Hoglund, a blogger over
at rootkit, did some investigation into World of
Warcraft and made some rather worrying discoveries. Apparently WoW includes what he calls a "warden
client". This warden, which is designed to verify user compliance with the terms of service, sends verification to the
Blizzard servers every 15 seconds "to about 4.5 million people (500,000 of which are logged on
at any given time)."
He found that this warden client records the "the window text
in the titlebar of every window" to check for any banned cheating applications. If the title of a window matches a
black list of applications (ie ones that will break the ToS) then prepare to feel the ban hammer.
However, the warden also has the ability to record such things as URLs, applications and the titles of any documents open at the time. Whilst Blizzard isn't (or at least we hope they're not) using the warden for such means, the technical ability is there. Hoglund states, "This behavior places the warden client squarely in the category of spyware." You can now download an application that will demonstrate in a graphical interface what exactly the warden is checking at this link.
Is this a fair means for enforcing Blizzard's strict anti-cheating rules, or is it a step too far?
[Update: Apparently the warden uses a form of hash coding to prevent Blizzard from getting any usable information from the reports. Blizzard will only be notified if the warden detects a banned app. So fear not, as long as you're not a dirty cheater…]
[Via digg]
