Spyware in HoMM5???

The new Heroes games produced by Ubisoft. Please specify which game you are referring to in your post.
Trubador
Leprechaun
Leprechaun
Posts: 8
Joined: 04 Jun 2006

Spyware in HoMM5???

Unread postby Trubador » 04 Jun 2006, 21:53

What is known in the short time this has been discovered:

H5_Game.exe attempts to contact lb-iisdt.ubisoft.com [216.98.48.19:443] shortly after the game starts. Upon TCP connection it performs a key exchange and then begins to send encrypted packets.

It is totally unknown what or how much info the program sends, as it connects without your knowledge (or consent), and encrypts the data so you can't tell what it's transfering. It "seems" to be blockable with the right program, but also seems to be coded into the game itself, and so is unremoveable.

Threads on this subject have been shut down on two other fourms, so I suggest you say your piece fast, in case the same happens here. . .

User avatar
ThunderTitan
Perpetual Poster
Perpetual Poster
Posts: 23271
Joined: 06 Jan 2006
Location: Now/here
Contact:

Unread postby ThunderTitan » 04 Jun 2006, 22:33

Thank you Mr. Firewall.

Oh, and I belive the game does ask you if you want to send info about ur system to Ubi when you first start it.
Disclaimer: May contain sarcasm!
I have never faked a sarcasm in my entire life. - ???
"With ABC deleting dynamite gags from cartoons, do you find that your children are using explosives less frequently?" — Mark LoPresti

Alt-0128: €

Image

User avatar
Alamar
Golem
Golem
Posts: 605
Joined: 06 Jan 2006

Unread postby Alamar » 04 Jun 2006, 22:40

Zone Alarm, or similar, is certainly your friend :)

I don't recall from the EULA if there is a section dealing with sending information to UBI. I would think that it has to be somewhere though???

Karja
Leprechaun
Leprechaun
Posts: 14
Joined: 01 Jun 2006
Location: Sweden
Contact:

Unread postby Karja » 04 Jun 2006, 22:55

I just verified that this is true; it sets up an SSL connection, and then sends chunks of application data directly upon startup, after an additional two seconds, and after about 18 seconds. On my comp, I guess it's reasonable to assume that the first ones are directly on starting H5_Game.exe, and the last is when all intros are over and done with. All in all, I noted four exchanges of around 300 bytes encrypted data (and lots of overhead in setting up SSL and such).

It seems like a bit much, but it's probably nothing to worry about. Statistics about users' systems is invaluable for developers; and in addition to that, isn't it a rather common practice to check if the running version is the latest one? I guess it's a bit strange to do it with an encrypted connection, but I wouldn't be too nervous about all of this.

// Karja, who doesn't think that this is alarming enough to start up a firewall. But that EULA should be examined...
"Some play hard to get; I play hard to want."
http://www.cynicalstuff.com

User avatar
Paradox
Conscript
Conscript
Posts: 229
Joined: 05 May 2006
Contact:

Unread postby Paradox » 04 Jun 2006, 23:56

i dont think the European version has this spyware, only seems to be the US version.

User avatar
1979
Leprechaun
Leprechaun
Posts: 39
Joined: 26 Apr 2006

Unread postby 1979 » 05 Jun 2006, 00:44

I denied it access on Zone Alarm. Every little program I own wanting to connect to the internet bugs me, so I always stop them.

Ari
Peasant
Peasant
Posts: 74
Joined: 29 May 2006

Unread postby Ari » 05 Jun 2006, 02:23

There's a similar thing that happens during installation. I figured it was relatively harmless and let it through. Nice of them to mention it to me though.

Trubador
Leprechaun
Leprechaun
Posts: 8
Joined: 04 Jun 2006

Unread postby Trubador » 05 Jun 2006, 02:55

What gets me more nervous, is that most are not getting nervous 8|

First, a program is installed on your comuter without your knowledge. Then, it connects to the net and Ubi without your knowledge, then, it sends them "encrypted" data without your knowledge or consent. Since it's encrypted, who's to say what in the heck it's uploading to them.

If I find some guy hiding in the girls locker room, it's kind'a hard to beleive him when he says "oh, I'm just checking the locker rooms stats to make sure it works better, and is more enjoyable to the girls" :devious:

It would be TOTALLY different if they told you up front, and then there was some sort of option to participate in information gathering or opt out. :libra:

I'm also surprised at some of the negative or even rude reaction I've gotten from others just by alerting them about about this "fact". :gong:

User avatar
Psychobabble
Spectre
Spectre
Posts: 706
Joined: 06 Jan 2006
Location: Melbourne, Australia
Contact:

Unread postby Psychobabble » 05 Jun 2006, 03:38

Trubador wrote:What gets me more nervous, is that most are not getting nervous 8|
I also seem to remember something in the click boxes during install whether or not you wanted usage statistics to be sent to Ubi, it was along with the registration questions things. It's possibly defulated to yes, but it hardly seems insidious to me. These sorts of usage statistics are very useful for a developer to know how the program is working on diff systesm and even what game play features are/aren't used and, iirc, you're asked if you want them to be sent or not. No big deal methinks, keep looking out for those black helicopters though.

