time being, you cannot.

I'm still confused about the actual issue.

From what I've read, the only change to Warden is it now encrypts the data it sends to Blizzard. Nothing about running new malicious code, about opening holes in your system to allow malicious programs in, just encrypting outbound data.

1. We already run Blizzard software. We trust their executables. Every time a patch comes out, we run a new file that we know is going to modify files on our system. In fact, we have to run it as an administrator to do so. I see no threads saying "OMG, we should be able to patch as a guest user to safeguard our privacy!"
2. As someone else stated, Blizzard already has our credit card information, address, email, full name, etc. What exactly are you worried they're going to "steal?"
3. Rootkit? WTF? A rootkit is fundamentally different than Warden. A rootkit prevents you from uninstalling it. Warden only runs when you have WoW open. Rootkits try to take over your computer. Warden doesn't.

I have no doubt that the encryption will be broken quickly, and people will see what data was being sent. Blizzard will then just change their encryption to try to keep a couple steps ahead. If people actually find objectionable data being sent then I can see a cause for concern.

We can still see what warden is doing if we want to.

A program doesn’t run in a vacuum, it can still be observed even if it's perfectly encrypted....

It gets its information from somewhere... Even if warden had some magical, perfect, unbreakable encryption, we can still see what it is doing because the programs/hardware it's requesting the information from are not encrypted.

For example, it’s asking windows what programs are running, we can see that.

If it requests the contents of a directory, we can see that.
If it requests the contents of a file, we can see that.

The difference is that we can no longer check and see what it's looking for by checking warden. (aka, we can see if it's scanning what programs are running, but cant tell what pattern it is scanning for)

They will not be scanning all files.
They might scan all exe files, and/or dll files, but they will not be checking out the contents of our word files.

They can scan my exe/dll/etc all they want...
If they start touching my doc and xls files it's time for a lawsuit.

The basis of this thread is FUD.
(Fear Uncertainty and Doubt)

Blizzard has a goal to eliminate cheating in their game. Something which you can choose to play or not. If you aren't satisfied with Blizzard scanning your filesystem (where they can ZOMG see your personalz stuffs!). Don't play. You agree to it in the EULA. If you think the risks are greater then the benefit, DON'T PLAY. They aren't forcing you to play, it isn't the only game available. It's a choice you made. Deal with it.

If you don't trust Norton anti-virus to scan your system, don't buy it. Sense a similarity?

The 2 changes everyone is in concerned about, are only changes that affect bot makers. The ability to see what warden is doing, is still available. As stated above, every system call it makes is STILL VISIBLE.
The change is that they don't know what warden is GOING TO DO, BEFORE IT HAPPENS. Hence they all of a sudden become very vulnerable.

Warden is NOT A ROOT KIT. Therefore it is still detectable by the OS, and can have its actions monitored by other processes. It can still be detected IN WoW, a root-kit is created to prevent the above from happening. The only change here is that people can't reverse engineer Warden, and predict what it is going to do before it happens. Now you can only monitor what it does WHEN it happens.

So zomg, whats happening, its encrypted! ZOMG!.
Encryption is used on so many levels on your system, the fact that WoW traffic isn't encrypted should be more concerning then it being encrypted now. How do you like your password being sent plain-text over teh interwebs. You don't do that for ANY OTHER REPUTABLE SITE YOU VISIT. (check for Https)

Furthermore, the encryption is being used to hide traffic from warden to the servers. Therefore no one can see what warden is saying to the wow servers. Oh god no? They could be sending personal information?
Well to get the personal information, they have to get it off your system. This can be monitored by programs, as it is not root-kitted. Hence your fears are unbased.

Polymorphic wuzathingy? Polymorphic code is code that performs basically the same actions, with changes in its byte structure. The whole intent of polymorphic code is to prevent detection from scanning software. The version of polymorphic code that blizzard is using, is almost a falcity, as it (from what I read), isn't changing it self (as polymophic code would), but is mearly 318 versions of warden being used.

These 318 version present problems to BOT writers, because they don't have time to react to changes in warden to circumvent detection. Even moreso, blizzard was smart enough to ensure that encryption algorithyms are changed for each of these versions (yay!), so that they aren't using the same key over and over again (makig it easy to crack).

So end result of these changes are this:
*You can't veiw wardens traffic to the server, therefore its harder to detect what it is doing/sending. Only really a concern to bot developers, as the quicker they can find out what warden is scannign for, the quicker they can avoid said scans.
*You can't predict what warden is going to be used. Therefore you don't know what scans its going to do, and how to avoid them. (GG Bots)
*Warden is not a root-kit. Its actions are still visible to the OS. It's not hidden. You can still have a high level process monitor your filesystem access requests, to see if warden is accessing your tax returns.

So take off your tinhat. And if you want a tinhat, stop playing.

The basis of this thread is FUD.
(Fear Uncertainty and Doubt)

Blizzard has a goal to eliminate cheating in their game.

As someone else already pointed out they are certainly going about it in the most complicated and self defeating way possible.


Something which you can choose to play or not. If you aren't satisfied with Blizzard scanning your filesystem (where they can ZOMG see your personalz stuffs!). Don't play. You agree to it in the EULA. If you think the risks are greater then the benefit, DON'T PLAY. They aren't forcing you to play, it isn't the only game available. It's a choice you made. Deal with it.

Who even reads the EULA? Just because they put something in the EULA does not make it legally binding.


If you don't trust Norton anti-virus to scan your system, don't buy it. Sense a similarity?

The 2 changes everyone is in concerned about, are only changes that affect bot makers. The ability to see what warden is doing, is still available. As stated above, every system call it makes is STILL VISIBLE.
The change is that they don't know what warden is GOING TO DO, BEFORE IT HAPPENS. Hence they all of a sudden become very vulnerable.

And who monitors their system all the time?


Warden is NOT A ROOT KIT. Therefore it is still detectable by the OS, and can have its actions monitored by other processes. It can still be detected IN WoW, a root-kit is created to prevent the above from happening. The only change here is that people can't reverse engineer Warden, and predict what it is going to do before it happens. Now you can only monitor what it does WHEN it happens.

So zomg, whats happening, its encrypted! ZOMG!.
Encryption is used on so many levels on your system, the fact that WoW traffic isn't encrypted should be more concerning then it being encrypted now. How do you like your password being sent plain-text over teh interwebs. You don't do that for ANY OTHER REPUTABLE SITE YOU VISIT. (check for Https)

I would be very surprised if your WoW password was ever sent in plain text. I'd like to see proof of that.


Furthermore, the encryption is being used to hide traffic from warden to the servers. Therefore no one can see what warden is saying to the wow servers. Oh god no? They could be sending personal information?
Well to get the personal information, they have to get it off your system. This can be monitored by programs, as it is not root-kitted. Hence your fears are unbased.

