Spyware in HoMM5???
Spyware in HoMM5???
What is known in the short time this has been discovered:
H5_Game.exe attempts to contact lb-iisdt.ubisoft.com [216.98.48.19:443] shortly after the game starts. Upon TCP connection it performs a key exchange and then begins to send encrypted packets.
It is totally unknown what or how much info the program sends, as it connects without your knowledge (or consent), and encrypts the data so you can't tell what it's transfering. It "seems" to be blockable with the right program, but also seems to be coded into the game itself, and so is unremoveable.
Threads on this subject have been shut down on two other fourms, so I suggest you say your piece fast, in case the same happens here. . .
H5_Game.exe attempts to contact lb-iisdt.ubisoft.com [216.98.48.19:443] shortly after the game starts. Upon TCP connection it performs a key exchange and then begins to send encrypted packets.
It is totally unknown what or how much info the program sends, as it connects without your knowledge (or consent), and encrypts the data so you can't tell what it's transfering. It "seems" to be blockable with the right program, but also seems to be coded into the game itself, and so is unremoveable.
Threads on this subject have been shut down on two other fourms, so I suggest you say your piece fast, in case the same happens here. . .
- ThunderTitan
- Perpetual Poster
- Posts: 23271
- Joined: 06 Jan 2006
- Location: Now/here
- Contact:
Thank you Mr. Firewall.
Oh, and I belive the game does ask you if you want to send info about ur system to Ubi when you first start it.
Oh, and I belive the game does ask you if you want to send info about ur system to Ubi when you first start it.
Disclaimer: May contain sarcasm!
I have never faked a sarcasm in my entire life. - ???
"With ABC deleting dynamite gags from cartoons, do you find that your children are using explosives less frequently?" — Mark LoPresti
Alt-0128: €
I have never faked a sarcasm in my entire life. - ???
"With ABC deleting dynamite gags from cartoons, do you find that your children are using explosives less frequently?" — Mark LoPresti
Alt-0128: €
I just verified that this is true; it sets up an SSL connection, and then sends chunks of application data directly upon startup, after an additional two seconds, and after about 18 seconds. On my comp, I guess it's reasonable to assume that the first ones are directly on starting H5_Game.exe, and the last is when all intros are over and done with. All in all, I noted four exchanges of around 300 bytes encrypted data (and lots of overhead in setting up SSL and such).
It seems like a bit much, but it's probably nothing to worry about. Statistics about users' systems is invaluable for developers; and in addition to that, isn't it a rather common practice to check if the running version is the latest one? I guess it's a bit strange to do it with an encrypted connection, but I wouldn't be too nervous about all of this.
// Karja, who doesn't think that this is alarming enough to start up a firewall. But that EULA should be examined...
It seems like a bit much, but it's probably nothing to worry about. Statistics about users' systems is invaluable for developers; and in addition to that, isn't it a rather common practice to check if the running version is the latest one? I guess it's a bit strange to do it with an encrypted connection, but I wouldn't be too nervous about all of this.
// Karja, who doesn't think that this is alarming enough to start up a firewall. But that EULA should be examined...
"Some play hard to get; I play hard to want."
http://www.cynicalstuff.com
http://www.cynicalstuff.com
What gets me more nervous, is that most are not getting nervous
First, a program is installed on your comuter without your knowledge. Then, it connects to the net and Ubi without your knowledge, then, it sends them "encrypted" data without your knowledge or consent. Since it's encrypted, who's to say what in the heck it's uploading to them.
If I find some guy hiding in the girls locker room, it's kind'a hard to beleive him when he says "oh, I'm just checking the locker rooms stats to make sure it works better, and is more enjoyable to the girls"
It would be TOTALLY different if they told you up front, and then there was some sort of option to participate in information gathering or opt out.
I'm also surprised at some of the negative or even rude reaction I've gotten from others just by alerting them about about this "fact".
First, a program is installed on your comuter without your knowledge. Then, it connects to the net and Ubi without your knowledge, then, it sends them "encrypted" data without your knowledge or consent. Since it's encrypted, who's to say what in the heck it's uploading to them.
If I find some guy hiding in the girls locker room, it's kind'a hard to beleive him when he says "oh, I'm just checking the locker rooms stats to make sure it works better, and is more enjoyable to the girls"
It would be TOTALLY different if they told you up front, and then there was some sort of option to participate in information gathering or opt out.
I'm also surprised at some of the negative or even rude reaction I've gotten from others just by alerting them about about this "fact".