User avatar
addicted
Conscript
Conscript
Posts: 246
Joined: 06 Jan 2006
Location: USA

Unread postby addicted » 05 Jun 2006, 03:58

Funny when I installed the game, I wasn't ask a question to send anything to ubi or anyone else.. I registered but I sure don't remember being ask about sending my computer info or anything else.. I never allow my info to be sent to microsoft or any other company if I am aware of it.. but I am sure even microsoft has it's hidden stuff too.. I run my antispyware and virus stuff every day.. I know ms windows-xp has an option to turn on or off the error reporting service so I assume they could also have other stuff.. I don't know, I am not a programmer, etc.. but I have about everything I can find relating to send info to the net like the error reporting type of thing turned off in my windows-xp options. I just don't trust any company wanting my info off my computer especially when I can't see what it is they are taking off my computer...

Karja
Leprechaun
Leprechaun
Posts: 14
Joined: 01 Jun 2006
Location: Sweden
Contact:

Unread postby Karja » 05 Jun 2006, 05:40

Trubador wrote:What gets me more nervous, is that most are not getting nervous 8|
Well, if this information gathering isn't mentioned in the EULA, then it's definitely suspicious and spyware-ish. But at the same time, I'm a software developer myself and I would love to have statistics about how people use my programs; I can't really see a reason for Ubi or Nival to collect any sensitive data.

They could be interested in the Windows version, the screen resolution, DirectX capabilities, a message whether or not everything started up correctly, what the latest version is, and so on - and while all of those are specific data about my computer, it's just for statistical reasons. So I don't see a reason to be nervous.

At least not until someone mentions that they're storing IPs or something like that!

Trubador
Leprechaun
Leprechaun
Posts: 8
Joined: 04 Jun 2006

Unread postby Trubador » 05 Jun 2006, 06:10

If Ubi ask me via email, or a forum poll to give my computer specs, I would be MORE than glad to contribute and help the game and the gaming community. BUT, I don't want them sticking their poll up my computer when I'm not looking 8|

Stealing person info is a multi million dollar "business". People actually dig through dumpsters to get less personal info than they could get off of your computer; just ask the millions of Vets that just got all of their person info stolen by someone "just looking at stats".

I don't know if "black helecoptors" exist, I DO know this program does, and no one can tell what info it's uploading. Maybe I'm paranoid, or maybe the more no one does anything about this kind of thing, the more prevelent it will become. . .

Ari
Peasant
Peasant
Posts: 74
Joined: 29 May 2006

Unread postby Ari » 05 Jun 2006, 06:29

I'm sure the game didn't ask me about this either. Maybe it's version specific? I have the regular version.

Don't get me wrong - I'm not at all thrilled that I need a firewall program to tell me what a program *I* installed is doing without my knowledge. On the other hand, this is HOMM5 we're talking about, not Comet-curser or 100-new-emoticons-free!!!! or some such crap. To go with the guy in the locker room analogy, it's more like seeing a plumber in the locker room with some tools. Occam's razor says he's there (and it's there) for an innocuous reason.

Karja
Leprechaun
Leprechaun
Posts: 14
Joined: 01 Jun 2006
Location: Sweden
Contact:

Unread postby Karja » 05 Jun 2006, 07:02

Trubador wrote:If Ubi ask me via email, or a forum poll to give my computer specs, I would be MORE than glad to contribute and help the game and the gaming community. BUT, I don't want them sticking their poll up my computer when I'm not looking 8|
The problem is that the number of people who do answer forum polls or answer e-mails are extremely few. I agree that this would be a better way, but when you're trying to build a database of - for example - Windows XP user statistics, it's just not enough with the few who offer such info freely. (This might be a relevant question. They might be considering going XP only for the next game project, for instance; how would they know if the customer base is large enough without checking the existing customers first?)
Trubador wrote:Stealing person info is a multi million dollar "business". People actually dig through dumpsters to get less personal info than they could get off of your computer; just ask the millions of Vets that just got all of their person info stolen by someone "just looking at stats".
There's a difference between personal information and computer specs. If they actually are collecting something related to the person (IP, e-mail, info about the user's files, etc), then it's absolutely horrible behaviour. This can be misused, like in your example. But things like Windows version, DirectX version, graphic card capabilities and so on is impossible to use in a way to harm the user - it can only be used for improving their products.

In all of this: note that I'm not defending their behaviour to send info without asking! If that's the case, then they're misbehaving regardless of what they send.

User avatar
innokenti
Conscript
Conscript
Posts: 202
Joined: 11 Jan 2006

Unread postby innokenti » 05 Jun 2006, 10:54

Karja wrote: There's a difference between personal information and computer specs. If they actually are collecting something related to the person (IP, e-mail, info about the user's files, etc), then it's absolutely horrible behaviour. This can be misused, like in your example. But things like Windows version, DirectX version, graphic card capabilities and so on is impossible to use in a way to harm the user - it can only be used for improving their products.