Again, who monitors their systems all the time?


Polymorphic wuzathingy? Polymorphic code is code that performs basically the same actions, with changes in its byte structure. The whole intent of polymorphic code is to prevent detection from scanning software. The version of polymorphic code that blizzard is using, is almost a falcity, as it (from what I read), isn't changing it self (as polymophic code would), but is mearly 318 versions of warden being used.

I read it differently. There are 318 different versions detected so far. With the current functionality they can "inject" a new version anytime they want to.


These 318 version present problems to BOT writers, because they don't have time to react to changes in warden to circumvent detection. Even moreso, blizzard was smart enough to ensure that encryption algorithyms are changed for each of these versions (yay!), so that they aren't using the same key over and over again (makig it easy to crack).

The argument is that it does not just present problems to bot writers but to anyone who actually wants to verify that each of these versions are "safe".


So end result of these changes are this:
*You can't veiw wardens traffic to the server, therefore its harder to detect what it is doing/sending. Only really a concern to bot developers, as the quicker they can find out what warden is scannign for, the quicker they can avoid said scans.
*You can't predict what warden is going to be used. Therefore you don't know what scans its going to do, and how to avoid them. (GG Bots)
*Warden is not a root-kit. Its actions are still visible to the OS. It's not hidden. You can still have a high level process monitor your filesystem access requests, to see if warden is accessing your tax returns.

So take off your tinhat. And if you want a tinhat, stop playing.

I would like entertainment providers to provide entertainment without me having to worry about potential security issues. Would you like to go to the cinema if they made you walk through metal detectors and pawed through anything you carried with you to check for hidden cameras etc?

Currently the "layman" implicitly trusts Warden and probably does not even know what it is or what it does. Personally I really hate the fact that a process running on my machine can look at other processes without my permission. I believe that kind of process rights should be easily manageable at O/S level.

If I want to do internet banking I should be able to open my browser and do my banking without having to worry about which other processes are running on my machine. But MS seems more interested in giving us transparent buttons with rounded edges.

As to "botting", their whole game design is suited to it. Repetition, repetition, repetition, ad nauseum. I quit 2 end game raiding characters because that is all end game raiding is about. Same instances, same bosses, again and again and again to gear a raid. Rinse, repeat.

Instead of looking at things they can do server side they prefer to outsource detection technology that runs on the client and can be a potential security risk.

Instead of addressing the in-game mechanics that make botting possible or the reason that a gold buying market exists we will instead install very complicated software that communicates with our servers and gathers information from other running processes or installed applications on your machine and encrypt whatever information we are sending.

We will pour a lot of money into developing this tool that will sit on your machine checking if you are cheating or not while we will continue employing a skeleton staff of GMs with an average response time measured in hours, sometimes days, that never responds in time to catch botters in the act.

Why do I still play? I have some friends that play and multi-boxing is my current toy. I am sick of WoW though and the endless repetition.

Am I concerned about Warden being a security risk? Not really, but it is the paranoid that ensures we enjoy the freedom that we do and I don't dismiss them out of hand.

tldr version:

Suvega: If you want to know what warden is looking at do so and so.

Thinus: But noone does so and so.

Zaelar: Then start doing so and so.

long version


As someone else already pointed out they are certainly going about it in the most complicated and self defeating way possible.

The only complicated part is making it harder to detect and get around. I don't see how it is self defeating.


Who even reads the EULA? Just because they put something in the EULA does not make it legally binding.

Considering you have to agree to the EULA to play... If you move into an apartment and sign something that you don't know, and it turns out that it says your landlord can take pictures of you in the shower, you won't be winning any legal battles there.


And who monitors their system all the time?

People who want to know what warden is doing.


I would be very surprised if your WoW password was ever sent in plain text. I'd like to see proof of that.

Monitor your internet traffic? I don't know either way, but that should give you the proof you want. Outside of that you won't get anything other than someone saying it does.


Again, who monitors their systems all the time?

Again, people who want to know what warden is doing.


I read it differently. There are 318 different versions detected so far. With the current functionality they can "inject" a new version anytime they want to.

IIRC they could always do that.


The argument is that it does not just present problems to bot writers but to anyone who actually wants to verify that each of these versions are "safe".

I'd say monitor your system all the time, but who does that?


Would you like to go to the cinema if they made you walk through metal detectors and pawed through anything you carried with you to check for hidden cameras etc?

I take it you're getting at if movie theaters did something that you don't like as a security measure you wouldn't go to movie theaters. So if wow is doing something that you don't like as a security measure, don't play wow.


Personally I really hate the fact that a process running on my machine can look at other processes without my permission.

It has your permission. Remember that EULA you didn't read but agreed to? Want to start guessing what you agreed to?

Chicken Little(aka, botter wanting to get a panic started): No one can check the content of warden updates anymore!!! They could patch a virus or steal CC information!!!

Me: I'd be happy to sign an agreement saying they could install a virus once a year if it stopped you. (As much as I hate doing it, reinstalling would be a small price to pay)

Chicken Little: Well, They could steal your CC information!!

Me: I GAVE them my CC information more than a year ago. They already have that.

Chicken Little: But you don't know what they are scanning!

Me: I know they are not scanning protected files on my computer, and other than that I don't CARE what they are scanning.

Chicken Little: Well, I meant that an employee could install a new version that takes your CC information and resorts it to them!

Me: An encrypted packet still needs an IP address to go to. If WoW suddenly started sending information to some "bellsouth.net" IP, tons of people would know right away.

Chicken Little: ...

Me: I'm in far more danger surfing the web, downloading a driver update, or even reading my mail. I'm 100 times more worried that the next waiter I give my card to at Red Lobster will write down my CC information than that some Blizzard employee will manage to get undetected access to my computer.

Me: No computer connected to the internet is secure. The internet itself isn't secure by it's very nature. Any OS (Windows, Mac, or Linux) has security problems. The best we can do is keep our patches current. Then we hope that when some new way of getting in is discovered, we are not one of the first ones hit.

*lots of stuff*

Who even reads the EULA? Just because they put something in the EULA does not make it legally binding.

Considering you have to agree to the EULA to play... If you move into an apartment and sign something that you don't know, and it turns out that it says your landlord can take pictures of you in the shower, you won't be winning any legal battles there.

*even more stuff*

This depends A LOT on which country you live in. The American laws aren't global, ya know :P For starters, such an agreement would be seen invalid in Norway, as it has a unreasonable condition which has nothing to do with the innitial contract and it's purpose, which is letting you live in the appartment.

To draw some lines from that to WoW, if the TOA, for instance, said "you have to give all the gear to a GM when you've played for sixty days", then the validability of that clause would deffinetly be questioned, in a norwegian courtroom, anyways.