- Psychobabble
- Spectre
- Posts: 706
- Joined: 06 Jan 2006
- Location: Melbourne, Australia
- Contact:
I also seem to remember something in the click boxes during install whether or not you wanted usage statistics to be sent to Ubi, it was along with the registration questions things. It's possibly defulated to yes, but it hardly seems insidious to me. These sorts of usage statistics are very useful for a developer to know how the program is working on diff systesm and even what game play features are/aren't used and, iirc, you're asked if you want them to be sent or not. No big deal methinks, keep looking out for those black helicopters though.Trubador wrote:What gets me more nervous, is that most are not getting nervous
Funny when I installed the game, I wasn't ask a question to send anything to ubi or anyone else.. I registered but I sure don't remember being ask about sending my computer info or anything else.. I never allow my info to be sent to microsoft or any other company if I am aware of it.. but I am sure even microsoft has it's hidden stuff too.. I run my antispyware and virus stuff every day.. I know ms windows-xp has an option to turn on or off the error reporting service so I assume they could also have other stuff.. I don't know, I am not a programmer, etc.. but I have about everything I can find relating to send info to the net like the error reporting type of thing turned off in my windows-xp options. I just don't trust any company wanting my info off my computer especially when I can't see what it is they are taking off my computer...
Well, if this information gathering isn't mentioned in the EULA, then it's definitely suspicious and spyware-ish. But at the same time, I'm a software developer myself and I would love to have statistics about how people use my programs; I can't really see a reason for Ubi or Nival to collect any sensitive data.Trubador wrote:What gets me more nervous, is that most are not getting nervous
They could be interested in the Windows version, the screen resolution, DirectX capabilities, a message whether or not everything started up correctly, what the latest version is, and so on - and while all of those are specific data about my computer, it's just for statistical reasons. So I don't see a reason to be nervous.
At least not until someone mentions that they're storing IPs or something like that!
If Ubi ask me via email, or a forum poll to give my computer specs, I would be MORE than glad to contribute and help the game and the gaming community. BUT, I don't want them sticking their poll up my computer when I'm not looking
Stealing person info is a multi million dollar "business". People actually dig through dumpsters to get less personal info than they could get off of your computer; just ask the millions of Vets that just got all of their person info stolen by someone "just looking at stats".
I don't know if "black helecoptors" exist, I DO know this program does, and no one can tell what info it's uploading. Maybe I'm paranoid, or maybe the more no one does anything about this kind of thing, the more prevelent it will become. . .
Stealing person info is a multi million dollar "business". People actually dig through dumpsters to get less personal info than they could get off of your computer; just ask the millions of Vets that just got all of their person info stolen by someone "just looking at stats".
I don't know if "black helecoptors" exist, I DO know this program does, and no one can tell what info it's uploading. Maybe I'm paranoid, or maybe the more no one does anything about this kind of thing, the more prevelent it will become. . .
I'm sure the game didn't ask me about this either. Maybe it's version specific? I have the regular version.
Don't get me wrong - I'm not at all thrilled that I need a firewall program to tell me what a program *I* installed is doing without my knowledge. On the other hand, this is HOMM5 we're talking about, not Comet-curser or 100-new-emoticons-free!!!! or some such crap. To go with the guy in the locker room analogy, it's more like seeing a plumber in the locker room with some tools. Occam's razor says he's there (and it's there) for an innocuous reason.
Don't get me wrong - I'm not at all thrilled that I need a firewall program to tell me what a program *I* installed is doing without my knowledge. On the other hand, this is HOMM5 we're talking about, not Comet-curser or 100-new-emoticons-free!!!! or some such crap. To go with the guy in the locker room analogy, it's more like seeing a plumber in the locker room with some tools. Occam's razor says he's there (and it's there) for an innocuous reason.
The problem is that the number of people who do answer forum polls or answer e-mails are extremely few. I agree that this would be a better way, but when you're trying to build a database of - for example - Windows XP user statistics, it's just not enough with the few who offer such info freely. (This might be a relevant question. They might be considering going XP only for the next game project, for instance; how would they know if the customer base is large enough without checking the existing customers first?)Trubador wrote:If Ubi ask me via email, or a forum poll to give my computer specs, I would be MORE than glad to contribute and help the game and the gaming community. BUT, I don't want them sticking their poll up my computer when I'm not looking
There's a difference between personal information and computer specs. If they actually are collecting something related to the person (IP, e-mail, info about the user's files, etc), then it's absolutely horrible behaviour. This can be misused, like in your example. But things like Windows version, DirectX version, graphic card capabilities and so on is impossible to use in a way to harm the user - it can only be used for improving their products.Trubador wrote:Stealing person info is a multi million dollar "business". People actually dig through dumpsters to get less personal info than they could get off of your computer; just ask the millions of Vets that just got all of their person info stolen by someone "just looking at stats".