In all of this: note that I'm not defending their behaviour to send info without asking! If that's the case, then they're misbehaving regardless of what they send.
Fair enough. But it's nice to ask. It IS your information and your computer. Principle of the thing and all that.

User avatar
DaemianLucifer
Round Table Hero
Round Table Hero
Posts: 11282
Joined: 06 Jan 2006
Location: City 17

Unread postby DaemianLucifer » 05 Jun 2006, 10:59

Trubador wrote:What gets me more nervous, is that most are not getting nervous 8|
We that control what programs get the access internet have nothing to worry about.I let only my browser to act as a server,and thats it.All of the other programs may get limited access only when updating.

User avatar
Gus
Assassin
Assassin
Posts: 271
Joined: 02 Jun 2006

Unread postby Gus » 05 Jun 2006, 11:15

Karja wrote:There's a difference between personal information and computer specs. If they actually are collecting something related to the person (IP, e-mail, info about the user's files, etc), then it's absolutely horrible behaviour. This can be misused, like in your example.
The thing is: this is encrypted. By definition, this should make this look more suspicious, and we can't even check to make sure it's harmless.
But things like Windows version, DirectX version, graphic card capabilities and so on is impossible to use in a way to harm the user - it can only be used for improving their products.
I'm not sure it can only be used to improve their products... It could be used in a number of business ways, like making deals with video card producers, with Microsoft, etc...

Anyway, any program that has NOTHING to do with the Internet which asks me to connect, i block it. A basic principle of security.

Bob Morane
Leprechaun
Leprechaun
Posts: 19
Joined: 06 Jan 2006

Unread postby Bob Morane » 05 Jun 2006, 11:43

Trubador wrote:What gets me more nervous, is that most are not getting nervous 8|
What makes me nervous is people who gets nervous for nothing, no offense.
First, a program is installed on your comuter without your knowledge. Then, it connects to the net and Ubi without your knowledge, then, it sends them "encrypted" data without your knowledge or consent. Since it's encrypted, who's to say what in the heck it's uploading to them.
First, you know you installed this program, as it's heroes V itself and not some strange 3rd party software that sends info. The reason thoses datas are encrypted could simply be to ensure noone will be able to steal them. Also maybe H5 is set to check for a newer version (who knows as the first patch have not been released). Such data tranfer should be crypted to prevent low grade hackers from using it to install malevolent software on your machine.
It would be TOTALLY different if they told you up front, and then there was some sort of option to participate in information gathering or opt out. :libra:
And of course, you read VERY CARFULLY the EULA when you installed the game. As for myself i was too eager to start playing to read all those lines. I jsut read the first two, then thought blah blah and clicked accept. Bad attitude i know, but who really reads all those lines.
I'm also surprised at some of the negative or even rude reaction I've gotten from others just by alerting them about about this "fact". :gong:
I didn't notice any rude reaction. Just reactions from people who think you are a bit parnaoïd maybe :|

Personally, as i said i didn't read the EULA, but i think i was asked something about sending data, this sort of thing strikes me, and i decided to send nothing. My internet connection is nearly never active under windows anyway (i have Linux on my system for everything except games) so i have nothing to fear from spyware or the likes of them.

IF you can assure us you never had an option to unable/disable information being sent to Ubi and the EULA does not state H5 will send data. Then maybe we should start to worry about those findings of yours. Currently i don't think this is really alarming.

Notice this thread has not been closed down as you seemed to believe. No conspiracy here :)

User avatar
innokenti
Conscript
Conscript
Posts: 202
Joined: 11 Jan 2006

Unread postby innokenti » 05 Jun 2006, 11:48

Bob Morane wrote: Notice this thread has not been closed down as you seemed to believe. No conspiracy here :)
Shhh, the conspirators aren't up yet.

User avatar
Gus
Assassin
Assassin
Posts: 271
Joined: 02 Jun 2006

Unread postby Gus » 05 Jun 2006, 11:56

i really don't udnerstand this ironic stance... It is a known fact that some companies are trying to get as much info from you as they can. I mean, you act as if it was completely paranoid to think that, but...
Starforce? Yahoo in China? Spywares? Phishing?
of course that doesn't mean every single company out there is out to get you, but being blindly confident is not a good idea.
I have not found the EULA except of course on installation, but i did not read it then. Why? Because:
- i wanted to play
- it's very long and technical, especially for non-native english speakers
- i know very little about law, so i can't even tell if some parts of the EULA are legal or not
And i can't seem to find it anywhere on my disk.

All that to say: i can understand you guys don't run around in panic, but making fun of him while there IS an unnecessary encrypted connection going out, is a bit unfair.


Return to “Heroes V-VI”

Who is online

Users browsing this forum: No registered users and 2 guests