So, from *my* point of view, wether or not the EULA and/or ToA is valid at all, can be questioned, also because it's something you have to agree with AFTER you've purchused the game.

It's like selling a car and then come dragging with a bigass contract the buyer have to sign if he( or she) wants to drive it.

To draw some lines from that to WoW, if the TOA, for instance, said "you have to give all the gear to a GM when you've played for sixty days", then the validability of that clause would deffinetly be questioned, in a norwegian courtroom, anyways.

All else aside, they can take ur gear etc any time they like, their terms state very clearly that ALL of the game content is theirs, including characters, gold, gear etc, there's no way around that regardless. This is why selling accounts, gold, toons etc on Ebay isn't allowed, you don't own anything apart from the game CD's and the right to play within their rules and conditions.

To draw some lines from that to WoW, if the TOA, for instance, said "you have to give all the gear to a GM when you've played for sixty days", then the validability of that clause would deffinetly be questioned, in a norwegian courtroom, anyways.

All else aside, they can take ur gear etc any time they like, their terms state very clearly that ALL of the game content is theirs, including characters, gold, gear etc, there's no way around that regardless. This is why selling accounts, gold, toons etc on Ebay isn't allowed, you don't own anything apart from the game CD's and the right to play within their rules and conditions.
Ok, so that was a bad example, but still, you see the retardedness of selling something to a person and THEN, when they plan on USING it, you throw another set of regulations and terms at them.

the EULA and the TOS & TOU for the US, EU, KR, CN and TW version of the game are different to obied by the laws for each countries and areas the game covers.

the EULA and the TOS & TOU for the US, EU, KR, CN and TW version of the game are different to obied by the laws for each countries and areas the game covers. Odd, seeing as a UK friend of mine helped me to check this out and ours were the same(, as far as we could be bothered to check, that is :P)

But anyways, the EULA, TOS and TOU cannot be called "illegal" or "invalid" before it has been tried in a court of law. If only someone would sue blizzard and see what the court would say, it would be rather interesting in my opinnion.

Trust me there are differences ;)

EULA - End User License Agreement, is an agreement between your self and the company and thus being a contract between you and blizzard.
In a court of law even a verbal agreement can be binding when two parties make a consensual agreement.

By creating an account you basicly sign the agreement and for the continuation of the service when patchs and updates come out that you have to accept to the agreement, you have the option at every patch to either accept the renewal of the agreement or the cancel and decline the agreement.

Its the fundamental law backing contacts agreements, blizzard give you the option to terminate the agreement and not carry on.

Same fundamentals on any agreement, there maybe sections which could be unlawful but if they were someone would of Sued and won by now, and AFAIK the EULA doesnt break any rules because at the end of the day the EULA words it as you RENT/LEASE your account and have the power to terminate the account at any point with no reason.
The power lies with them.

sorry I'm deviating from the actual thread topic, sorry.

So, from *my* point of view, wether or not the EULA and/or ToA is valid at all, can be questioned, also because it's something you have to agree with AFTER you've purchused the game.


http://www.worldofwarcraft.com/legal/termsofuse.html


YOU SHOULD CAREFULLY READ THE FOLLOWING WORLD OF WARCRAFT TERMS OF USE AGREEMENT (THE "TERMS OF USE" OR "AGREEMENT"). IF YOU DO NOT AGREE WITH ALL OF THE TERMS OF THIS AGREEMENT, YOU MUST CLICK "REJECT." IF YOU REJECT THIS AGREEMENT WITHIN THIRTY (30) DAYS AFTER FIRST PURCHASING THE WORLD OF WARCRAFT SOFTWARE, YOU MAY CALL (800)757-7707 TO REQUEST A FULL REFUND OF THE PURCHASE PRICE. ONCE YOU AGREE TO THE TERMS OF USE AND THE END USER LICENSE AGREEMENT (EULA), YOU WILL NO LONGER BE ELIGIBLE FOR A REFUND.

So, from *my* point of view, wether or not the EULA and/or ToA is valid at all, can be questioned, also because it's something you have to agree with AFTER you've purchused the game.


http://www.worldofwarcraft.com/legal/termsofuse.html


YOU SHOULD CAREFULLY READ THE FOLLOWING WORLD OF WARCRAFT TERMS OF USE AGREEMENT (THE "TERMS OF USE" OR "AGREEMENT"). IF YOU DO NOT AGREE WITH ALL OF THE TERMS OF THIS AGREEMENT, YOU MUST CLICK "REJECT." IF YOU REJECT THIS AGREEMENT WITHIN THIRTY (30) DAYS AFTER FIRST PURCHASING THE WORLD OF WARCRAFT SOFTWARE, YOU MAY CALL (800)757-7707 TO REQUEST A FULL REFUND OF THE PURCHASE PRICE. ONCE YOU AGREE TO THE TERMS OF USE AND THE END USER LICENSE AGREEMENT (EULA), YOU WILL NO LONGER BE ELIGIBLE FOR A REFUND.

Now that's just proving *I* didn't read it :P Curse blizzard and them covering all of their bases! (and pardon the slight wander off-topic)

tldr version:

Suvega: If you want to know what warden is looking at do so and so.

Thinus: But noone does so and so.

Zaelar: Then start doing so and so.



How many of the 9 million WoW subscribers read the ToS/EULA every time?
How many of the 9 million WoW subscribers understands what Warden is doing or are able to monitor what Warden is doing?

This is why you have consumer protection laws. This is why you should be thankful for paranoid people as they provide a layer of protection you don't even seem to be aware of.

---

Why is their approach self defeating? We introduce highly tedious and repetitive mechanisms to achieve goals, we just can't understand why people macro!

We introduce a currency of gold and the way to earn gold is to do tedious and repetitive tasks, we just can't understand why people buy gold!

For a lot of people we have gotten to the point where they have a skeleton gaming machine where they don't care what is accessed because there is nothing sensitive on it. You think this is acceptable? Why don't all games just get developed for consoles and we scrap PC games completely.

And people keep saying "if you don't like it don't play". The same with my cinema example. Your immediate response is then don't go. I like the cinema and I would like to keep going to the cinema and I would REALLY like it if there are consumer laws that protect my rights and prevent big corporations from doing anything they like to protect their own interests.

MMORPGs I played all had the same repetitive model, the "grind". All of them had farmers / gold sellers / leveling services. The model hasn't changed much since the first MUD Lars Pensk wrote. So now we are in a situation where gaming companies feel the need to install scanning software on their clients' machines to combat automation of highly repetive tasks to meet a market created because people with real money don't want to spend endless hours doing those repetitive tasks.

Some guy in the US that is running a 100 account bot farm will now have to move his operation to a 3rd world country and cut his profits to employ 100 people for pitiful wages. Yes, we are really making inroads into eliminating botting, aren't we?