In all of this: note that I'm not defending their behaviour to send info without asking! If that's the case, then they're misbehaving regardless of what they send.
Fair enough. But it's nice to ask. It IS your information and your computer. Principle of the thing and all that.Karja wrote: There's a difference between personal information and computer specs. If they actually are collecting something related to the person (IP, e-mail, info about the user's files, etc), then it's absolutely horrible behaviour. This can be misused, like in your example. But things like Windows version, DirectX version, graphic card capabilities and so on is impossible to use in a way to harm the user - it can only be used for improving their products.
In all of this: note that I'm not defending their behaviour to send info without asking! If that's the case, then they're misbehaving regardless of what they send.
- DaemianLucifer
- Round Table Hero
- Posts: 11282
- Joined: 06 Jan 2006
- Location: City 17
The thing is: this is encrypted. By definition, this should make this look more suspicious, and we can't even check to make sure it's harmless.Karja wrote:There's a difference between personal information and computer specs. If they actually are collecting something related to the person (IP, e-mail, info about the user's files, etc), then it's absolutely horrible behaviour. This can be misused, like in your example.
I'm not sure it can only be used to improve their products... It could be used in a number of business ways, like making deals with video card producers, with Microsoft, etc...But things like Windows version, DirectX version, graphic card capabilities and so on is impossible to use in a way to harm the user - it can only be used for improving their products.
Anyway, any program that has NOTHING to do with the Internet which asks me to connect, i block it. A basic principle of security.
-
- Leprechaun
- Posts: 19
- Joined: 06 Jan 2006
What makes me nervous is people who gets nervous for nothing, no offense.Trubador wrote:What gets me more nervous, is that most are not getting nervous
First, you know you installed this program, as it's heroes V itself and not some strange 3rd party software that sends info. The reason thoses datas are encrypted could simply be to ensure noone will be able to steal them. Also maybe H5 is set to check for a newer version (who knows as the first patch have not been released). Such data tranfer should be crypted to prevent low grade hackers from using it to install malevolent software on your machine.First, a program is installed on your comuter without your knowledge. Then, it connects to the net and Ubi without your knowledge, then, it sends them "encrypted" data without your knowledge or consent. Since it's encrypted, who's to say what in the heck it's uploading to them.
And of course, you read VERY CARFULLY the EULA when you installed the game. As for myself i was too eager to start playing to read all those lines. I jsut read the first two, then thought blah blah and clicked accept. Bad attitude i know, but who really reads all those lines.It would be TOTALLY different if they told you up front, and then there was some sort of option to participate in information gathering or opt out.
I didn't notice any rude reaction. Just reactions from people who think you are a bit parnaoïd maybeI'm also surprised at some of the negative or even rude reaction I've gotten from others just by alerting them about about this "fact".
Personally, as i said i didn't read the EULA, but i think i was asked something about sending data, this sort of thing strikes me, and i decided to send nothing. My internet connection is nearly never active under windows anyway (i have Linux on my system for everything except games) so i have nothing to fear from spyware or the likes of them.
IF you can assure us you never had an option to unable/disable information being sent to Ubi and the EULA does not state H5 will send data. Then maybe we should start to worry about those findings of yours. Currently i don't think this is really alarming.
Notice this thread has not been closed down as you seemed to believe. No conspiracy here
i really don't udnerstand this ironic stance... It is a known fact that some companies are trying to get as much info from you as they can. I mean, you act as if it was completely paranoid to think that, but...
Starforce? Yahoo in China? Spywares? Phishing?
of course that doesn't mean every single company out there is out to get you, but being blindly confident is not a good idea.
I have not found the EULA except of course on installation, but i did not read it then. Why? Because:
- i wanted to play
- it's very long and technical, especially for non-native english speakers
- i know very little about law, so i can't even tell if some parts of the EULA are legal or not
And i can't seem to find it anywhere on my disk.
All that to say: i can understand you guys don't run around in panic, but making fun of him while there IS an unnecessary encrypted connection going out, is a bit unfair.
Starforce? Yahoo in China? Spywares? Phishing?
of course that doesn't mean every single company out there is out to get you, but being blindly confident is not a good idea.
I have not found the EULA except of course on installation, but i did not read it then. Why? Because:
- i wanted to play
- it's very long and technical, especially for non-native english speakers
- i know very little about law, so i can't even tell if some parts of the EULA are legal or not
And i can't seem to find it anywhere on my disk.
All that to say: i can understand you guys don't run around in panic, but making fun of him while there IS an unnecessary encrypted connection going out, is a bit unfair.
Who is online
Users browsing this forum: Semrush [Bot] and 1 guest