And people keep saying "if you don't like it don't play". The same with my cinema example. Your immediate response is then don't go. I like the cinema and I would like to keep going to the cinema and I would REALLY like it if there are consumer laws that protect my rights and prevent big corporations from doing anything they like to protect their own interests.


I have a product/service I would like to sell. It's a subscription based service, and it took alot of hard work to create it. Sure, it has problems -- every product isn't perfect for everyone - but my main goal is to gain income from the subscription fees.

A portion of my consumers are ruining my income by devaluing my product by automating human behavior. This will make my human consumers not want to continue subscribing, and the people automating are gaining income from the misuse of my product.

I would REALLY like it if there were agreements that protect my rights and prevent botters from doing anything they like to protect their own interests.

Too bad nobody ever reads my EULA before they click "accept".

I mean, if there are consumer laws to protect their rights, and I'm overstepping my bounds, the consumers could sue me. But they haven't... I wonder why...

Not to pain a pain in the arse ;) but oh the art of Fisking (http://catb.org/jargon/html/F/fisking.html) let me try thee aswell.



As someone else already pointed out they are certainly going about it in the most complicated and self defeating way possible.

Self defeating? How? By upsetting security 'enthusiasts' and bot creaters? Who else cares?


Who even reads the EULA? Just because they put something in the EULA does not make it legally binding.

Actually, it does.
Reference - http://www.us-cert.gov/reading_room/EULA.pdf
Hint: Read "Why EULA's are important"


I read it differently. There are 318 different versions detected so far. With the current functionality they can "inject" a new version anytime they want to.

As stated by others, they could always change warden on the fly. The only difference is that they have different versions running concurently, something which wasn't done before.


The argument is that it does not just present problems to bot writers but to anyone who actually wants to verify that each of these versions are "safe".

If you're concerned, monitor the warden process for which system calls it makes. If it does something shady, report it online and watch the backlash to Blizzard become huge. Not to mention court cases. Blizzard has ALWAYS had the ability to f' with your system, however it is VERY disadvantageous for them to do so.

The ONLY thing this change does it make it take longer to PREDICT what it is going to do. You can still SEE what it does.



I would like entertainment providers to provide entertainment without me having to worry about potential security issues. Would you like to go to the cinema if they made you walk through metal detectors and pawed through anything you carried with you to check for hidden cameras etc?

It is their right to do so. They already spy on you with infared cameras to try to detect you stealing their work.

Think: If everyone hated the searches enough that they wouldn't go, cinemas would have to change to keep customers.

You're applying a "I don't like it, but I don't have the self-restraint to do something about it" mentality that plagues the players/people.



Currently the "layman" implicitly trusts Warden and probably does not even know what it is or what it does. Personally I really hate the fact that a process running on my machine can look at other processes without my permission. I believe that kind of process rights should be easily manageable at O/S level.


Any process can veiw another... in XP I believe.
Furthermore, find an OS that doesn't allow process scanning.
This is not a Blizz problem, it’s an OS feature request.



If I want to do internet banking I should be able to open my browser and do my banking without having to worry about which other processes are running on my machine. But MS seems more interested in giving us transparent buttons with rounded edges.

Buy vista, it fixes this concern with trusted vs untrusted applcations. When an untrusted application tries to perform something that only a trusted can do, the user is prompted to verify.
However the 'layman' doesn't care as you point out. Which is why most people hate the pop-up boxes, and usually disable them manually. However for paranoid people like yourself, it would be a welcome addition I suppose.

IE7 even mentions “hey, you’re visiting an untrusted zone”, but usually people click the “Don’t prompt me again” box and click OK, eliminating this saftey guard.


As to "botting", their whole game design is suited to it. Repetition, repetition, repetition, ad nauseum. I quit 2 end game raiding characters because that is all end game raiding is about. Same instances, same bosses, again and again and again to gear a raid. Rinse, repeat.

If you don't like the game don't play it. Many many things are good for a comptuer to do, but are considered cheating none-the-less.

Online poker for example? Perfect for computer AI players, however online poker uses the same type of measures blizzard does to stop said botting. However I don't think you would complain about poker...


Instead of looking at things they can do server side they prefer to outsource detection technology that runs on the client and can be a potential security risk.

Server side can only go so far, as has been said before. Honestly the only people who care about the security precautions are paranoid security 'enthusiasts', and bot creaters.


Instead of addressing the in-game mechanics that make botting possible or the reason that a gold buying market exists we will instead install very complicated software that communicates with our servers and gathers information from other running processes or installed applications on your machine and encrypt whatever information we are sending.

Daily quests are directly targeted for removing gold farming companies.
1hr delays in mail are directly tagetted for removing gold farming.
/reportspam is directly targetted at helping users help patrol gold spam.


We will pour a lot of money into developing this tool that will sit on your machine checking if you are cheating or not while we will continue employing a skeleton staff of GMs with an average response time measured in hours, sometimes days, that never responds in time to catch botters in the act.

You have no data to support that GM's don't catch botters in action. Quite the opposite is true if you look at several botting program forums. They use tactics such as:
- Moving character far distances to see if it recovers
- Making mobes evade
- Moving mobs underground to see if they are still targetted
- Etc

Even moreso botters have suspicion that bans are actually delayed on purpose to make a big noise in botting community – hence the “Ban Hammer” or “Ban Waves” where individual bans are postponed so they can monitor your other botting activities and catch you in the act of botting 10 accounts rather than insta-banning just one

Furthermore Blizz has made mistakes banning Linux users thinking they were bots. It may be advantageous to the EULA-abiding consumer that they DO delay so that they can make sure they’re not making a mistake.

How many dual-boxers have been whispered with “Botter!” or “Hacker!”? Would you like a GM to have the ability to insta-ban you based on opinion from circumstancial server data; without having hard data to back it up simply because they don’t understand what dual-boxing is? Has anyone had to deal with the no-phone-number, 1-week email response time account administration to get their account back?


Am I concerned about Warden being a security risk? Not really, but it is the paranoid that ensures we enjoy the freedom that we do and I don't dismiss them out of hand.

I love the analogy that someone used above, something like "Having hackers and botters 'ensuring' security in a system is the same as theifs ensuring security at a retail establishment"

You can say that Blizzard just put a retina scan on all of its doors, and the theifs are spreading rumors that these iris scans could burn your eyeballs! zomg.



I would REALLY like it if there are consumer laws that protect my rights and prevent big corporations from doing anything they like to protect their own interests.

You're derailing the topic. Not to mention consumer protections laws were created to stop scams, injury, and unavoidable unknown consequences. You know what you're accepting, as you have accepted the TOS. A Legally binding agreement.


MMORPGs I played all had the same repetitive model, the "grind". All of them had farmers / gold sellers / leveling services. The model hasn't changed much since the first MUD Lars Pensk wrote. So now we are in a situation where gaming companies feel the need to install scanning software on their clients' machines to combat automation of highly repetive tasks to meet a market created because people with real money don't want to spend endless hours doing those repetitive tasks.

Unlike you, I enjoy the game enough to play. If you honestly dislike the games so much, then don't play them. Again you present the mindless "I don't like it, but I lack self-restraint to stop myself" model.

Lastly:
Some guy in the US that is running a 100 account bot farm will now have to move his operation to a 3rd world country and cut his profits to employ 100 people for pitiful wages. Yes, we are really making inroads into eliminating botting, aren't we?

Before we even get into the (very offtopic) subject of globalization, outsourcing, and its either positive or negative consequences...
(Recommend reading "The world if flat", great read on the subject)

Blizzard, HAS and will continue to change its gaming model to better suite the concerns players have. Instead of mindlessly grinding primals, you can select from a multitude of fun, interesting, and even lore driven daily quests.

How many of the 9 million WoW subscribers read the ToS/EULA every time?
How many of the 9 million WoW subscribers understands what Warden is doing or are able to monitor what Warden is doing?


On a total off-note... Is this blizzard's problem? Or the lazy consumer's?

I mean, it's not like you have to scroll down to the bottom and click "I accept" both the ToU and the EULA EVERY SINGLE TIME there's a patch. *rolleyes*

It's just so inconvenient to actually read documents before you sign a legally binding agreement.

Do these same 9 million customers actually READ their taxes before signing the form?
Do these same 9 million customers actually READ their rental agreements?
What about their work contracts?
Divorce agreements?

Blizzard has clearly been hiding its rules and regulations from the mass player base. The sneaky bastages.

And people keep saying "if you don't like it don't play". The same with my cinema example. Your immediate response is then don't go. I like the cinema and I would like to keep going to the cinema and I would REALLY like it if there are consumer laws that protect my rights and prevent big corporations from doing anything they like to protect their own interests.


I have a product/service I would like to sell. It's a subscription based service, and it took alot of hard work to create it. Sure, it has problems -- every product isn't perfect for everyone - but my main goal is to gain income from the subscription fees.

A portion of my consumers are ruining my income by devaluing my product by automating human behavior. This will make my human consumers not want to continue subscribing, and the people automating are gaining income from the misuse of my product.

Oh right, how many people have quit because of botting opposed to the amount of people that buy gold / characters or to the amount of bot accounts that actually pay a subscribtion. Those subscribtion numbers really plumetted recently because of all the botting, didn't it?

And show me the effectivity figures of Warden. How many botters / gold sellers has it put out of business? How many accounts have been banned directly due to Warden? Show me the percentage of botters that are directly impacted by Warden.

A lot of botting is also not for commercial gain but really people just automating repetitive tasks.

The *REAL* problem is not botting, the problem is gold selling and farming. Botting is a side effect and easily circumvented by gold sellers and farmers and it is immensely difficult to detect as farming is essentially a core design pattern for them.


I would REALLY like it if there were agreements that protect my rights and prevent botters from doing anything they like to protect their own interests.

Funny how you don't even mention the normal legitimate consumer. They have no rights apparently. Woohoo!


Too bad nobody ever reads my EULA before they click "accept".

They don't care if you read it or not. The only reason for its existence is to protect themselves.


I mean, if there are consumer laws to protect their rights, and I'm overstepping my bounds, the consumers could sue me. But they haven't... I wonder why...

You don't get it at all, do you? There is nothing to sue over as no real loss has occured yet. People are concerned about the *potential* for loss. I would prefer not to have software on my machine that scans my machine and then sends encrypted information out. In addition, that software can be remotely replaced without my knowledge. The *potential* for privacy violations should be very evident.

How many of the 9 million WoW subscribers read the ToS/EULA every time?
How many of the 9 million WoW subscribers understands what Warden is doing or are able to monitor what Warden is doing?


On a total off-note... Is this blizzard's problem? Or the lazy consumer's?

I mean, it's not like you have to scroll down to the bottom and click "I accept" both the ToU and the EULA EVERY SINGLE TIME there's a patch. *rolleyes*

It's just so inconvenient to actually read documents before you sign a legally binding agreement.

Do these same 9 million customers actually READ their taxes before signing the form?
Do these same 9 million customers actually READ their rental agreements?
What about their work contracts?
Divorce agreements?

Blizzard has clearly been hiding its rules and regulations from the mass player base. The sneaky bastages.

So you read the ToS/EULA every single patch?

Have any kids that play WoW? Do you read the ToS / EULA after a patch before you let them play?

I would like to see a case where someone suffers some real loss to see if it would stand up in a court and I am willing to bet money that it won't.

Blizzard, HAS and will continue to change its gaming model to better suite the concerns players have. Instead of mindlessly grinding primals, you can select from a multitude of fun, interesting, and even lore driven daily quests.

And you get to mindlessly grind them every day, yay!

So you read the ToS/EULA every single patch?


I do, actually. Yes.

You know, I like to know what's in the documents I'm legally signing.




And you get to mindlessly grind them every day, yay!


I don't find it mindless.

I mean, it's a subject of opinion. I like to listen to audiobooks while I "mindlessly" grind. Or maybe talk to Suvega. Or maybe other friends on Vent. Or maybe watch a little TV.

I'm sure some people consider hopscotch to be mindless.
Or boxing.
Or playing catch.
Or mathematics.
Or watching TV.
Or knitting.
Or reading a book.
Or quantum physics.
Or daydreaming.
Or drawing.
Or breathing.

I mean, it's a matter of opinion. Some people like certain things, some people don't. I don't like playing first person shooters. Maybe it's because it's mindlessly boring to shoot anything that moves. Maybe because I have bad hand eye coordination. My solution? I don't play FPS games. I don't buy them, I don't click the "I accept" on the EULA/TOU for FPS games, I don't install them on my computer.

The fact is, you clicked "I agree". You knew you SHOULD read the TOU/EULA. In fact, you were AGREEING that you understood, read, and agreed to it. You didn't. You lied. In a contract. Now you want protection? Because a bot developer found out that he can't PREDICT what warden is doing anymore?

I mean, Warden was just as transparent when you signed the agreement as it is now. In the terms of use, Blizz noted that they can change Warden at any time. You clicked "I agree" to that EULA/TOU. Now, Blizzard decided that they're going to change Warden dynamically. You can still see what it pokes around in after it pokes around, same as before. Only this time, botters can't predict where they're going to poke around based on a distinct pattern.

Just because 9 million people decide that jumping off a bridge is a good idea doesn't mean you should too. You don't even have facts to support that 9 million people don't read the EULA/TOU. You're just assuming, because YOU are lazy, that 9 million people are also lazy.

Now, I'm not suggesting you stop BREATHING or doing other necessary "mindless" things, but I mean... You have CHOICES here. There are plenty of MMO's and other hobbies that don't use warden -- maybe one of them will be mentally engaging to you. In fact, dual-boxing.com isn't wow-dual-boxing.com. Try a new game. Get out a little.

I mean, if you do consider WoW to be "mindless", I suggest you find another hobby. This one seems a bit too negatively addictive for your personality. Unless, of course, you enjoy masochism.

Oh right, how many people have quit because of botting opposed to the amount of people that buy gold / characters or to the amount of bot accounts that actually pay a subscribtion. Those subscribtion numbers really plumetted recently because of all the botting, didn't it?

And show me the effectivity figures of Warden. How many botters / gold sellers has it put out of business? How many accounts have been banned directly due to Warden? Show me the percentage of botters that are directly impacted by Warden.

You certainly ask for a bunch of figures but don't really give any in return, don't you? Give me hard data that botters/gold farmers/RMT does NOT impact game economies.

In the end, it's in the rules, botting is not allowed.

My OPINION? It ruins the game economy, which in turn causes legitimate players to leave because the game becomes too hard to play "normally". Why do we have to wait for the game to be ruined before we try and prevent this from happening?

The truth is, nobody needs data. Blizzard supports neither gold selling, transfer of accounts, real money trade, botting, automating, hacking, etc. It's their game, they can run it how they want. Personally, I like this stance, and I support their efforts to keep the game economy stable and bot-free.

They are very clear, in their terms and eula, that this includes scanning my computer. I, having read the agreement, find this acceptable. If they start putting viruses on my computer, I will sue their butt off. But until then, it is acceptable. If it's not acceptable for you, you should not have clicked "I agree".



The *REAL* problem is not botting, the problem is gold selling and farming. Botting is a side effect and easily circumvented by gold sellers and farmers and it is immensely difficult to detect as farming is essentially a core design pattern for them.


Farming is in their design, but trading gold for real world money is expressly forbidden. Botting is also expressly forbidden.

If you don't like playing soccer, don't buy the jersey, don't sign the waiver, don't join the team, don't play the game.

I can't help it that your interests and likes/dislikes are different then mine. It's human nature, honey. I like pie, you like cake. I'll go get my pie and you go get your cake.




I would REALLY like it if there were agreements that protect my rights and prevent botters from doing anything they like to protect their own interests.

Funny how you don't even mention the normal legitimate consumer. They have no rights apparently. Woohoo!


All I have to say is:


em·pa·thy /??mp??i/ Pronunciation Key - Show Spelled Pronunciation[em-puh-thee] Pronunciation Key - Show IPA Pronunciation
–noun 1. the intellectual identification with or vicarious experiencing of the feelings, thoughts, or attitudes of another.


You clearly didn't understand the point of my post. We have rights, yes. They're lined out in the EULA/TOU. For example, we have the right to terminate our subscription at any time if we don't agree with the Terms of Use or EULA.

Blizzard, as owner of their intellectual property, also has rights. These are also lined out in the EULA/TOU. You really need to read your legal and binding documents before you sign them. They have the right to put Warden on our computer, and change Warden's behavior at any time without notice, in order to protect THEIR rights and their intellectual property.

You are so concerned about Blizzard MAYBE POSSIBLY SOMEDAY stepping on your rights, when in fact botters/gold sellers/account sellers are breaking Blizzard's rights RIGHT NOW. Did you ever stop to think about that?

People are just too self-centered sometimes.



Too bad nobody ever reads my EULA before they click "accept".

They don't care if you read it or not. The only reason for its existence is to protect themselves.

I care if I'm signing a document that forms a legal contract.

You know, there are consumer rights in that document too.

...Oh, right... you didn't read it.



I mean, if there are consumer laws to protect their rights, and I'm overstepping my bounds, the consumers could sue me. But they haven't... I wonder why...

You don't get it at all, do you? There is nothing to sue over as no real loss has occured yet. People are concerned about the *potential* for loss.

AWESOME! Blizzard has followed their legal agreement and no wrongdoing has been done.

Oh, wait... what were you saying? You don't like the POTENTIAL for wrongdoing?

Awesome, sounds good. Just take a look at those terms you so hastily accepted to see how you can terminate your contract with Blizzard, cancel payment on your accounts, and stop playing the game.

I mean, if it bothers you so much why do you keep clicking "I agree"? It looks like, to me, that you clearly don't agree with Warden, so you don't agree with the TOU/EULA.

I don't really see why you have such a problem with this. Nobody is pointing a gun at your head and telling you that you have to play WoW. There are plenty of addiction therapy resources available to help you deal with this.

The first step to fixing your addiction is admitting you have one.

If you're not addicted, and you're still playing WoW even though you think your legal rights are being taken away, then there is something seriously wrong. Or, as I said previously, you're just masochistic.

So you read the ToS/EULA every single patch?


I do, actually. Yes.

You know, I like to know what's in the documents I'm legally signing.




And you get to mindlessly grind them every day, yay!


I don't find it mindless.

I mean, it's a subject of opinion. I like to listen to audiobooks while I "mindlessly" grind. Or maybe talk to Suvega. Or maybe other friends on Vent. Or maybe watch a little TV.

I'm sure some people consider hopscotch to be mindless.
Or boxing.
Or playing catch.
Or mathematics.
Or watching TV.
Or knitting.
Or reading a book.
Or quantum physics.
Or daydreaming.
Or drawing.
Or breathing.

I mean, it's a matter of opinion. Some people like certain things, some people don't. I don't like playing first person shooters. Maybe it's because it's mindlessly boring to shoot anything that moves. Maybe because I have bad hand eye coordination. My solution? I don't play FPS games. I don't buy them, I don't click the "I accept" on the EULA/TOU for FPS games, I don't install them on my computer.

The fact is, you clicked "I agree". You knew you SHOULD read the TOU/EULA. In fact, you were AGREEING that you understood, read, and agreed to it. You didn't. You lied. In a contract. Now you want protection? Because a bot developer found out that he can't PREDICT what warden is doing anymore?

I mean, Warden was just as transparent when you signed the agreement as it is now. In the terms of use, Blizz noted that they can change Warden at any time. You clicked "I agree" to that EULA/TOU. Now, Blizzard decided that they're going to change Warden dynamically. You can still see what it pokes around in after it pokes around, same as before. Only this time, botters can't predict where they're going to poke around based on a distinct pattern.

Just because 9 million people decide that jumping off a bridge is a good idea doesn't mean you should too. You don't even have facts to support that 9 million people don't read the EULA/TOU. You're just assuming, because YOU are lazy, that 9 million people are also lazy.

Now, I'm not suggesting you stop BREATHING or doing other necessary "mindless" things, but I mean... You have CHOICES here. There are plenty of MMO's and other hobbies that don't use warden -- maybe one of them will be mentally engaging to you. In fact, dual-boxing.com isn't wow-dual-boxing.com. Try a new game. Get out a little.

I mean, if you do consider WoW to be "mindless", I suggest you find another hobby. This one seems a bit too negatively addictive for your personality. Unless, of course, you enjoy masochism.

Nice rant trying to psycho analyze me and gg at attacking me personally /golfclap.

I brought up the whole progress through repitition issue as the source of *why* gold farming, gold selling and botting exists in the first place and that it would be more beneficial to treat the disease and not the symptoms. Especially when treating those symptoms involve spyware.

I have also stated that I am not overly concerned with Warden "stealing" anything from my machine. I am however concerned with the principle and the precedent that it is ok to use spyware as part of a game. Where are the lines drawn?

And I profusely apologize for not studiously reading the EULA every patch because I want to be entertained and not swamped in a morass of legaleze.

Nice rant trying to psycho analyze me and gg at attacking me personally /golfclap.

I'm not sure where you think I'm personally attacking you, I'm honestly concerned about your well being. This sort of thing does not look healthy in your case.

If you're honestly not addicted, excuse me for caring.


I brought up the whole progress through repitition issue as the source of *why* gold farming, gold selling and botting exists in the first place and that it would be more beneficial to treat the disease and not the symptoms. Especially when treating those symptoms involve spyware.

So the fault of breaking a legal contract is due to the product and not the person? I personally don't agree with this sentiment, but that's your opinion.

Clearly, people are continuing to play this repetitive game. Either they find it fun, or they're addicted. Blizzard's subscription strategy seems to be working.


I have also stated that I am not overly concerned with Warden "stealing" anything from my machine. I am however concerned with the principle and the precedent that it is ok to use spyware as part of a game. Where are the lines drawn?

In the ToU/EULA. But you keep forgetting to read it. If enough people shared your sentiment and felt uncomfortable with spyware in their game, then they wouldn't have agreed to let Blizzard do it, and Blizzard would quickly go out of business running a game without any players.

You have a right to privacy, I agree.

Have you ever read those signs in banks and other storefronts that say "This building is monitored by video surveillance?" Well, Blizzard said "This service is monitored by Warden surveillance" and you clicked "I agree" and logged into the game. It's not like they've hidden anything from you.

As it is, Warden has been around since WoW's inception. Nobody had a problem with it until the bot-programmers started spreading the rumor that Warden suddenly changed to the point that it was dangerous.

The only change made is that warden is not predictable until after it has done its scan. It has always been dynamically updateable, but now it's just less predictable as to which version is going to run. It's unpredictable because cheaters were able to detect changes and make changes to their technology to keep it out of Blizzard's sight while they stole Blizzard's intellectual property.

It seems like the only victim here is Blizzard. What changed so much in this latest Warden change that has everyone up in arms?

Absolutely nothing.

Paranoia just spreads faster than wildfire.


And I profusely apologize for not studiously reading the EULA every patch because I want to be entertained and not swamped in a morass of legaleze.

If you were as concerned about protecting your legal rights as you are seem to be in these posts, I'd highly advise you read these.
However, it's also your choice if you decide to lie about reading these documents when you click "I agree" just because you're "too busy"...

I mean, you don't seem "too busy" to read through and reply to all these posts and form a opinion on your legal rights being stepped on without ever having read the legal documents you signed.

Anyway, I'm off for now to go do the "mindless grinding" that I find fun. I think I've made my point, and I won't spam you guys further. ;)

Ta, ta.

There's a very famous poem by Martin Niemöller that goes:

When the Nazis came for the communists,
I remained silent;
I was not a communist.

When they locked up the social democrats,
I remained silent;
I was not a social democrat.

When they came for the trade unionists,
I did not speak out;
I was not a trade unionist.

When they came for the Jews,
I remained silent;
I wasn't a Jew.

When they came for me,
there was no one left to speak out.


Now I'm not suggesting that Blizzard is coming to take you away, rather that we need to keep a close eye on Blizzard when they start making undocumented changes about what is being installed on our PC's.
You may be ok with what Warden is doing now, but you cannot deny Blizzard could potentially gather other information from your PC than just what processes you are running. It's also reasonable to say that Blizzard will only ever act in Blizzard's (Vivendi's) best interests and no-one elses - it is naive to think otherwise.

Personally I would be happy if they just came out and issued a statement saying that this new version of warden is doing nothing other than searching for botting programs (and I'm not talking about the one from 2005).

Blizzard's ToS/EULA's are legally binding however (at least in Australia) certain implied rights always exist and cannot be excluded, restricted or modified. Think of it like signing a lease on an apartment you're renting. Just becuase you don't own the apartment doesnt give the landlord the right to come over any time and start rifling through your possessions. They are however allowed to come and inspect the apartment and make sure it's being used in the manner it's supposed to be...

Cheers,
Stealthy

Nice rant trying to psycho analyze me and gg at attacking me personally /golfclap.

I'm not sure where you think I'm personally attacking you, I'm honestly concerned about your well being. This sort of thing does not look healthy in your case.

If you're honestly not addicted, excuse me for caring.

No, I am not addicted. I have stated before that I have played characters to end game twice and I've quit twice because of the excessive treadmilling.

I only signed up again recently to play with friends and to multi-box. The play with friends part I do more from a companionship point of view. Honestly, it could have been any game. The multi-boxing I am doing to entertain myself and for the challenge because without it I really don't get enough entertainment out of WoW to keep playing it.



I brought up the whole progress through repitition issue as the source of *why* gold farming, gold selling and botting exists in the first place and that it would be more beneficial to treat the disease and not the symptoms. Especially when treating those symptoms involve spyware.

So the fault of breaking a legal contract is due to the product and not the person? I personally don't agree with this sentiment, but that's your opinion.

How do you get from what I said to what you said?


Clearly, people are continuing to play this repetitive game. Either they find it fun, or they're addicted. Blizzard's subscription strategy seems to be working.

I clearly struck a nerve.



I have also stated that I am not overly concerned with Warden "stealing" anything from my machine. I am however concerned with the principle and the precedent that it is ok to use spyware as part of a game. Where are the lines drawn?

In the ToU/EULA. But you keep forgetting to read it. If enough people shared your sentiment and felt uncomfortable with spyware in their game, then they wouldn't have agreed to let Blizzard do it, and Blizzard would quickly go out of business running a game without any players.

You have a right to privacy, I agree.

Have you ever read those signs in banks and other storefronts that say "This building is monitored by video surveillance?" Well, Blizzard said "This service is monitored by Warden surveillance" and you clicked "I agree" and logged into the game. It's not like they've hidden anything from you.

As it is, Warden has been around since WoW's inception. Nobody had a problem with it until the bot-programmers started spreading the rumor that Warden suddenly changed to the point that it was dangerous.

If I recall correctly Warden did not form part of WoW until much much later and when it did become part of WoW there was a lot of discussion around it and I have always had a problem with any kind of spyware on my system.


The only change made is that warden is not predictable until after it has done its scan. It has always been dynamically updateable, but now it's just less predictable as to which version is going to run. It's unpredictable because cheaters were able to detect changes and make changes to their technology to keep it out of Blizzard's sight while they stole Blizzard's intellectual property.

It seems like the only victim here is Blizzard. What changed so much in this latest Warden change that has everyone up in arms?

Absolutely nothing.

Paranoia just spreads faster than wildfire.

I really don't see anyone up in arms except maybe the bot writer who wrote the original heavily biased article. Biased as the article was it still touched on very real privacy issues which I happen to partly agree with.



And I profusely apologize for not studiously reading the EULA every patch because I want to be entertained and not swamped in a morass of legaleze.

If you were as concerned about protecting your legal rights as you are seem to be in these posts, I'd highly advise you read these.
However, it's also your choice if you decide to lie about reading these documents when you click "I agree" just because you're "too busy"...

I would prefer to continue being able to play games without having to worry about spyware on my system. From a moral stand point I have a problem with my television going through my underwear drawer looking for hidden cameras.


I mean, you don't seem "too busy" to read through and reply to all these posts and form a opinion on your legal rights being stepped on without ever having read the legal documents you signed.

"Too busy" is your interpretation, I never said that.


Anyway, I'm off for now to go do the "mindless grinding" that I find fun. I think I've made my point, and I won't spam you guys further. ;)

Ta, ta.

You do your daily quests semi-afk while watching tv or whatever else you mentioned earlier. Sounds like buckets of fun. I would be more concerned with my own addiction than with that of other people if I were you.

Fun fact:

I don't remember the exact setting or which program this regarded, however a certain developer though it'd be interesting to see how many people actually read the ToS which was related to their program. Somewhere in the ToS they put a small notice, saying something similar to "Call this number and recieve 1 000 dollars".

Out of 50 000, or so, sold copies, one consumer called and recieved the money.

As for the EULA, ToS and ToA, which I still say should be questioned wether they're legally binding or not, seeing as they're changed multiple times after you've paid for x ammount of gametime (wether or not it's stated in the EULA and/or ToS and/or ToA that they can be). Again, I'd love to see it tried in a courtroom.

Sure, you can terminate your subscription, however they still changed a legally binding (or is it? :P) contract which you signed wihtout your approval/you had no say in the change. It's not about wether or not the changes are acceptable or not, it's just the fact that there was made changes that you weren't aware of and/or changes that you had no say in.

As for Warden, I don't mind it at all, I like it when Blizzard are trying to boot the cheaters, the botters and the botting farmers. I don't want to wait another 20 mintues for the elementals to spawn, just because some twat has 10 accounts running server wide farming each and every mote he comes across, using bots.

So what's the point of my posts? I just like debates :wink:

But its ok for a non botter twat to come across with 10 accounts and farm motes?

But its ok for a non botter twat to come across with 10 accounts and farm motes? Yes, seeing as he's actually doing the work and not eating food watching Scrubs /rofl-ing at the whispers he sees when he turns his head every 30 min just to make sure his bot hasn't buggered.

they still changed a legally binding (or is it? ) contract which you signed wihtout your approval/you had no say in the change. It's not about wether or not the changes are acceptable or not, it's just the fact that there was made changes that you weren't aware of and/or changes that you had no say in.

Every time they change the EULA (and often when there's a client patch with no EULA changes!!) you have to re-click on that "I AGREE" button. That IS your approval of the agreement in its entirety.

In reality, I doubt many people bother reading it.

I certainly don't because I work on the basis of common sense rather than what I consider to be minutiae, but that doesn't change the fact that I have quite clearly agreed -albeit tacitly - to whatever's written there.

I dread to think how long I'd stand at the Hertz counter next time I pick up an airport rental if I was to read the entire A4, small print, agreement before I drove off :shock:

The issue of whether a software EULA agreement is enforceable or not is a long subject of debate (http://en.wikipedia.org/wiki/EULA) with quite a few documented test cases and mixed results.

Perhaps the most relevant such case was between Black Snow (one of the first professional gold farming outfits, based in California / Mexico) and Mythic, where the EULA for their online game Dark Age of Camelot was held to be entirely enforceable.

That was in 2003, so the EULA enforceability discussion is far from new and although perhaps Warden does something different, the discussion as to whether what it does is acceptable or not is quite distinct from the discussion of whether the EULA we all agreed to (and continue to agree to) is enforceable.

I am ill-equipped to have a legal discussion on such matters, but my personal opnion is that people simply should not agree to something they don't actually agree with.

Agreeing to something in the hope that you'll get away with breaking the agreement if push comes to shove just strikes me as bizarre and in the broader context perhaps says more about the person than the Agreement.

I've enjoyed reading the debate here, and my views are unchanged. I want the game as cheat-free as possible. I suspect Blizzard do too. I choose to believe that Warden exists entirely to achieve this (because that's what common sense tells me) and I'm more than happy to have them sending encrypted information from my machine to their servers.

If I wasn't, or if I found the game so dull that I felt the need to entirely automate something, then I simply wouldn't keep playing :)

Kudos to everyone who's put so much effort into expressing their opinions here - especially Vyndree, who's views are so closely aligned with my own, but was clearly willing to put more time into expressing them than I - but let's not make this a divisive issue for this particular community.

they still changed a legally binding (or is it? ) contract which you signed wihtout your approval/you had no say in the change. It's not about wether or not the changes are acceptable or not, it's just the fact that there was made changes that you weren't aware of and/or changes that you had no say in.

Every time they change the EULA (and often when there's a client patch with no EULA changes!!) you have to re-click on that "I AGREE" button. That IS your approval of the agreement in its entirety.

This is exactly what I was trying to explain, so let me simplify it a bit, just to make my point clearer:

You buy something which you pay a fixed ammount of money for.

Buy buying the product, you automaticly get a certain set of rights. If the product is not up to the standards you belived it to be in/it's incomplete/you cannot use it due to conditions presented to you at a later given time, you have the right to return it

You pay a certain ammount of money a month to use the product.

Now, the question I'm raising is, if these conditions change after you've paid for the use of the product for x ammount of months, then what sort of compasation are you entitled to? Money back for the product? For all of the subscribtion-time?

So IF Blizzard were to change the EULA into some sort of horror script, what would you be entitled to?

And seeing as it's not always changed and you still have to accept it, if you then accepting beliveing no changes were made (to the full extent of your knowledge), then are you entitleded to any form of compasation?

And quite frankly, the gold-farming case and a case such as I'm describing above are different in quite a few ways and would most likely not be treated the same way.